scholarly journals High Level View of Cloud Security : Issues and Solutions

2014 ◽  
Author(s):  
Venkata Narasimha Inukollu ◽  
Sailaja Arsi ◽  
Srinivasa Rao Ravuri
Keyword(s):  
Cloud Security ◽  
Security Issues ◽  
High Level

A Survey on Cloud Security Issues and Solution

2020 ◽  
Author(s):  
Sahar Alatawi ◽  
Areej Alhasani ◽  
Shahad Alfaidi ◽  
Moudi Albalawi ◽  
Saad M Almutairi
Keyword(s):  
Cloud Security ◽  
Security Issues

Users’ attitude on perceived security of enterprise systems mobility: an empirical study

2021 ◽  
Vol ahead-of-print (ahead-of-print) ◽  
Author(s):  
Ramaraj Palanisamy ◽  
Yang Wu
Keyword(s):  
Cloud Computing ◽  
Best Practices ◽  
Empirical Study ◽  
Mobile Systems ◽  
Mobile Technologies ◽  
Content Type ◽  
Security Issues ◽  
Study Results ◽  
Perceived Security ◽  
High Level

Purpose This study/ paper aims to empirically examine the user attitude on perceived security of enterprise systems (ES) mobility. Organizations are adopting mobile technologies for various business applications including ES to increase the flexibility and to gain sustainable competitive advantage. At the same time, end-users are exposed to security issues when using mobile technologies. The ES have seen breaches and malicious intrusions thereby more sophisticated recreational and commercial cybercrimes have been witnessed. ES have seen data breaches and malicious intrusions leading to more sophisticated cybercrimes. Considering the significance of security in ES mobility, the research questions in this study are: What are the security issues of ES mobility? What are the influences of users’ attitude towards those security issues? What is the impact of users’ attitude towards security issues on perceived security of ES mobility? Design/methodology/approach These questions are addressed by empirically testing a security model of mobile ES by collecting data from users of ES mobile systems. Hypotheses were evolved and tested by data collected through a survey questionnaire. The questionnaire survey was administered to 331 users from Chinese small and medium-sized enterprises (SME). The data was statistically analysed by tools such as correlation, factor analysis, regression and the study built a structural equation model (SEM) to examine the interactions between the variables. Findings The study results have identified the following security issues: users’ attitude towards mobile device security issues; users’ attitude towards wireless network security issues; users’ attitude towards cloud computing security issues; users’ attitude towards application-level security issues; users’ attitude towards data (access) level security issues; and users’ attitude towards enterprise-level security issues. Research limitations/implications The study results are based on a sample of users from Chinese SMEs. The findings may lack generalizability. Therefore, researchers are encouraged to examine the model in a different context. The issues requiring further investigation are the role of gender and type of device on perceived security of ES mobile systems. Practical implications The results show that the key security issues are related to a mobile device, wireless network, cloud computing, applications, data and enterprise. By understanding these issues and the best practices, organizations can maintain a high level of security of their mobile ES. Social implications Apart from understanding the best practices and the key issues, the authors suggest management and end-users to work collaboratively to achieve a high level of security of the mobile ES. Originality/value This is an empirical study conducted from the users’ perspective for validating the set of research hypotheses related to key security issues on the perceived security of mobile ES.

scholarly journals Cloud Security: Inter-Host Docker Container Communication using Vault Dynamic Secrets

2019 ◽  
Vol 9 (2S) ◽  
pp. 395-401
Keyword(s):  
Best Practices ◽  
Cloud Security ◽  
Simulation Environment ◽  
Monitoring Tool ◽  
Security Vulnerabilities ◽  
Security Issues ◽  
Industry Standard ◽  
Flooding Attacks ◽  
Arp Spoofing

In this paper we attempt to address Inter-Host Docker container communications security issues by incorporating a latest approach provided by Vault Hashicorp dynamic secret mechanism for managing SSH keys and server credentials. A simulation environment is prepared for Inter-Host container communication consisting of one host running locally and the peer host running as an AWS EC2 instance in cloud. Industry standard monitoring tool Grafana is used in the simulation environment to highlight the security impacts for any organization. We also draw special attention to some of the security vulnerabilities in docker container like ARP spoofing, Integrity of the docker host and containers and MAC flooding attacks. We try to list some best practices to be followed when using docker containers in any production deployments.

Review on Cloud Computing and Cloud Security Issues

2021 ◽  
Author(s):  
Ramla Humayun
Keyword(s):  
Cloud Computing ◽  
Cloud Security ◽  
Security And Privacy ◽  
Security Issues ◽  
Privacy Issues

Review on Cloud-Computing and the security and privacy issues related with it.

