Design of an Efficient Cloud Security Model through Federated Learning, Blockchain, AI-Driven Policies, and Zero Trust Frameworks

Authors

  • Sachin A. Kawalkar Global Head CISO - Vice President, Cyber and Cloud Security, Neeyamo, Mumbai, Maharashtra, India
  • Dinesh B. Bhoyar Yashwantrao Chavan College of Engineering, Maharashtra, India

Keywords:

Federated Learning, Blockchain Technology, AI-Driven Security, Zero Trust Network Access, Cloud Computing Security

Abstract

In the current era of cloud computing where most of the Organizations are shifting from local Infrastructure to Cloud network and hence Cloud security where most of sensitive data is stored is one of the key concerns for highly scalable and critical network deployments. As there is high increase in the use of cloud networks and computing because of simple Virtual machines and containers, the necessity for strong and stringent security measures to protect against complex cyber- attacks is very important than it was few years before.. Traditional cloud security models often grapple with limitations such as centralized data vulnerabilities, static security policies, and inadequate access control mechanisms. Cyber-attacks are getting complex and impacting organization with critical information and business loss. Dark Web attacks are more sophisticated and impacting tactically via various ways and mechanisms on cloud. The paper surveys the state-of-the-art in cloud network and infrastructure security models and essentially evaluates their performance based on various risks, threats, vulnerabilities and empirical dataset collection and samples. The paper discusses the advantages and disadvantages of each model and highlights their suitability for different types of attacks. To address these challenges, this research introduces a groundbreaking complex and stringent security techniques and security framework, synergizing Federated Learning, Blockchain technology, AI-Driven Security Policy Management, and Zero Trust Network Access (ZTNA) principles. The proposed model leverages Federated Learning to decentralize machine learning processes, thereby safeguarding data privacy and minimizing the risks associated with centralized data repositories. Concurrently, the integration of Blockchain technology ensures immutable and transparent transaction records, enhancing the integrity and trustworthiness of cloud interactions. Complementing these, AI-Driven Security Policy Management, employing algorithms like Reinforcement Learning and Decision Trees, automates the generation and implementation of dynamic security policies. This AI-based approach is adept at responding to evolving threats and adapting to changing network conditions in real-time scenarios. Furthermore, the adoption of Zero Trust principles, operationalized through Software-Defined Perimeter frameworks, enforces a stringent 'never trust, always verify' approach. This paradigm shift is critical in fortifying access controls, effectively mitigating the risks of unauthorized access and insider threats. The interplay of these technologies culminates in a robust, resilient cloud security architecture sets. Empirical evaluation in varied cloud scenarios showcases notable enhancements in security metrics. The integrated model outperforms existing methods, achieving a 3.5% increase in precision, 4.9% in accuracy, 2.4% in recall, 3.5% in Area Under the Curve (AUC), and 1.9% in specificity, alongside a 4.5% reduction in response delay. These improvements signal a significant leap in cloud network security, offering a comprehensive solution to contemporary cyber threats. The impact of this work is profound, paving the way for more secure, reliable, and efficient cloud computing environments.

Downloads

Download data is not yet available.

References

G. Xu, S. Xu, J. Ma, J. Ning and X. Huang, "An Adaptively Secure and Efficient Data Sharing System for Dynamic User Groups in Cloud," in IEEE Transactions on Information Forensics and Security, vol. 18, pp. 5171-5185, 2023, doi: 10.1109/TIFS.2023.3305870.

J. Deng et al., "A Survey on Vehicular Cloud Network Security," in IEEE Access, vol. 11, pp. 136741-136757, 2023, doi: 10.1109/ACCESS.2023.3339192.

J. Zhang, T. Li, Z. Ying and J. Ma, "Trust-Based Secure Multi-Cloud Collaboration Framework in Cloud-Fog-Assisted IoT," in IEEE Transactions on Cloud Computing, vol. 11, no. 2, pp. 1546-1561, 1 April-June 2023, doi: 10.1109/TCC.2022.3147226.

A. Wu, A. Yang, W. Luo and J. Wen, "Enabling Traceable and Verifiable Multi-User Forward Secure Searchable Encryption in Hybrid Cloud," in IEEE Transactions on Cloud Computing, vol. 11, no. 2, pp. 1886-1898, 1 April-June 2023, doi: 10.1109/TCC.2022.3170362.

