Cloud Computing and Security Issues in the Cloud

2018 ◽  
Vol 9 (1) ◽  
pp. 22-27
Author(s):  
Santosh Kumar Singh ◽  
P.K. Manjhi ◽  
R.K. Tiwari ◽  
V.R. Vadi
Keyword(s):  
Cloud Computing ◽  
Service Providers ◽  
Cloud Service ◽  
Sensitive Information ◽  
Business Trend ◽  
Cloud Infrastructure ◽  
Security Issues ◽  
Geographically Dispersed ◽  
New Business ◽  
Cloud Servers

Cloud computing has formed the conceptual and infrastructural basis for tomorrow’s computing. The global computing infrastructure is rapidly moving towards cloud based architecture. While it is important to take advantages of cloud based computing by means of deploying it in diversified sectors, the security aspects in a cloud based computing environment remains at the core of interest. Cloud based services and service providers are being evolved which has resulted in a new business trend based on cloud technology. With the introduction of numerous cloud based services and geographically dispersed cloud service providers, sensitive information of different entities are normally stored in remote servers and locations with the possibilities of being exposed to unwanted parties in situations where the cloud servers storing those information are compromised. If security is not robust and consistent, the flexibility and advantages that cloud computing has to offer will have little credibility. This paper presents a review on the cloud computing concepts as well as security issues inherent within the context of cloud computing and cloud infrastructure.

Cloud Computing

2012 ◽  
pp. 191-207 ◽  
Author(s):  
Shantanu Pal
Keyword(s):  
Cloud Computing ◽  
Service Providers ◽  
Effective Means ◽  
Cloud Service ◽  
Security And Privacy ◽  
Cloud Infrastructure ◽  
Computing Environment ◽  
Cloud Computing Environment ◽  
Security Issues ◽  
Computing Platforms

In a cloud ecosystem, most of the data and software that users use reside on the remote server(s), which brings some new challenges for the system, especially security and privacy. At present, these security threats and attacks are the greatest concern for the service providers towards delivering a more secure cloud infrastructure. One of the major concerns is data security, implemented by the most effective means possible and the protection of stored data from unauthorized users and hackers. When considering these security issues, trust is one of the most important means to improve the system’s security and enable interoperability of current heterogeneous cloud computing platforms. The objective of this chapter is to discuss and understand the basic security and privacy challenges of a cloud computing environment as the security of cloud computing is the greatest challenge for delivering a safer cloud environment for both the service providers and the service customers. With this in mind, this chapter will introduce the risks and possible attacks in a cloud computing environment. The major goal is to specify the security risks and attacks and consider trust of cloud service users for delivering a safer and innovation business model.

GOVERNMENT REGULATIONS OF THE USING CLOUD SERVICES

2022 ◽  
Author(s):  
Olexander Melnikov ◽  
◽  
Konstantin Petrov ◽  
Igor Kobzev ◽  
Viktor Kosenko ◽  
...  
Keyword(s):  
Cloud Computing ◽  
Large Scale ◽  
Service Providers ◽  
Cloud Service ◽  
Cloud Services ◽  
Government Agencies ◽  
Remote Work ◽  
Cloud Infrastructure ◽  
Wide Range ◽  
Technological Base

The article considers the development and implementation of cloud services in the work of government agencies. The classification of the choice of cloud service providers is offered, which can serve as a basis for decision making. The basics of cloud computing technology are analyzed. The COVID-19 pandemic has identified the benefits of cloud services in remote work Government agencies at all levels need to move to cloud infrastructure. Analyze the prospects of cloud computing in Ukraine as the basis of e-governance in development. This is necessary for the rapid provision of quality services, flexible, large-scale and economical technological base. The transfer of electronic information interaction in the cloud makes it possible to attract a wide range of users with relatively low material costs. Automation of processes and their transfer to the cloud environment make it possible to speed up the process of providing services, as well as provide citizens with minimal time to obtain certain information. The article also lists the risks that exist in the transition to cloud services and the shortcomings that may arise in the process of using them.

