Web Based Application for Cloud Security and Compliance

Cloud Security Using Face Recognition

Web Services ◽

10.4018/978-1-5225-7501-6.ch109 ◽

2019 ◽

pp. 2115-2137

Author(s):

Santosh Kumar ◽

Debanjan Sadhya ◽

Durgesh Singh ◽

S. K. Singh

Keyword(s):

Cloud Computing ◽

Face Recognition ◽

Service Providers ◽

Data Access ◽

Cloud Security ◽

Internet Communication ◽

Security Measures ◽

Database Access ◽

Security Issues ◽

Cloud Database

Establishing identity has become very difficult in the vastly crowded cloud computing environment. The need for a trustworthy cloud authentication phenomenon has increased in the wake of heightened concerns about authentication and rapid advancements in cloud computing, database access, and Internet communication. Face recognition is a non-intrusive method, and facial characteristics are probably most common biometrics features used by humans to identify others. Authentication for cloud computing using face recognition is based on security issues related to data access and cloud database in a cloud. It can provide a satisfactory level of security measures to users and service providers, cloud consumers, and different organizations. In this chapter, the authors cover different research aspects related to cloud security.

Download Full-text

A Hybrid Cryptographic Scheme for Improving Cloud Security Using ECC and TDES Algorithms

Current Journal of Applied Science and Technology ◽

10.9734/cjast/2020/v39i4731184 ◽

2020 ◽

pp. 27-34

Author(s):

Simranjit Kaur ◽

Lokesh Jain

Keyword(s):

Web Application ◽

Business Processes ◽

Performance Metrics ◽

Cloud Security ◽

Data Encryption ◽

Cloud Data ◽

Security Issues ◽

Cryptographic Algorithm ◽

Audio Video ◽

Parameter Values

The evolving cloud technology is capable of accommodating volumes of business processes. This feature attracts many individuals and organizations to store their data over cloud. But there are many security issues that require a deep insight. In this research, articles and surveys on cloud security have been reviewed to identify the issues. Efforts have been made to increase cloud data security by devising a hybrid cryptographic algorithm namely Hybrid Elliptic Curve Cryptography -Triple Data Encryption Standard (ECC-TDES). The hybridized algorithms make data more secure and immune to malicious attacks. The proposed algorithm was applied to database of a cloud-based web application and tested with audio, video, image and text files ranging between 10-100 kb file sizes to record performance metrics such as: encryption time, decryption time and accuracy. The recorded parameter values were compared with individual ECC and TDES algorithms. The findings indicated that ECC-TDES takes more time to encrypt/decrypt files but gives highest accuracy with 0.01% error rate.

Download Full-text

Cloud Security Using Face Recognition

Web-Based Services ◽

10.4018/978-1-4666-9466-8.ch090 ◽

2016 ◽

pp. 2055-2075

Author(s):

Santosh Kumar ◽

Debanjan Sadhya ◽

Durgesh Singh ◽

Sanjay Kumar Singh

Keyword(s):

Cloud Computing ◽

Face Recognition ◽

Service Providers ◽

Data Access ◽

Cloud Security ◽

Internet Communication ◽

Security Measures ◽

Database Access ◽

Security Issues ◽

Cloud Database

Establishing identity has become very difficult in the vastly crowded cloud computing environment. The need for a trustworthy cloud authentication phenomenon has increased in the wake of heightened concerns about authentication and rapid advancements in cloud computing, database access, and Internet communication. Face recognition is a non-intrusive method, and facial characteristics are probably most common biometrics features used by humans to identify others. Authentication for cloud computing using face recognition is based on security issues related to data access and cloud database in a cloud. It can provide a satisfactory level of security measures to users and service providers, cloud consumers, and different organizations. In this chapter, the authors cover different research aspects related to cloud security.

Download Full-text

Cloud Security Using Face Recognition

Handbook of Research on Securing Cloud-Based Databases with Biometric Applications - Advances in Information Security, Privacy, and Ethics ◽

10.4018/978-1-4666-6559-0.ch014 ◽

2015 ◽

pp. 298-319 ◽

Cited By ~ 1

Author(s):

Santosh Kumar ◽

Debanjan Sadhya ◽

Durgesh Singh ◽

S. K. Singh

Keyword(s):

Cloud Computing ◽

Face Recognition ◽

Service Providers ◽

Data Access ◽

Cloud Security ◽

Internet Communication ◽

Security Measures ◽

Database Access ◽

Security Issues ◽

Cloud Database

Establishing identity has become very difficult in the vastly crowded cloud computing environment. The need for a trustworthy cloud authentication phenomenon has increased in the wake of heightened concerns about authentication and rapid advancements in cloud computing, database access, and Internet communication. Face recognition is a non-intrusive method, and facial characteristics are probably most common biometrics features used by humans to identify others. Authentication for cloud computing using face recognition is based on security issues related to data access and cloud database in a cloud. It can provide a satisfactory level of security measures to users and service providers, cloud consumers, and different organizations. In this chapter, the authors cover different research aspects related to cloud security.

