Cloud Secured: A Study on Cloud Computing Security
Keywords:
Cloud Computing, Cloud Security, Cloud Infrastructure, Encryption, Security KeyAbstract
A method of service delivery is cloud computing. Over the network, computing resources are made available as a service. These services have the characteristics of being Scalable, Autonomous, and Economical. A new approach is required to help end users and providers of services better understand the domain so they can handle their security needs and find their solutions. Despite having so many benefits, it faces a number of security issues that cannot be disregarded. There are various precautions that must be taken against the risks posed by the cloud computing model in order to increase cloud computing's security and dependability. Cloud security is one of the main concerns on interested parties' minds. While evaluating the security challenges in cloud computing, each concern has a variety of repercussions on specific assets. Despite numerous research, we are still unable to specify the security requirements, which slows down the use of clouds. A new technique is consequently required to assist service providers and target users in better understanding the domain, managing their security requirements, and finding solutions. The "ontology-based security approach" is one of many security measures employed by related stakeholders. However, target users and cloud service providers find it complicated and deficient in the security department because it is not specified which paradigm can be utilised under which circumstances. Prior studies have revealed a number of security concepts that service providers with various assessment methods can utilise. Consequently, there is a growing demand for a critical evaluation of earlier research on Cloud Security Ontology. Further, in order to assist researchers in linked fields, future prospects for research based on comparison analysis and deficiencies areas have been looked into. Associated cloud computing risks are outlined in this study, along with any potential remedies.
Downloads
References
S. Vaishali and Pandey S. K., “A Comparative Study of Cloud Security Ontologies”, Proceedings of 3rd International Conference on Reliability, Infocom Technologies and Optimization, India, 2014.
H. Amit and J Karuna Pande, “A Semantic Approach to Cloud Security and Compliance”, IEEE 8th International Conference on Cloud Computing, pp. 1081, 2015
B. Sotomayor, R. S. Montero, I. M. Llorente, and I. Foster, “Virtual Infrastructure Management in Private and Hybrid Clouds”, IEEE Internet Computing, vol. 13, no. 5, pp. 14-22, Sep. 2009.
L. Hsin Tse, K. Chia Hung, W. Po Hsuan and L. Yi Hsuan, “Towards a hosted private cloud storage solution for application service provider”, Proceedings of 2014 International Conference on Cloud Computing and Internet of Things, 2014.
M Armbrust , A Fox , R Griffith , AD Joseph, RH Katz , A Konwinski, G Lee, DA Patterson, A Rabkin, I Stoica and M Zaharia, “Above the Clouds - A Berkeley View of Cloud.”. Technical report UCB/EECS-2009-28, EECS Department, University of Berkeley, California, 2009.
Ling Zheng; Yanxiang Hu; Chaoran Yang, “Design and Research on Private Cloud Computing Architecture to Support Smart Grid”, Third International Conference on Intelligent Human-Machine Systems and Cybernetics, pp. 1, 2011
G. Adam, “The Hybrid Cloud Security Professional”, IEEE Cloud Computing, Volume: 3, Issue: 1 pp. 2, 2016
P. Mell and T. Grance, The NIST Definition of Cloud Computing, Nat’l Inst. of Standards and Technology, pp. 3, 2011.
J. Sathyan and K. Shenoy, "Realizing unified service experience with SaaS on SOA", 3rd International Conference on Communication Systems Software and Middleware and Workshops (COMSWARE '08), 2008.
L. Gouling “Research on Independent SaaS Platform”, 2nd IEEE International Conference on Information Management and Engineering, 2010.
D. Rajdeep, R. A. Reddy and K. Dharmesh, “Virtualization vs Containerization to support PaaS” pp-2, 2014.
http://www.eucalyptus.com, February, 2013.
J. Bresnahan, D. LaBissoniere, T. Freeman and K. Keahey,“Cumulus: An Open Source Storage Cloud for Science”, Science Cloud 2011, San Jose, CA. June 2011
B. Sotomayor, R. S. Montero, I. M. Llorente, and I. Foster, “Virtual Infrastructure Management in Private and Hybrid Clouds’, IEEE Internet Computing, vol. 13, no. 5, pp. 14-22, Sep. 2009.
http://www.openstack.org, February, 2013.
P. Chandan and D. Surajit, “Cloud Computing Security Analysis: Challenges and Possible Solutions”, International Conference on Electrical, Electronics, and Optimization Techniques (ICEEOT), 2016
L. Han, X. Wenjuan and D. Yi, “Research on Building of Electronic Community Based on Cloud Computing”., 2nd International Conference on Artificial Intelligence, Management Science and Electronic Commerce (AIMSEC), pp-3, 2011
L. Han, X. Wenjuan and D. Yi, “Research on Building of Electronic Community Based on Cloud Computing”., 2nd International Conference on Artificial Intelligence, Management Science and Electronic Commerce (AIMSEC), pp-3, 2011
S. Subashini, V. Kavitha, A survey on security issues in service delivery models of cloud computing, Journal of Network and Computer Applications, Volume 34, Issue 1, pp, 1-11, Jan 2011.
