Visible to the public Cloud Security

SoS Newsletter- Advanced Book Block

Cloud Security


Cloud security is one of the prime topics for theoretical and applied research today. The works cited here cover a wide range of topics and methods for addressing cloud security issues. They were presented or published between January and August of 2014.

  • Feng Zhao; Chao Li; Chun Feng Liu, "A Cloud Computing Security Solution Based On Fully Homomorphic Encryption," Advanced Communication Technology (ICACT), 2014 16th International Conference on, pp.485,488, 16-19 Feb. 2014. doi: 10.1109/ICACT.2014.6779008 With the rapid development of Cloud computing, more and more users deposit their data and application on the cloud. But the development of Cloud computing is hindered by many Cloud security problem. Cloud computing has many characteristics, e.g. multi-user, virtualization, scalability and so on. Because of these new characteristics, traditional security technologies can't make Cloud computing fully safe. Therefore, Cloud computing security becomes the current research focus and is also this paper's research direction[1]. In order to solve the problem of data security in cloud computing system, by introducing fully homomorphism encryption algorithm in the cloud computing data security, a new kind of data security solution to the insecurity of the cloud computing is proposed and the scenarios of this application is hereafter constructed. This new security solution is fully fit for the processing and retrieval of the encrypted data, and effectively leading to the broad applicable prospect, the security of data transmission and the storage of the cloud computing[2].
    Keywords: cloud computing; cryptography; cloud computing security solution; cloud security problem; data security solution; data storage; data transmission; encrypted data processing; encrypted data retrieval; fully homomorphic encryption algorithm; security technologies; Cloud computing; Encryption; Safety; Cloud security; Cloud service; Distributed implementation; Fully homomorphic encryption (ID#:14-2669)
    URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6779008&isnumber=6778899
  • Fazal-e-Amin; Alghamdi, AS.; Ahmad, I, "Cloud Based C4I Systems: Security Requirements and Concerns," Computational Science and Computational Intelligence (CSCI), 2014 International Conference on, vol.2, pp.75, 80, 10-13 March 2014. doi: 10.1109/CSCI.2014.98 C4I (Command, Control, Communication, Computer and Intelligence) systems are critical systems of systems. These systems are used in military, emergency response, and in disaster management etc. Due to the sensitive nature of domains and applications of these systems, quality could never be compromised. C4I systems are resource demanding system, their expansion or up gradation for the sake of improvement require additional computational resources. Cloud computing provides a solution for the convenient access and scaling of resources. Recently, it is envisioned by the researchers to deploy C4I systems using cloud computing resources. However, there are many issues in such deployment and security being at the top, is focus of many researchers. In this research, security requirements and concerns of cloud based C4I systems are highlighted. Different aspects of cloud computing and C4I systems are discussed from the security point of view. This research will be helpful for both academia and industry to further strengthen the basis of cloud based C4I systems.
    Keywords: cloud computing; command and control systems; security of data; Command, Control, Communication, Computer and Intelligence systems; cloud based C4I systems; cloud computing resources; critical systems of systems; security requirements; Availability; Cloud computing; Computational modeling;Computers;Government;Security;c4i system; cloud computing; security (ID#:14-2670)
    URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6822307&isnumber=6822285
  • Albahdal, AA; Alsolami, F.; Alsaadi, F., "Evaluation of Security Supporting Mechanisms in Cloud Storage," Information Technology: New Generations (ITNG), 2014 11th International Conference on, pp.285,292, 7-9 April 2014. doi: 10.1109/ITNG.2014.110 Cloud storage is one of the most promising services of cloud computing. It holds promise for unlimited, scalable, flexible, and low cost data storage. However, security of data stored at the cloud is the main concern that hinders the adoption of cloud storage model. In the literature, there are many proposed mechanisms to improve the security of cloud storage. These proposed mechanisms differ in many aspects and provide different levels of security. In this paper, we evaluate five different mechanisms for supporting the security of the cloud storage. We begin with a brief description of these mechanisms. Then we evaluate these mechanisms based on the following criteria: security, support of writing serializability and reading freshness, workload distribution between the client and cloud, performance, financial cost, support of accountability between the client and cloud, support of file sharing between users, and ease of deployment. The evaluation section of this paper forms a guide for individuals and organizations to select or design an appropriate mechanism that satisfies their requirements for securing cloud storage.
