The Effect of Firewall Testing Types on Cloud Security Policies

Annie Shebanow; Richard Perez; Caroline Howard

doi:10.4018/jsita.2012070105

The Effect of Firewall Testing Types on Cloud Security Policies

International Journal of Strategic Information Technology and Applications ◽

10.4018/jsita.2012070105 ◽

2012 ◽

Vol 3 (3) ◽

pp. 60-68 ◽

Cited By ~ 1

Author(s):

Annie Shebanow ◽

Richard Perez ◽

Caroline Howard

Keyword(s):

Defense Mechanisms ◽

Security Requirements ◽

Security Policies ◽

Cloud Environment ◽

Sensitive Data ◽

Network Systems ◽

New Techniques ◽

Software And Hardware ◽

High Level ◽

Gain Access

An important aspect of security requirements is a firm understanding of the threats to systems so that specific defense mechanisms can be implemented. Globally scattered network systems and on-demand access to systems such as cloud computing require a high level of security, because the software and hardware of networks are integrated in vulnerable shared or outsourced environments. Hackers are relentless in finding new techniques to gain access to sensitive data. Securing infrastructures is a challenging task, but when researchers identify and investigate potential threats and create solutions, vulnerabilities may be reduced. The purpose of this paper is to explore how use, misuse, positive and negative, obstacle, and abuse testing cases of firewalls have broadened the security policies that mitigate or prevent threats in a cloud environment.

Download Full-text

Policy Technologies for Security Management in Coalition Networks

Global Business ◽

10.4018/978-1-60960-587-2.ch316 ◽

2011 ◽

pp. 750-776

Author(s):

Seraphin B. Calo ◽

Clare-Marie Karat ◽

John Karat ◽

Jorge Lobo ◽

Robert Craven ◽

...

Keyword(s):

Military Personnel ◽

Security Management ◽

Security Requirements ◽

Security Policies ◽

Technical Expertise ◽

Policy Management ◽

Level Control ◽

Concrete System ◽

Human In The Loop ◽

High Level

The goal of policy-based security management is to enable military personnel to specify security requirements in terms of simple, intuitive goals. These goals are translated into the concrete system settings in a way that the system behaves in a consistent and desirable way. This technology minimizes the technical expertise required by military personnel and automates security management while allowing a high level control by the human in the loop. This chapter describes a framework for managing security policies, and an overview of two prototypes that simplify different aspects of policy management in the context of coalition operations.

Download Full-text

Proxy-3S

International Journal of Information Security and Privacy ◽

10.4018/ijisp.2022010116 ◽

2022 ◽

Vol 16 (1) ◽

pp. 0-0

Keyword(s):

Private Information ◽

Secure Communication ◽

Mobile Cloud Computing ◽

Security And Privacy ◽

Security Policies ◽

Sensitive Data ◽

Good Efficiency ◽

Distributed Application ◽

Level Data ◽

High Level

Virtualization plays a key role in the area of Mobile Cloud Computing (MCC). In MCC, the protection of distributed VMs and mobile users’ sensitive data, in terms of security and privacy, is highly required. This paper presents a novel cloud proxy known as Three Policies Secure Cloud Proxy (Proxy-3S) that combines three security policies: VM users’ access control, VMs’ secure allocation and VMs’ secure communication. The proposed approach aims to keep the distributed VMs safe in different servers on the cloud. It enhances the access authorization to permit intensive distributed application tasks on the cloud or mobile devices while processing and communicating private information between VMs. Furthermore, an algorithm that enables secure communication among distributed VMs and protection of sensitive data in VMs on the cloud is proposed. Several experiments were conducted using a real-world healthcare distributed application. The experiments achieved promising results for high-level data protection and good efficiency rating compared to existing works.

Download Full-text

An Adaptive Multilevel Security Framework for the Data Stored in Cloud Environment

The Scientific World JOURNAL ◽

10.1155/2015/601017 ◽

2015 ◽

Vol 2015 ◽

pp. 1-11 ◽

Cited By ~ 3

Author(s):

Sudha Devi Dorairaj ◽

Thilagavathy Kaliannan

Keyword(s):

