A JSON Token-Based Authentication and Access Management Schema for Cloud SaaS Applications

Cloud computing is significantly reshaping the computing industry built around core concepts such as virtualization, processing power, connectivity and elasticity to store and share IT resources via a broad network. It has emerged as the key technology that unleashes the potency of Big Data, Internet of Things, Mobile and Web Applications, and other related technologies, but it also comes with its challenges - such as governance, security, and privacy. This paper is focused on the security and privacy challenges of cloud computing with specific reference to user authentication and access management for cloud SaaS applications. The suggested model uses a framework that harnesses the stateless and secure nature of JWT for client authentication and session management. Furthermore, authorized access to protected cloud SaaS resources have been efficiently managed. Accordingly, a Policy Match Gate (PMG) component and a Policy Activity Monitor (PAM) component have been introduced. In addition, other subcomponents such as a Policy Validation Unit (PVU) and a Policy Proxy DB (PPDB) have also been established for optimized service delivery. A theoretical analysis of the proposed model portrays a system that is secure, lightweight and highly scalable for improved cloud resource security and management.Comment: 6 Page

Dynamic Mobile Cloud Eco System Security - A Review

Mobile cloud computing is the technique of using cloud technology and various rich mobile applications are intended to be able to run on a variety of mobile devices using the technique called mobile cloud computing. In recent years, huge amounts of data are stored by the clients which are much more easily to the integration of cloud platforms into mobile systems. The ways of security used in portable device settings are one of the key challenges in this respect as the number of people using smartphones continues to rise. None of the models that have been developed with confidence and privacy for precaution of data in mobile cloud systems are impervious to destructive attacks, despite countless attempts. While mobile cloud computing has great potential, security, privacy, viability, and accessibility concerns must still be considered by both consumers and businesses. Additionally, it emphasizes the use of Canny Card Web Services (CCWS) competition to enhance mobile cloud computing security with IOT. This paper has been presented with more than one user application: a smart house and a smart parking in an educational institution, in the inclusion of IOT with cloud computing for demonstrating various admittance control and endorsement requirement. A review regarding this paper concentrated on a little model that is intended the security and privacy ensureability of data in mobile clouds. Additionally, to manage mobile cloud security difficulties and challenges, it is important to look at the current situation with regard to cloud security breaches, the weaknesses of mobile cloud devices, and the best ways to address these issues in the near future with regard to mobile device management and mobile data protection

Enhancing Mobile Cloud Computing Security Using Steganography

Cloud computing is an emerging and popular method of accessing shared and dynamically configurable resources via the computer network on demand. Cloud computing is excessively used by mobile applications to offload data over the network to the cloud. There are some security and privacy concerns using both mobile devices to offload data to the facilities provided by the cloud providers. One of the critical threats facing cloud users is the unauthorized access by the insiders (cloud administrators) or the justification of location where the cloud providers operating. Although, there exist variety of security mechanisms to prevent unauthorized access by unauthorized user by the cloud administration, but there is no security provision to prevent unauthorized access by the cloud administrators to the client data on the cloud computing. In this paper, we demonstrate how steganography, which is a secrecy method to hide information, can be used to enhance the security and privacy of data (images) maintained on the cloud by mobile applications. Our proposed model works with a key, which is embedded in the image along with the data, to provide an additional layer of security, namely, confidentiality of data. The practicality of the proposed method is represented via a simple case study

Reconsidering big data security and privacy in cloud and mobile cloud systems

Large scale distributed systems in particular cloud and mobile cloud deployments provide great services improving people\u27s quality of life and organizational efficiency. In order to match the performance needs, cloud computing engages with the perils of peer-to-peer (P2P) computing and brings up the P2P cloud systems as an extension for federated cloud. Having a decentralized architecture built on independent nodes and resources without any specific central control and monitoring, these cloud deployments are able to handle resource provisioning at a very low cost. Hence, we see a vast amount of mobile applications and services that are ready to scale to billions of mobile devices painlessly. Among these, data driven applications are the most successful ones in terms of popularity or monetization. However, data rich applications expose other problems to consider including storage, big data processing and also the crucial task of protecting private or sensitive information. In this work, first, we go through the existing layered cloud architectures and present a solution addressing the big data storage. Secondly, we explore the use of P2P Cloud System (P2PCS) for big data processing and analytics. Thirdly, we propose an efficient hybrid mobile cloud computing model based on cloudlets concept and we apply this model to health care systems as a case study. Then, the model is simulated using Mobile Cloud Computing Simulator (MCCSIM). According to the experimental power and delay results, the hybrid cloud model performs up to 75% better when compared to the traditional cloud models. Lastly, we enhance our proposals by presenting and analyzing security and privacy countermeasures against possible attacks

Context-Aware Attribute-Based Techniques for Data Security and Access Control in Mobile Cloud Environment

The explosive growth of mobile applications and Cloud computing has enabled smart mobile devices to host various Cloud-based services such as Google apps, Instagram, and Facebook. Recent developments in smart devices‟ hardware and software provide seamless interaction between the users and devices. As a result, in contrast to the traditional user, the mobile user in mobile Cloud environment generates a large volume of data which can be easily collected by mobile Cloud service providers. However, the users do not know the exact physical location of their personal data. Hence, the users cannot control over their data once it is stored in the Cloud. This thesis investigates security and privacy issues in such mobile Cloud environments and presents new user-centric access control techniques tailored for the mobile Cloud environments. Most of the work to date has tried to address the data security issues on the Cloud server and only little attention has been given to protect the users‟ data privacy. One way to address the privacy issues is to deploy access control technique such as Extensible Access Control Markup Language (XACML) to control data access on users‟ data. XACML defines a standard of access control policies, rule obligations and conditions in data access control. XACML utilizes Extensible Markup Language (XML) schema to define attributes of data requesters, resources, and environment in order to evaluate access requests. A user-centric attribute-based access control model using XACML which enables users to define privacy access policies over the personal data based on their preferences is presented. In order to integrate the data security and user‟s privacy in mobile Cloud environment, the thesis investigates attribute-based encryption (ABE) scheme. ABE scheme enables data owners to enforce access policies during the encryption. Context-related attributes such as requester‟s location and behavior are incorporated within ABE scheme to provide data security and user privacy. This will enable the mobile data owners to dynamically control the access to their data at runtime. In order to improve the performance, a solution that offloads the high-cost computational work and communications from the mobile device to the Cloud is proposed. Anonymisation techniques are applied in the key issuing protocol so that the users‟ identities are protected from being tracked by the service providers during transactions. The proposed schemes are secure from known attacks and hence suitable for mobile Cloud environment. Security of the proposed schemes is formally analyzed using standard methods