    Keywords: cloud computing; security of data; storage management; In file sharing ;cloud computing; cloud security; cloud storage model; reading freshness; security supporting mechanism; workload distribution; Availability; Cloud computing; Encryption; Secure storage; Writing; Cloud Computing; Cloud Security; Cloud Storage (ID#:14-2671)
    URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6822212&isnumber=6822158
  • Varadharajan, V.; Tupakula, U., "Security as a Service Model for Cloud Environment," Network and Service Management, IEEE Transactions on, vol. 11, no.1, pp.60, 75, March 2014. doi: 10.1109/TNSM.2014.041614.120394 Cloud computing is becoming increasingly important for provision of services and storage of data in the Internet. However there are several significant challenges in securing cloud infrastructures from different types of attacks. The focus of this paper is on the security services that a cloud provider can offer as part of its infrastructure to its customers (tenants) to counteract these attacks. Our main contribution is a security architecture that provides a flexible security as a service model that a cloud provider can offer to its tenants and customers of its tenants. Our security as a service model while offering a baseline security to the provider to protect its own cloud infrastructure also provides flexibility to tenants to have additional security functionalities that suit their security requirements. The paper describes the design of the security architecture and discusses how different types of attacks are counteracted by the proposed architecture. We have implemented the security architecture and the paper discusses analysis and performance evaluation results.
    Keywords: cloud computing; security of data; Internet; baseline security ;cloud computing; cloud environment; cloud infrastructures; cloud provider; data storage; security architecture; security functionalities; security requirements; security-as-a-service model; service provisioning; Cloud computing; Computer architecture; Operating systems; Privacy; Security; Software as a service; Virtual machining; Cloud security; security and privacy; security architecture (ID#:14-2672)
    URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6805344&isnumber=6804401
  • Whaiduzzaman, M.; Gani, A, "Measuring Security For Cloud Service Provider: A Third Party Approach," Electrical Information and Communication Technology (EICT), 2013 International Conference on, pp.1,6, 13-15 Feb. 2014. doi: 10.1109/EICT.2014.6777855 Cloud Computing (CC) is a new paradigm of utility computing and enormously growing phenomenon in the present IT industry hype. CC leverages low cost investment opportunity for the new business entrepreneur as well as business avenues for cloud service providers. As the number of the new Cloud Service Customer (CSC) increases, users require a secure, reliable and trustworthy Cloud Service Provider (CSP) from the market to store confidential data. However, a number of shortcomings in reliable monitoring and identifying security risks, threats are an immense concern in choosing the highly secure CSP for the wider cloud community. The secure CSP ranking system is currently a challenging aspect to gauge trust, privacy and security. In this paper, a Trusted Third Party (TTP) like credit rating agency is introduced for security ranking by identifying current assessable security risks. We propose an automated software scripting model by penetration testing for TTP to run on CSP side and identify the vulnerability and check security strength and fault tolerance capacity of the CSP. Using the results, several non-measurable metrics are added and provide the ranking system of secured trustworthy CSP ranking systems. Moreover, we propose a conceptual model for monitoring and maintaining such TTP cloud ranking providers worldwide called federated third party approach. Hence the model of federated third party cloud ranking and monitoring system assures and boosts up the confidence to make a feasible secure and trustworthy market of CSPs.