Ramgovind, S.; Eloff, M.M.; Smith, E., "The management of security in Cloud computing," Information Security for South Africa (ISSA), 2010, vol., no., pp.1,7, 2-4 Aug. 2010.
T. Mather, S.Kumarswamy, S. Latif, “’Cloud Security and Privacy: An Enterprise Perspective on Risks and Compliance”, O'Reilly Media, 2009.
P Kamongi, “Nemesis: Automated Architecture for Threat Modeling and Risk Assessment for Cloud Computing”, ASE 2014
Popović, K. and Hocenski, Z., "Cloud computing security issues and challenges," MIPRO, 2010 Proceedings of the 33rd International Convention, vol., no., pp.344,349, 24-28 May 2010
NIST, NIST Cloud Computing Reference Architecture, 2011.
Cloud Security Alliance, “The Notorious Nine: Cloud Computing Top Threats in 2013”’, p8-p21, 2013.
Mell, P. and Grance, T., “’The NIST Definition of Cloud Computing”, (Special Publication 800-145), W3C recommendation, World Wide Web Consortium, 2004.
Jörg Hladjk, “Privacy and Data Protection”, Vol 7 Issue 4, IT compliance and IT Security-Part 1, p 987-997, 2017.
Gordin, A. Graur, A. Potorac and D. Balan, “Security Assessment of OpenStack cloud using outside and inside software tools”, International Conference on Development and Application Systems, pp. 170-174, 2018.
V.A. Jujare, “Cloud computing: Approach, Structure and Security” In Second International Conference on Computing Methodologies & Communications, 2021.
K. Raj, “Research on Cloud Computing Security Threats using Data Transmission” International Journal of Advanced Research in Computer Science and Software Engineering, India Volume 5, Issue 1, pp. 399-402, Jan 2015.
Bashir SF and, Haider S., “Security threats in cloud computing”, Proceedings of the International Conference for Internet Technology and Secured Transactions, pp 214–219, 2011
J. Orea, “Quick guide to the reference architecture: Trusted Cloud Initiative”, Cloud Security Alliance, 2011.
T. Hamed and R. Marjan Kuchaki, “A survey on security challenges in cloud computing: issues, threats, and solutions”, The Journal of Supercomputing, Volume 76, 9493–9532, pp. 9508, 2020.
F. Liu, “NIST Cloud Computing Reference Architecture”, National Institute of Standards and Technology, U.S Department of Commerce, Special Publication 500-292, Sep. 2011.
R. Roman, J. Lopez and M. Mambo, “Mobile Edge Computing: a survey and analysis of security threats and challenges”, Future Generation Comput Syst 78:680–698, 2018.
GICTF, “Use cases and functional requirements for inter-Cloud computing”, GICTF White Paper, Global Inter-Cloud Technology Forum, 2010.
Celesti, F. Tusa, M. Villari and A. Puliafito, “How to Enhance Cloud architectures to enable cross-federation”, Cloud Computing (Cloud), IEEE 3rd International Conference on, Seiten 337 – 345, 2010.
H. Takabi and J. Joshi, “Security and Privacy Challenges in Cloud Computing Environments”, IEEE, 2011.
Salasiah and A. B. Khairul Azmir, “Toward Cloud Computing Reference Architecture”, Cyber Resilience Conference (CRC), 2018
Yanuarizki, L. Charles, I. Heru Purnomo and J. Arkav “Toward Cloud Computing Reference Architecture: Cloud Service Management Perspective”, International Conference on ICT for Smart Society, 2013.
J. Hurwitz, “Understanding IT Governance in Cloud Computing”, http://www.dummies.com/howto/content/understanding-it-governance -in-cloudcomputing.html.
Security Issues in Cloud Computing https://www.jigsawacademy.com/blogs/cloud-computing/security-issues-in-cloud-computing.
Y. Wei, Y. F. Lian and D. G. Feng, "A network security situational awareness model based on information fusion [J]", Journal of computer research and development, vol. 46, no. 3, pp. 353-362, 2009.
Cloud Computing – A Practical Approach by Velte, Tata McGraw Hill Edition (ISBN-13:978-0-07-068351-8).
D. Wesam, T. Ibrahim and M. Christoph, "Infrastructure as a Service Security: Challenges and Solutions," 7th International Conference on Informatics and Systems, pp. 1-8, 2010.
R. Kalaiprasath, R.Elankavi and R. Udayakumar, “Cloud Security and Compliance- A Semantic Approach In End To End Security ” International Journal On Smart Sensing and Intelligent Systems Special Issue, pp-486, 2017.
K. Abhirup and Sarishma, “Mobile Cloud Computing: Principles and Paradigms” IK International Conference on Cloud Computing, 2015.
J. Jomina and N. Jasmine, “Major Vulnerabilities and Their Prevention Methods in Cloud Computing”, Proceedings of ICBDCC18, Jan, 2019.
Duncan, S. Creese and M. Goldsmith, “Insider attacks in cloud computing” IEEE 11th International Conference on Trust, Security and Privacy in Computing and Communications, 2012.
Bisong, and Rahman M. “An overview of the security concerns in enterprise cloud computing”, Int. J. Netw. Secur. Appl. (IJNSA) 3(1), Jan 2011.