scholarly journals SECURE DEPENDABLE SELECTIVE STORAGE SERVICES AND SUPPORT FOR DYNAMIC DATA OPERATIONS IN CLOUD COMPUTING

2013 ◽  
pp. 35-40
Author(s):  
VINITHA S P ◽  
GURUPRASAD E
Keyword(s):  
Cloud Computing ◽  
Service Providers ◽  
Distributed Storage ◽  
Large Data ◽  
Cloud Service ◽  
Dynamic Data ◽  
Cloud Data ◽  
Data Auditing ◽  
Cloud Servers ◽  
Selective Storage

Cloud computing has been envisioned as the next generation architecture of IT enterprise. It moves the application software and databases to the centralized large data centers where management of data and services may not be fully trustworthy. This unique paradigm brings out many new security challenges like, maintaining correctness and integrity of data in cloud. Integrity of cloud data may be lost due to unauthorized access, modification or deletion of data. Lacking of availability of data may be due to the cloud service providers (CSP), in order to increase their margin of profit by reducing the cost, CSP may discard rarely accessed data without detecting in timely fashion. To overcome above issues, flexible distributed storage, token utilizing, signature creations used to ensure integrity of data, auditing mechanism used assists in maintaining the correctness of data and also locating, identifying of server where exactly the data has been corrupted and also dependability and availability of data achieved through distributed storage of data in cloud. Further in order to ensure authorized access to cloud data a admin module has been proposed in our previous conference paper, which prevents unauthorized users from accessing data and also selective storage scheme based on different parameters of cloud servers proposed in previous paper, in order to provide efficient storage of data in the cloud. In order to provide more efficiency in this paper dynamic data operations are supported such as updating, deletion and addition of data.

scholarly journals АНАЛИЗ ПОДХОДОВ К ОБЕСПЕЧЕНИЮ БЕЗОПАСНОСТИ ОБЛАЧНЫХ СЕРВИСОВ

2020 ◽  
pp. 70-82
Author(s):  
Вячеслав Вікторович Фролов
Keyword(s):  
Cloud Computing ◽  
Service Providers ◽  
Geographical Location ◽  
Cloud Service ◽  
Cloud Services ◽  
Cloud Infrastructure ◽  
Critical System ◽  
Cloud Service Providers ◽  
Safety And Reliability ◽  
Cloud Resources

The article is devoted to the analysis of modern approaches that ensure the security of cloud services. Since cloud computing is one of the fastest growing areas among information technology, it is extremely important to ensure the safety and reliability of processes occurring in the clouds and to secure the interaction between the client and the provider of cloud services. Given that fears about data loss and their compromise are one of the main reasons that some companies do not transfer their calculations to the clouds. The object of research and analysis of this work are cloud services, which are provided by various cloud service providers. The aim of the study of this work is to compare existing approaches that provide information security for cloud services, as well as offer a new approach based on the principle of diversity. There are many approaches that ensure their safety, using both traditional and cloud-specific. The multi-cloud approach is one of the most promising strategies for improving reliability by reserving cloud resources on the servers of various cloud service providers. It is shown that it is necessary to use diversity to ensure the reliability and safety of critical system components. The principle of diversity is to use a unique version of each resource thanks to a special combination of a cloud computing provider, the geographical location of data centers, cloud service presentation models, and cloud infrastructure deployment models. The differences between cloud providers and which combination of services are preferable to others in terms of productivity are discussed in detail. In addition, best practices for securing cloud resources are reviewed. As a result, this paper concludes that there is a problem of insufficient security and reliability of cloud computing and how to reduce threats in order to avoid a common cause failure and, as a result, loss of confidential data or system downtime using diversity of cloud services.