    Keywords: cloud computing; program testing; trusted computing; CC; CSC; CSP fault tolerance capacity; CSP ranking system; CSP security strength; IT industry; TTP; automated software scripting model; business avenues; business entrepreneur; cloud computing; cloud service customer; cloud service provider; confidential data storage; credit rating agency; federated third party approach; information technology; penetration testing; security measurement; security risks identification; security risks monitoring; trusted third party; utility computing; Business; Cloud computing; Measurement; Mobile communication; Monitoring; Security; Cloud computing; cloud security ranking; cloud service provider; trusted third party (ID#:14-2673)
    URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6777855&isnumber=6777807
  • Djenna, A; Batouche, M., "Security Problems In Cloud Infrastructure," Networks, Computers and Communications, The 2014 International Symposium on, pp.1,6, 17-19 June 2014. doi: 10.1109/SNCC.2014.6866505 Cloud computing is the emergence of a logical continuation of the computing history, following in the footsteps of mainframes, PCs, Servers, Internet and Data Centers, all those had changed radically the way of our everyday life which adopt the technology. Cloud Computing is able to provide its customers numerous services through Internet. The Virtualization is the secret to the establishment of a Cloud infrastructure. With any technology, it presents both benefits and challenges; the virtualization is not an exception to this rule. In this context, the Cloud infrastructure can be used as a springboard for the generation of new types of attacks. Therefore, security is one of the major concerns for the evolution and migration to the Cloud. In this paper, an overview of security issues related to Cloud infrastructure will be presented, followed by a critical analysis of the various issues that arise in IaaS Cloud and the current attempts to improve security in the Cloud environment.
    Keywords: cloud computing; telecommunication security; virtualisation; IaaS Cloud; Internet; cloud computing; cloud infrastructure; computing history; security problems; virtualization; Cloud computing; Computer architecture; Security; Servers; Virtual machine monitors; Virtual machining; Virtualization; Cloud Computing; Cloud Security; Virtualization (ID#:14-2674)
    URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6866505&isnumber=6866503
  • Chalse, R.R.; Katara, A; Selokar, A; Talmale, R., "Inter-cloud Data Transfer Security," Communication Systems and Network Technologies (CSNT), 2014 Fourth International Conference on, pp.654,657, 7-9 April 2014. doi: 10.1109/CSNT.2014.137 The use of cloud computing has increased rapidly in many organizations. Cloud computing provides many benefits in terms of low cost and accessibility of data. Cloud computing has generated a lot of interest and competition in the industry and it is recognize as one of the top 10 technologies of 2010. It is an internet based service delivery model which provides internet based services, computing and storage for users in all market including financial, health care & government. In this paper we to provide Inter Cloud Data Transfer Security. Cloud security is becoming a key differentiator and competitive edge between cloud providers. This paper discusses the security issues arising in different type of clouds. This work aims to promote the use of multi-clouds due to its ability to reduce security risks that affect the cloud computing user.
    Keywords: cloud computing; security of data ;Internet based service delivery model; cloud computing user; cloud providers; competitive edge; differentiator; government;health care; intercloud data transfer security; multiclouds; security risks; Cloud computing; Computer crime; Data transfer; Fingerprint recognition; Servers; Software as a service; Cloud; Cloud computing; DMFT; Security; Security challenges; data security (ID#:14-2675)
    URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6821479&isnumber=6821334
  • Mapp, G.; Aiash, M.; Ondiege, B.; Clarke, M., "Exploring a New Security Framework for Cloud Storage Using Capabilities," Service Oriented System Engineering (SOSE), 2014 IEEE 8th International Symposium on, pp.484, 489, 7-11 April 2014. doi: 10.1109/SOSE.2014.69 We are seeing the deployment of new types of networks such as sensor networks for environmental and infrastructural monitoring, social networks such as facebook, and e-Health networks for patient monitoring. These networks are producing large amounts of data that need to be stored, processed and analysed. Cloud technology is being used to meet these challenges. However, a key issue is how to provide security for data stored in the Cloud. This paper addresses this issue in two ways. It first proposes a new security framework for Cloud security which deals with all the major system entities. Secondly, it introduces a Capability ID system based on modified IPv6 addressing which can be used to implement a security framework for Cloud storage. The paper then shows how these techniques are being used to build an e-Health system for patient monitoring.
