Architectural Design of Trusted Platform for IaaS Cloud Computing

This article describes how the enormous potential benefits provided by the cloud services, made enterprises to show huge interest in adopting cloud computing. As the service provider has control over the entire data of an organization stored onto the cloud, a malicious activity, whether internal or external can tamper with the data and computation. This causes enterprises to lack trust in adopting services due to privacy, security and trust issues. Despite of having such issues, the consumer has no root level access right to secure and check the integrity of procured resources. To establish a trust between the consumer and the provider, it is desirable to let the consumer to check the procured platform hosted at provider side for safety and security. This article proposes an architectural design of a trusted platform for the IaaS cloud computing by the means of which the consumer can check the integrity of a guest platform. TCG's TPM is deployed and used on the consumer side as the core component of the proposed architecture and it is distributed between the service provider and the consumer.

Download Full-text

Architectural Design of Trusted Platform for IaaS Cloud Computing

Cloud Security ◽

10.4018/978-1-5225-8176-5.ch019 ◽

2019 ◽

pp. 393-411

Author(s):

Ubaidullah Alias Kashif ◽

Zulfiqar Ali Memon ◽

Shafaq Siddiqui ◽

Abdul Rasheed Balouch ◽

Rakhi Batra

Keyword(s):

Cloud Computing ◽

Service Provider ◽

Architectural Design ◽

Cloud Services ◽

Core Component ◽

Malicious Activity ◽

The Core ◽

Potential Benefits ◽

Trusted Platform ◽

Access Right

Download Full-text

An Analysis on the Terms and Conditions of the Clickwrap Agreement and the Benefits of Maintaining the Click Wrap Agreement in Cloud Computing

10.4018/978-1-7998-7927-5.ch010 ◽

2022 ◽

pp. 205-224

Author(s):

Dhiviya Ram

Keyword(s):

Cloud Computing ◽

Service Provider ◽

Service Providers ◽

Cloud Service ◽

Cloud Services ◽

End User ◽

Cloud Service Provider ◽

Novel Approach ◽

Cloud Service Providers ◽

Provider Perspective

One of the most unique forms of contracting is apparent in cloud computing. Cloud computing, unlike other conventional methods, has adopted a different approach in the formation of binding contract that will be used for the governance of the cloud. This method is namely the clickwrap agreement. Click wrap agreement follows a take it or leave it basis in which the end users are provided with limited to no option in terms of having a say on the contract that binds them during the use of cloud services. The terms found in the contract are often cloud service provider friendly and will be less favourable to the end user. In this article, the authors examine the terms that are often found in the cloud computing agreement as well as study the benefit that is entailed in adopting this contracting method. This chapter has undertaken a qualitative study that comprises interviews of cloud service providers in Malaysia. Hence, this study is a novel approach that also provides insight in terms of the cloud service provider perspective regarding the click wrap agreement.

Download Full-text

New Authentication Scheme to Secure against the Phishing Attack in the Mobile Cloud Computing

Security and Communication Networks ◽

10.1155/2019/5141395 ◽

2019 ◽

Vol 2019 ◽

pp. 1-11 ◽

Cited By ~ 4

Author(s):

Munivel E ◽

Kannammal A

Keyword(s):

Cloud Computing ◽

Service Provider ◽

Mobile Cloud Computing ◽

Mutual Authentication ◽

Social Engineering ◽

Cloud Services ◽

Authentication Scheme ◽

Protocol Verification ◽

Mobile Cloud ◽

Verification Tool

A phishing attack is one of the severe threats to the smartphone users. As per the recent lookout report, mobile phishing attack is increasing 85% year to year and going to become a significant threat to the smartphone users. This social engineering attack attempts to get the user’s password by disguising as trusted service provider. Most of the smartphone users are using the Internet services outside of the traditional firewall. Cloud-based documents are one of the primary targets of this phishing attack in mobile cloud computing. Also, most smartphone users are using the cloud storage in their device. To secure against this password attack in a mobile cloud environment, we propose a new authentication scheme to provide novel security to the mobile cloud services. This scheme will verify the user and service provider without transmitting the password using the Zero-knowledge proof based authentication protocol. Moreover, the proposed scheme will provide mutual authentication between the communication entities. The effectiveness of proposed scheme would be verified using protocol verification tool called Scyther.