Download Full-text

SECURITY IN CLOUD COMPUTING IN INDIAN GOVERNMENT

INTERNATIONAL JOURNAL OF NEXT-GENERATION COMPUTING ◽

10.47164/ijngc.v12i3.808 ◽

2021 ◽

Vol 12 (3) ◽

Author(s):

Nitin Vishnu Choudhari ◽

Dr. Ashish B Sasankar

Keyword(s):

Cloud Computing ◽

Service Delivery ◽

Service Providers ◽

Cloud Service ◽

Cloud Security ◽

End Users ◽

Security Architecture ◽

Security Measures ◽

End User ◽

Cloud Service Providers

Abstract –Today Security issue is the topmost problem in the cloud computing environment. It leads to serious discomfort to the Governance and end-users. Numerous security solutions and policies are available however practically ineffective in use. Most of the security solutions are centered towards cloud technology and cloud service providers only and no consideration has been given to the Network, accessing, and device securities at the end-user level. The discomfort at the end-user level was left untreated. The security of the various public, private networks, variety of devices used by end-users, accessibility, and capacity of end-users is left untreated. This leads towards the strong need for the possible modification of the security architecture for data security at all levels and secured service delivery. This leads towards the strong need for the possible adaption of modified security measures and provisions, which shall provide secured hosting and service delivery at all levels and reduce the security gap between the cloud service providers and end-users. This paper investigates the study and analyze the security architecture in the Cloud environment of Govt. of India and suggest the modifications in the security architecture as per the changing scenario and to fulfill the future needs for the secured service delivery from central up to the end-user level. Keywords: Cloud Security, Security in GI Cloud, Cloud Security measures, Security Assessment in GI Cloud, Proposed Security for GI cloud

Download Full-text

On Data Security and Encryption Algorithms in Cloud Environment

Applied Mechanics and Materials ◽

10.4028/www.scientific.net/amm.701-702.1106 ◽

2014 ◽

Vol 701-702 ◽

pp. 1106-1111 ◽

Cited By ~ 1

Author(s):

Xin Zheng Zhang ◽

Ya Juan Zhang

Keyword(s):

Cloud Computing ◽

Data Storage ◽

Data Security ◽

Service Providers ◽

Cloud Service ◽

Working Environment ◽

Cloud Environment ◽

Cloud Data ◽

Security Issues ◽

Encryption Algorithms

As information and processes are migrating to the cloud, Cloud Computing is drastically changing IT professionals’ working environment. Cloud Computing solves many problems of conventional computing. However, the new technology has also created new challenges such as data security, data ownership and trans-code data storage. We discussed about Cloud computing security issues, mechanism, challenges that Cloud service providers and consumers face during Cloud engineering. Based on concerning of security issues and challenges, we proposed several encryption algorithms to make cloud data secure and invulnerable. We made comparisons among DES, AES, RSA and ECC algorithms to find combinatorial optimization solutions, which fit Cloud environment well for making cloud data secure and not to be hacked by attackers.

Download Full-text

Identification of Various Security Issues, Threats and A Novel Service Model in Cloud Computing

International Journal of Innovative Technology and Exploring Engineering - Special Issue ◽

10.35940/ijitee.l3236.1110120 ◽

2020 ◽

Vol 10 (1) ◽

pp. 321-325

Keyword(s):

Cloud Computing ◽

Cloud Storage ◽

Sudden Change ◽

Third Party ◽

Security And Privacy ◽

Security Measures ◽

Computing Technology ◽

Service Model ◽

Cloud Data ◽

Security Issues

Cloud Computing is a robust, less cost, and an effective platform for providing services. Nowadays, it is applied in various services such as consumer business or Information Technology (IT) carried over the Internet. This cloud computing has some risks of security because, the services which are required for its effective compilation is outsources often by the third party providers. This makes the cloud computing more hard to maintain and monitor the security and privacy of data and also its support. This sudden change in the process of storing data towards the cloud computing technology improved the concerns about different issues in security and also the various threats present in this cloud storage. In the concept of security in cloud storage, various threats and challenges are noted by recent researchers. Hence, an effective framework of providing security is required. The main aim of this paper is to analyze various issues in securing the cloud data threats present in the cloud storage and to propose a novel methodology to secure it. This paper also identifies the most crucial components that can be incorporated in the already existing security measures while designing the storage systems based on cloud. This study also provides us to identify all the available solutions for the challenges of security and privacy in cloud storage.

