Hybrid Data Security Model for Cloud

Security of data is one of the main concern in the implementation of cloud computing. This paper proposes a highly effective and efficient cloud security model. The proposed security model keeps the most critical data on the private cloud and the rest of it on the public cloud. It uses hash codes to check the integrity of the data at the public cloud. The proposed cloud security model provides the provision of defining user roles thereby determining the type of access the user exercises on the data. This model uses dual verification mechanism for user authentication by using username and password on one layer and key authentication on another layer. A cryptographic process is used to make the overall security of the data on the cloud highly robust. A comprehensive security analysis of the model is done against various types of attacks and the results are very promising. This model is compared to various existing cloud security models and the results shows that our technique is faster, much more robust and efficient as compared to other existing models. This model is cost effective because it uses private cloud only for highly sensitive data. Rest of data is stored on the public cloud, where data storage cost is comparatively very less.

Download Full-text

Achieving Cloud Security Using a Third Party Auditor and Preserving Privacy for Shared Data Over a Public Cloud

Research Anthology on Privatizing and Securing Data ◽

10.4018/978-1-7998-8954-0.ch065 ◽

2021 ◽

pp. 1371-1391

Author(s):

Vitthal Sadashiv Gutte ◽

Sita Devulapalli

Keyword(s):

Cloud Security ◽

Third Party ◽

Security Model ◽

Cloud Environment ◽

Public Cloud ◽

Shared Data ◽

Metadata File ◽

Efficient Mechanisms ◽

Different Levels ◽

Access Security

Correctness of data and efficient mechanisms for data security, while transferring the file to and from Cloud, are of paramount importance in today's cloud-centric processing. A mechanism for correctness and efficient transfer of data is proposed in this article. While processing users request data, a set of attributes are defined and checked. States with attributes at different levels are defined to prevent unauthorized access. Security is provided while storing the data using a chunk generation algorithm and verification of chunks using lightweight Third-Party Auditor (TPA). TPA uses digital signatures to verify user's data that are generated by RSA with MD5 algorithms. The metadata file of generated chunks is encrypted using a modified AES algorithm. The proposed method prevents unauthorized users from accessing the data in the cloud environment, in addition to maintaining data integrity. Results of the proposed cloud security model implementation are discussed.

Download Full-text

Implementation of Round Key AES with Honey Technique for Securing the Public Cloud Data Storage

International Journal of Engineering & Technology ◽

10.14419/ijet.v7i3.1.16815 ◽

2018 ◽

Vol 7 (3.1) ◽

pp. 128

Author(s):

Selvam L ◽

Arokia Renjit J

Keyword(s):

Data Storage ◽

Cyber Security ◽

Public Cloud ◽

Secret Key ◽

Cloud Data ◽

Plain Text ◽

The Public ◽

Aes Algorithm ◽

Cloud Data Storage ◽

Brute Force Attack

Recent security incidents on public cloud data storage had raised concerns on cloud data security. Development in the hacking area has risen in the past few years. Due to this, Cyber Security is needed which plays an important role to cover the secret information. Currently, the attack of challenging channel is both the symmetric as well as the asymmetric encryption algorithm. Since, in both criteria the secret key has to be transmitting through a security challenging channel. For this many techniques have been put forward. The Main focus is on the vulnerabilities of the private keys while hoarded in different places for the fast utilization of the round key of the AES algorithm. In the view of the hackers, extracting the private key is nearly as same as obtaining the plain text itself. So, the honey encryption technique is used to futile the attacker by producing the fake key for each and every try of the Key puncher. An indication will be generated automatically to the storage manager when an attempt is made by the attacker. The Honey encryption is the best algorithm to overcome the drawbacks of the AES algorithm but it has some time constraints which are also eliminated here. Thus, eliminating the Brute Force Attack and providing a secure system for storing the secret key.

Download Full-text

Enhanced Data Security for Public Cloud Environment with Secured Hybrid Encryption Authentication Mechanisms

Scalable Computing Practice and Experience ◽

10.12694/scpe.v19i4.1422 ◽

2018 ◽

Vol 19 (4) ◽

pp. 351-360

Author(s):

Prabu S ◽

Gpinath Ganapathy ◽

Ranjan Goyal

Keyword(s):

Cloud Computing ◽

Data Storage ◽

Data Security ◽

Cloud Storage ◽

Cloud Service ◽

Security Model ◽

Public Cloud ◽

Computing Environment ◽

Data Outsourcing ◽

Cloud Computing Environment

Cloud computing is an evolving computing technology that provides many services such as software and storage. With the introduction of cloud storage, the security of outsourced data has become a major issue in cloud computing. Data storage in cloud computing environment needs to be secured in order to provide a safe and foolproof security for data outsourcing of the cloud service users. This paper presents a model for security of data in public cloud storage environment which successfully detects the unauthenticated access or any anomaly in the data. The proposed authentication model along with the data security model presented in this paper shows that this model is the best model suitable for securing the data in cloud computing environment

