A Structured Method for Security Requirements Elicitation concerning the Cloud Computing Domain

Cloud computing systems offer an attractive alternative to traditional IT-systems, because of economic benefits that arise from the cloud's scalable and flexible IT-resources. The benefits are of particular interest for SME's. The reason is that using Cloud Resources allows an SME to focus on its core business rather than on IT-resources. However, numerous concerns about the security of cloud computing services exist. Potential cloud customers have to be confident that the cloud services they acquire are secure for them to use. Therefore, they have to have a clear set of security requirements covering their security needs. Eliciting these requirements is a difficult task, because of the amount of stakeholders and technical components to consider in a cloud environment. Therefore, the authors propose a structured, pattern-based method supporting eliciting security requirements and selecting security measures. The method guides potential cloud customers to model the application of their business case in a cloud computing context using a pattern-based approach. Thus, a potential cloud customer can instantiate our so-called Cloud System Analysis Pattern. Then, the information of the instantiated pattern can be used to fill-out our textual security requirements patterns and individual defined security requirement patterns, as well. The presented method is tool-supported. Our tool supports the instantiation of the cloud system analysis pattern and automatically transfers the information from the instance to the security requirements patterns. In addition, they have validation conditions that check e.g., if a security requirement refers to at least one element in the cloud. The authors illustrate their method using an online-banking system as running example.

Download Full-text

A Structured Method for Security Requirements Elicitation Concerning the Cloud Computing Domain

Computer Systems and Software Engineering ◽

10.4018/978-1-5225-3923-0.ch031 ◽

2017 ◽

pp. 782-805

Author(s):

Kristian Beckers ◽

Isabelle Côté ◽

Ludger Goeke ◽

Selim Güler ◽

Maritta Heisel

Keyword(s):

Cloud Computing ◽

System Analysis ◽

Business Case ◽

Security Requirements ◽

Cloud System ◽

Security Requirement ◽

Security Measures ◽

Analysis Pattern ◽

It Resources ◽

Requirements Patterns

Cloud computing systems offer an attractive alternative to traditional IT-systems, because of economic benefits that arise from the cloud's scalable and flexible IT-resources. The benefits are of particular interest for SME's. The reason is that using Cloud Resources allows an SME to focus on its core business rather than on IT-resources. However, numerous concerns about the security of cloud computing services exist. Potential cloud customers have to be confident that the cloud services they acquire are secure for them to use. Therefore, they have to have a clear set of security requirements covering their security needs. Eliciting these requirements is a difficult task, because of the amount of stakeholders and technical components to consider in a cloud environment. Therefore, the authors propose a structured, pattern-based method supporting eliciting security requirements and selecting security measures. The method guides potential cloud customers to model the application of their business case in a cloud computing context using a pattern-based approach. Thus, a potential cloud customer can instantiate our so-called Cloud System Analysis Pattern. Then, the information of the instantiated pattern can be used to fill-out our textual security requirements patterns and individual defined security requirement patterns, as well. The presented method is tool-supported. Our tool supports the instantiation of the cloud system analysis pattern and automatically transfers the information from the instance to the security requirements patterns. In addition, they have validation conditions that check e.g., if a security requirement refers to at least one element in the cloud. The authors illustrate their method using an online-banking system as running example.

Download Full-text

Evaluation of Cloud System Success Factors in Supply-Demand Chains

Web Services ◽

10.4018/978-1-5225-7501-6.ch039 ◽

2019 ◽

pp. 712-727

Author(s):

Fawzy Soliman

Keyword(s):

Cloud Computing ◽

Supply Chain ◽

Organizational Performance ◽

Success Factors ◽

Cloud Services ◽

Customer Relationship ◽

Cloud System ◽

Basic Operation ◽

Cloud Systems ◽

Chain Organization

Cloud systems could help companies to optimize the structure and operation of supply chain and improve organizational performance into a higher level. In this chapter, the advantages and basic operation methods of cloud computing are analyzed, and the essential factors that contribute to the success of the cloud system are evaluated through some business examples. Supply chain firms rely on cloud system to share resources and to achieve integration through the Internet. Cloud systems could transform customer relationship and internal operation to achieve sustainable competitive advantages. Cloud services are providing the ability to share information to the supply chain at any time anywhere. This chapter explores the relationship between supply chain organization and cloud computing. This chapter also discusses the benefits and advantage to evaluate of cloud system in successful factors.

Download Full-text

An Analysis of Cloud Computing Security Issues

International Journal of Scientific Research in Science and Technology ◽

10.32628/ijsrst207239 ◽

2016 ◽

pp. 212-217

Author(s):

Baldev Singh

Keyword(s):

Cloud Computing ◽

Cloud Security ◽

Cloud Services ◽

Security Requirements ◽

Hybrid Technique ◽

Independent Manner ◽

Cloud Computing Security ◽

Security Issues ◽

Effective Implementation ◽

The Past

Cloud computing is one of the emerged technologies in the past decade. Tremendous growth is noticed in the usage and implementation of Cloud computing. Although cloud spectrum is widely popular still there are lot of challenges and issues to be addressed for its optimal usage. Vulnerabilities and threats to the cloud services leads to attacks and exploitation of resources as well as data breaches and privacy violations that need to be addressed at the cloud customer satisfaction level. This paper highlights different cloud security issues and their security requirements. The review aspects and findings of the paper can be used as a reference for further appropriate and effective implementation from the suggested practically viable cloud security solution in an independent manner or using as a hybrid technique.

