Management of Privacy and Security in Cloud Computing

2016 ◽  
pp. 1585-1610
Author(s):  
Deniz Tuncalp
Keyword(s):  
Cloud Computing ◽  
Information Security ◽  
Customer Service ◽  
Service Providers ◽  
Cloud Service ◽  
Legal Compliance ◽  
Privacy And Security ◽  
Service Levels ◽  
Service Contracts ◽  
Service Agreement

There are a number of risk domains that are relevant for information privacy and security in cloud-based scenarios and alternative deployment models, which require implementation of a number of controls. However, cloud service providers often take a one-size-fits-all approach and want all their customers to accept the same standardized contract, regardless of their particular information security and legal compliance needs. Taking ISO 27001 Information Security Management standard as a guide, we have employed the Delphi method with a group of cloud computing experts from around the world who are subscribed to the “Cloud Computing” group on LinkedIN to identify the most applicable controls in a generic cloud service provider – customer context. Based on these results, we use a sample of cloud computing customer service agreement as a case study to further discuss related contingencies. As a result, this chapter argues that a more balanced approach is needed in service contracts to ensure the maintenance of necessary service levels and the protection of cloud users.

Management of Privacy and Security in Cloud Computing

2015 ◽  
pp. 409-434
Author(s):  
Deniz Tuncalp
Keyword(s):  
Cloud Computing ◽  
Information Security ◽  
Customer Service ◽  
Service Providers ◽  
Cloud Service ◽  
Legal Compliance ◽  
Privacy And Security ◽  
Service Levels ◽  
Service Contracts ◽  
Service Agreement

There are a number of risk domains that are relevant for information privacy and security in cloud-based scenarios and alternative deployment models, which require implementation of a number of controls. However, cloud service providers often take a one-size-fits-all approach and want all their customers to accept the same standardized contract, regardless of their particular information security and legal compliance needs. Taking ISO 27001 Information Security Management standard as a guide, we have employed the Delphi method with a group of cloud computing experts from around the world who are subscribed to the “Cloud Computing” group on LinkedIN to identify the most applicable controls in a generic cloud service provider – customer context. Based on these results, we use a sample of cloud computing customer service agreement as a case study to further discuss related contingencies. As a result, this chapter argues that a more balanced approach is needed in service contracts to ensure the maintenance of necessary service levels and the protection of cloud users.

scholarly journals Improvement of Privacy and Security in Hybrid Cloud with Attribute Group Based Access Control

2019 ◽  
pp. 57-61
Author(s):  
Kayalvili S ◽  
Sowmitha V
Keyword(s):  
Cloud Computing ◽  
Access Control ◽  
Data Storage ◽  
Service Providers ◽  
Cloud Service ◽  
Security Requirements ◽  
Security And Privacy ◽  
Data Outsourcing ◽  
Privacy And Security ◽  
Control Approach

Cloud computing enables users to accumulate their sensitive data into cloud service providers to achieve scalable services on-demand. Outstanding security requirements arising from this means of data storage and management include data security and privacy. Attribute-based Encryption (ABE) is an efficient encryption system with fine-grained access control for encrypting out-sourced data in cloud computing. Since data outsourcing systems require flexible access control approach Problems arises when sharing confidential corporate data in cloud computing. User-Identity needs to be managed globally and access policies can be defined by several authorities. Data is dual encrypted for more security and to maintain De-Centralization in Multi-Authority environment.

scholarly journals A Performance Perspective Analysis: A Detailed Vision on Denial of Service and Distributed Denial of Service on Cloud Computing

2019 ◽  
Vol 8 (3) ◽  
pp. 3132-3143
Keyword(s):  
Cloud Computing ◽  
Customer Service ◽  
Service Providers ◽  
Denial Of Service ◽  
Cloud Service ◽  
Primary Objective ◽  
Cloud Computing Service ◽  
Service Oriented ◽  
Secured Data ◽  
Perspective Analysis