Download Full-text

Cloudstrike: Chaos Engineering for Security and Resiliency in Cloud Infrastructure

10.36227/techrxiv.12456299 ◽

2020 ◽

Author(s):

Kennedy Torkura

Keyword(s):

Knowledge Base ◽

Fault Injection ◽

Software Tool ◽

Cloud Security ◽

Cyber Attacks ◽

Cloud Infrastructure ◽

Security Issues ◽

Security Controls ◽

Security Models ◽

Consumption Rates

<div>Most cyber-attacks and data breaches in cloud</div><div>infrastructure are due to human errors and misconfiguration</div><div>vulnerabilities. Cloud customer-centric tools are lacking, and existing</div><div>security models do not efficiently tackle these security challenges.</div><div>Novel security mechanisms are imperative, therefore, we</div><div>propose Risk-driven Fault Injection (RDFI) techniques to tackle</div><div>these challenges. RDFI applies the principles of chaos engineering</div><div>to cloud security and leverages feedback loops to execute, monitor,</div><div>analyze and plan security fault injection campaigns, based on</div><div>a knowledge-base. The knowledge-base consists of fault models</div><div>designed from cloud security best practices and observations</div><div>derived during iterative fault injection campaigns. Furthermore,</div><div>the observations indicate security weaknesses and verify the</div><div>correctness of security attributes (integrity, confidentiality and</div><div>availability) and security controls. Ultimately this knowledge is</div><div>critical in guiding security hardening efforts and risk analysis.</div><div>We have designed and implemented the RDFI strategies including</div><div>various chaos algorithms as a software tool: CloudStrike. Furthermore,</div><div>CloudStrike has been evaluated against infrastructure</div><div>deployed on two major public cloud systems: Amazon Web Service</div><div>and Google Cloud Platform. The time performance linearly</div><div>increases, proportional to increasing attack rates. Similarly, CPU</div><div>and memory consumption rates are acceptable. Also, the analysis</div><div>of vulnerabilities detected via security fault injection has been</div><div>used to harden the security of cloud resources to demonstrate the</div><div>value of CloudStrike. Therefore, we opine that our approaches</div><div>are suitable for overcoming contemporary cloud security issues</div>

Download Full-text

Securing Open Banking with Model-View-Controller Architecture and OWASP

Wireless Communications and Mobile Computing ◽

10.1155/2021/8028073 ◽

2021 ◽

Vol 2021 ◽

pp. 1-13

Author(s):

Deina Kellezi ◽

Christian Boegelund ◽

Weizhi Meng

Keyword(s):

Data Storage ◽

Web Applications ◽

Service Providers ◽

Third Party ◽

Security Level ◽

The European Union ◽

Security Measures ◽

Security Issues ◽

Separation Of Concern ◽

The Right

In 2015, the European Union passed the PSD2 regulation, with the aim of transferring ownership of bank accounts to the private person. As a result, Open Banking has become an emerging concept, which provides third-party financial service providers open access to bank APIs, including consumer banking, transaction, and other financial data. However, such openness may also incur many security issues, especially when the data can be exposed by an API to a third party. Focused on this challenge, the primary goal of this work is to develop one innovative web solution to the market. We advocate that the solution should be able to trigger transactions based on goals and actions, allowing users to save up money while encouraging positive habits. In particular, we propose a solution with an architectural model that ensures clear separation of concern and easy integration with Nordea’s (the largest bank in the Nordics) Open Banking APIs (sandbox version), and a technological stack with the microframework Flask, the cloud application platform Heroku, and persistent data storage layer using Postgres. We analyze and map the web application’s security threats and determine whether or not the technological frame can provide suitable security level, based on the OWASP Top 10 threats and threat modelling methodology. The results indicate that many of these security measures are either handled automatically by the components offered by the technical stack or are easily preventable through included packages of the Flask Framework. Our findings can support future developers and industries working with web applications for Open Banking towards improving security by choosing the right frameworks and considering the most important vulnerabilities.

Download Full-text

Recent Trends in Cloud Computing Security Issues and Their Mitigation

Cyber Security and Threats ◽

10.4018/978-1-5225-5634-3.ch079 ◽

2018 ◽

pp. 1624-1656

Author(s):

G. M. Siddesh ◽

K. G. Srinivasa ◽

L. Tejaswini

Keyword(s):

Cloud Computing ◽

Scientific Research ◽

Cloud Service ◽

Cloud Security ◽

Security Measures ◽

Cloud Computing Security ◽

Security Issues ◽

Recent Trends ◽

Security As A Service ◽

Research And Education

Security in cloud is to be increased to strengthen the confidence and trust of cloud service consumers. In the upcoming years, the scientific research and education teams will have to investigate finding new ways to handle the issue of cloud security. This chapter discusses the major threats and their impact on clouds, security measures to handle the attacks in clouds, security as a service in research and education, and steps to enhance security feature in clouds.

Download Full-text