Download Full-text

Monitoring and Prediction of SLA for IoT based Cloud

Scalable Computing Practice and Experience ◽

10.12694/scpe.v21i3.1697 ◽

2020 ◽

Vol 21 (3) ◽

pp. 349-358

Author(s):

Vivek Kumar Prasad ◽

Madhuri D Bhavsar

Keyword(s):

Cloud Computing ◽

Data Storage ◽

End Users ◽

Cloud Services ◽

Cloud Provider ◽

Peak Time ◽

Processing Power ◽

It Resources ◽

Set Up ◽

Cloud Resources

Internet of Things (IoT) and cloud computing are the expertise captivating the technology. The most astonishing thing is their interdependence. IoT deals with the production of an additional amount of information that requires transmission of data, storage, and huge infrastructural processing power, posing a solemn delinquent. This is where cloud computing fits into the scenario. Cloud computing can be treated as the utility factor nowadays and can be used by pay as you go manner. As a cloud is a multi-tenant approach, and the resources will be used by multiple users. The cloud resources are required to be monitored, maintained, and configured and set-up as per the need of the end-users. This paper describes the mechanisms for monitoring by using the concept of reinforcement learning and prediction of the cloud resources, which forms the critical parts of cloud expertise in support of controlling and evolution of the IT resources and has been implemented using LSTM. The resource management system coordinates the IT resources among the cloud provider and the end users; accordingly, multiple instances can be created and managed as per the demand and availability of the support in terms of resources. The proper utilization of the resources will generate revenues to the provider and also increases the trust factor of the provider of cloud services. For experimental analysis, four parameters have been used i.e. CPU utilization, disk read/write throughput and memory utilization. The scope of this research paper is to manage the Cloud Computing resources during the peak time and avoid the conditions of the over and under-provisioning proactively.

Download Full-text

Privacy and Security Aware Cloud Storage using Double Cryptography Method

International Journal of Recent Technology and Engineering - 2 ◽

10.35940/ijrte.d1108.1284s219 ◽

2019 ◽

Vol 8 (4S2) ◽

pp. 577-582

Keyword(s):

Cloud Computing ◽

Original Data ◽

Cloud Services ◽

Third Party ◽

Cloud System ◽

Privacy And Security ◽

Storage Servers ◽

Query System ◽

Encryption Decryption ◽

Cloud Users

Cloud computing, a remote technology that enlightens with several on-demand services. Cloud computing developed with a principle of sharing resources available as per the company needs. Prominent cloud services utilized today are networking, storage, servers, software’s, etc. Cloud computing's distributed nature and advanced features create a remarkable footprint in the IT field. It is fair to say without cloud technology the next technical era can't exist. However the cloud computing widely spaced, simultaneous some serious challenges still exists. As per the real-time scenario, there are several challenges still alive, but among which privacy and security are prominent to take concern. Among which the trustworthiness of third-party providers increases the attention on developing an enhanced cloud system. In this paper, we proposed an improved double encryption-decryption (IDED) method for a secure cloud system. The main intention of the proposed work is increasing the privacy and security for the cloud users. The principle applied to the proposed methodology is double encryption and double decryption. The encrypted files are decrypted to view the original data using the keys. These keys are available only to the authenticated users which ensures the system's privacy and security in all manner. The mechanism is processed under the query system of sending and response from the data authority

Download Full-text

A catalog of security requirements patterns for the domain of cloud computing systems

Proceedings of the 29th Annual ACM Symposium on Applied Computing - SAC '14 ◽

10.1145/2554850.2554921 ◽

2014 ◽

Cited By ~ 10

Author(s):

Kristian Beckers ◽

Isabelle Côté ◽

Ludger Goeke

Keyword(s):

Cloud Computing ◽

Security Requirements ◽

Computing Systems ◽

Requirements Patterns

Download Full-text

Trust Management in the World of Cloud Computing. Past Trends and Some New Directions

Scalable Computing Practice and Experience ◽

10.12694/scpe.v22i4.1952 ◽

2021 ◽

Vol 22 (4) ◽

pp. 425-444

Author(s):

Mahreen Saleem ◽

M.R Warsi ◽

Saiful Islam ◽

Areesha Anjum ◽

Nadia Siddiquii

Keyword(s):

