From cloud computing security towards homomorphic encryption: A comprehensive review

“Cloud computing” is a new technology that revolutionized the world of communications and information technologies. It collects a large number of possibilities, facilities, and developments, and uses the combining of various earlier inventions into something new and compelling. Despite all features of cloud computing, it faces big challenges in preserving data confidentiality and privacy. It has been subjected to numerous attacks and security breaches that have prompted people to hesitate to adopt it. This article provided comprehensive literature on the cloud computing concepts with a primary focus on the cloud computing security field, its top threats, and the protection against each one of them. Data security/privacy in the cloud environment is also discussed and homomorphic encryption (HE) was highlighted as a popular technique used to preserve the privacy of sensitive data in many applications of cloud computing. The article aimed to provide an adequate overview of both researchers and practitioners already working in the field of cloud computing security, and for those new in the field who are not yet fully equipped to understand the detailed and complex technical aspects of cloud computing

A Review on Cloud Data Security Challenges and existing Countermeasures in Cloud Computing

Cloud computing (CC) is among the most rapidly evolving computer technologies. That is the required accessibility of network assets, mainly information storage with processing authority without the requirement for particular and direct user administration. CC is a collection of public and private data centers that provide a single platform for clients throughout the Internet. The growing volume of personal and sensitive information acquired through supervisory authorities demands the usage of the cloud not just for information storage and for data processing at cloud assets. Nevertheless, due to safety issues raised by recent data leaks, it is recommended that unprotected sensitive data not be sent to public clouds. This document provides a detailed appraisal of the research regarding data protection and privacy problems, data encrypting, and data obfuscation, including remedies for cloud data storage. The most up-to-date technologies and approaches for cloud data security are examined. This research also examines several current strategies for addressing cloud security concerns. The performance of each approach is then compared based on its characteristics, benefits, and shortcomings. Finally, go at a few active cloud storage data security study fields

A Review of Machine Learning-based Security in Cloud Computing

Cloud Computing (CC) is revolutionizing the way IT resources are delivered to users, allowing them to access and manage their systems with increased cost-effectiveness and simplified infrastructure. However, with the growth of CC comes a host of security risks, including threats to availability, integrity, and confidentiality. To address these challenges, Machine Learning (ML) is increasingly being used by Cloud Service Providers (CSPs) to reduce the need for human intervention in identifying and resolving security issues. With the ability to analyze vast amounts of data, and make high-accuracy predictions, ML can transform the way CSPs approach security. In this paper, we will explore some of the most recent research in the field of ML-based security in Cloud Computing. We will examine the features and effectiveness of a range of ML algorithms, highlighting their unique strengths and potential limitations. Our goal is to provide a comprehensive overview of the current state of ML in cloud security and to shed light on the exciting possibilities that this emerging field has to offer.Comment: This work has been submitted to the IEEE for possible publication. Copyright may be transferred without notice, after which this version may no longer be accessibl

Software in the Manufacturing Industry: A Review of Security Challenges and Implications

Software defines digital infrastructures in the manufacturing industry, connecting services and computation resources to machines and devices. These infrastructures aim at increased flexibility, scalability, and a wider application portfolio for automated manufacturing processes. At the same time, the complexity of securing software increases dramatically. Threats to confidentiality, integrity, and availability of software can result in critical losses for automated industrial production and impact manufacturing companies. In order to map existing and emerging security challenges, we present the results of a hermeneutic literature review structured along abstraction levels and vertical integration of software. Based on this structure, we derive implications for academia and practice focused on operators, developers, and security auditors of digital infrastructures. Thereby, we discuss courses of action mapped to software security black boxes, infrastructure heterogeneity, and the adaptation of security for operational usage