Techniques and Trends Towards Various Dimensions of Robust Security Testing in Global Software Engineering

2019 ◽  
pp. 219-251
Author(s):  
Muhammad Sulleman Memon ◽  
Mairaj Nabi Bhatti ◽  
Manzoor Ahmed Hashmani ◽  
Muhammad Shafique Malik ◽  
Naveed Murad Dahri
Keyword(s):  
Complete Analysis ◽  
Security Testing ◽  
Safety Issues ◽  
Software Vulnerabilities ◽  
Security Issues ◽  
Evaluation Strategies ◽  
Software Program ◽  
High Level ◽  
Technical Assessment ◽  
Global Software Engineering

With the growth of software vulnerabilities, the demand for security integration is increasingly necessary to more effectively achieve the goal of secure software development globally. Different practices are used to keep the software intact. These practices should also be examined to obtain better results depending on the level of security. The security of a software program device is a characteristic that permeates the whole system. To resolve safety issues in a software program security solutions have to be implemented continually throughout each web page. The motive of this study is to offer a complete analysis of safety, wherein protection testing strategies and equipment can be categorized into: technical evaluation strategies and non-technical assessment strategies. This study presents high-level ideas in an easy form that would help professionals and researchers solve software security testing problems around the world. One way to achieve these goals is to separate security issues from other enforcement issues so that they can be resolved independently and applied globally.

Cloud Computing and Cybersecurity Issues Facing Local Enterprises

2019 ◽  
pp. 1777-1799
Author(s):  
Emre Erturk
Keyword(s):  
Cloud Computing ◽  
Cyber Security ◽  
Cloud Security ◽  
Security Issues ◽  
Contemporary Research ◽  
Security Practices ◽  
It Resources ◽  
Security Incidents

This chapter sets out to explore new trends in cyber and cloud security, and their implications for businesses. First, the terminology and assumptions related to cloud computing are stated. Next, the chapter reports on contemporary research around the awareness of security issues, and the security processes within the cloud computing realm. Cyber security poses a different challenge to local small and medium sized organizations, which may seem to have less at stake financially. However, they are more vulnerable, due to fewer resources dedicated toward prevention. A series of serious security incidents may even keep them out of business. Furthermore, security needs to be understood and handled differently in a cloud based environment. Therefore, the chapter identifies unique security practices and recommendations for these businesses to run their IT resources safely in the cloud.

Cloud Security Engineering Concept and Vision

2018 ◽  
pp. 93-101 ◽  
Author(s):  
Shadi Aljawarneh
Keyword(s):  
Cloud Security ◽  
Research Community ◽  
Security Requirements ◽  
Software System ◽  
Security Engineering ◽  
Security Issues ◽  
Requirements Specifications ◽  
Evolutionary Changes ◽  
World Environment ◽  
Engineering Concept

The research community found that a software system should be evolved once every few months to ensure it is adapted to the real-world environment. The system evolution requires regularly amendments that append, delete, or alter features. It also migrates or converts the software system from one operating platform to another. These amendments may result in requirements/ specifications that were satisfied in a previous release of a software system not being satisfied in the subsequent versions. As a result, software evolutionary changes violate security requirements, and then a system may become vulnerable to different kinds of attacks. In this paper, concepts and visions are presented to avoid/minimize the Cloud security issues.

High-Level Security Issues in Multimedia/Hypertext Systems

1996 ◽  
pp. 13-24 ◽  
Author(s):  
Eduardo B. Fernandez ◽  
Krishnakumar R. Nair ◽  
Maria M. Larrondo-Petrie ◽  
Yan Xu
Keyword(s):  
Security Issues ◽  
High Level

scholarly journals Hybrid Botnet Detection Based on Host and Network Analysis

2020 ◽  
Vol 2020 ◽  
pp. 1-16
Author(s):  
Suzan Almutairi ◽  
Saoucene Mahfoudh ◽  
Sultan Almutairi ◽  
Jalal S. Alowibdi
Keyword(s):  
Cyber Security ◽  
False Positive Rate ◽  
General Technique ◽  
Botnet Detection ◽  
Security Issues ◽  
Positive Rate ◽  
Communication Traffic ◽  
And Performance ◽  
High Level ◽  
And Control

Botnet is one of the most dangerous cyber-security issues. The botnet infects unprotected machines and keeps track of the communication with the command and control server to send and receive malicious commands. The attacker uses botnet to initiate dangerous attacks such as DDoS, fishing, data stealing, and spamming. The size of the botnet is usually very large, and millions of infected hosts may belong to it. In this paper, we addressed the problem of botnet detection based on network’s flows records and activities in the host. Thus, we propose a general technique capable of detecting new botnets in early phase. Our technique is implemented in both sides: host side and network side. The botnet communication traffic we are interested in includes HTTP, P2P, IRC, and DNS using IP fluxing. HANABot algorithm is proposed to preprocess and extract features to distinguish the botnet behavior from the legitimate behavior. We evaluate our solution using a collection of real datasets (malicious and legitimate). Our experiment shows a high level of accuracy and a low false positive rate. Furthermore, a comparison between some existing approaches was given, focusing on specific features and performance. The proposed technique outperforms some of the presented approaches in terms of accurately detecting botnet flow records within Netflow traces.

Sign in / Sign up

Export Citation Format

Share Document