4 research outputs found
Data security in cloud computing
This paper discusses the security of data in cloud computing. It is a study of data in the cloud and aspects related to it concerning security. The paper will go in to details of data protection methods and approaches used throughout the world to ensure maximum data protection by reducing risks and threats. Availability of data in the cloud is beneficial for many applications but it poses risks by exposing data to applications which might already have security loopholes in them. Similarly, use of virtualization for cloud computing might risk data when a guest OS is run over a hypervisor without knowing the reliability of the guest OS which might have a security loophole in it. The paper will also provide an insight on data security aspects for Data-in-Transit and Data-at-Rest. The study is based on all the levels of SaaS (Software as a Service), PaaS (Platform as a Service) and IaaS (Infrastructure as a Service)
Secret Sharing for Cloud Data Security
Cloud computing helps reduce costs, increase business agility and deploy
solutions with a high return on investment for many types of applications.
However, data security is of premium importance to many users and often
restrains their adoption of cloud technologies. Various approaches, i.e., data
encryption, anonymization, replication and verification, help enforce different
facets of data security. Secret sharing is a particularly interesting
cryptographic technique. Its most advanced variants indeed simultaneously
enforce data privacy, availability and integrity, while allowing computation on
encrypted data. The aim of this paper is thus to wholly survey secret sharing
schemes with respect to data security, data access and costs in the
pay-as-you-go paradigm
CLOSURE: A cloud scientific workflow scheduling algorithm based on attack-defense game model
The multi-tenant coexistence service mode makes the cloud-based scientific workflow encounter the risks of being intruded. For this problem, we propose a CLoud scientific wOrkflow SchedUling algoRithm based on attack-defensE game model (CLOSURE). In the algorithm, attacks based on different operating system vulnerabilities are regarded as different âattackâ strategies; and different operating system distributions in a virtual machine cluster executing the workflows are regarded as different âdefenseâ strategies. The information of the attacker and defender is not balanced. In other words, the defender cannot obtain the information about the attackerâs strategies, while the attacker can acquire information about the defenderâs strategies through a network scan. Therefore, we propose to dynamically switch the defense strategies during the workflow execution, which can weaken the network scan effects and transform the workflow security problem into an attack-defense game problem. Then, the probability distribution of the optimal mixed defense strategies can be achieved by calculating the Nash Equilibrium in the attack-defense game model. Based on this probability, diverse VMs are provisioned for workflow execution. Furthermore, a task-VM mapping algorithm based on dynamic Heterogeneous Earliest Finish Time (HEFT) is presented to accelerate the defense strategy switching and improve workflow efficiency. The experiments are conducted on both simulation and actual environment, experimental results demonstrate that compared with other algorithms, the proposed algorithm can reduce the attackerâs benefits by around 15.23%, and decrease the time costs of the algorithm by around 7.86%
Recent trends in applying TPM to cloud computing
Trusted platform modules (TPM) have become important safeâguards against
variety of softwareâbased attacks. By providing a limited set of
cryptographic services through a wellâdefined interface, separated from
the software itself, TPM can serve as a root of trust and as a building
block for higherâlevel security measures. This article surveys the
literature for applications of TPM in the cloudâcomputing environment,
with publication dates comprised between 2013 and 2018. It identifies
the current trends and objectives of this technology in the cloud, and
the type of threats that it mitigates. Toward the end, the main research
gaps are pinpointed and discussed. Since integrity measurement is one
of the main usages of TPM, special attention is paid to the assessment
of run time phases and software layers it is applied to.</p