Quantum Key Distribution Approach for Secure Authentication of Cloud Servers

2021 ◽  
Vol 11 (3) ◽  
pp. 19-32
Author(s):  
Shahin Fatima ◽  
Shish Ahmad
Keyword(s):  
Cloud Computing ◽  
Quantum Key Distribution ◽  
Feasible Solution ◽  
Service Providers ◽  
Cloud Service ◽  
Key Distribution ◽  
Distribution Center ◽  
Proposed Model ◽  
Cloud Servers ◽  
Secure Authentication

Cloud computing has become a feasible solution for virtualization of cloud resources. Although it has many prospective to hold individuals by providing many benefits to organizations, still there are security loopholes to outsource data. To ensure the ‘security' of data in cloud computing, quantum key cryptography is introduced. Quantum cryptography makes use of quantum mechanics and qubits. The proposed method made use of quantum key distribution with Kerberos to secure the data on the cloud. The paper discussed the model for quantum key distribution which makes use of Kerberos ticket distribution center for authentication of cloud service providers. The proposed model is compared with quantum key distribution and provides faster computation by producing less error rate.

Security Aspects in Cloud Computing

2018 ◽  
pp. 54-76
Author(s):  
Tabassum N. Mujawar ◽  
Ashok V. Sutagundar ◽  
Lata L. Ragha
Keyword(s):  
Cloud Computing ◽  
Service Providers ◽  
Cloud Service ◽  
Third Party ◽  
Storage Security ◽  
Security Issues ◽  
Access Control Mechanism ◽  
And Storage ◽  
Privacy Issues ◽  
Different Levels

Cloud computing is recently emerging technology, which provides a way to access computing resources over Internet on demand and pay per use basis. Cloud computing is a paradigm that enable access to shared pool of resources efficiently, which are managed by third party cloud service providers. Despite of various advantages of cloud computing security is the biggest threat. This chapter describes various security concerns in cloud computing. The clouds are subject to traditional data confidentiality, integrity, availability and various privacy issues. This chapter comprises various security issues at different levels in environment that includes infrastructure level security, data level and storage security. It also deals with the concept of Identity and Access Control mechanism.

Advanced Data Storage Security System for Public Cloud

2020 ◽  
Vol 3 (2) ◽  
pp. 21-30
Author(s):  
Jitendra Kumar ◽  
Mohammed Ammar ◽  
Shah Abhay Kantilal ◽  
Vaishali R. Thakare
Keyword(s):  
Cloud Computing ◽  
Data Storage ◽  
Dynamic Capabilities ◽  
Data Transfer ◽  
Service Providers ◽  
Open Systems ◽  
Cloud Infrastructure ◽  
Great Loss ◽  
Security Issues ◽  
Data Auditing

Cloud is a collective term for a large number of developments and possibilities. Various data can be stored by the large amount of people onto the cloud storage facility without any bound of limitations as it provides tremendous space. Open systems like Android (Google Apps) still face many day- to-day security threats or attacks. With recent demand, cloud computing has raised security concerns for both service providers and consumers. Major issues like data transfer over wireless network across the globe have to be protected from unauthorized usage over the cloud as altered data can lead to great loss. In this regard, data auditing along with integrity, dynamic capabilities, and privacy preserving, and plays as an important role for preventing data from various cloud attacks which is considered in this work. The work also includes efficient auditor which plays a crucial role in securing the cloud environment. This paper presents a review on the cloud computing concepts and security issues inherent within the context of cloud computing and cloud infrastructure.

Cloud computing security: protecting cloud-based smart city applications

2016 ◽  
Vol 2 (1) ◽  
Author(s):  
Alkiviadis Giannakoulias
Keyword(s):  
Cloud Computing ◽  
Public Sector ◽  
Service Provider ◽  
Key Management ◽  
Cloud Service ◽  
Transport Layer ◽  
Cloud Infrastructure ◽  
Security Issues ◽  
Standards Compliance ◽  
Security Standards

