Cloud Security : A Review of Recent Threats and Solution Models

The most significant barrier to the wide adoption of cloud services has been attributed to perceived cloud insecurity (Smitha, Anna and Dan, 2012). In an attempt to review this subject, this paper will explore some of the major security threats to the cloud and the security models employed in tackling them. Access control violations, message integrity violations, data leakages, inability to guarantee complete data deletion, code injection, malwares and lack of expertise in cloud technology rank the major threats. The European Union invested €3m in City University London to research into the certification of Cloud security services. This and more recent developments are significant in addressing increasing public concerns regarding the confidentiality, integrity and privacy of data held in cloud environments. Some of the current cloud security models adopted in addressing cloud security threats were – Encryption of all data at storage and during transmission. The Cisco IronPort S-Series web security appliance was among security solutions to solve cloud access control issues. 2-factor Authentication with RSA SecurID and close monitoring appeared to be the most popular solutions to authentication and access control issues in the cloud. Database Active Monitoring, File Active Monitoring, URL Filters and Data Loss Prevention were solutions for detecting and preventing unauthorised data migration into and within clouds. There is yet no guarantee for a complete deletion of data by cloud providers on client requests however; FADE may be a solution (Yang et al., 2012)

Security Implications of Fog Computing on the Internet of Things

Recently, the use of IoT devices and sensors has been rapidly increased which also caused data generation (information and logs), bandwidth usage, and related phenomena to be increased. To our best knowledge, a standard definition for the integration of fog computing with IoT is emerging now. This integration will bring many opportunities for the researchers, especially while building cyber-security related solutions. In this study, we surveyed about the integration of fog computing with IoT and its implications. Our goal was to find out and emphasize problems, specifically security related problems that arise with the employment of fog computing by IoT. According to our findings, although this integration seems to be non-trivial and complicated, it has more benefits than the implications.Comment: 5 pages, conference paper, to appear in Proceedings of the ICCE 2019, IEEE 37th International Conference on Consumer Electronics (ICCE), Jan 11- 13, 2019, Las Vegas, NV, US