CSPM

Security and privacy in cloud systems are critical. To address security and privacy concerns, many security patterns, privacy patterns, and non-pattern-based knowledge have been reported. However, knowing which pattern or combination of patterns to use in a specific scenario is challenging due to the sheer volume of options and the layered cloud stack. To deal with security and privacy in cloud services, this study proposes the cloud security and privacy metamodel (CSPM). CSPM uses a consistent approach to classify and handle existing security and privacy patterns. In addition, CSPM is used to develop a security and privacy awareness process to develop cloud systems. The effectiveness and practicality of CSPM is demonstrated via several case studies.

Download Full-text

Metamodel for Security and Privacy Knowledge in Cloud Service Development

10.20944/preprints201904.0106.v1 ◽

2019 ◽

Author(s):

Tian Xia ◽

Hironori Washizaki ◽

Yoshiaki Fukazawa ◽

Takehisa Kato ◽

Haruhiko Kaiya ◽

...

Keyword(s):

Case Studies ◽

Cloud Service ◽

Cloud Security ◽

Cloud Services ◽

Security And Privacy ◽

Service Development ◽

Security Patterns ◽

Cloud Systems ◽

Specific Scenario ◽

Consistent Approach

Requirements for cloud services include security and privacy. Although many security patterns, privacy patterns, and non-pattern-based knowledge have been reported, knowing which pattern or combination of patterns to use in a specific scenario is challenging due to the sheer volume of options and the layered cloud stack. To deal with security and privacy in cloud services, this study proposes the Cloud Security and Privacy Metamodel (CSPM). CSPM uses a consistent approach to classify and support existing security and privacy patterns. In addition, CSPM is used to develop a security and privacy awareness process to develop cloud systems. The effectiveness and practicality of CSPM is demonstrated via several case studies.

Download Full-text

IoT Cloud Security Review

ACM Computing Surveys ◽

10.1145/3447625 ◽

2021 ◽

Vol 54 (4) ◽

pp. 1-36

Author(s):

Fei Chen ◽

Duming Luo ◽

Tao Xiang ◽

Ping Chen ◽

Junfeng Fan ◽

...

Keyword(s):

Case Studies ◽

Service Providers ◽

Risk Mitigation ◽

Rapid Development ◽

Security Analysis ◽

Cloud Security ◽

Future Research ◽

Security Risk ◽

Research Attention ◽

Cloud Systems

Recent years have seen the rapid development and integration of the Internet of Things (IoT) and cloud computing. The market is providing various consumer-oriented smart IoT devices; the mainstream cloud service providers are building their software stacks to support IoT services. With this emerging trend even growing, the security of such smart IoT cloud systems has drawn much research attention in recent years. To better understand the emerging consumer-oriented smart IoT cloud systems for practical engineers and new researchers, this article presents a review of the most recent research efforts on existing, real, already deployed consumer-oriented IoT cloud applications in the past five years using typical case studies. Specifically, we first present a general model for the IoT cloud ecosystem. Then, using the model, we review and summarize recent, representative research works on emerging smart IoT cloud system security using 10 detailed case studies, with the aim that the case studies together provide insights into the insecurity of current emerging IoT cloud systems. We further present a systematic approach to conduct a security analysis for IoT cloud systems. Based on the proposed security analysis approach, we review and suggest potential security risk mitigation methods to protect IoT cloud systems. We also discuss future research challenges for the IoT cloud security area.

Download Full-text

Selected Cloud Security Patterns to Improve End User Security and Privacy in Public Clouds

Privacy Technologies and Policy - Lecture Notes in Computer Science ◽

10.1007/978-3-319-44760-5_8 ◽

2016 ◽

pp. 115-132 ◽

Cited By ~ 2

Author(s):

Thomas Länger ◽

Henrich C. Pöhls ◽

Solange Ghernaouti

Keyword(s):

Cloud Security ◽

Security And Privacy ◽

End User ◽

Security Patterns ◽

User Security

Download Full-text

The Vulnerabilities of Cloud Computing : A Review

International Journal of Advanced Research in Science, Communication and Technology ◽

10.48175/ijarsct-2213 ◽

2021 ◽

pp. 438-443

Author(s):

Janardan Kulkarni ◽

Jay Prajapati ◽

Sakshi Patel

Keyword(s):

Cloud Computing ◽

Cloud Security ◽

Private Life ◽

Ease Of Use ◽

Security And Privacy ◽

Privacy Concerns ◽

Legal Norms ◽

Confidential Data ◽

The Right ◽

The Impact

A Cloud is a type of analogous and scattered system consisting of a collection of inter-connected and virtualized computers that are dynamically provisioned and presented as one or more unified computing resources “ . cloud computing is the dynamic provisioning of IT capabilities (hardware, software, or services) from third parties over a network. However this technology is still in its initial stages of development, as it suffers from threats and vulnerabilities that prevent the users from trusting it. Various malicious activities from illegal users have threatened this technology such as data misuse, inflexible access control and limited monitoring. The occurrence of these threats may result into damaging or illegal access of critical and confidential data of users. This article is in order to describe the impact of those vulnerabilities and threats to create awareness among organisations and users so that they can Adopt this technology with trust And form a trusted provider Who has trusted security policies. Here we have defined cloud-specific vulnerabilities, cloud feature vulnerabilities and propose a reference vulnerabilities architecture of cloud computing and threats related cloud computing. Cloud security and privacy plays an important role to avoid cloud threats .Cloud Privacy Concerns the expression of or devotion to various legal and non- legal norms regarding the right to private life. Cloud Security Concerns the confidentiality, ease of use and reliability of data or information. As the development of cloud computing, issue of security has become a top priority. In this article we are going to discuss about the Characteristics of vulnerabilities , cloud vulnerabilities and cloud threats , Also how we can overcome or avoid them and keep our data safe.

