A Framework and Cryptography Algorithm for Protecting Sensitive Data on
Cloud Service Providers

Most companies are sceptical about the security and insurance measures offered by cloud services and are reluctant to store sensitive data, such as employee records, in the cloud. Thus, more effort is needed to support the security of information in cloud computing. This paper proposes a cryptography algorithm called ―random algorithm‖ because it is built on the idea of randomising the encryption of uploaded files among four encryption algorithms. The proposed fragmentation technique helps add security and privacy to cloud storage applications. Based on earlier studies, we have created a file-level fragmentation technique that does not work at the database level, in contrast to commonly employed approaches in the case of fragmentation techniques such as horizontal fragmentation, vertical fragmentation, and hybrid fragmentation, which do work at the database level. The proposed encryption algorithm and fragmentation technique work within an integrated security framework that includes a user authentication gateway that encrypts user registration data through a cryptography algorithm called the RivestShamir-Adleman algorithm (RSA). The results of the proposed security framework were positive, as it contributed to reducing the encryption time and decoding time by approximately 99%, compared to earlier studies

Download Full-text

eHealth Cloud Security Challenges: A Survey

Journal of Healthcare Engineering ◽

10.1155/2019/7516035 ◽

2019 ◽

Vol 2019 ◽

pp. 1-15 ◽

Cited By ~ 11

Author(s):

Yazan Al-Issa ◽

Mohammad Ashraf Ottom ◽

Ahmed Tamrawi

Keyword(s):

Cloud Computing ◽

Resource Sharing ◽

Energy Savings ◽

Service Providers ◽

Healthcare Providers ◽

Cloud Service ◽

Cloud Security ◽

Security And Privacy ◽

Healthcare Industry ◽

Sensitive Data

Cloud computing is a promising technology that is expected to transform the healthcare industry. Cloud computing has many benefits like flexibility, cost and energy savings, resource sharing, and fast deployment. In this paper, we study the use of cloud computing in the healthcare industry and different cloud security and privacy challenges. The centralization of data on the cloud raises many security and privacy concerns for individuals and healthcare providers. This centralization of data (1) provides attackers with one-stop honey-pot to steal data and intercept data in-motion and (2) moves data ownership to the cloud service providers; therefore, the individuals and healthcare providers lose control over sensitive data. As a result, security, privacy, efficiency, and scalability concerns are hindering the wide adoption of the cloud technology. In this work, we found that the state-of-the art solutions address only a subset of those concerns. Thus, there is an immediate need for a holistic solution that balances all the contradicting requirements.

Download Full-text

Cloud Security - A Semantic Approach in End to End Security Compliance

Engineering International ◽

10.18034/ei.v5i2.586 ◽

2017 ◽

Vol 5 (2) ◽

pp. 97-106

Author(s):

VNS Surendra Chimakurthi

Keyword(s):

Security Policy ◽

Service Providers ◽

Cloud Service ◽

Cloud Security ◽

Cloud Services ◽

Security Requirements ◽

Security And Privacy ◽

Cloud Service Providers ◽

Compliance Requirements ◽

Cloud Users

Many firms are seeing the benefits of moving to the cloud. For the sake of their customers' data, cloud service providers are required by law to maintain the highest levels of data security and privacy. Most cloud service providers employ a patchwork of security and privacy safeguards while industry standards are being created. The upshot is that customers of cloud services are unsure whether or not the security protections supplied by these services are enough to meet their specific security and compliance requirements. In this article, we have discussed the many threats cloud users face and emphasized the compliance frameworks and security processes that should be in place to minimize the risk. To categorize cloud security measures, risks, and compliance requirements, we developed an ontology. We needed to design software to identify the high-level policy rules that must be applied in response to each danger as part of this initiative. Additionally, the program provides a list of cloud service providers that now satisfy specific security requirements. Even if they aren't familiar with the underlying technology, cloud users may utilize our system to build up their security policy and identify compatible providers.

Download Full-text

Next-generation Blockchain-Enabled Virtualized Cloud Security Solutions: Review and Open Challenges

10.36227/techrxiv.13233887.v1 ◽

2020 ◽

Author(s):

Mueen Uddin ◽

Anjum Khalique ◽

Awais Khan Jumani

Keyword(s):

Cloud Computing ◽

Service Providers ◽

Cloud Service ◽

End Users ◽

Resource Provisioning ◽

Cloud Services ◽

Security And Privacy ◽

Computing Platform ◽

Cloud Service Providers ◽

Cloud Computing Platform

This paper reviews, discusses, and highlights some of the standard cloud computing vulnerabilities primarily related to virtualization platforms and their implementations while outsourcing services and resources to different end-users and business enterprises. Furthermore, we provide Blockchain-enabled solutions for virtualized cloud computing platform involving both the end-users as well as cloud service providers (CSP) to address and solve different security and privacy-related vulnerabilities using blockchain-enabled solutions to improve their cloud services and resource provisioning facilities.