Cloud Environment ◽

Security Framework ◽

Sensitive Data ◽

Multilevel Security ◽

Resource Pooling ◽

Multiple Method ◽

Information Technology Services ◽

Service Resource ◽

Technology Services ◽

High Level

Cloud computing is renowned for delivering information technology services based on internet. Nowadays, organizations are interested in moving their massive data and computations into cloud to reap their significant benefits of on demand service, resource pooling, and rapid elasticity that helps to satisfy the dynamically changing infrastructure demand without the burden of owning, managing, and maintaining it. Since the data needs to be secured throughout its life cycle, security of the data in cloud is a major challenge to be concentrated on because the data is in third party’s premises. Any uniform simple or high level security method for all the data either compromises the sensitive data or proves to be too costly with increased overhead. Any common multiple method for all data becomes vulnerable when the common security pattern is identified at the event of successful attack on any information and also encourages more attacks on all other data. This paper suggests an adaptive multilevel security framework based on cryptography techniques that provide adequate security for the classified data stored in cloud. The proposed security system acclimates well for cloud environment and is also customizable and more reliant to meet the required level of security of data with different sensitivity that changes with business needs and commercial conditions.

Download Full-text

Policy Technologies for Security Management in Coalition Networks

Network Science for Military Coalition Operations ◽

10.4018/978-1-61520-855-5.ch008 ◽

2010 ◽

pp. 146-173 ◽

Cited By ~ 1

Author(s):

Seraphin B. Calo ◽

Clare-Marie Karat ◽

John Karat ◽

Jorge Lobo ◽

Robert Craven ◽

...

Keyword(s):

Military Personnel ◽

Security Management ◽

Security Requirements ◽

Security Policies ◽

Technical Expertise ◽

Policy Management ◽

Level Control ◽

Concrete System ◽

Human In The Loop ◽

High Level

Download Full-text

Threatening the Cloud

Transportation Systems and Engineering ◽

10.4018/978-1-4666-8473-7.ch040 ◽

2015 ◽

pp. 789-814 ◽

Cited By ~ 1

Author(s):

Philipp Zech ◽

Philipp Kalb ◽

Michael Felderer ◽

Ruth Breu

Keyword(s):

Life Cycle ◽

Business Processes ◽

The Other ◽

Security Requirements ◽

Cloud Environment ◽

Sensitive Data ◽

Model Driven ◽

The One ◽

Model Driven Approach ◽

High Degree

Today's increasing trend towards outsourcing IT landscapes and business processes into the Cloud is a double-edged sword. On the one side, companies can save time and money; however, on the other side, moving possible sensitive data and business processes into the Cloud demands for a high degree of information security. In the course of this chapter, the authors give an overview of a Cloud's various vulnerabilities, how to address them properly, and last but not least, a model-driven approach to evaluate the state of security of a Cloud environment by means of negative testing. Besides, the authors incorporate the idea of living models to allow tracking and incorporating of changes in the Cloud environment and react properly and, more important, in time on evolving security requirements throughout the complete Cloud Life Cycle.

Download Full-text

Threatening the Cloud

Software Testing in the Cloud - Advances in Computer and Electrical Engineering ◽

10.4018/978-1-4666-2536-5.ch013 ◽

2012 ◽

pp. 280-304

Author(s):

Philipp Zech ◽

Philipp Kalb ◽

Michael Felderer ◽

Ruth Breu

Keyword(s):

Life Cycle ◽

Business Processes ◽

The Other ◽

Security Requirements ◽

Cloud Environment ◽

Sensitive Data ◽

Model Driven ◽

The One ◽

Model Driven Approach ◽

High Degree

Today’s increasing trend towards outsourcing IT landscapes and business processes into the Cloud is a double-edged sword. On the one side, companies can save time and money; however, on the other side, moving possible sensitive data and business processes into the Cloud demands for a high degree of information security. In the course of this chapter, the authors give an overview of a Cloud’s various vulnerabilities, how to address them properly, and last but not least, a model-driven approach to evaluate the state of security of a Cloud environment by means of negative testing. Besides, the authors incorporate the idea of living models to allow tracking and incorporating of changes in the Cloud environment and react properly and, more important, in time on evolving security requirements throughout the complete Cloud Life Cycle.