    Keywords: cloud computing; electronic health records; patient monitoring; social networking (online);storage management;IPv6 addressing; capability ID system; cloud security; cloud storage; cloud technology ;e-Health system; e-health networks; environmental monitoring; facebook; infrastructural monitoring; patient monitoring; security for data; security framework; sensor networks; social networks; system entity; Cloud computing; Companies; Monitoring; Protocols; Security; Servers; Virtual machine monitors; Capability Systems; Cloud Storage; Security Framework; e-Health Monitoring (ID#:14-2676)
    URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6830953&isnumber=6825948
  • Himmel, M.A; Grossman, F., "Security on distributed systems: Cloud security versus traditional IT," IBM Journal of Research and Development, vol.58, no.1, pp.3:1, 3:13, Jan.-Feb. 2014. doi: 10.1147/JRD.2013.2287591 Cloud computing is a popular subject across the IT (information technology) industry, but many risks associated with this relatively new delivery model are not yet fully understood. In this paper, we use a qualitative approach to gain insight into the vectors that contribute to cloud computing risks in the areas of security, business, and compliance. The focus is on the identification of risk vectors affecting cloud computing services and the creation of a framework that can help IT managers in their cloud adoption process and risk mitigation strategy. Economic pressures on businesses are creating a demand for an alternative delivery model that can provide flexible payments, dramatic cuts in capital investment, and reductions in operational cost. Cloud computing is positioned to take advantage of these economic pressures with low-cost IT services and a flexible payment model, but with certain security and privacy risks. The frameworks offered by this paper may assist IT professionals obtain a clearer understanding of the risk tradeoffs associated with cloud computing environments.
    Keywords: Automation; Cloud computing; Computer security; Information technology; Risk management; Virtual machine monitors (ID#:14-2677)
    URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6717051&isnumber=6717043
  • Sah, S.K.; Shakya, S.; Dhungana, H., "A Security Management For Cloud Based Applications And Services with Diameter-AAA," Issues and Challenges in Intelligent Computing Techniques (ICICT), 2014 International Conference on, pp.6,11, 7-8 Feb. 2014. doi: 10.1109/ICICICT.2014.6781243 The Cloud computing offers various services and web based applications over the internet. With the tremendous growth in the development of cloud based services, the security issue is the main challenge and today's concern for the cloud service providers. This paper describes the management of security issues based on Diameter AAA mechanisms for authentication, authorization and accounting (AAA) demanded by cloud service providers. This paper focuses on the integration of Diameter AAA into cloud system architecture.
    Keywords: authorisation; cloud computing ;Internet; Web based applications; authentication, authorization and accounting; cloud based applications; cloud based services; cloud computing; cloud service providers; cloud system architecture; diameter AAA mechanisms; security management; Authentication; Availability; Browsers; Computational modeling; Protocols; Servers; Cloud Computing; Cloud Security; Diameter-AAA (ID#:14-2678)
    URL:http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6781243&isnumber=6781240
  • Boopathy, D.; Sundaresan, M., "Data Encryption Framework Model With Watermark Security For Data Storage In Public Cloud Model," Computing for Sustainable Global Development (INDIACom), 2014 International Conference on, pp.903,907, 5-7 March 2014. doi: 10.1109/IndiaCom.2014.6828094 Cloud computing technology is a new concept of providing dramatically scalable and virtualized resources. It implies a SOA (Service Oriented Architecture) type, reduced information technology overhead for the end level user, greater flexibility model, reduced total cost of ownership and on-demand service providing structure. From the user point of view, one of the main concerns is cloud security from the unknown threats. The lack of physical access to servers constitutes a completely new and disruptive challenge for investigators. The Clients can store, transfer or exchange their data using public cloud model. This paper represents the encryption method for public cloud and also the cloud service provider's verification mechanism using the third party auditors with framework model. The Cloud Data Storage is one of the mandatory services which are acquiring in this rapid development business world.