In recent days cloud computing and cloud-based service, provisions play a vital and significant role in Internet-based information computing. It interrelates various applications like sales, purchase, banking, customer service, etc. and it behaves entirely as a service-oriented platform or environment. The primary objective of the cloud computing is sharing the resources within increased efficiency regarding time and cost for all kind of customers who needs a cloud service badly and immediately. Though the energy is high, it cannot assure that the cloud computing, service providing, and customer maintenance are highly secured. Service providers in the cloud are not strictly public; it may be private, community and hybrid. Malicious activities can be created or occurred in the middle of the communication and it is difficult to predict a particular person in the middle becomes a malicious user, from where and how. Secured data transmission and discussion in cloud computing considered as the main problem, and various earlier research works focused on tightening the security. The primary objective of this paper is to discuss different security mechanisms applied to multiple malicious threats in the cloud to understand the various issues and challenges faced in earlier research works. It provides a summary of the risks, appropriate method and the limitations and it helps to understand the primary and main problems related to security.

Designing a Framework for Cloud Service Agreement for Cloud Environments

2016 ◽  
Vol 6 (4) ◽  
pp. 83-96 ◽  
Author(s):  
Akashdeep Bhardwaj ◽  
Sam Goundar
Keyword(s):  
Cloud Computing ◽  
Service Providers ◽  
Cloud Service ◽  
Shared Resources ◽  
Cloud Service Providers ◽  
It Support ◽  
Cloud Environments ◽  
Service Agreement ◽  
Home Users

Cloud Computing has emerged as the prime IT computing model for an on-demand access using a pool of shared resources with least IT support. Cloud computing is starting to replace the legacy office IT infrastructure and helpdesk support system. Corporate and home users alike are turning into cloud service consumers in a huge way and moving their data and work to the cloud. Therefore, the CSA between the cloud service consumers and cloud service providers has critical significance that can guarantee the highest-level service quality and delivery. The current CSA fall short on the service delivery commitments with no common terminology or standard followed industry wide by the cloud service providers. Comparing agreements from multiple cloud service providers continues to be an issue. This paper provides a pragmatic approach for Cloud Service Agreements, comparing the current process with the proposed parameters and the new framework for CSA to determine the role of various elements and terms in the decision-making process for cloud service agreements for SaaS, PaaS, IaaS and STaaS.

scholarly journals TPA Auditing to Enhance the Privacy and Security in Cloud Systems

2021 ◽  
Author(s):  
Sunil Kumar ◽  
Dilip Kumar ◽  
Hemraj Shobharam Lamkuche
Keyword(s):  
Cloud Computing ◽  
Service Providers ◽  
Capital Expenditure ◽  
Cloud Service ◽  
Error Recovery ◽  
Third Party ◽  
Privacy And Security ◽  
Compression Technique ◽  
Cloud Service Providers ◽  
Using Data

Over the last decade, many enterprises around the world migrating from traditional infrastructure to cloud resources in order to cut down operational and capital expenditure. With cloud computing, huge amount of data transactions is communicated between cloud consumers and cloud service providers. However, this cloud computing enables surplus security challenges associated to unauthorized access and data breaches. We proposed in this paper a trusted third-party auditor (TPA) model which uses lightweight cryptographic system and lightweight hashing technique to ensure data security and data integrity to audit the cloud users outsourced data from cloud service providers. With our proposed system, we solve the concern of data reliability using data correctness and verification analysis and error recovery analysis. The time complexity of our proposed system is less as compared with other TPA model. Our proposed system also shows resistance against various known cryptanalytic attacks, the performance and extensive compression technique of our proposed system are probably secure and highly proficient.