Download Full-text

Cloud security and privacy model for providing secure cloud services

2016 2nd International Conference on Cloud Computing Technologies and Applications (CloudTech) ◽

10.1109/cloudtech.2016.7847682 ◽

2016 ◽

Cited By ~ 10

Author(s):

Khalid El Makkaoui ◽

Abdellah Ezzati ◽

Abderrahim Beni-Hssane ◽

Cina Motamed

Keyword(s):

Cloud Security ◽

Cloud Services ◽

Security And Privacy ◽

Privacy Model

Download Full-text

Cloud Security - A Semantic Approach in End to End Security Compliance

Engineering International ◽

10.18034/ei.v5i2.586 ◽

2017 ◽

Vol 5 (2) ◽

pp. 97-106

Author(s):

VNS Surendra Chimakurthi

Keyword(s):

Security Policy ◽

Service Providers ◽

Cloud Service ◽

Cloud Security ◽

Cloud Services ◽

Security Requirements ◽

Security And Privacy ◽

Cloud Service Providers ◽

Compliance Requirements ◽

Cloud Users

Many firms are seeing the benefits of moving to the cloud. For the sake of their customers' data, cloud service providers are required by law to maintain the highest levels of data security and privacy. Most cloud service providers employ a patchwork of security and privacy safeguards while industry standards are being created. The upshot is that customers of cloud services are unsure whether or not the security protections supplied by these services are enough to meet their specific security and compliance requirements. In this article, we have discussed the many threats cloud users face and emphasized the compliance frameworks and security processes that should be in place to minimize the risk. To categorize cloud security measures, risks, and compliance requirements, we developed an ontology. We needed to design software to identify the high-level policy rules that must be applied in response to each danger as part of this initiative. Additionally, the program provides a list of cloud service providers that now satisfy specific security requirements. Even if they aren't familiar with the underlying technology, cloud users may utilize our system to build up their security policy and identify compatible providers.

Download Full-text

Cloud Security and Privacy Metamodel - Metamodel for Security and Privacy Knowledge in Cloud Services

Proceedings of the 6th International Conference on Model-Driven Engineering and Software Development ◽

10.5220/0006600403790386 ◽

2018 ◽

Cited By ~ 3

Author(s):

Tian Xia ◽

Hironori Washizaki ◽

Takehisa Kato ◽

Haruhiko Kaiya ◽

Shinpei Ogata ◽

...

Keyword(s):

Cloud Security ◽

Cloud Services ◽

Security And Privacy

Download Full-text

A Survey on Enhancing Cloud Security Using Fog Computing

10.31226/osf.io/4pt59 ◽

2020 ◽

Author(s):

Arpit B ◽

Prasad K. D ◽

Mandhar D ◽

Abhi A. S

Keyword(s):

Cloud Computing ◽

Fog Computing ◽

Cloud Security ◽

Research Area ◽

Cloud Services ◽

Security And Privacy ◽

Security And Protection ◽

Challenges And Opportunities ◽

New Research

Nowadays Fog Computing has become a vast research area in the domain of cloud computing. Due to its ability of extending the cloud services towards the edge of the network, reduced service latency and improved Quality of Services, which provides better user experience. However, the qualities of Fog Computing emerge new security and protection challenges. The Current security and protection estimations for cloud computing cannot be straightforwardly applied to the fog computing because of its portability and heterogeneity. So these issues in fog computing arises new research challenges and opportunities. This survey features about existing security concerns for fog computing and new proposed system to tackle some of the issues in fog computing related to security and privacy, thereby enhancing the cloud security.

Download Full-text

Effects of security and privacy concerns on educational use of cloud services

Computers in Human Behavior ◽

10.1016/j.chb.2014.11.075 ◽

2015 ◽

Vol 45 ◽

pp. 93-98 ◽

Cited By ~ 53

Author(s):

Ibrahim Arpaci ◽

Kerem Kilicer ◽

Salih Bardakci

Keyword(s):

Cloud Services ◽

Security And Privacy ◽

Privacy Concerns

Download Full-text

An Innovative Model for both Cloud Security and Privacy in Provision of Secure Cloud Services

International Journal of Innovative Technology and Exploring Engineering - Special Issue ◽

10.35940/ijitee.a5272.119119 ◽

2019 ◽

Vol 9 (1) ◽

pp. 2785-2791

Keyword(s):

Cloud Security ◽

Cloud Services ◽

Security And Privacy ◽

Security Threats ◽

Privacy And Security ◽

Security Issues ◽

On Demand ◽

The World ◽

Innovative Model ◽

Privacy Model

Because of diverse benefits such as counting services on demand, decreasing costs, computing resources configuration, flexibility, services scalability, etc. over internet, Cloud Computing has become and is becoming widely and hugely accepted technology to provide services. On the other hand, privacy and security of a cloud has become an issue as this technology is tremendously emerging in the world. Many researches are being done and even some proposed various models to identify and overcome the privacy and security issues. In this review, for the cloud providers to use during different stages of cloud services, a layered cloud security and privacy model (CSPM) will be provided. The CSPM model allows to overcome cloud security issues and thus, providing safe and protected services. Lastly, countermeasures and security threats will be presented.

Download Full-text