    Keywords: cloud computing; cryptography; service-oriented architecture; storage management; watermarking; SOA; cloud computing technology; cloud data storage; cloud security; cloud service provider verification mechanism; data encryption framework model; end level user; information technology overhead; mandatory services; on-demand service; physical access; public cloud model; scalable resources; service oriented architecture; third party auditors; total cost of ownership reduction; unknown threats; virtualized resources; watermark security; Cloud computing; Computational modeling; Data models; Encryption; Servers; Watermarking ;Cloud Data Storage; Cloud Encryption; Data Confidency Data Privacy; Encryption Model; Watermark Security (ID#:14-2679)
    URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6828094&isnumber=6827395
  • Poornima, B.; Rajendran, T., "Improving Cloud Security by Enhanced HASBE Using Hybrid Encryption Scheme," Computing and Communication Technologies (WCCCT), 2014 World Congress on, pp.312,314, Feb. 27 2014-March 1 2014. doi: 10.1109/WCCCT.2014.88 Cloud computing has appeared as one of the most influential paradigms in the IT commerce in recent years and this technology needs users to entrust their precious facts and figures to cloud providers, there have been expanding security and privacy concerns on outsourced data. Several schemes employing attribute-based encryption (ABE) have been suggested for get access to control of outsourced data in cloud computing; however, most of them suffer from inflexibility in applying convoluted get access to command principles. In order to recognize scalable, flexible, and finegrained get access to control of outsourced facts and figures in cloud computing, in this paper, we suggest hierarchical attribute-set-based encryption (HASBE) by expanding ciphertext-policy attributeset- based encryption (ASBE) with a hierarchical structure of users. The suggested design not only achieves scalability due to its hierarchical structure, but furthermore inherits flexibility and fine-grained get access to command in carrying compound attributes of ASBE. In addition, HASBE uses multiple worth assignments for access expiration time to deal with client revocation more effectively than living schemes. We apply our scheme and show that it is both effective and flexible in dealing with get access to command for outsourced facts in cloud computing with comprehensive trials.
    Keywords: cloud computing; cryptography; IT commerce; attribute based encryption; attribute set based encryption; cloud computing; cloud providers; enhanced HASBE; hierarchical attribute-set-based encryption; hybrid encryption scheme ;improving cloud security; Cloud computing; Computational modeling; Educational institutions; Encryption; Privacy; Scalability (ID#:14-2680)
    URL:http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6755167&isnumber=6755083
  • Goel, R.; Garuba, M.; Goel, R., "Cloud Computing Vulnerability: DDoS as Its Main Security Threat, and Analysis of IDS as a Solution Model," Information Technology: New Generations (ITNG), 2014 11th International Conference on, vol., no., pp.307, 312, 7-9 April 2014. doi: 10.1109/ITNG.2014.77 Cloud computing has emerged as an increasingly popular means of delivering IT-enabled business services and a potential technology resource choice for many private and government organizations in today's rapidly changing computing environment. Consequently, as cloud computing technology, functionality and usability expands unique security vulnerabilities and treats requiring timely attention arise continuously. The primary challenge being providing continuous service availability. This paper will address cloud security vulnerability issues, the threats propagated by a distributed denial of service (DDOS) attack on cloud computing infrastructure and also discuss the means and techniques that could detect and prevent the attacks.