Yang, Z., Qin, X., Yang, Y. and Yagnik. T. "A hybrid trust service architecture for cloud computing” International Conference on Computer Sciences and Applications, 2013.
S.M. Habib, S. Hauke, S. Ries and M. Muhlhauser, “Trust as a facilitator in cloud computing: A survey”, J. Cloud Comput. Adv. Syst. Appl., 2012.
ISACA (auditor’s perspective journal) http://www.isaca.org/Journal/Past-Issues/2009/Volume-6/Pages/ Cloud-Computing-An-Auditor-s-Perspective1.aspx
J. Rameshbabu, B. Sam Balaji, R. Wesley Daniel and K. Malathi, “A prevention of DDoS attacks in cloud using NEIF techniques” Int. J. Sci. Res. Publ. 4(4) ISSN 2250-3153, 2014.
Top 4 Hybrid Cloud Security Challenges (xmcyber.com) “https://www.xmcyber.com/blog/top-4-hybrid-cloud-security-challenges/#:~:text=Top%204%20Hybrid%20Cloud%20Security%20Challenges%201%201.,Compliance%20...%204%204.%20Supply%20Chain%20Risks%20”
S. Fawaz, Al-Anzi;, Y. Sumit Kr. and S. Jyoti, “Cloud computing: Security model comprising governance, risk management and compliance”, International Conference on Data Mining and Intelligent Computing, Sep, 2014.
B. Michael and G.Andrzej, “Toward a Framework for Cloud Security, Algorithms and Architectures for Parallel Processing”, Volume 6082/2010, pp. 254-263, 2010.
4 Emerging Public Cloud Security Challenges to Watch For https://cloudcheckr.com/cloud-security/emerging-public-cloud-security-challenges.
T. Mather, S. Kumaraswamy and S. Latif, “Cloud Security and Privacy”, O'Reilly Media, Inc., Sebastopol, CA, 2009.
S. Ghemawat, H. Gobioff and S. Leung, "The Google file system, " Proceedings of the 19th Symposium on Operating Systems Principles, pp. 29-43, 2003.
Eludiora and Safiriyu, "A User Identity Management Protocol for Cloud Computing Paradigm" International Journal of Communications, Network & System Sciences, 2011.
P. Brereton, BA. Kitchenham, D. Budgen, M. Turner and M. Khalil “Lessons from applying the systematic literature review process within the software engineering domain”. J Syst Softw 80(4): 571-583, 2007
D. Boneh and M. Franklin, "Identity-based encryption from the weil pairing", SIAM Journal on Computing, vol. 32, no. 3, pp. 586-615, 2003.
M. R. Momeni, "A lightweight authentication scheme for mobile cloud computing", International Journal of Computer Science and Business Informatics, vol. 14, no. 2, 2014.
M. Koji, "XML Signature/Encrption – the Basis of Web Services Security", NEC Journal of Advanced Technology, vol. 2, no. 1, 2005.
H. Jay and N. Mark, "Assessing the Security Risks of Cloud computing[EB/cL]", Garmer Technology Business Research In—sight, 2008.
W. Li, L. Ping, “Trust model to enhance Security and interoperability of Cloud environment”, Proceedings of the 1st International conference on Cloud Computing. Springer Berlin Heidelberg, Beijing, China, pp 69-79, 2009.
R. Yenumula, “Big Data Security in Cloud Environment”, IEEE 4th International Conference on Big Data Security on Cloud (BigDataSecurity), pp. 103, 2018
H. Shital A. and M. Sunil B, “An Analysis on Data Accountability and Security in Cloud”, International Conference on Industrial Instrumentation and Control (ICIC) College of Engineering Pune, India. May 28-30, pp. 715, 2015.
S. Ramgovind and E. Smith, "The Management of Security in Cloud Computing", IEEE Information Security for South Africa (ISSA), 2010.
Z. Dimitrios and L. Dimitrios, "Addressing cloud computing security issues", Future Generation Computer Systems, vol. 28, pp. 583-592, 2012.
D. Wallner, E. Harder and R. Agee, "Key Management for Multicast: Issues and Architectures", RFC, vol. 2627, June 1999.
M. Venkatesh, Sumalatha and C. Selva Kumar, “Improving Public Auditability Data Possession in Data Storage Security for Cloud Computing”, ISBN 978-1-4673-1601-9/12, 2012.
Downloads
Published
How to Cite
Issue
Section
License
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.
All papers should be submitted electronically. All submitted manuscripts must be original work that is not under submission at another journal or under consideration for publication in another form, such as a monograph or chapter of a book. Authors of submitted papers are obligated not to submit their paper for publication elsewhere until an editorial decision is rendered on their submission. Further, authors of accepted papers are prohibited from publishing the results in other publications that appear before the paper is published in the Journal unless they receive approval for doing so from the Editor-In-Chief.
IJISAE open access articles are licensed under a Creative Commons Attribution-ShareAlike 4.0 International License. This license lets the audience to give appropriate credit, provide a link to the license, and indicate if changes were made and if they remix, transform, or build upon the material, they must distribute contributions under the same license as the original.
