Cloud Security Issues

The emergence of cloud computing is a recent development, insights into critical aspects of security can be gleaned from reported experiences of early adopters and also from researchers analyzing and experimenting with available cloud provider platforms and associated technologies. The sections below highlight privacy and security-related issues that are believed to have long-term significance for public cloud computing and, in many cases, for other cloud computing service models. Because cloud computing has grown out of an amalgamation of technologies, including service oriented architecture, virtualization, Web 2.0, and utility computing, many of the privacy and security issues involved can be viewed as known problems cast in a new setting. The importance of their combined effect in this setting, however, should not be discounted. Public cloud computing does represent a thought-provoking paradigm shift from conventional norms to an open deperimeterized organizational infrastructure—at the extreme, displacing applications from one organization’s infrastructure to the infrastructure of another organization, where the applications of potential adversaries may also operate. Keywords: cloud security, IaaS, Privac

Emerging Trends in Safety Issues in Cloud - The Potentials of Threat Model

For tomorrow�s computing, Cloud computing has designed the unrealistic and infrastructural basis. The complete computing infrastructure is quickly affecting cloud based architecture. Via Internet, the resources and services of cloud computing are offered and also these services and resources are offered from data centers located globally. By providing resources that are virtual through the internet, cloud computing controls its consumers. With a continuous matter for Open Systems and internet, Security has always concerned. It really suffers whenever we are discussing about security on cloud. The lack of safety is the only hindrance in general implementation of cloud computing. The flexibility and benefits, if security is not robust and consistent, that cloud computing has to offer, will have slight rationality. There are many security problems that are enclosed in cloud computing such as security of data, and investigation of the utilization by the cloud computing merchants. For the consumers and service providers, the prosperous in cloud computing includes lots of security challenges. The objective of this paper is to recognize the most insecure threats of security in cloud computing which will further enables both end users and retailers to know about the key security threats that are linked with cloud computing. It also includes finding of advantages and problems in cloud computing with respect to availability of data, its cost and security of data

Secure communication using dynamic VPN provisioning in an Inter-Cloud environment

Most of the current cloud computing platforms offer Infrastructure as a Service (IaaS) model, which aims to provision basic virtualised computing resources as on-demand and dynamic services. Nevertheless, a single cloud does not have limitless resources to offer to its users, hence the notion of an Inter-Cloud enviroment where a cloud can use the infrastructure resources of other clouds. However, there is no common framework in existence that allows the srevice owners to seamlessly provision even some basic services across multiple cloud service providers, albeit not due to any inherent incompatibility or proprietary nature of the foundation technologies on which these cloud platforms are built. In this paper we present a novel solution which aims to cover a gap in a subsection of this problem domain. Our solution offer a security architecture that enables service owners to provision a dynamic and service-oriented secure virtual private network on top of multiple cloud IaaS providers. It does this by leveraging the scalability, robustness and flexibility of peer- to-peer overlay techniques to eliminate the manual configuration, key management and peer churn problems encountered in setting up the secure communication channels dynamically, between different components of a typical service that is deployed on multiple clouds. We present the implementation details of our solution as well as experimental results carried out on two commercial clouds

Cloud Security

Isabella Roth Jose Salazar Professor Yi Hu Computer Information Technology Cloud Security: AWS Abstract With enterprises moving their IT infrastructure to the cloud using providers like Amazon Web Services (AWS), security problems have not been reduced. In fact, cloud computing brings new security challenges. Our research investigated better solutions to the security problems that come with using the cloud to store a companies data. The cloud is a general term for using the internet to receive some sort of data vs connecting directly to a server. This makes it easier to do things such as connecting to an online app to even retrieving information about your company such as the statics on all of the employs in your workplace. Storing information in the cloud is a lot cheaper than using a server to store certain information. Of course, however, it is relatively harder to secure and implement the cloud in the workforce. So we investigated which cloud solution would be easiest to implement in a workplace environment. We spent most of the summer working towards getting the cloud to communicate with a simple app we had created. This app would then use a third party, such as Facebook to verify and log you into the app. Due to the limited experience, we had when we began this project we had to fail many a time until we finally succeeded. I hope in the future we are able to explore more deeply into more complex versions of cloud security

The Secure Data Sharing Mechanism for Cloud Computing Based Cloud Storage System

Secure cloud storage, which is an emerging cloud service, is designed to protect the confidentiality of outsourced data but also to provide flexible data access for cloud users whose data is out of physical control. The emergence of cloud infrastructure has significantly reduced the costs of hardware and software resources in computing infrastructure. To ensure security, the data is usually encrypted before it’s outsourced to the cloud. Unlike searching and sharing the plain data, it is challenging to search and share the data after encryption. Nevertheless, it is a critical task for6 the cloud service provider as the users expect the cloud to conduct a quick search and return the result without losing8 data confidentiality. To overcome these problems, Finally, the proposed construction21 is demonstrated practical and efficient in the performance and property comparison. However, the use of CP-ABE may yield an inevitable security breach which is known as the misuse of access credential (i.e. decryption rights), due to the intrinsic “all-or-nothing” decryption feature of CP-ABE. In this paper, we investigate the two main cases of access credential misuse: one is on the semi-trusted authority side, and the other is on the side of cloud user. To mitigate the misuse, We also present the security analysis and further demonstrate the utility of our system via experiments