Download Full-text

Design of a small-scale and failure-resistant IaaS cloud using OpenStack

Applied Computing and Informatics ◽

10.1108/aci-04-2021-0094 ◽

2021 ◽

Vol ahead-of-print (ahead-of-print) ◽

Author(s):

Samuel Heuchert ◽

Bhaskar Prasad Rimal ◽

Martin Reisslein ◽

Yong Wang

Keyword(s):

Small Scale ◽

Scale Production ◽

Proof Of Concept ◽

Public Cloud ◽

Cloud Platform ◽

Private Cloud ◽

Content Type ◽

The Public ◽

Platform As A Service ◽

Data Control

PurposeMajor public cloud providers, such as AWS, Azure or Google, offer seamless experiences for infrastructure as a service (IaaS), platform as a service (PaaS) and software as a service (SaaS). With the emergence of the public cloud's vast usage, administrators must be able to have a reliable method to provide the seamless experience that a public cloud offers on a smaller scale, such as a private cloud. When a smaller deployment or a private cloud is needed, OpenStack can meet the goals without increasing cost or sacrificing data control.Design/methodology/approachTo demonstrate these enablement goals of resiliency and elasticity in IaaS and PaaS, the authors design a private distributed system cloud platform using OpenStack and its core services of Nova, Swift, Cinder, Neutron, Keystone, Horizon and Glance on a five-node deployment.FindingsThrough the demonstration of dynamically adding an IaaS node, pushing the deployment to its physical and logical limits, and eventually crashing the deployment, this paper shows how the PackStack utility facilitates the provisioning of an elastic and resilient OpenStack-based IaaS platform that can be used in production if the deployment is kept within designated boundaries.Originality/valueThe authors adopt the multinode-capable PackStack utility in favor of an all-in-one OpenStack build for a true demonstration of resiliency, elasticity and scalability in a small-scale IaaS. An all-in-one deployment is generally used for proof-of-concept deployments and is not easily scaled in production across multiple nodes. The authors demonstrate that combining PackStack with the multi-node design is suitable for smaller-scale production IaaS and PaaS deployments.

Download Full-text

An optimization approach to capacity evaluation and investment decision of hybrid cloud: a corporate customer’s perspective

Journal of Cloud Computing Advances Systems and Applications ◽

10.1186/s13677-019-0140-0 ◽

2019 ◽

Vol 8 (1) ◽

Author(s):

In Lee

Keyword(s):

Cloud Computing ◽

Investment Decision ◽

Optimal Investment ◽

Optimization Approach ◽

Hybrid Cloud ◽

Public Cloud ◽

Private Cloud ◽

Penalty Cost ◽

Require Time ◽

The Public

Abstract While the rapid growth of cloud computing is driven by the surge of big data, the Internet of Things, and social media applications, an evaluation and investment decision for cloud computing has been challenging for corporate managers due to a lack of proper decision models. This paper attempts to identify critical variables for making a cloud capacity decision from a corporate customer’s perspective and develops a base mathematical model to aid in a hybrid cloud investment decision under probabilistic computing demands. The identification of the critical variables provides a means by which a corporate customer can effectively evaluate various cloud capacity investment opportunities. Critical variables included in this model are an actual computing demand, the amount of private cloud capacity purchased, the purchase cost of the private cloud capacity, the price of the public cloud, and the default downtime loss/penalty cost. Extending the base model developed, this paper also takes into consideration the interoperability cost incurred in cloud bursting to the public cloud and derives the optimal investment. The interoperable cloud systems require time and investment by the users and/or cloud providers and there exists a diminishing return on the investment. Hence, the relationship between the interoperable cloud investment and return on investment is also investigated.

Download Full-text

The State of the Public Cloud: Security Concerns with Cloud Computing

2020 SoutheastCon ◽

10.1109/southeastcon44009.2020.9249708 ◽

2020 ◽

Author(s):

Chandler Cain ◽

David Raymond ◽

J. Scot Ransbottom

Keyword(s):

Cloud Computing ◽

Cloud Security ◽

The State ◽

Public Cloud ◽

The Public ◽

Security Concerns

Download Full-text

Framework Based on Benefits Management and Enterprise Architecture

Management Science, Logistics, and Operations Research - Advances in Logistics, Operations, and Management Science ◽

10.4018/978-1-4666-4506-6.ch016 ◽

2014 ◽

pp. 289-309

Author(s):

António Rodrigues ◽

Henrique O’Neill

Keyword(s):