An examination on data integrity auditing patterns in cloud computing

2018 ◽  
Vol 7 (1.9) ◽  
pp. 200
Author(s):  
T A.Mohanaprakash ◽  
J Andrews
Keyword(s):  
Cloud Computing ◽  
Information Security ◽  
Data Integrity ◽  
Cloud Service ◽  
New Approach ◽  
Computing Services ◽  
Security Challenges ◽  
Cloud Server ◽  
State Of Affairs ◽  
Dynamic Updates

Cloud computing is associate inclusive new approach on however computing services square measure made and utilized. Cloud computing is associate accomplishment of assorted styles of services that has attracted several users in today’s state of affairs. The foremost enticing service of cloud computing is information outsourcing, because of this the information homeowners will host any size of information on the cloud server and users will access the information from cloud server once needed. A dynamic outsourced auditing theme that cannot solely defend against any dishonest entity and collision, however conjointly support verifiable dynamic updates to outsourced information. The new epitome of information outsourcing conjointly faces the new security challenges. However, users might not totally trust the cloud service suppliers (CSPs) as a result of typically they may be dishonest. It's tough to work out whether or not the CSPs meet the customer’s expectations for information security. Therefore, to with success maintain the integrity of cloud information, several auditing schemes are projected. Some existing integrity ways will solely serve for statically archived information and a few auditing techniques is used for the dynamically updated information. The analyzed numerous existing information integrity auditing schemes together with their consequences.

SECURITY IN CLOUD COMPUTING IN INDIAN GOVERNMENT

2021 ◽  
Vol 12 (3) ◽  
Author(s):  
Nitin Vishnu Choudhari ◽  
Dr. Ashish B Sasankar
Keyword(s):  
Cloud Computing ◽  
Service Delivery ◽  
Service Providers ◽  
Cloud Service ◽  
Cloud Security ◽  
End Users ◽  
Security Architecture ◽  
Security Measures ◽  
End User ◽  
Cloud Service Providers

Abstract –Today Security issue is the topmost problem in the cloud computing environment. It leads to serious discomfort to the Governance and end-users. Numerous security solutions and policies are available however practically ineffective in use. Most of the security solutions are centered towards cloud technology and cloud service providers only and no consideration has been given to the Network, accessing, and device securities at the end-user level. The discomfort at the end-user level was left untreated. The security of the various public, private networks, variety of devices used by end-users, accessibility, and capacity of end-users is left untreated. This leads towards the strong need for the possible modification of the security architecture for data security at all levels and secured service delivery. This leads towards the strong need for the possible adaption of modified security measures and provisions, which shall provide secured hosting and service delivery at all levels and reduce the security gap between the cloud service providers and end-users. This paper investigates the study and analyze the security architecture in the Cloud environment of Govt. of India and suggest the modifications in the security architecture as per the changing scenario and to fulfill the future needs for the secured service delivery from central up to the end-user level. Keywords: Cloud Security, Security in GI Cloud, Cloud Security measures, Security Assessment in GI Cloud, Proposed Security for GI cloud

GOVERNMENT REGULATIONS OF THE USING CLOUD SERVICES

2022 ◽  
Author(s):  
Olexander Melnikov ◽  
◽  
Konstantin Petrov ◽  
Igor Kobzev ◽  
Viktor Kosenko ◽  
...  
Keyword(s):  
Cloud Computing ◽  
Large Scale ◽  
Service Providers ◽  
Cloud Service ◽  
Cloud Services ◽  
Government Agencies ◽  
Remote Work ◽  
Cloud Infrastructure ◽  
Wide Range ◽  
Technological Base

The article considers the development and implementation of cloud services in the work of government agencies. The classification of the choice of cloud service providers is offered, which can serve as a basis for decision making. The basics of cloud computing technology are analyzed. The COVID-19 pandemic has identified the benefits of cloud services in remote work Government agencies at all levels need to move to cloud infrastructure. Analyze the prospects of cloud computing in Ukraine as the basis of e-governance in development. This is necessary for the rapid provision of quality services, flexible, large-scale and economical technological base. The transfer of electronic information interaction in the cloud makes it possible to attract a wide range of users with relatively low material costs. Automation of processes and their transfer to the cloud environment make it possible to speed up the process of providing services, as well as provide citizens with minimal time to obtain certain information. The article also lists the risks that exist in the transition to cloud services and the shortcomings that may arise in the process of using them.

