Cloud Security : A Review of Recent Threats and Solution Models

The most significant barrier to the wide adoption of cloud services has been attributed to perceived cloud insecurity (Smitha, Anna and Dan, 2012). In an attempt to review this subject, this paper will explore some of the major security threats to the cloud and the security models employed in tackling them. Access control violations, message integrity violations, data leakages, inability to guarantee complete data deletion, code injection, malwares and lack of expertise in cloud technology rank the major threats. The European Union invested €3m in City University London to research into the certification of Cloud security services. This and more recent developments are significant in addressing increasing public concerns regarding the confidentiality, integrity and privacy of data held in cloud environments. Some of the current cloud security models adopted in addressing cloud security threats were – Encryption of all data at storage and during transmission. The Cisco IronPort S-Series web security appliance was among security solutions to solve cloud access control issues. 2-factor Authentication with RSA SecurID and close monitoring appeared to be the most popular solutions to authentication and access control issues in the cloud. Database Active Monitoring, File Active Monitoring, URL Filters and Data Loss Prevention were solutions for detecting and preventing unauthorised data migration into and within clouds. There is yet no guarantee for a complete deletion of data by cloud providers on client requests however; FADE may be a solution (Yang et al., 2012)

International center for monitoring cloud computing providers (ICMCCP) for ensuring trusted clouds

Cloud computing offers flexible and scalable IT (Information Technology) services for which many organizations are now interested in harnessing its benefit. In spite of the enthusiasm and great interest, Cloud computing has not yet earned full trust of the individual customers, banks, armed forces, governments, and companies who do sensitive computing tasks. While it is not the goal to persuade everyone to use the technology and some types of tasks are to be done with secrecy, for the general works done by the companies and customers, Cloud could be heavily used. However, it is very difficult to convince people that the Cloud Providers (CPs) would keep their data protected. To address this issue, what required is to employ some mechanism that can establish the trust of the users. With this motivation, in this paper, we present a novel concept for trust assurance in Cloud services with the proposal of implementing a Global Central Bank-like regulatory authority. Our initiative is termed International Center for Monitoring Cloud Computing Providers (ICMCCP). Various facets of ICMCCP model have been described alongside the policy making issues. Necessary backgrounds of Cloud are also presented

Cloud computing - The effect of generalized spring tensor algorithm on load balancing

© 2014 IEEE. In business world, competitors use innovative approaches to improve their performance and profits. Cloud computing is one of these creative concepts that allowed companies to further taking advantage of their potential. Cloud computing is assisting companies to execute their business plans more efficiently. As cloud computing has multi-tenancy structure, availability and efficiency of the resources is essential foundation of the cloud architecture. Recent studies showed that, optimized cloud computing could be seen as an elastic network of resources that are interacting with each other, to minimize the waiting time and utilize the throughput. Therefore load balancing and resource management can be highlighted as the main concerns in cloud computing as they are impacting the network performance directly. This research aims to discuss the current challenges existing in load balancing algorithms. Different metrics and policies of the relevant load balancer algorithms have been investigated and as a result, collective behavior has been proposed as a new policy for classification of elasticity mechanism in load balancing

Towards securing cloud data in the multi-cloud scenario

Cloud computing has emerged to be the accepted computing model which provides services on-demand. The most used service layer is infrastructure as a Service (IaaS) to outsource data to the cloud. With this service, organizations and individuals can avail of cloud services in pay as you use fashion instead of investing money for such infrastructure. Cloud provides many such benefits to its users. However, as the cloud servers are remote and assumed to be untrusted, users are worried about data security. Initially, a single cloud was used to store data. With the advancements in technologies and for reliability reasons, the concept of multi-cloud has emerged. The security and reliability issues with a single cloud can be overcome with multi-cloud systems. The rationale behind this is that a single cloud might have malicious insiders. When two or more clouds collaborate and provide services to end-users, it is expected to have more reliability and possible reduction in malicious insiders. This paper focuses on studying the potential security of data that is stored in multi-cloud. We built an algorithm and prototype application that demonstrates the concept of securing data in a multi-cloud environment. The empirical results revealed that the proposed system could ensure the data outsourced to cloud computing where a multi-cloud scenario prevails

DCDIDP: A distributed, collaborative, and data-driven intrusion detection and prevention framework for cloud computing environments

With the growing popularity of cloud computing, the exploitation of possible vulnerabilities grows at the same pace; the distributed nature of the cloud makes it an attractive target for potential intruders. Despite security issues delaying its adoption, cloud computing has already become an unstoppable force; thus, security mechanisms to ensure its secure adoption are an immediate need. Here, we focus on intrusion detection and prevention systems (IDPSs) to defend against the intruders. In this paper, we propose a Distributed, Collaborative, and Data-driven Intrusion Detection and Prevention system (DCDIDP). Its goal is to make use of the resources in the cloud and provide a holistic IDPS for all cloud service providers which collaborate with other peers in a distributed manner at different architectural levels to respond to attacks. We present the DCDIDP framework, whose infrastructure level is composed of three logical layers: network, host, and global as well as platform and software levels. Then, we review its components and discuss some existing approaches to be used for the modules in our proposed framework. Furthermore, we discuss developing a comprehensive trust management framework to support the establishment and evolution of trust among different cloud service providers. © 2011 ICST