Dynamic Mobile Cloud Eco System Security - A Review

Mobile cloud computing is the technique of using cloud technology and various rich mobile applications are intended to be able to run on a variety of mobile devices using the technique called mobile cloud computing. In recent years, huge amounts of data are stored by the clients which are much more easily to the integration of cloud platforms into mobile systems. The ways of security used in portable device settings are one of the key challenges in this respect as the number of people using smartphones continues to rise. None of the models that have been developed with confidence and privacy for precaution of data in mobile cloud systems are impervious to destructive attacks, despite countless attempts. While mobile cloud computing has great potential, security, privacy, viability, and accessibility concerns must still be considered by both consumers and businesses. Additionally, it emphasizes the use of Canny Card Web Services (CCWS) competition to enhance mobile cloud computing security with IOT. This paper has been presented with more than one user application: a smart house and a smart parking in an educational institution, in the inclusion of IOT with cloud computing for demonstrating various admittance control and endorsement requirement. A review regarding this paper concentrated on a little model that is intended the security and privacy ensureability of data in mobile clouds. Additionally, to manage mobile cloud security difficulties and challenges, it is important to look at the current situation with regard to cloud security breaches, the weaknesses of mobile cloud devices, and the best ways to address these issues in the near future with regard to mobile device management and mobile data protection

Why Do Users Continue to Use Mobile Cloud Computing Applications? A Security-Privacy

Mobile cloud computing (MCC) apps are mobile apps that use cloud computing technology to provide larger storage capacity and simultaneous access from different mobile devices. Despite the benefits, sending data to the cloud raises security and privacy concerns as mobile users do not have direct control over their data in the cloud. Further, many MCC apps are not used just after single use. In this study, we do a cost/benefit analysis based on security and privacy to investigate the factors that drive or inhibit mobile users to continue to use MCC apps. Additionally, we examine whether security and privacy interventions of MCC apps providers influence the cost/benefit analysis. The results of the survey with 412 MCC apps users show that while security concerns inhibit, privacy concerns do not stop using MCC apps. The value of MCC apps is the main enabler followed by trust to continue to use the apps. The results also show that security and privacy interventions do not add value to MCC apps, but they increase trust. These interventions decrease privacy concerns but have no effect on security concerns. Finally, these interventions indirectly drive users to continue to use the apps through trust

Secure Cloud Computing Based On Mobile Agents

In this paper, we provide protection to the service requested to the cloud from user. Cloud computing is a examine sloping system that launch services to the client at low cost. According to various researches user verification is the most significant security concern and demanding issue in cloud-based environment. As cloud computing provides different advantages it also brings some of the concern about the security and privacy of information. Cloud computing requests to concentrate on three main security issues : privacy, reliability and accessibility. In this paper, we propose a new approach that provides confidentiality for the services request by the user by using mobile agents for communication between user and cloud layer; we provide security at each layer in cloud computing with Kerberos. We provide security to service which will be request to the cloud with authentication server and TGS system. DOI: 10.17762/ijritcc2321-8169.150318

Location-Based Services and Privacy Protection under Mobile Cloud Computing

Location-based services can provide personalized services based on location information of moving objects and have already been widely used in public safety services, transportation, entertainment and many other areas. With the rapid development of mobile communication technology and popularization of intelligent terminals, there will be great commercial prospects to provide location-based services under mobile cloud computing environment. However, the high adhesion degree of mobile terminals to users not only brings facility but also results in the risk of privacy leak. The paper introduced the necessities and advantages to provide location-based services under mobile cloud computing environment, stressed the importance to protect location privacy in LBS services, pointed out new security risks brought by mobile cloud computing, and proposed a new framework and implementation method of LBS service. The cloud-based LBS system proposed in this paper is able to achieve privacy protection from the confidentiality of outsourced data and integrity of service results, and can be used as a reference while developing LBS system under mobile cloud computing environment

Enhancing Mobile Cloud Computing Security Using Steganography

Cloud computing is an emerging and popular method of accessing shared and dynamically configurable resources via the computer network on demand. Cloud computing is excessively used by mobile applications to offload data over the network to the cloud. There are some security and privacy concerns using both mobile devices to offload data to the facilities provided by the cloud providers. One of the critical threats facing cloud users is the unauthorized access by the insiders (cloud administrators) or the justification of location where the cloud providers operating. Although, there exist variety of security mechanisms to prevent unauthorized access by unauthorized user by the cloud administration, but there is no security provision to prevent unauthorized access by the cloud administrators to the client data on the cloud computing. In this paper, we demonstrate how steganography, which is a secrecy method to hide information, can be used to enhance the security and privacy of data (images) maintained on the cloud by mobile applications. Our proposed model works with a key, which is embedded in the image along with the data, to provide an additional layer of security, namely, confidentiality of data. The practicality of the proposed method is represented via a simple case study

