Cloud computing adoption in enterprise: challenges and benefits

Loss of the business and downturn of economics are part of almost all types of business activities. There are also new concepts and technologies evolved and entrepreneurs need to keep update accordingly. Therefore, business people have to concentrate on keep exploring new ways to cut down expenses without compromising on the quality. One of the options is to go for the latest technologies. Taking into consideration these problems, the entrepreneurs always choose the right technology to minimise losses, increase efficiency and maximise their profit. In order to help out the entrepreneurs, the IT industries have developed platforms for businesses to use shared resources and online applications through cloud computing. The significant role played by cloud computing in providing a solution to the problems faced by business enterprises to increase business growth and help them to stay alive in a competitive environment. Cloud computing also brings efficiency in managing business resources and make improvements in traditional business practices. It also facilitates the enterprises to avoid unnecessary expenses of procedural and administrative nature, hardware and software costs. Apart from the advantages of cloud computing have certain drawbacks also. The main issue is the security in cloud computing considering the attacks on the cloud too. The primary objective of this paper is to highlight the benefits, challenges in adopting cloud computing and utilizing services offered by cloud computing. Recommendations have also been made to ease the adoption process and how to address security issues.The method has been used is the secondary research, that is collecting the respective data from published journal papers and conference papers.Published onlin

Fine-Grained Access Control with Attribute Based Cache Coherency for IoT with application to Healthcare

The Internet of Things (IoT) is getting popular everyday around the world. Given the endless opportunities it promises to provide, IoT is adopted by various organizations belonging to diverse domains. However, IoT’s “access by anybody from anywhere” concept makes it prone to numerous security challenges. Although data security is studied at various levels of IoT architecture, breach of data security due to internal parties has not received as much attention as that caused by external parties. When an organization with people spread across multiple levels of hierarchies with multiple roles adopts IoT, it is not fair to provide uniform access of the data to everyone. Past research has extensively investigated various Access Control techniques like Role Based Access Control (RBAC), Identity Based Access Control (IBAC), Attribute Based Access Control (ABAC) and other variations to address the above issue. While ABAC meets the needs of the growing amount of subjects and objects in an IoT environment, when implemented as an encryption algorithm (ABE) it does not cater to the IoT RDBMS applications. Also, given the query processing over huge encrypted data-set on the Cloud and the distance between the Cloud and the end-user, latency issues are highly prevalent in IoT applications. Various Client side caching and Server side caching techniques have been proposed to meet the latency issues in a Client-Server environment. Client side caching is more appropriate for an IoT environment given the dynamic connections and the large volume of requests to the Cloud per unit time. However, an IoT Cloud has mixed critical data to every user and conventional Client side caching techniques do not exploit this property of IoT data. In this work, we develop (i) an Attribute Based Access Control (ABAC) mechanism for the IoT data on the Cloud in order to provide a fine-grained access control in an organization and (ii) an Attribute Based Cache Consistency (ABCC) technique that tailors Cache Invalidation according to the users’ attributes to cater to the latency as well as criticality needs of different users. We implement and study these models on a Healthcare application comprising of a million Electronic Health Record (EHR) Cloud and a variety of end-users within a hospital trying to access various fields of the EHR from their Smart devices (such as Android phones). ABAC is evaluated with and without ABCC and we shall observe that ABAC with ABCC provides a lower average latency but a higher staleness percentage than the one without ABCC. However, the staleness percentage is negligible since we can see that much of the data that contributes to the staleness percentage are the non-critical data, thus making ABAC with ABCC an efficient approach for IoT based Cloud applications

Integrating trust with cryptographic role-based access control for secure cloud data storage

There has been a recent trend in storing data in cloud due to the increasing amount of users' data and associated benefits such as on-demand access and scalability. Role-based access control (RBAC) provides a flexible way for data owners to manage and share their data in cloud. To enforce the access control policies in the cloud, cryptographic RBAC schemes have been developed, which combine cryptographic techniques and access control to protect the privacy of the data in an outsourced environment. Using these cryptographic schemes, the owner of data can encrypt the data in such a way that only the users with appropriate roles as specified by a role-based access control policy can decrypt and view the data. However these cryptographic approaches do not address the issues of trust when enforcing the access policies. The issue of trust is critical in cloud storage systems, the stored data in the cloud is secure under the assumptions that roles are properly administered by trusted authorities, roles manage the user membership in a trusted manner and qualified users also behave in a trusted manner. In this paper, we propose a trust model to reason about and improve the security for stored data in cloud storage systems that use cryptographic RBAC schemes. The trust model provides an approach for the owners to determine the trustworthiness of individual roles in the RBAC system. The data owners can use the trust models to decide whether to store their encrypted data in the cloud for a particular role. The proposed trust model takes into account role inheritance and hierarchy in the evaluation of trustworthiness of roles. In addition, we present a design of a trust-based cloud storage system which shows how the trust model can be integrated into a system that uses cryptographic RBAC schemes. We have also described the relevance of the proposed trust model by considering practical application scenarios and illustrated how the trust evaluations can be used to reduce the risks and enhance the quality of decision making by data owners of cloud storage service.10 page(s