    Keywords: business data processing; cloud computing; computer network security; DDoS ;IDS; IT-enabled business services; cloud computing infrastructure; cloud computing vulnerability; cloud security vulnerability issues; distributed denial of service; security threat; Availability; Cloud computing; Computational modeling; Computer crime; Organizations; Servers; Cloud; DDoS; IDS; Security; Vulnerability (ID#:14-2681)
    URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6822215&isnumber=6822158
  • Datta, E.; Goyal, N., "Security Attack Mitigation Framework For The Cloud," Reliability and Maintainability Symposium (RAMS), 2014 Annual, pp.1,6, 27-30 Jan. 2014. doi: 10.1109/RAMS.2014.6798457 Cloud computing brings in a lot of advantages for enterprise IT infrastructure; virtualization technology, which is the backbone of cloud, provides easy consolidation of resources, reduction of cost, space and management efforts. However, security of critical and private data is a major concern which still keeps back a lot of customers from switching over from their traditional in-house IT infrastructure to a cloud service. Existence of techniques to physically locate a virtual machine in the cloud, proliferation of software vulnerability exploits and cross-channel attacks in-between virtual machines, all of these together increases the risk of business data leaks and privacy losses. This work proposes a framework to mitigate such risks and engineer customer trust towards enterprise cloud computing. Everyday new vulnerabilities are being discovered even in well-engineered software products and the hacking techniques are getting sophisticated over time. In this scenario, absolute guarantee of security in enterprise wide information processing system seems a remote possibility; software systems in the cloud are vulnerable to security attacks. Practical solution for the security problems lies in well-engineered attack mitigation plan. At the positive side, cloud computing has a collective infrastructure which can be effectively used to mitigate the attacks if an appropriate defense framework is in place. We propose such an attack mitigation framework for the cloud. Software vulnerabilities in the cloud have different severities and different impacts on the security parameters (confidentiality, integrity, and availability). By using Markov model, we continuously monitor and quantify the risk of compromise in different security parameters (e.g.: change in the potential to compromise the data confidentiality). Whenever, there is a significant change in risk, our framework would facilitate the tenants to calculate the Mean Time to Security Failure (MTTSF) cloud and allow - hem to adopt a dynamic mitigation plan. This framework is an add-on security layer in the cloud resource manager and it could improve the customer trust on enterprise cloud solutions.
    Keywords: Markov processes; cloud computing; security of data; virtualisation; MTTSF cloud; Markov model; attack mitigation plan; availability parameter; business data leaks; cloud resource manager; cloud service; confidentiality parameter; cross-channel attacks; customer trust; enterprise IT infrastructure; enterprise cloud computing; enterprise cloud solutions; enterprise wide information processing system; hacking techniques; information technology; integrity parameter; mean time to security failure; privacy losses; private data security; resource consolidation; security attack mitigation framework; security guarantee; software products; software vulnerabilities; software vulnerability exploits; virtual machine; virtualization technology; Cloud computing; Companies; Security ;Silicon; virtual machining; Attack Graphs; Cloud computing; Markov Chain; Security; Security Administration (ID#:14-2682)
    URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6798457&isnumber=6798433
  • Dinadayalan, P.; Jegadeeswari, S.; Gnanambigai, D., "Data Security Issues in Cloud Environment and Solutions," Computing and Communication Technologies (WCCCT), 2014 World Congress on, pp.88, 91, Feb. 27 2014-March 1 2014. doi: 10.1109/WCCCT.2014.63 Cloud computing is an internet based model that enable convenient, on demand and pay per use access to a pool of shared resources. It is a new technology that satisfies a user's requirement for computing resources like networks, storage, servers, services and applications, Data security is one of the leading concerns and primary challenges for cloud computing. This issue is getting more serious with the development of cloud computing. From the consumers' perspective, cloud computing security concerns, especially data security and privacy protection issues, remain the primary inhibitor for adoption of cloud computing services. This paper analyses the basic problem of cloud computing and describes the data security and privacy protection issues in cloud.
    Keywords: cloud computing; data privacy; security of data; Internet based model ;cloud computing security concerns; cloud computing services; cloud environment; computing resources; data security issues; networks; pay per use access; privacy protection issues; servers; shared resources; Cloud computing; Computers; Data privacy; Data security; Organizations; Privacy; Cloud Computing; Cloud Computing Security; Data Security; Privacy protection (ID#:14-2683)
    URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6755112&isnumber=6755083
  • Pawar, Y.; Rewagad, P.; Lodha, N., "Comparative Analysis of PAVD Security System with Security Mechanism of Different Cloud Storage Services," Communication Systems and Network Technologies (CSNT), 2014 Fourth International Conference on, pp.611,614, 7-9 April 2014. doi: 10.1109/CSNT.2014.128 Cloud Computing, being in its infancy in the field of research has attracted lots of research communities in last few years. Lot of investment is made in cloud based research by MNCs like Amazon, IBM and different R & D organizations. Inspite of these the number of stakeholders actually using cloud services is limited. The main hindrance to the wide adoption of cloud Technology is feeling of insecurity regarding storage of data in cloud, absence of reliance and comprehensive access control mechanism. To overcome it, cloud service providers have employed different security mechanism to protect confidentiality and integrity of data in cloud. We have used PAVD security system to protect confidentiality and integrity of data stored in cloud. PAVD is an acronym for Privacy, Authentication and Verification of data. We have statistically analyzed the performance of PAVD security system over different sizes of data files. This paper aimed at comparing the performance of different cloud storage services like Drop box, sky drive etc with our PAVD security system with respect to uploading and downloading time.