Machine Learning ◽

Cloud Computing ◽

Current Knowledge ◽

Economic Benefits ◽

Cloud Services ◽

Machine Learning Techniques ◽

Trust Evaluation ◽

Trust Models ◽

Cloud Environments ◽

Insight Into

Over the past years, Cloud computing has become one of the most influential information technologies to combat computing needs because of its unprecedented advantages. In spite of all the social and economic benefits it provides, it has its own fair share of issues. These include privacy, security, virtualization, storage, and trust. The underlying issues of privacy, security, and trust are the major barriers to the adoption of cloud by individuals and organizations as a whole. Trust has been the least looked into since it includes both subjective and objective characteristics. There is a lack of review on trust models in this research domain. This paper focuses on getting insight into the nomenclature of trust, its classifications, trust dimensions and throws an insight into various trust models that exist in the current knowledge stack. Also, various trust evaluation measures are highlighted in this work. We also draw a comparative analysis of various trust evaluation models and metrics to better understand the notion of trust in cloud environments. Furthermore, this work brings into light some of the gaps and areas that need to be tackled toward solving the trust issues in cloud environments so as to provide a trustworthy cloud ecosystem. Lastly, we proposed a Machine Learning backed Rich model based solution for trust verification in Cloud Computing. We proposed an approach for verifying whether the right software is running for the correct services in a trusted manner by analyzing features generated from the output cloud processed data. The proposed scheme can be utilized for verifying the cloud trust in delivering services as expected that can be perceived as an initiative towards trust evaluation in cloud services employing Machine learning techniques. The experimental results prove that the proposed method verifies the service utilized with an accuracy of 99%.

Download Full-text

USE OF DISTRIBUTED HASH TABLES TO PROVIDE ACCESS TO CLOUD SERVICES

Collection of scientific works of the Military Institute of Kyiv National Taras Shevchenko University ◽

10.17721/2519-481x/2020/67-09 ◽

2020 ◽

pp. 85-95

Author(s):

Y.P. Klots ◽

I.V. Muliar ◽

V.M. Cheshun ◽

O.V. Burdyug

Keyword(s):

Cloud Computing ◽

Cloud Services ◽

Local Network ◽

Cloud System ◽

Information Flows ◽

Access To Services ◽

Computing Environment ◽

Cloud Computing Environment ◽

Web Resource ◽

Distributed Cloud

In the article the urgency of the problem of granting access to services of distributed cloud system is disclosed, in particular, the peer distributed cloud system is characterized. The process of interaction of the main components is provided to access the domain name web resource. It is researched that the distribution of resources between nodes of a peer distributed cloud system with the subsequent provision of services on request is implemented using the Kademlia protocol on a local network or Internet and contains processes for publishing the resource at the initial stage of its owner, replication and directly providing access to resources. Application of modern technologies of adaptive information security systems does not allow full control over the information flows of the cloud computing environment, since they function at the upper levels of the hierarchy. Therefore, to create effective mechanisms for protecting software in a cloud computing environment, it is necessary to develop new threat models and to create methods for displaying computer attacks that allow operatively to identify hidden and potentially dangerous processes of information interaction. Rules of access form the basis of security policy and include restrictions on the mechanisms of initialization processes access. Under the developed operations model, the formalized description of hidden threats is reduced to the emergence of context-dependent transitions in the multigraph transactions. The method of granting access to the services of the distributed cloud system is substantiated. It is determined that the Distributed Hash Table (DHT) infrastructure is used to find a replication node that has a replica of the requested resource or part of it. The study identified the stages of identification of the node's validation. The process of adding a new node, validating authenticity, publishing a resource, and accessing a resource is described in the form of a step-by-step sequence of actions within the framework of the method of granting access to services of a distributed cloud system by graphical description of information flows, interaction of processes of information and objects processing.

Download Full-text

Design of Platform for Service Optimization in Cloud System Environment

International Journal of Recent Technology and Engineering - 2 ◽

10.35940/ijrte.b1031.0782s619 ◽

2019 ◽

Vol 8 (2S6) ◽

pp. 163-167

Keyword(s):

Cloud Computing ◽

Cloud Services ◽

Cloud System ◽

System Environment ◽

Service Environment ◽

Computing Services ◽

Cloud Computing Service ◽

Information And Communication ◽

Cloud Computing Services ◽

Service Optimization

One of the major characteristics of our society in the field of information and communication is its efforts to cope with the rapidly changing IT environment. This is probably because firms are closely related to the survival of the company. As a solution to this problem, researches on cloud computing services are being actively conducted. As cloud computing services have emerged in the marketplace, concepts related to IT assets are changing from being owned to using services. Reflecting this trend, many related companies are providing cloud services. Therefore, in this paper, we design an optimized platform for efficient application of server in cloud system environment. To do this, we designed a system to study various system connections based on the cloud computing service environment and implement an optimized service platform. In this paper, we have implemented optimization and virtualization research in a cloud system environment to design a platform for optimized cloud services. In addition, we designed the optimal platform by studying methodologies such as optimization service environment implementation, compatibility and analysis.

Download Full-text