Data security is a major concern in cloud computing environments as they provide much scope for intruders to attack. Data centres in cloud environments hold valid information that end-users would conventionally have stored on their computers. Moving information towards centralised services may have an adverse effect on the security of users’ interactions with files kept in cloud cupboard spaces[1], for example accidental or deliberate alterations or deletions of information from the cloud server by the Cloud Service Provider (CSP). This necessitates the deployment of some sort of mechanism to ensure the safety of information integrity[2]. Public sector organisations have much to gain by adopting a cloud computing approach to service delivery in their ICT environments. However, these benefits must be reaped without compromising core requirements and institutional values.This paper focuses on the security issues that may arise when public sector organisations consider transitioning to an Open Source Software (OSS) Infrastructure as a Service (IaaS) Cloud Infrastructure (OpenStack), although the same issues are likely to be found in other OSS cloud computing software like Apache CloudStack[3], Eucalyptus[4], and OpenNebula[5]. We examine legal implications, regulatory and standards compliance, new attack vectors resulting from vulnerabilities coming from virtualisation technologies, data integrity issues such as encryption and access controls, and security checks to be performed on the services prior to their movement to the cloud. In addition, some of the most important security threats in cloud computing are presented, followed by key recommendations on how to address them, namely security standards and certifications, service provider auditing, secure APIs, transport layer protection, authentication and encryption key management, and cloud service agreements.

On Data Security and Encryption Algorithms in Cloud Environment

2014 ◽  
Vol 701-702 ◽  
pp. 1106-1111 ◽  
Author(s):  
Xin Zheng Zhang ◽  
Ya Juan Zhang
Keyword(s):  
Cloud Computing ◽  
Data Storage ◽  
Data Security ◽  
Service Providers ◽  
Cloud Service ◽  
Working Environment ◽  
Cloud Environment ◽  
Cloud Data ◽  
Security Issues ◽  
Encryption Algorithms

As information and processes are migrating to the cloud, Cloud Computing is drastically changing IT professionals’ working environment. Cloud Computing solves many problems of conventional computing. However, the new technology has also created new challenges such as data security, data ownership and trans-code data storage. We discussed about Cloud computing security issues, mechanism, challenges that Cloud service providers and consumers face during Cloud engineering. Based on concerning of security issues and challenges, we proposed several encryption algorithms to make cloud data secure and invulnerable. We made comparisons among DES, AES, RSA and ECC algorithms to find combinatorial optimization solutions, which fit Cloud environment well for making cloud data secure and not to be hacked by attackers.

scholarly journals Privacy enforcement on subscribers data in cloud computing

2021 ◽  
Vol 40 (2) ◽  
pp. 308-320
Author(s):  
S.A. Akinboro ◽  
U.J. Asanga ◽  
M.O. Abass
Keyword(s):  
Cloud Computing ◽  
Service Providers ◽  
Cloud Service ◽  
Cloud Provider ◽  
Sensitive Information ◽  
Secure Socket Layer ◽  
Brute Force ◽  
User Privacy ◽  
Platform As A Service ◽  
High Level

Data stored in the cloud are susceptible to an array of threats from hackers. This is because threats, hackers and unauthorized access are not supported by the cloud service providers as implied. This study improves user privacy in the cloud system, using privacy with non-trusted provider (PNTP) on software and platform as a service model. The subscribers encrypt the data using user’s personal Advanced Encryption Standard (AES) symmetric key algorithm and send the encrypted data to the storage pool of the Cloud Service Provider (CSP) via a secure socket layer. The AES performs a second encryption on the data sent to the cloud and generates for the subscriber a key that will be used for decryption of previously stored data. The encryption and decryption keys are managed by the key server and have been hardcoded into the PNTP system. The model was simulated using the Stanford University multimedia dataset and benchmarked with a Privacy with Trusted cloud Provider (PTP) model using encryption time, decryption time and efficiency (brute force hacking) as parameters. Results showed that it took a longer time to access the user files in PNTP than in the PTP system. The brute force hacking took a longer time (almost double) to access data stored on the PNTP system. This will give subscribers a high level of control over their data and increase the adoption of cloud computing by businesses and organizations with highly sensitive information.

Sign in / Sign up

Export Citation Format

Share Document