Download Full-text

Next-Generation Blockchain-Enabled Virtualized Cloud Security Solutions: Review and Open Challenges

Electronics ◽

10.3390/electronics10202493 ◽

2021 ◽

Vol 10 (20) ◽

pp. 2493

Author(s):

Mueen Uddin ◽

Anjum Khalique ◽

Awais Khan Jumani ◽

Syed Sajid Ullah ◽

Saddam Hussain

Keyword(s):

Cloud Computing ◽

Multinational Corporations ◽

Service Providers ◽

Cloud Service ◽

End Users ◽

Resource Provisioning ◽

Cloud Services ◽

Security And Privacy ◽

Cloud Service Providers ◽

Data Centres

Cloud computing is a well-known technology that provides flexible, efficient, and cost-effective IT solutions for multinationals to offer improved and enhanced quality of business services to end-users. The cloud computing paradigm is instigated from the grid and parallel computing models. It uses virtualization, server consolidation, utility computing, and other computing technologies and models for providing better IT solutions for large-scale computational data centres. It encompasses different services for supporting data storage, networking, and computing for facilities and amenities for businesses and multinational corporations. The enormous elastic on-demand cloud provisioning resources and services and datasets are processed and stored in tier-level virtualized cloud data centres operated by third-party service providers called cloud owners. The primary issue with these cloud service providers is to provide and maintain data security, privacy, and confidentiality and service availability and data support for end-users. This paper reviews, highlights, and discusses some of the common cloud computing vulnerabilities primarily related to virtualization platforms and their implementations while outsourcing services and resources to different end-users and business enterprises. We then provided blockchain-enabled solutions for virtualized cloud platforms involving both the end-users and cloud service providers (CSP) to address and solve various security and privacy-related vulnerabilities. These solutions will help the data centre industry to improve its virtualized cloud services and resource provisioning facilities. Finally, we discussed different blockchain-related implementation challenges in cloud infrastructures.

Download Full-text

Advanced Digital Forensic IoT Based Secure Communication

International Journal of Innovative Technology and Exploring Engineering - Special Issue ◽

10.35940/ijitee.c8087.029420 ◽

2020 ◽

Vol 9 (4) ◽

pp. 664-671

Keyword(s):

Secure Communication ◽

Service Providers ◽

Cloud Service ◽

Cloud Services ◽

Security And Privacy ◽

Security Measures ◽

Security Breach ◽

Security Breaches ◽

Digital Forensic ◽

Cloud Service Providers

With the explosive growth of the Internet-of-Things (IoT) due to its widespread applicability, it is imperative that IoT designers and architects must incorporate ensuring security of communication in IoT as a key requirement. This emerging field of study, communication in IoT, is concerned with ensuring secure collaboration between smart sensors, actuators and devices and the external environment that constitute the overarching arena of IoT. The field poses new challenges to security and privacy in communication. Most of the cloud service providers such as Amazon, IBM, Microsoft, and Google facilitate various cloud services at reduced cost. The architecture of IoT must be designed to have many features such as scalability, efficiency, accessibility, availability, and flexibility so that applications can be built that can benefit both public and commercial entities. Key factors in driving the success of the IoT will be an accurate specification of security parameters with various security measures that must be enforced. This paper gives an overview of security and privacy aspects in IoT communications using an advanced digital forensic approach for security enhancement. The researchers face various challenges in the investigation of security breaches in IoT. The challenges get magnified multiple folds as cloud service providers utilize many advanced techniques such as virtualization and a multi-tenant usage model to allocate its resources to users securely. These models and architectures make it difficult for investigators who try identify sources that launched various malicious activities and attacks on cloud services. The investigators resort to advanced digital forensic investigation to analyze such attacks. There exist various digital forensic techniques and tools which are not necessarily applied in the context of security breach in IoT. When any security breach occurs, investigators face challenges in collecting evidence as they cannot physically access the evidence buried in devices connected to a local host. The advanced digital forensic approach consists of identifying the evidence related to the source of the crime, and examining and reporting the results and conclusions. The proposed methodology, which employs an advanced digital forensic approach, describes an improved, efficient, and reliable method to identify the source of the crime and collect evidence responsible for security breach during communication.

Download Full-text

Next-generation Blockchain-Enabled Virtualized Cloud Security Solutions: Review and Open Challenges

10.36227/techrxiv.13233887 ◽

2020 ◽

Author(s):

Mueen Uddin ◽

Anjum Khalique ◽

Awais Khan Jumani

Keyword(s):

Cloud Computing ◽

Service Providers ◽

Cloud Service ◽

End Users ◽

Resource Provisioning ◽

Cloud Services ◽

Security And Privacy ◽

Computing Platform ◽

Cloud Service Providers ◽

Cloud Computing Platform

Download Full-text

A Generic Model for Identifying QoS Parameters Interrelations in Cloud Services Selection Ontology during Runtime