Enterprise Architecture ◽

Investment Decisions ◽

Public Cloud ◽

It Infrastructure ◽

Private Cloud ◽

It Investment ◽

Strategic Investment ◽

The Public ◽

International Bank

In 2010, a framework aiming to address strategic investment decisions on IT infrastructure was developed. It was based in Benefits Management principles and Enterprise Architecture concepts, being inspired by the emerging public cloud technological trend. Meanwhile, the public cloud concept did not materialise at the expected pace and other alternatives have emerged in the market, in particular the private cloud-based solutions. This fact required the framework to be updated to cope with the business and technological requirements of the private cloud concept. A new version of the framework has been developed and was used to help managers to address IT investment decisions on private cloud in an international bank.

Download Full-text

Data Placement for Privacy-Aware Applications over Big Data in Hybrid Clouds

Security and Communication Networks ◽

10.1155/2017/2376484 ◽

2017 ◽

Vol 2017 ◽

pp. 1-15 ◽

Cited By ~ 14

Author(s):

Xiaolong Xu ◽

Xuan Zhao ◽

Feng Ruan ◽

Jie Zhang ◽

Wei Tian ◽

...

Keyword(s):

Big Data ◽

Energy Consumption ◽

Data Placement ◽

Cloud Services ◽

Hybrid Cloud ◽

Public Cloud ◽

Private Cloud ◽

The Public ◽

Placement Method ◽

The Cost

Nowadays, a large number of groups choose to deploy their applications to cloud platforms, especially for the big data era. Currently, the hybrid cloud is one of the most popular computing paradigms for holding the privacy-aware applications driven by the requirements of privacy protection and cost saving. However, it is still a challenge to realize data placement considering both the energy consumption in private cloud and the cost for renting the public cloud services. In view of this challenge, a cost and energy aware data placement method, named CEDP, for privacy-aware applications over big data in hybrid cloud is proposed. Technically, formalized analysis of cost, access time, and energy consumption is conducted in the hybrid cloud environment. Then a corresponding data placement method is designed to accomplish the cost saving for renting the public cloud services and energy savings for task execution within the private cloud platforms. Experimental evaluations validate the efficiency and effectiveness of our proposed method.

Download Full-text

Secure Storage and Sharing of Visitor Images Generated by Smart Entrance on Public Cloud

International Journal of Digital Crime and Forensics ◽

10.4018/ijdcf.20210901.oa4 ◽

2021 ◽

Vol 13 (5) ◽

pp. 65-77

Author(s):

Rajashree Soman ◽

Sukumar R.

Keyword(s):

Data Storage ◽

Current System ◽

Image Data ◽

Public Cloud ◽

The Public ◽

Image Sharing ◽

Secure Storage ◽

Blockchain Technology ◽

System A ◽

Cryptographic Attacks

Visitor validation at entrance generates a large number of image files that need to be transmitted over to cloud for future reference. The image data needs to be protected by active and passive adversaries from performing cryptographic attacks on these data. The image data also needs to be authenticated before giving it for future use. Focusing on reliable and secure image sharing, the proposed method involves building a novel cloud platform, which aims to provide a secure storage in the public cloud. The main objective of this paper is to provide a new way of secure image data storage and transmission on cloud using cryptographic algorithms. To overcome the flaws in current system, a novel method using BigchainDB, which has advantages of blockchain technology and traditional database, is proposed for storing attributes of image.

Download Full-text

A Review on Security Aspects and Countermeasures for Cloud Computing

SMART MOVES JOURNAL IJOSCIENCE ◽

10.24113/ijoscience.v7i8.402 ◽

2021 ◽

pp. 38-43

Author(s):

Rajat Maheshwari

Keyword(s):

Cloud Computing ◽

Large Scale ◽

Personal Information ◽

Cloud Security ◽

Public Cloud ◽

The Public ◽

Tremendous Progress ◽

Cloud Providers ◽

Security Concerns

For large-scale companies or people that desire a range of system services at a cheap cost, cloud computing is now the most popular phenomena to use. Personal information is frequently kept in a public cloud that is open to the public. This fundamental raises a number of concerns about cloud providers' flexible services, including confidentiality, persistence, and endurance. The paper aims to better understand cloud components, security concerns, and dangers, as well as developing solutions that might help minimise cloud vulnerabilities. It is a well-known truth that the cloud has been a viable hosting platform since 2008; nevertheless, the view of cloud security is that it requires major changes in order to achieve higher rates of adaptability at the corporate scale. Many of the difficulties affecting cloud computing need to be rectified immediately. The industry has made tremendous progress in combating cloud computing risks, but there is still work to be done to reach the level of maturity that traditional/on-premise hosting has.

Download Full-text