Download Full-text

Evolutionarily recent dual obligatory symbiosis among adelgids indicates a transition between fungus- and insect-associated lifestyles

The ISME Journal ◽

10.1038/s41396-021-01056-z ◽

2021 ◽

Author(s):

Gitta Szabó ◽

Frederik Schulz ◽

Alejandro Manzano-Marín ◽

Elena Rebecca Toenshoff ◽

Matthias Horn

Keyword(s):

Defense Mechanisms ◽

Amino Acid Production ◽

Evolutionary Transition ◽

Evolutionary Time ◽

Evolutionary Trajectories ◽

Host Infection ◽

Phylogenomic Analyses ◽

Time Specific ◽

High Level ◽

Metagenomic Approach

AbstractAdelgids (Insecta: Hemiptera: Adelgidae) form a small group of insects but harbor a surprisingly diverse set of bacteriocyte-associated endosymbionts, which suggest multiple replacement and acquisition of symbionts over evolutionary time. Specific pairs of symbionts have been associated with adelgid lineages specialized on different secondary host conifers. Using a metagenomic approach, we investigated the symbiosis of the Adelges laricis/Adelgestardus species complex containing betaproteobacterial (“Candidatus Vallotia tarda”) and gammaproteobacterial (“Candidatus Profftia tarda”) symbionts. Genomic characteristics and metabolic pathway reconstructions revealed that Vallotia and Profftia are evolutionary young endosymbionts, which complement each other’s role in essential amino acid production. Phylogenomic analyses and a high level of genomic synteny indicate an origin of the betaproteobacterial symbiont from endosymbionts of Rhizopus fungi. This evolutionary transition was accompanied with substantial loss of functions related to transcription regulation, secondary metabolite production, bacterial defense mechanisms, host infection, and manipulation. The transition from fungus to insect endosymbionts extends our current framework about evolutionary trajectories of host-associated microbes.

Download Full-text

Virtual reality in Education. Broken promises or new hope?

10.14742/ascilite2021.0111 ◽

2021 ◽

Author(s):

B. L. McGee ◽

Lisa Jacka

Keyword(s):

Virtual Reality ◽

Learning Environments ◽

Evidence Based ◽

Research Needs ◽

Business Environments ◽

Global Pandemic ◽

Technology Changes ◽

Software And Hardware ◽

High Level ◽

K 12

Virtual reality in one form or another has been around for over 50 years, most notably in entertainment and business environments. Technology-focused teachers have been leading the way with attempts at utilising and integrating virtual reality into K-12 and Higher Education. However, as quickly as technology changes so does the enthusiasm for the use in educational contexts. Much of this is due to the high-level cost (time and money) with no evidence-based educational return. In 2020 the global pandemic forced the education sector to innovate to provide authentic learning environments for students. The time is right for virtual reality to take centre stage. Over 171 million people worldwide currently use virtual reality, and the market in education is expected to grow by 42% over the next five years. This paper focuses on a range of virtual reality literature encompassing work across the spectrum of software and hardware, identifying where more educational implementation and research needs to be done and providing a perspective on future possibilities focusing on current affordances.

Download Full-text

Survey on DDoS Attacks and Defense Mechanisms in Cloud and Fog Computing

International Journal of E-Services and Mobile Applications ◽

10.4018/ijesma.2018070104 ◽

2018 ◽

Vol 10 (3) ◽

pp. 61-83 ◽

Cited By ~ 10

Author(s):

Deepali Chaudhary ◽

Kriti Bhushan ◽

B.B. Gupta

Keyword(s):

Cloud Computing ◽

Defense Mechanisms ◽

Low Cost ◽

Fog Computing ◽

Smart Devices ◽

Cloud Environment ◽

Security Issue ◽

Process Data ◽

Ddos Attack ◽

Iot Devices

This article describes how cloud computing has emerged as a strong competitor against traditional IT platforms by offering low-cost and “pay-as-you-go” computing potential and on-demand provisioning of services. Governments, as well as organizations, have migrated their entire or most of the IT infrastructure to the cloud. With the emergence of IoT devices and big data, the amount of data forwarded to the cloud has increased to a huge extent. Therefore, the paradigm of cloud computing is no longer sufficient. Furthermore, with the growth of demand for IoT solutions in organizations, it has become essential to process data quickly, substantially and on-site. Hence, Fog computing is introduced to overcome these drawbacks of cloud computing by bringing intelligence to the edge of the network using smart devices. One major security issue related to the cloud is the DDoS attack. This article discusses in detail about the DDoS attack, cloud computing, fog computing, how DDoS affect cloud environment and how fog computing can be used in a cloud environment to solve a variety of problems.

Download Full-text

Live demonstration: High level software and hardware synthesis of dataflow programs

2013 IEEE International Symposium on Circuits and Systems (ISCAS2013) ◽

10.1109/iscas.2013.6571930 ◽

2013 ◽

Author(s):

Endri Bezati ◽

Ghislain Roquier ◽

Marco Mattavelli

Keyword(s):

Hardware Synthesis ◽

Live Demonstration ◽

Software And Hardware ◽

High Level

Download Full-text