Symmetry ◽

10.3390/sym13040563 ◽

2021 ◽

Vol 13 (4) ◽

pp. 563

Author(s):

Babu Rajendiran ◽

Jayashree Kanniappan

Keyword(s):

Service Providers ◽

Cloud Service ◽

Cloud Services ◽

Operating Costs ◽

Generic Model ◽

Business Organizations ◽

Cloud Environment ◽

Cloud Service Provider ◽

Qos Parameters ◽

Computer Based

Nowadays, many business organizations are operating on the cloud environment in order to diminish their operating costs and to select the best service from many cloud providers. The increasing number of Cloud Services available on the market encourages the cloud consumer to be conscious in selecting the most apt Cloud Service Provider that satisfies functionality, as well as QoS parameters. Many disciplines of computer-based applications use standardized ontology to represent information in their fields that indicate the necessity of an ontology-based representation. The proposed generic model can help service consumers to identify QoS parameters interrelations in the cloud services selection ontology during run-time, and for service providers to enhance their business by interpreting the various relations. The ontology has been developed using the intended attributes of QoS from various service providers. A generic model has been developed and it is tested with the developed ontology.

Download Full-text

Addressing Semantics Standards for Cloud Portability and Interoperability in Multi Cloud Environment

Symmetry ◽

10.3390/sym13020317 ◽

2021 ◽

Vol 13 (2) ◽

pp. 317

Author(s):

Chithambaramani Ramalingam ◽

Prakash Mohan

Keyword(s):

Service Providers ◽

Research Work ◽

Cloud Service ◽

Cloud Services ◽

Cloud Environment ◽

Cloud Service Providers ◽

Application Programming ◽

Increasing Demand ◽

Programming Interfaces ◽

Multi Cloud

The increasing demand for cloud computing has shifted business toward a huge demand for cloud services, which offer platform, software, and infrastructure for the day-to-day use of cloud consumers. Numerous new cloud service providers have been introduced to the market with unique features that assist service developers collaborate and migrate services among multiple cloud service providers to address the varying requirements of cloud consumers. Many interfaces and proprietary application programming interfaces (API) are available for migration and collaboration services among cloud providers, but lack standardization efforts. The target of the research work was to summarize the issues involved in semantic cloud portability and interoperability in the multi-cloud environment and define the standardization effort imminently needed for migrating and collaborating services in the multi-cloud environment.

Download Full-text

GOVERNMENT REGULATIONS OF THE USING CLOUD SERVICES

Electronic scientific publication Public Administration and National Security ◽

10.25313/2617-572x-2022-1-7842 ◽

2022 ◽

Author(s):

Olexander Melnikov ◽

◽

Konstantin Petrov ◽

Igor Kobzev ◽

Viktor Kosenko ◽

...

Keyword(s):

Cloud Computing ◽

Large Scale ◽

Service Providers ◽

Cloud Service ◽

Cloud Services ◽

Government Agencies ◽

Remote Work ◽

Cloud Infrastructure ◽

Wide Range ◽

Technological Base

The article considers the development and implementation of cloud services in the work of government agencies. The classification of the choice of cloud service providers is offered, which can serve as a basis for decision making. The basics of cloud computing technology are analyzed. The COVID-19 pandemic has identified the benefits of cloud services in remote work Government agencies at all levels need to move to cloud infrastructure. Analyze the prospects of cloud computing in Ukraine as the basis of e-governance in development. This is necessary for the rapid provision of quality services, flexible, large-scale and economical technological base. The transfer of electronic information interaction in the cloud makes it possible to attract a wide range of users with relatively low material costs. Automation of processes and their transfer to the cloud environment make it possible to speed up the process of providing services, as well as provide citizens with minimal time to obtain certain information. The article also lists the risks that exist in the transition to cloud services and the shortcomings that may arise in the process of using them.

Download Full-text

Privacy and Security Issues in Online Social Networks

Future Internet ◽

10.3390/fi10120114 ◽

2018 ◽

Vol 10 (12) ◽

pp. 114 ◽

Cited By ~ 14

Author(s):

Shaukat Ali ◽

Naveed Islam ◽

Azhar Rauf ◽

Ikram Din ◽

Mohsen Guizani ◽

...

Keyword(s):

Social Networks ◽

Online Social Networks ◽

Virtual Communities ◽

Service Providers ◽

Security And Privacy ◽

Security Issue ◽

Sensitive Data ◽

Privacy And Security ◽

Security Issues ◽

Social Sphere

The advent of online social networks (OSN) has transformed a common passive reader into a content contributor. It has allowed users to share information and exchange opinions, and also express themselves in online virtual communities to interact with other users of similar interests. However, OSN have turned the social sphere of users into the commercial sphere. This should create a privacy and security issue for OSN users. OSN service providers collect the private and sensitive data of their customers that can be misused by data collectors, third parties, or by unauthorized users. In this paper, common security and privacy issues are explained along with recommendations to OSN users to protect themselves from these issues whenever they use social media.

Download Full-text