    Keywords: authorisation; cloud computing; data privacy; storage management; Drop Box; MNC; PAVD security system; Sky Drive; access control mechanism; cloud based research; cloud computing; cloud storage services; cloud technology; data storage; multinational companies; privacy authentication and verification of data; security mechanism; statistical analysis; Cloud computing; Digital signatures ;Encryption; Servers; Cloud Computing; Data confidentiality; Performance Analysis; Security Issues; Stakeholders (ID#:14-2684)
    URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6821470&isnumber=6821334
  • Honggang Wang; Shaoen Wu; Min Chen; Wei Wang, "Security Protection Between Users And The Mobile Media Cloud," Communications Magazine, IEEE, vol.52, no.3, pp.73, 79, March 2014. doi: 10.1109/MCOM.2014.6766088 Mobile devices such as smartphones are widely deployed in the world, and many people use them to download/upload media such as video and pictures to remote servers. On the other hand, a mobile device has limited resources, and some media processing tasks must be migrated to the media cloud for further processing. However, a significant question is, can mobile users trust the media services provided by the media cloud service providers? Many traditional security approaches are proposed to secure the data exchange between mobile users and the media cloud. However, first, because multimedia such as video is large-sized data, and mobile devices have limited capability to process media data, it is important to design a lightweight security method; second, uploading and downloading multi-resolution images/videos make it difficult for the traditional security methods to ensure security for users of the media cloud. Third, the error-prone wireless environment can cause failure of security protection such as authentication. To address the above challenges, in this article, we propose to use both secure sharing and watermarking schemes to protect user's data in the media cloud. The secure sharing scheme allows users to upload multiple data pieces to different clouds, making it impossible to derive the whole information from any one cloud. In addition, the proposed scalable watermarking algorithm can be used for authentications between personal mobile users and the media cloud. Furthermore, we introduce a new solution to resist multimedia transmission errors through a joint design of watermarking and Reed- Solomon codes. Our studies show that the proposed approach not only achieves good security performance, but also can enhance media quality and reduce transmission overhead.
    Keywords: Reed-Solomon codes; cloud computing; security of data; smart phones; video watermarking; Reed-Solomon codes; authentication; data exchange; error-prone wireless environment; large-sized data; lightweight security; media cloud service providers; media processing tasks; mobile devices; mobile media cloud; multimedia transmission errors; multiple data pieces; multiresolution images-videos; personal mobile users;secure sharing; security protection; smartphones; transmission overhead; watermarking; Cloud computing; Cryptography; Handheld devices ;Media; Mobile communication; Multimedia communication; Network security; Watermarking (ID#:14-2685)
    URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6766088&isnumber=6766068
  • Sugumaran, M.; Murugan, B.B.; Kamalraj, D., "An Architecture for Data Security in Cloud Computing," Computing and Communication Technologies (WCCCT), 2014 World Congress on, pp.252,255, Feb. 27 2014-March 1 2014. doi: 10.1109/WCCCT.2014.53 Cloud computing is a more flexible, cost effective and proven delivery platform for providing business or consumer services over the Internet. Cloud computing supports distributed service oriented architecture, multi-user and multi-domain administrative infrastructure. So, it is more prone to security threats and vulnerabilities. At present, a major concern in cloud adoption is towards its security and privacy. Security and privacy issues are of great concern to cloud service providers who are actually hosting the services. In most cases, the provider must guarantee that their infrastructure is secure and clients' data and applications are safe, by implementing security policies and mechanisms. The security issues are organized into several general categories: trust, identity management, software isolation, data protection, availability reliability, ownership, data backup, data portability and conversion, multi platform support and intellectual property. In this paper, it is discuss about some of the techniques that were implemented to protect data and propose architecture to protect data in cloud. This architecture was developed to store data in cloud in encrypted data format using cryptography technique which is based on block cipher.