C. Wang, Z. Yuan, P. Zhou, Z. Xu, R. Li and D. O. Wu, "The Security and Privacy of Mobile-Edge Computing: An Artificial Intelligence Perspective," in IEEE Internet of Things Journal, vol. 10, no. 24, pp. 22008-22032, 15 Dec.15, 2023, doi: 10.1109/JIOT.2023.3304318.

Q. Wang, Z. Wang and W. Wang, "Research on Secure Cloud Networking Plan Based on Industry-Specific Cloud Platform," in IEEE Access, vol. 11, pp. 51848-51860, 2023, doi: 10.1109/ACCESS.2023.3279409.

Y. Zhang, T. Zhu, R. Guo, S. Xu, H. Cui and J. Cao, "Multi-Keyword Searchable and Verifiable Attribute-Based Encryption Over Cloud Data," in IEEE Transactions on Cloud Computing, vol. 11, no. 1, pp. 971-983, 1 Jan.-March 2023, doi: 10.1109/TCC.2021.3119407.

Z. Song, H. Ma, R. Zhang, W. Xu and J. Li, "Everything Under Control: Secure Data Sharing Mechanism for Cloud-Edge Computing," in IEEE Transactions on Information Forensics and Security, vol. 18, pp. 2234-2249, 2023, doi: 10.1109/TIFS.2023.3266164.

P. Zheng, Z. Cheng, X. Tian, H. Liu, W. Luo and J. Huang, "Non-Interactive Privacy-Preserving Frequent Itemset Mining Over Encrypted Cloud Data," in IEEE Transactions on Cloud Computing, vol. 11, no. 4, pp. 3452-3468, Oct.-Dec. 2023, doi: 10.1109/TCC.2023.3291378.

L. Wang, Y. Lin, T. Yao, H. Xiong and K. Liang, "FABRIC: Fast and Secure Unbounded Cross-System Encrypted Data Sharing in Cloud Computing," in IEEE Transactions on Dependable and Secure Computing, vol. 20, no. 6, pp. 5130-5142, Nov.-Dec. 2023, doi: 10.1109/TDSC.2023.3240820.

L. Ruan et al., "Cloud Workload Turning Points Prediction via Cloud Feature-Enhanced Deep Learning," in IEEE Transactions on Cloud Computing, vol. 11, no. 2, pp. 1719-1732, 1 April-June 2023, doi: 10.1109/TCC.2022.3160228.

F. Rezaeibagha, Y. Mu, K. Huang, L. Chen and L. Zhang, "Toward Secure Data Computation and Outsource for Multi-User Cloud-Based IoT," in IEEE Transactions on Cloud Computing, vol. 11, no. 1, pp. 217-228, 1 Jan.-March 2023, doi: 10.1109/TCC.2021.3087614.

S. V. A. Kumer, N. Prabakaran, E. Mohan, B. Natarajan, G. Sambasivam and V. B. Tyagi, "Enhancing Cloud Task Scheduling With a Robust Security Approach and Optimized Hybrid POA," in IEEE Access, vol. 11, pp. 122426-122445, 2023, doi: 10.1109/ACCESS.2023.3329052.

X. Zhang, C. Huang, D. Gu, J. Zhang and H. Wang, "BIB-MKS: Post-Quantum Secure Biometric Identity-Based Multi-Keyword Search Over Encrypted Data in Cloud Storage Systems," in IEEE Transactions on Services Computing, vol. 16, no. 1, pp. 122-133, 1 Jan.-Feb. 2023, doi: 10.1109/TSC.2021.3112779.

S. Li et al., "SecuCar: Data Loss Prevention for Cloud Assisted VSS Based on Public Auditing Technique," in IEEE Transactions on Vehicular Technology, vol. 72, no. 11, pp. 14815-14827, Nov. 2023, doi: 10.1109/TVT.2023.3281728.

J. Wang et al., "SvTPM: SGX-Based Virtual Trusted Platform Modules for Cloud Computing," in IEEE Transactions on Cloud Computing, vol. 11, no. 3, pp. 2936-2953, 1 July-Sept. 2023, doi: 10.1109/TCC.2023.3243891.

