Analysis of Various Security Issues and Challenges in Cloud Computing Environment

Cloud computing is a system, where the resources of a data center are shared using virtualization technology, such that it provides elastic, on demand and instant services to its customers and charges them based on the resources they use. In this chapter, we will discuss recent developments in cloud computing, various security issues and challenges associated with Cloud computing environment, various existing solutions provided for dealing with these security threats and will provide a comparative analysis these approaches. This will provide better understanding of the various security problems associated with the cloud, current solution space, and future research scope to deal with such attacks in better way.

Privacy, Security, and Identity Theft Protection

The proliferation of the Internet has intensified the privacy protection and identity theft crises. A December 2013 report by the U.S. Department of Justice indicates that 16.6 million persons were victims of identity theft with direct and indirect losses amounting to almost $24.7 billion in 2012 (Harrell & Langton, 2013). These startling and apparently persistent statistics have prompted the United States and other foreign governments to initiate strategic plans and to enact several regulations in order to curb the crisis. This chapter surveys recently enacted national and international laws pertaining to identity theft and privacy issues. Further, it discusses the interplay between privacy and security, the various incentives and deterrence for privacy protection, and the prospects for the simulation of the social and behavioral aspects of privacy using the agent-based modeling.

Privacy Dangers of Wearables and the Internet of Things

This chapter identifies concerns about, and the managerial implications of, data privacy issues related to wearables and the IoT; it also offers some enterprise solutions to the complex concerns arising from the aggregation of the massive amounts of data derived from wearables and IoT devices. Consumer and employee privacy concerns are elucidated, as are the problems facing managers as data management and security become an important part of business operations. The author provides insight into how companies are currently managing data as well as some issues related to data security and privacy. A number of suggestions for improving the approach to data protection and addressing concerns about privacy are included. This chapter also examines trending issues in the areas of data protection and the IoT, and contains thought-provoking discussion questions pertaining to business, wearables/IoT data, and privacy issues.

Cyber Risk

The dependence on cyberspace has considerably increased over time, as such, people look at risk associated with cyber technology. This chapter focuses on the cyber risk issue. The authors aim to describe the global state of the art and point out the potential negative consequences of this type of systemic risk. Cyber risk increasingly affects both public and private institutions. Some of the risks that entities face are the following: computer security breaches, cyber theft, cyber terrorism, cyber espionage. Developed nations but also emerging markets suffer from cyber risk. It is therefore important to examine the different security regulation implemented across different markets. Moreover, cyber risk is a concern for all economic sectors. In particular, it is a crucial issue in banking sector because of the negative effects of cyber attacks, among others, the financial losses and the reputational risk. However, the awareness is increasing and cyber insurance is growing.

Cybercrimes Technologies and Approaches

The growth of the Internet has changed our lives significantly. Not so long ago, computers used to be viewed as luxury items to have at home. People used to rely mainly on televisions and newspapers as the primary sources of news. Today, the Internet has become an essential service to depend on for many industries, such as news agencies, airports, and even utility companies. This was the beginning of a new-trillion-dollar industry: the Internet industry. However, the Internet was designed to be an open, academic tool, never to be secure. As a result, cybercrimes, cyber warfare, and other cyber illegal activities have spread to become a significant portion of Internet traffic. Cybercrimes often challenge law enforcement. It is difficult to know the exact location where an attack originated, and there are no cyber borders between nations. As a result, fighting cybercrimes requires international cooperation. The purpose of this chapter is to shed some light on motives of cybercrimes, technologies used by hackers, and solutions that can be adopted by individuals, organizations, and governments. This chapter also presents the United States (USA) and international perspectives on cybercrimes and privacy laws. In summary, individuals, organizations, and nations have roles to play in achieving security and reducing cyber risks.

Security and Privacy Issues, Solutions, and Tools for MCC

With the development of cloud computing and mobility, mobile cloud computing has emerged and become a focus of research. Mobile Cloud Computing (MCC) integrates mobile computing and cloud computing aiming to extend mobile devices capabilities. By the means of on-demand self-service and extendibility, it can offer the infrastructure, platform, and software services in a cloud to mobile users through the mobile network. There is huge market for mobile based e-Commerce applications across the globe. Security and privacy are the key issues for mobile cloud computing applications. The limited processing power and memory of a mobile device dependent on inherently unreliable wireless channel for communication and battery for power leaves little scope for a reliable security layer. Thus there is a need for a lightweight secure framework that provides security with minimum communication and processing overhead on mobile devices. The security and privacy protection services can be achieved with the help of secure mobile-cloud application services.

Cyber-Crimes against Adolescents

At young ages there is an increase in reports of intimidation, harassment, intrusion, fear, and violence experienced through Information Technologies (IT). Hacking, spamming, identity theft, child pornography, cyber bullying, and cyber stalking are just few examples of cyber-crimes. This chapter aims to contribute, from a psychological and design perspective, to an integrative viewpoint about this complex field of cyber-crime. In this chapter, the most common types of cyber-crimes, epidemiological data, and the profiles of cyber victims and aggressors' are approached. The studies that identify the factors contributing to IT misuse and to growing online vulnerability, principally in adolescents, are also discussed. Likewise, the central explanatory theories for the online victimization and the risk factors for victimization and perpetration online are addressed. Finally, some cyber-crime prevention strategies are anticipated, in particular among young people, seeking to provide clues to the consolidation of recent policies, namely at the digital design level.

How Private Is Your Financial Data?

The ease and convenience of Internet Banking or e-banking has made it the most preferred way for customers as well as the banking industry alike. The fact that e-banking enables remote accessibility of a customer's account translates to round-the-clock service from the bank and has made this mode of operation a success in every sense. The starting and most important point for which would be the authentication to customer's financial data. This chapter sheds light on the different authentication mechanisms that could be followed as per the situational demands taking into consideration the various threat environments and possible vulnerabilities in the system. The advantages and disadvantages arising out of different authentication mechanisms are presented with the possible attack scenarios enumerated. An overview of the personal computer environ and the mobile environ are discussed. The chapter will be invaluable for managers and professionals in understanding the current authentication landscape.

A Wrapper-Based Classification Approach for Personal Identification through Keystroke Dynamics Using Soft Computing Techniques

The password is the most widely used identity verification method in computer security domain. However, due to its simplicity, it is vulnerable to imposters. A way to strengthen the password is to combine Biometric technology with password. Keystroke dynamics is one of the behavioural biometric approaches which is cheaper and does not require any sophisticated hardware other than the keyboard. The chapter uses a new feature called Virtual Key Force along with the commonly extracted timing features. Features are normalized using Z-Score method. For feature subset selection, Particle Swarm Optimization wrapped with Extreme Learning Machine is proposed. Classification is done with wrapper based PSO-ELM approach. The proposed methodology is tested with publically available benchmark dataset and real time dataset. The proposed method yields the average accuracy of 97.92% and takes less training and testing time when compared with the traditional Back Propagation Neural Network.

Identity Management Systems

Identity management is the administration of an individual's access rights and privileges in the form of authentication and authorization within or across systems and organizations. An Identity Management system (IdM) helps manage an individual's credentials through the establishment, maintenance, and eventual destruction of their digital identity. Numerous products, applications, and platforms exist to address the privacy requirements of individuals and organizations. This chapter highlights the importance of IdM systems in the highly vulnerable security scenario that we live in. It defines and elaborates on the attributes and requirements of an effective identity management system. The chapter helps in establishing an understanding of frameworks that IdM systems follow while helping the reader contrast between different IdM architecture models. The latter part of this chapter elaborates on some of today's most popular IdM solutions.