Download Full-text

A Novel QoS-Based Framework for Cloud Computing Service Provider Selection

International Journal of Cloud Applications and Computing ◽

10.4018/ijcac.2014040104 ◽

2014 ◽

Vol 4 (2) ◽

pp. 48-72 ◽

Cited By ~ 5

Author(s):

Maria Salama ◽

Amir Zeid ◽

Ahmed Shawish ◽

Xiaohong Jiang

Keyword(s):

Cloud Computing ◽

Service Provider ◽

Service Providers ◽

Cost Benefit Analysis ◽

Cost Benefit ◽

Quality Parameters ◽

Cloud Services ◽

Content Delivery Network ◽

Quality Aspects ◽

Cloud Computing Service

Cloud Computing is a promising computing paradigm that provides flexible, Internet-accessible resources allocation on demand on a pay-as-you-go basis. With the growth and expansion of Cloud services and participation of various services providers, the description of quality parameters and measurement units started to diverse and sometimes contradict. Such ambiguity does not only result in the raise of various QoS interoperability problems, but also in the distraction of the services consumers who find themselves unable to match their quality requirements with the providers' offerings. Influenced by such diversity, the available QoS models are limited to either cost-benefit analysis or performance evaluation, without being able to cover a comprehensive set of well-defined quality aspects. In this paper, we provide a complete framework for such problem. We firstly propose a novel QoS ontology that combine and define all of the existing quality aspects in a unified way to efficiently overcome all existing diversity. Using such ontology, we propose a comprehensive broad QoS model combining all quality parameters of both service providers and consumers for different Cloud platforms. We then propose a mathematical model addressing the Cloud Computing service provider selection optimization problem based on QoS-guarantee. The proposed model reports an efficient matching with the market-oriented different platforms characteristics; validated through extensive simulation studies conducted on benchmark data of Content Delivery Network providers.

Download Full-text

Choosing Clouds for an Enterprise

International Journal of E-Entrepreneurship and Innovation ◽

10.4018/ijeei.2013040103 ◽

2013 ◽

Vol 4 (2) ◽

pp. 38-53

Author(s):

Ruay-Shiung Chang ◽

Chih-Shan Liao ◽

Chuan-Yu Liu

Keyword(s):

Cloud Computing ◽

Dynamic Characteristics ◽

Service Provider ◽

Service Providers ◽

Evaluation Model ◽

Cloud Service ◽

Cloud Services ◽

Web Based ◽

The Past ◽

Cloud Service Providers

The development of cloud computing has advanced rapidly over the past few years. Benefiting from the dynamic characteristics of cloud computing, enterprises can purchase cloud services based on different aspects in order to save operating expenses. Many companies have seen the opportunities and changes in either cloud service providers or cloud service consumers. For the latter, with so many cloud providers to choose from, there is a need for an evaluation of standards to help find the most suitable service provider. In this paper, the essential factors of enterprise clouds are discussed. An evaluation model is defined, and a web-based enterprise cloud selection application is implemented.

Download Full-text

Prediction of best cloud service provider using the QoS ranking framework

International Journal of Engineering & Technology ◽

10.14419/ijet.v7i1.1.10151 ◽

2017 ◽

Vol 7 (1.1) ◽

pp. 486 ◽

Cited By ~ 3

Author(s):

A S. Syed Fiaz ◽

K S. Guruprakash ◽

A S. Syed Navaz

Keyword(s):

Cloud Computing ◽

Service Provider ◽

Cloud Service ◽

Cloud Services ◽

Cloud Service Provider ◽

User Request

The ability to utilize the computing resources based on the need has taken the Cloud computing to a greater height and it has increased the potential to extend the flexibility and efficiency of any resource. Considering the advantages, there are various Cloud Services Providers (CSP) that can offer services based on the user request and finding optimal services among those Cloud Services can be a great dispute. The proposed work relies on a QoS Ranking prediction that chooses the appropriate services offered by the various different CSPs. Based on those predicted analysis, the best CSP will be marked with a Ranking framework, according to which the Services will be directed to the users.