G. Ha, C. Jia, Y. Chen, H. Chen and M. Li, "A Secure Client-Side Deduplication Scheme Based on Updatable Server-Aided Encryption," in IEEE Transactions on Cloud Computing, vol. 11, no. 4, pp. 3672-3684, Oct.-Dec. 2023, doi: 10.1109/TCC.2023.3311760.

R. R. Irshad et al., "A Multi-Objective Bee Foraging Learning-Based Particle Swarm Optimization Algorithm for Enhancing the Security of Healthcare Data in Cloud System," in IEEE Access, vol. 11, pp. 113410-113421, 2023, doi: 10.1109/ACCESS.2023.3265954.

I. Gupta, D. Saxena, A. K. Singh and C. -N. Lee, "SeCoM: An Outsourced Cloud-Based Secure Communication Model for Advanced Privacy Preserving Data Computing and Protection," in IEEE Systems Journal, vol. 17, no. 4, pp. 5130-5141, Dec. 2023, doi: 10.1109/JSYST.2023.3272611.

R. R. Irshad et al., "IoT-Enabled Secure and Scalable Cloud Architecture for Multi-User Systems: A Hybrid Post-Quantum Cryptographic and Blockchain-Based Approach Toward a Trustworthy Cloud Computing," in IEEE Access, vol. 11, pp. 105479-105498, 2023, doi: 10.1109/ACCESS.2023.3318755.

Z. Xu, D. He, P. Vijayakumar, B. B. Gupta and J. Shen, "Certificateless Public Auditing Scheme With Data Privacy and Dynamics in Group User Model of Cloud-Assisted Medical WSNs," in IEEE Journal of Biomedical and Health Informatics, vol. 27, no. 5, pp. 2334-2344, May 2023, doi: 10.1109/JBHI.2021.3128775.

T. Sang, P. Zeng and K. -K. R. Choo, "Provable Multiple-Copy Integrity Auditing Scheme for Cloud-Based IoT," in IEEE Systems Journal, vol. 17, no. 1, pp. 224-233, March 2023, doi: 10.1109/JSYST.2022.3198098.

R. Gupta, I. Gupta, A. K. Singh, D. Saxena and C. -N. Lee, "An IoT-Centric Data Protection Method for Preserving Security and Privacy in Cloud," in IEEE Systems Journal, vol. 17, no. 2, pp. 2445-2454, June 2023, doi: 10.1109/JSYST.2022.3218894.

Q. Wang and D. Wang, "Understanding Failures in Security Proofs of Multi-Factor Authentication for Mobile Devices," in IEEE Transactions on Information Forensics and Security, vol. 18, pp. 597-612, 2023, doi: 10.1109/TIFS.2022.3227753.

R. Ding, Y. Xu, H. Zhong, J. Cui and G. Min, "An Efficient Integrity Checking Scheme With Full Identity Anonymity for Cloud Data Sharing," in IEEE Transactions on Cloud Computing, vol. 11, no. 3, pp. 2922-2935, 1 July-Sept. 2023, doi: 10.1109/TCC.2023.3242140.

Downloads

Published

07.01.2024

How to Cite

Kawalkar, S. A. ., & Bhoyar, D. B. . (2024). Design of an Efficient Cloud Security Model through Federated Learning, Blockchain, AI-Driven Policies, and Zero Trust Frameworks. International Journal of Intelligent Systems and Applications in Engineering, 12(10s), 378–388. Retrieved from https://ijisae.org/index.php/IJISAE/article/view/4387

Issue

Vol. 12 No. 10s (2024)

Section

Research Article

License

Creative Commons License

This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.

All papers should be submitted electronically. All submitted manuscripts must be original work that is not under submission at another journal or under consideration for publication in another form, such as a monograph or chapter of a book. Authors of submitted papers are obligated not to submit their paper for publication elsewhere until an editorial decision is rendered on their submission. Further, authors of accepted papers are prohibited from publishing the results in other publications that appear before the paper is published in the Journal unless they receive approval for doing so from the Editor-In-Chief.

IJISAE open access articles are licensed under a Creative Commons Attribution-ShareAlike 4.0 International License. This license lets the audience to give appropriate credit, provide a link to the license, and indicate if changes were made and if they remix, transform, or build upon the material, they must distribute contributions under the same license as the original.