    Keywords: cloud computing; cryptography; data protection; electronic data interchange; industrial property; safety-critical software; service-oriented architecture; block cipher; business services; client data; cloud computing; cloud service providers; consumer services; cryptography technique; data availability; data backup; data conversion; data ownership; data portability; data privacy; data protection; data reliability; data security architecture; data storage; distributed service-oriented architecture; encrypted data format; identity management; intellectual property; multiuser multidomain administrative infrastructure; software isolation; trust factor; Ciphers; Cloud computing; Computer architecture; Encryption; Cloud computing; data privacy ;data security; symmetric cryptography; virtualization (ID#:14-2686)
    URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6755152&isnumber=6755083
  • De, S.J.; Pal, AK., "A Policy-Based Security Framework for Storage and Computation on Enterprise Data in the Cloud," System Sciences (HICSS), 2014 47th Hawaii International Conference on, pp.4986,4997, 6-9 Jan. 2014. doi: 10.1109/HICSS.2014.613 A whole range of security concerns that can act as barriers to the adoption of cloud computing have been identified by researchers over the last few years. While outsourcing its business-critical data and computations to the cloud, an enterprise loses control over them. How should the organization decide what security measures to apply to protect its data and computations that have different security requirements from a Cloud Service Provider (CSP) with an unknown level of corruption? The answer to this question relies on the organization's perception about the CSP's trustworthiness and the security requirements of its data. This paper proposes a decentralized, dynamic and evolving policy-based security framework that helps an organization to derive such perceptions from knowledgeable and trusted employee roles and based on that, choose the most relevant security policy specifying the security measures necessary for outsourcing data and computations to the cloud. The organizational perception is built through direct user participation and is allowed to evolve over time.
    Keywords: business data processing; cloud computing; data protection; outsourcing; security of data; trusted computing; CSPs trustworthiness; cloud computing; cloud service provider; data outsourcing; data protection; data security requirements; decentralized security framework; dynamic security framework; enterprise data computation; enterprise data storage; policy-based security framework; Cloud computing; Computational modeling; Data security; Organizations; Outsourcing; Secure storage; Cloud Computing; Data and Computation Outsourcing; Security (ID#:14-2687)
    URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6759216&isnumber=6758592
  • Hassan, S.; Abbas Kamboh, A; Azam, F., "Analysis of Cloud Computing Performance, Scalability, Availability, & Security," Information Science and Applications (ICISA), 2014 International Conference on, pp.1, 5, 6-9 May 2014. doi: 10.1109/ICISA.2014.6847363 Cloud Computing means that a relationship of many number of computers through a contact channel like internet. Through cloud computing we send, receive and store data on internet. Cloud Computing gives us an opportunity of parallel computing by using a large number of Virtual Machines. Now a days, Performance, scalability, availability and security may represent the big risks in cloud computing. In this paper we highlights the issues of security, availability and scalability issues and we will also identify that how we make our cloud computing based infrastructure more secure and more available. And we also highlight the elastic behavior of cloud computing. And some of characteristics which involved for gaining the high performance of cloud computing will also be discussed.
    Keywords: cloud computing; parallel processing; security of data; virtual machines; Internet; cloud computing; parallel computing; scalability; security; virtual machine; Availability; Cloud computing; Computer hacking; Scalability (ID#:14-2688)
    URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6847363&isnumber=6847317

Note:

Articles listed on these pages have been found on publicly available internet pages and are cited with links to those pages. Some of the information included herein has been reprinted with permission from the authors or data repositories. Direct any requests via Email to SoS.Project (at) SecureDataBank.net for removal of the links or modifications to specific citations. Please include the ID# of the specific citation in your correspondence.