Download Full-text

Research in Cloud Computing-An Overview

International Journal of Distributed and Cloud Computing ◽

10.21863/ijdcc/2015.3.1.002 ◽

2015 ◽

Vol 3 (1) ◽

Author(s):

S. Vijayarani Mohan ◽

S. Sharmila Sathyanathan

Keyword(s):

Cloud Computing ◽

Service Provider ◽

Resource Sharing ◽

New Technology ◽

Cloud Service ◽

Cloud Services ◽

Computing Technology ◽

Cloud Service Provider ◽

Research Issues ◽

New Infrastructure

Cloud computing is an Internet based resource sharing which trigger broad network access. This cloud computing technology is a new technology which delivers a new model for information and services by means of an existing grid computing technology. Further, this new technology uses Internet infrastructure to communicate between the client and the server side service applications. Apart from this, cloud computing has cloud service provider they offers cloud platform for their customers to create and use web oriented services. The hardware and software resource sharing is possible in cloud with the help of internet and it can be managed and maintained by the third party cloud service provider. The cloud service provider facilitates cloud computing to increase the capacity or add capability, for example without investing in a new infrastructure, training new people or licensing new software. It is packed with a new infrastructure to improve the services like scalability, elasticity, business agility, faster start up time, reduced management cost and availability of resources. This special Internet based shared resource has its own conceptual, technical, economical and user experience characteristics. Nowadays, cloud computing has become one of the most important and popular research areas in the field of computer science. Many open research problems are available in cloud computing and good solutions also been proposed by the researchers by developing new techniques and efficient algorithms. In this paper, a detailed study about cloud computing, its basic concepts, history, virtualization technique, and cloud services are discussed. In addition to this, research issues in cloud computing also discussed.

Download Full-text

CLOUD SECURITY PRE-ASSESSMENT MODEL FOR CLOUD SERVICE PROVIDER BASED ON ISO/IEC 27017:2015 ADDITIONAL CONTROL

International Journal of Innovation and Industrial Revolution ◽

10.35631/ijirev.25001 ◽

2020 ◽

Vol 2 (5) ◽

pp. 01-17

Author(s):

Nur Ahada Kamaruddin ◽

Ibrahim Mohamed ◽

Ahmad Dahari Jarno ◽

Maslina Daud

Keyword(s):

Cloud Computing ◽

Service Provider ◽

Cost Effective ◽

Cloud Service ◽

Cloud Security ◽

Assessment Method ◽

Cloud Services ◽

Assessment Model ◽

Cloud Service Provider ◽

Security Controls

Cloud computing technology has succeeded in attracting the interest of both academics and industries because of its ability to provide flexible, cost-effective, and adaptable services in IT solution deployment. The services offered to Cloud Service Subscriber (CSS) are based on the concept of on-demand self-service, scalability, and rapid elasticity, which allows fast deployment of IT solutions, whilst leads to possible misconfiguration, un-patched system, etc. which, allows security threats to compromise the cloud services operations. From the viewpoint of Cloud Service Provider (CSP), incidents such as data loss and information breach, will tarnish their reputations, whilst allow them to conserve the issues internally, in which there is no transparency between CSP and CSS. In the aspects of information security, CSP is encouraged to practice cybersecurity in their cloud services by adopting ISO/IEC27017:2015 inclusive of all additional security controls as mandatory requirements. This study was conducted to identify factors that are influencing the CSP readiness level in the cybersecurity implementation of their cloud services by leveraging the developed pre-assessment model to determine the level of cloud security readiness. Approached the study is based on the combination of qualitative and quantitative assessment method in validating the proposed model through interview and prototype testing. The findings of this study had shown that factors that influence the CSP level of cloud security readiness are based on these domains; technology, organisation, policy, stakeholders, culture, knowledge, and environment. The contribution of the study as a Pre-Assessment Model for CSP which is suitable to be used as a guideline to provide a safer cloud computing environment.

Download Full-text

Application of Trusted Virtual Environment Module in Cloud Computing

Advanced Materials Research ◽

10.4028/www.scientific.net/amr.616-618.2196 ◽

2012 ◽

Vol 616-618 ◽

pp. 2196-2199

Author(s):

Yu Hu

Keyword(s):

Cloud Computing ◽

Virtual Environment ◽

Service Provider ◽

Computing Environment ◽

Cloud Computing Environment ◽

The Core ◽

Trust Relationships ◽

Security Challenge

The Trusted Virtual Environment Module (TVEM) is a new mechanism for rooting trust in a cloud computing environment. The TVEM helps solve the core security challenge of cloud computing by enabling parties to establish trust relationships in a cloud computing environment where an information owner creates and runs a virtual environment on a platform owned by a separate service provider. This paper detailed discusses the TVEM used in the cloud computing environment.

Download Full-text

Information technology � Cloud computing � Taxonomy based data handling for cloud services

10.3403/30365507 ◽

2020 ◽

Keyword(s):

Information Technology ◽

Cloud Computing ◽

Cloud Services ◽

Data Handling

Download Full-text