scholarly journals SECURE DEPENDABLE SELECTIVE STORAGE SERVICES AND SUPPORT FOR DYNAMIC DATA OPERATIONS IN CLOUD COMPUTING

2013 ◽  
pp. 35-40
Author(s):  
VINITHA S P ◽  
GURUPRASAD E
Keyword(s):  
Cloud Computing ◽  
Service Providers ◽  
Distributed Storage ◽  
Large Data ◽  
Cloud Service ◽  
Dynamic Data ◽  
Cloud Data ◽  
Data Auditing ◽  
Cloud Servers ◽  
Selective Storage

Cloud computing has been envisioned as the next generation architecture of IT enterprise. It moves the application software and databases to the centralized large data centers where management of data and services may not be fully trustworthy. This unique paradigm brings out many new security challenges like, maintaining correctness and integrity of data in cloud. Integrity of cloud data may be lost due to unauthorized access, modification or deletion of data. Lacking of availability of data may be due to the cloud service providers (CSP), in order to increase their margin of profit by reducing the cost, CSP may discard rarely accessed data without detecting in timely fashion. To overcome above issues, flexible distributed storage, token utilizing, signature creations used to ensure integrity of data, auditing mechanism used assists in maintaining the correctness of data and also locating, identifying of server where exactly the data has been corrupted and also dependability and availability of data achieved through distributed storage of data in cloud. Further in order to ensure authorized access to cloud data a admin module has been proposed in our previous conference paper, which prevents unauthorized users from accessing data and also selective storage scheme based on different parameters of cloud servers proposed in previous paper, in order to provide efficient storage of data in the cloud. In order to provide more efficiency in this paper dynamic data operations are supported such as updating, deletion and addition of data.

scholarly journals АНАЛИЗ ПОДХОДОВ К ОБЕСПЕЧЕНИЮ БЕЗОПАСНОСТИ ОБЛАЧНЫХ СЕРВИСОВ

2020 ◽  
pp. 70-82
Author(s):  
Вячеслав Вікторович Фролов
Keyword(s):  
Cloud Computing ◽  
Service Providers ◽  
Geographical Location ◽  
Cloud Service ◽  
Cloud Services ◽  
Cloud Infrastructure ◽  
Critical System ◽  
Cloud Service Providers ◽  
Safety And Reliability ◽  
Cloud Resources

The article is devoted to the analysis of modern approaches that ensure the security of cloud services. Since cloud computing is one of the fastest growing areas among information technology, it is extremely important to ensure the safety and reliability of processes occurring in the clouds and to secure the interaction between the client and the provider of cloud services. Given that fears about data loss and their compromise are one of the main reasons that some companies do not transfer their calculations to the clouds. The object of research and analysis of this work are cloud services, which are provided by various cloud service providers. The aim of the study of this work is to compare existing approaches that provide information security for cloud services, as well as offer a new approach based on the principle of diversity. There are many approaches that ensure their safety, using both traditional and cloud-specific. The multi-cloud approach is one of the most promising strategies for improving reliability by reserving cloud resources on the servers of various cloud service providers. It is shown that it is necessary to use diversity to ensure the reliability and safety of critical system components. The principle of diversity is to use a unique version of each resource thanks to a special combination of a cloud computing provider, the geographical location of data centers, cloud service presentation models, and cloud infrastructure deployment models. The differences between cloud providers and which combination of services are preferable to others in terms of productivity are discussed in detail. In addition, best practices for securing cloud resources are reviewed. As a result, this paper concludes that there is a problem of insufficient security and reliability of cloud computing and how to reduce threats in order to avoid a common cause failure and, as a result, loss of confidential data or system downtime using diversity of cloud services.

Sign in / Sign up

Export Citation Format

Share Document