A JSON Token-Based Authentication and Access Management Schema for Cloud SaaS Applications

Cloud computing is significantly reshaping the computing industry built around core concepts such as virtualization, processing power, connectivity and elasticity to store and share IT resources via a broad network. It has emerged as the key technology that unleashes the potency of Big Data, Internet of Things, Mobile and Web Applications, and other related technologies, but it also comes with its challenges - such as governance, security, and privacy. This paper is focused on the security and privacy challenges of cloud computing with specific reference to user authentication and access management for cloud SaaS applications. The suggested model uses a framework that harnesses the stateless and secure nature of JWT for client authentication and session management. Furthermore, authorized access to protected cloud SaaS resources have been efficiently managed. Accordingly, a Policy Match Gate (PMG) component and a Policy Activity Monitor (PAM) component have been introduced. In addition, other subcomponents such as a Policy Validation Unit (PVU) and a Policy Proxy DB (PPDB) have also been established for optimized service delivery. A theoretical analysis of the proposed model portrays a system that is secure, lightweight and highly scalable for improved cloud resource security and management.Comment: 6 Page

Mobile Cloud Computing: Implications and Challenges

During the last few years, there is a revolutionary development in the field of mobile computing, multimedia communication and wireless technology. Together with an explosive growth of the mobile computing and excellent promising technology of cloud computing concept, Mobile Cloud Computing (MCC) has been introduced to be a potential technology for mobile services. MCC integrates the cloud computing into the mobile environment and overcomes opportunities and its issues related to this environment (e.g., heterogeneity, scalability, and availability), performance (e.g., storage, battery life, and bandwidth), and security (e.g., reliability and privacy). This paper will explain how cloud computing and mobile devices can be combined for future opportunities, implications and legal issues for developing countries. Keywords: Cloud computing, SaaS, PaaS, IaaS, MCC

Feasibility of Implementing Multi-factor Authentication Schemes in Mobile Cloud Computing

Abstract-Mobile cloud computing is a new computing technology, which provides on-demand resources. Nowadays, this computing paradigm is becoming one the most interesting technology for IT enterprises. The idea of computing and offloading data in cloud computing is utilized to overcome the inherent challenges in mobile computing. This is carried out by utilizing other resource providers besides the mobile device to host the delivery of mobile applications. However, this technology introduces some opportunities as new computing concept, several challenges, including security and privacy are raised from the adoption of this IT paradigm. Authentication plays an important role to mitigate security and privacy issue in the mobile cloud computing. Even some authentication algorithms are proposed for mobile cloud computing, but most of these algorithms designed for traditional computing models, and are not using cloud capabilities. In mobile cloud computing, we access to pooled computation resources and applying more complicated authentication schemes is possible. Using different authentication factors, which is called multifactor authentication algorithms, has been proposed for various areas. In this paper, feasibility of implementation of different kinds of multi-factor authentication protocols are discussed. Furthermore, the security and privacy of these algorithms are analyzed. Finally, some future directions are recommended

SECURING THE DATA STORAGE AND PROCESSING IN CLOUD COMPUTING ENVIRONMENT

Organizations increasingly utilize cloud computing architectures to reduce costs and en- ergy consumption both in the data warehouse and on mobile devices by better utilizing the computing resources available. However, the security and privacy issues with publicly available cloud computing infrastructures have not been studied to a sufficient depth for or- ganizations and individuals to be fully informed of the risks; neither are private nor public clouds prepared to properly secure their connections as middle-men between mobile de- vices which use encryption and external data providers which neglect to encrypt their data. Furthermore, cloud computing providers are not well informed of the risks associated with policy and techniques they could implement to mitigate those risks. In this dissertation, we present a new layered understanding of public cloud comput- ing. On the high level, we concentrate on the overall architecture and how information is processed and transmitted. The key idea is to secure information from outside attack and monitoring. We use techniques such as separating virtual machine roles, re-spawning virtual machines in high succession, and cryptography-based access control to achieve a high-level assurance of public cloud computing security and privacy. On the low level, we explore security and privacy issues on the memory management level. We present a mechanism for the prevention of automatic virtual machine memory guessing attacks

Exploring Data Security and Privacy Issues in Internet of Things Based on Five-Layer Architecture

Data Security and privacy is one of the serious issues in internet-based computing like cloud computing, mobile computing and Internet of Things (IoT). This security and privacy become manifolded in IoT because of diversified technologies and the interaction of Cyber Physical Systems (CPS) used in IoT. IoTs are being adapted in academics and in many organizations without fully protecting their assets and also without realizing that the traditional security solutions cannot be applied to IoT environment. This paper explores a comprehensive survey of IoT architectures, communication technologies and the security and privacy issues of them for a new researcher in IoT. This paper also suggests methods to thwart the security and privacy issues in the different layers of IoT architecture