An efficient and secure data storage in cloud computing using modified RSA public key cryptosystem

Cloud Computing is the ability to improve the utility or train new human resources without investing in new infrastructure, or add capabilities to existence without the latest software licensing. It expanded the capabilities of Information Technology (IT). From the past few years, cloud computing has developed from a good business concept in the best rising sectors of the IT industry. But more information on individuals and companies was put in the cloud, and concerns began to think about how secure the cloud environment was. Despite cloud surrounding structures, enterprise users still do not want to expand their business in the cloud. Security reduces the growth of cloud computing and continues to spread the market with complexity with data privacy and data protection. The security of cloud computing has constantly been an significant aspect of improved quality of service from cloud service providers.  Data storage in the cloud has a problem related to data security. However, cloud computing construct many new security challenges which have not been well examine. In order to ensure that the user's data in the cloud is secure, we have proposed an effective mechanism with a distinctive feature of data integrity and privacy. This paper focusing on problems relating to the cloud data storage techniques and security in virtual environment. We recommend a method for providing data storage and security in cloud using public key Cryptosystem, which uses the concept of the modified RSA algorithm to provide better security for the data stored in the cloud.

Genomic cloud computing:Legal and ethical points to consider

The biggest challenge in twenty-first century data-intensive genomic science, is developing vast computer infrastructure and advanced software tools to perform comprehensive analyses of genomic data sets for biomedical research and clinical practice. Researchers are increasingly turning to cloud computing both as a solution to integrate data from genomics, systems biology and biomedical data mining and as an approach to analyze data to solve biomedical problems. Although cloud computing provides several benefits such as lower costs and greater efficiency, it also raises legal and ethical issues. In this article, we discuss three key 'points to consider' (data control; data security, confidentiality and transfer; and accountability) based on a preliminary review of several publicly available cloud service providers' Terms of Service. These 'points to consider' should be borne in mind by genomic research organizations when negotiating legal arrangements to store genomic data on a large commercial cloud service provider's servers. Diligent genomic cloud computing means leveraging security standards and evaluation processes as a means to protect data and entails many of the same good practices that researchers should always consider in securing their local infrastructure.</p

Cloud Computing Issues

Abstract- Cloud computing is Internet-based computing, whereby shared resources, software and information, are provided to computers and devices on-demand, like the electricity grid. It aims to construct a perfect system with powerful computing capability through a large number of relatively low-cost computing entity, and using the advanced business models like SaaS (Software as a Service), PaaS (Platform as a Service), IaaS (Infrastructure as a Service) to distribute the powerful computing capacity to end users’ hands. Cloud Computing represents a new computing model that poses many demanding security issues at all levels, e.g., network, host, application, and data levels. The variety of the delivery models presents different security challenges depending on the model and consumers’ Quality of Service (QoS) requirements. Confidentiality, Integrity, Availability, Authenticity, and Privacy are essential concerns for both Cloud providers and consumers as well. This paper introduces the existing issues in cloud computing such as security, privacy, reliability and so on. This paper surveys the security problems of current cloud computing

CloudIDS: Cloud Intrusion Detection Model Inspired by Dendritic Cell Mechanism

Cloud Computing Security is a new era of computer technology and opens a new research area and creates a lot of opportunity of exploration. One of the new implementation in Cloud is Intrusion Detection System (IDS).There are problems with existing IDS approach in Cloud environment. Implementing traditional IDS need a lot of self-maintenance and did not scale with the customer security requirements. In addition, maintenance of traditional IDS in Cloud Computing system requires expertise and consumes more time where not each Cloud user has. A decentralized traditional IDS approach where being deployed in current Cloud Computing infrastructure will make the IDS management become complicated. Each user's IDS will not be the same in term of type and configurations and each user may have outdated signatures. Inter VM's communication also become a big concern when we implementing Cloud Computing system where communication between Clouds are not monitored and controlled by the traditional IDS. A specific IDS model for Cloud computing is required to solve these problems. In this paper, we develop a prototype of Cloud IDS inspired by Dendritic Cell mechanism. Experiment result proved that Cloud IDS was able to detect any attempt to attack the Cloud environment. The experiments show that the Cloud IDS model based on Dendritic Cell algorithm able to identify and detect novel threat that targeting Cloud environment