Recommendations and best practices for cloud enterprise security

© 2014 IEEE. Enterprise security is essential to achieve global information security in business and organizations. Enterprise Cloud computing is a new paradigm for that enterprise where businesses need to be secured. Enterprise Cloud computing has established its businesses and software as a service paradigm is increasing its demand for more services. However, this new trend needs to be more systematic with respect to Enterprise Cloud security. Enterprise Cloud security is the key factor in sustaining Enterprise Cloud technology by building-in trust. For example, current challenges that are witnessed today with cyber security and application security flaws are important lessons to be learned. It also has provided best practices that can be adapted. Similarly, as the demand for Enterprise Cloud services increases and so increased importance sought for security and privacy. This paper presents recommendations for enterprise security to analyze and model Enterprise Cloud organizational security of the Enterprise Cloud and its data. In particular, Enterprise Cloud data and Enterprise Cloud storage technologies have become more commonly used in organization that adopt Cloud Computing. Therefore, building trust for Enterprise Cloud users should be the one of the main focuses of Enterprise Cloud computing research

Data Security in Cloud Storage

Cloud Computing is a generic term for delivering hosted services over the Internet. It follows a pay-per-use approach. Cloud Computing offers numerous benefits for the enterprises, however, there are also many issues, as with any new paradigm or technology. One of the main issues relate to the security and confidentiality of customer data in terms of its location, relocation, availability and security. From the consumer’s perspective, cloud computing security concerns, especially data security, remain the primary inhibitor for adoption of cloud computing services. This reports outlines the Cloud technology overview, brief explains the delivery and deployment models for data storage security, analysis on data security and discusses the issues relating to data in the Cloud computing across all stages of data life cycle

Securing Fog Federation from Behavior of Rogue Nodes

As the technological revolution advanced information security evolved with an increased need for confidential data protection on the internet. Individuals and organizations typically prefer outsourcing their confidential data to the cloud for processing and storage. As promising as the cloud computing paradigm is, it creates challenges; everything from data security to time latency issues with data computation and delivery to end-users. In response to these challenges CISCO introduced the fog computing paradigm in 2012. The intent was to overcome issues such as time latency and communication overhead and to bring computing and storage resources close to the ground and the end-users. Fog computing was, however, considered an extension of cloud computing and as such, inherited the same security and privacy challenges encountered by traditional cloud computing. These challenges accelerated the research community\u27s efforts to find practical solutions. In this dissertation, we present three approaches for individual and organizational data security and protection while that data is in storage in fog nodes or in the cloud. We also consider the protection of these data while in transit between fog nodes and the cloud, and against rogue fog nodes, man-in-the-middle attacks, and curious cloud service providers. The techniques described successfully satisfy each of the main security objectives of confidentiality, integrity, and availability. Further we study the impact of rogue fog nodes on end-user devices. These approaches include a new concept, the Fog-Federation (FF): its purpose to minimize communication overhead and time latency between the Fog Nodes (FNs) and the Cloud Service Provider (CSP) during the time the system is unavailable as a rogue Fog Node (FN) is being ousted. Further, we considered the minimization of data in danger of breach by rogue fog nodes. We demonstrate the efficiency and feasibility of each approach by implementing simulations and analyzing security and performance

MIGRATING DATA TO THE CLOUD: AN ANALYSIS OF CLOUD STORAGE PRIVACY AND SECURITY ISSUES AND SOLUTIONS

The rise of a digital economy has transformed how individuals do business and carry out daily tasks, including how data is maintained. Because of the vast amount of data that organizations own, cloud storage, a component of the cloud computing paradigm, has emerged as a feasible solution to many businesses\u27 data storage concerns. Despite this, organizations are still cautious about moving all of their data to the cloud due to security concerns, particularly since data management is outsourced to third parties. The aim of this paper is to provide an overview of current challenges in the field of cloud storage privacy and security, with an emphasis on issues related to data confidentiality, integrity, and availability. Using a comprehensive literature study, this research investigates innovative strategies for creating a secure cloud storage environment. The idea of maintaining privacy and data security through the very design of the services, or through the so-called "privacy by design" approach, is explained while avoiding getting into the technical details of how the algorithms and presented solutions work

Data Security and Access Control Mechanisms in Cloud: A Review

Cloud computing is a computing technology or information technology architecture used by organization or individuals. It launches data storage and interactive paradigm with some advantages like on-demand self-services, ubiquitous network access. Due to popularity of cloud services, security and privacy becomes major issue. This paper addresses study of privacy preservation issues and also provides an idea to how to overcome the issues. Also it provides a brief survey on various Robust Access Privilege Control mechanism used for providing privacy in cloud storage

Multi-Authority Access Control Mechanisms in Cloud: A Review

Cloud computing is a computing technology or information technology architecture used by organization or individuals. It launches data storage and interactive paradigm with some advantages like on-demand self-services, ubiquitous network access. Due to popularity of cloud services, security and privacy becomes major issue. This paper addresses study of privacy preservation issues and also provides an idea to how to overcome the issues. Also it provides a brief survey on various Robust Access Privilege Control mechanism used for providing privacy in cloud storage

A Comprehensive Survey on the Cooperation of Fog Computing Paradigm-Based IoT Applications: Layered Architecture, Real-Time Security Issues, and Solutions

The Internet of Things (IoT) can enable seamless communication between millions of billions of objects. As IoT applications continue to grow, they face several challenges, including high latency, limited processing and storage capacity, and network failures. To address these stated challenges, the fog computing paradigm has been introduced, purpose is to integrate the cloud computing paradigm with IoT to bring the cloud resources closer to the IoT devices. Thus, it extends the computing, storage, and networking facilities toward the edge of the network. However, data processing and storage occur at the IoT devices themselves in the fog-based IoT network, eliminating the need to transmit the data to the cloud. Further, it also provides a faster response as compared to the cloud. Unfortunately, the characteristics of fog-based IoT networks arise traditional real-time security challenges, which may increase severe concern to the end-users. However, this paper aims to focus on fog-based IoT communication, targeting real-time security challenges. In this paper, we examine the layered architecture of fog-based IoT networks along working of IoT applications operating within the context of the fog computing paradigm. Moreover, we highlight real-time security challenges and explore several existing solutions proposed to tackle these challenges. In the end, we investigate the research challenges that need to be addressed and explore potential future research directions that should be followed by the research community.©2023 The Authors. Published by IEEE. This work is licensed under a Creative Commons Attribution 4.0 License. For more information, see https://creativecommons.org/licenses/by/4.0/fi=vertaisarvioitu|en=peerReviewed