Enforcing Data Geolocation Policies in Public Cloud using Trusted Computing

With the advancement in technology, Cloud computing always amazes the world with revolutionizing solutions that automate and simplify complex computational tasks. The advantages like no maintenance cost, accessibility, data backup, pay-per-use models, unlimited storage, and processing power encourage individuals and businesses to migrate their workload to the cloud. Despite the numerous advantages of cloud computing, the geolocation of data in the cloud environment is a massive concern, which relates to the performance and government legislation that will be applied to data. The unclarity of data geolocation can cause compliance concerns. In this work, we have presented a technique that will allow users to restrict the geolocation of their data in the cloud environment. We have used trusted computing mechanisms to attest the host and its geolocation remotely. With this model, the user will upload the data whose decryption key will be shared with a third-party attestation server only. The decryption key will be sealed to the TPM of the host after successful attestation guaranteeing the authorized geolocation and platform state

Análise de Desempenho da Migração de Instâncias em Openstack

Os sistemas de computação em nuvem, atualmente estão presentes na maioria dos serviços disponibilizados pelas empresas de tecnologias de informação. Isto deve-se ao fácil acesso aos serviços de computação em nuvem bem como a facilidade dos dispositivos em aceder a estes serviços. Outro aspeto muito importante tanto para os utilizadores como para os provedores de serviços em nuvem é a migração de máquinas virtuais. A migração de máquinas virtuais permite equilibrar a carga de trabalho dos servidores e permite que os utilizadores continuem a utilizar os serviços da nuvem sem interrupções por terem os seus servidores virtuais transferidos para outros servidores físicos. O foco deste trabalho consiste em analisar o desempenho da migração de instâncias em OpenStack, o qual é explorado na perspetiva de uma Infraestrutura como Serviço (Infraestrutura como Serviço (IaaS)), um modelo de serviço de auto atendimento que permite gerir infraestruturas de um centro de processamento de dados. O IaaS representa essencialmente hardware que permite o armazenamento e criação de servidores virtuais, conhecidos como instâncias ou máquinas virtuais. O sistema foi desenvolvido na plataforma OpenStack. O OpenStack foi instalado manualmente com recursos ao ficheiro de nuvem do OpenStack. A infraestrutura do sistema é composta por dois servidores de computação, com suporte do hypervisor Kernel-Based Virtual Machine (KVM) que permite a criação das máquinas virtuais, um servidor de armazenamento que permite a criação de volumes para a inicialização e armazenamento das máquinas virtuais e do sistema operativo, um servidor Controller Node que armazena os serviços adicionais e de rede, que permite a criação de uma topologia de rede para o funcionamento adequado das máquinas virtuais. Recorrendo ao sistema implementado, o qual é baseado na série Newton do OpenStack foi realizado um estudo de desempenho da migração passiva e da migração ativa de instâncias em OpenStack.Cloud computing systems are currently present in most of the services provided by information technology companies.This is due to the easy access to cloud computing services as well as the easiness of devices to access these services. Another important aspect for both users and cloud service providers is the migration of virtual machines. Migrating virtual machines allows the balance of server workloads and allows users to continue to use cloud services seamlessly by having their virtual servers transferred to other physical servers. The focus of this work is to analyze the performance of the migration of instances in OpenStack, which is explored from the perspective of an Infrastructure as a Service (IaaS), a self-service model that allows the management of infrastructures in a data center. A IaaS essentially represents hardware that allows the storage and creation of virtual servers, known as instances or virtual machines. Cloud computing has gained virtualized computing power from storage provided through an infrastructure as a service, with high performance computing capability, provided by many providers, and used by many users. The system was developed on the OpenStack platform. OpenStack has been manually installed using the OpenStack cloud file. The system infrastructure consists of two computing servers, with hypervisor KVM support that allows the creation of virtual machines, a storage server that allows the creation of volumes for the initialization and storage of virtual machines and the system operative, a Controller Node server that stores the additional and network services, which allows the creation of a network typology for the proper functioning of the virtual machines. A performance study of passive migration and the active migration of instances in OpenStack was carried out using the implemented system, which is based on the Newton series of OpenStack