Trusted cloud computing framework for healthcare sector

Cloud computing is rapidly evolving due to its efficient characteristics such as cost-effectiveness, availability and elasticity. Healthcare organizations and consumers lose control when they outsource their sensitive data and computing resources to a third party Cloud Service Provider (CSP), which may raise security and privacy concerns related to data loss and misuse appealing threats. Lack of consumers' knowledge about their data storage location may lead to violating rules and regulations of Health Insurance Portability and Accountability Act (HIPAA) that can cost them huge penalty. Fear of data breach by internal or external hackers may decrease consumers' trust in adopting cloud computing and benefiting from its promising features. We designed a HealthcareTrusted Cloud Computing (HTCC) framework that maintains security, privacy and considers HIPAA regulations. HTCC framework deploys Trusted Computing Group (TCG) technologies such as Trusted Platform Module (TPM), Trusted Software Stack (TSS), virtual Trusted Platform Module (vTPM), Trusted Network Connect (TNC) and Self Encrypting Drives (SEDs). We emphasize on using strong multi-factor authentication access control mechanisms and strict security controls, as well as encryption for data at storage, in-transit and while process. We contributed in customizing a cloud Service Level Agreement (SLA) by considering healthcare requirements. HTCC was evaluated by comparing with previous researchers' work and conducting survey from experts. Results were satisfactory and showed acceptance of the framework. We aim that our proposed framework will assist in optimizing trust on cloud computing to be adopted in healthcare sector

Improve cloud computing security using RSA encryption with Fermat's little theorem

Cloud computing (CC) is new technology for hosting and delivering services over the Internet. It moves computing and data away from desktop and portable PCs into large data centers.CC is a Internet based computing, the entire data reside over a set of networked resources, this data can be accessed through virtual machines like i phone, PC etc.CC help to reduce hardware, maintenance and installation cost. But security and privacy is the two major issues in this field and it prevent users for trusting CC. Cloud computing share distributed resources in the open environment via the network, so it makes security problems .To keep user data highly confidentially against un-trusted servers and from malicious attacks is very important. Encryption is the one of the most secured way using prevent unauthorized access. Hence we provide a new method for Cloud Computing Security by applying RSA algorithm and Fermat's theorem together. Its help to build a new trusted cloud computing environment. By using Fermat's theorem can be speed up the RSA Encryption

Erasure Code Based Cloud Storage System

Cloud Computing is the technology that provides on demand services and resources like storage space, networks, programming language execution environment on the top of Internet pay per use model. Cloud computing is globalized concept and there are no borders within the Cloud. Because of attractive features of Cloud computing, many organizations are using Cloud storage for storing their critical information. The data can be stored remotely in the Cloud by user and can be accessed using thin clients as and when required. One of the major issue in Cloud today is data security. Storage of data in the Cloud can be risky because storage is done on Cloud service providers� servers which mean less control over the stored data. One of the major concern in Cloud is how do we grab all the benefits of Cloud while maintaining security controls over the data. In this paper reliable storage system is proposed which can be robust in case of errors or erasures in data to be stored. Proposed system provides reliable storage while maintaining the integrity of the data. The files are split into parts to get an extra layer of security

Erasure Code Based Cloud Storage System

Cloud Computing is the technology that provides on demand services and resources like storage space, networks, programming language execution environment on the top of Internet pay per use model. Cloud computing is globalized concept and there are no borders within the Cloud. Because of attractive features of Cloud computing, many organizations are using Cloud storage for storing their critical information. The data can be stored remotely in the Cloud by user and can be accessed using thin clients as and when required. One of the major issue in Cloud today is data security. Storage of data in the Cloud can be risky because storage is done on Cloud service providers’ servers which mean less control over the stored data. One of the major concern in Cloud is how do we grab all the benefits of Cloud while maintaining security controls over the data. In this paper reliable storage system is proposed which can be robust in case of errors or erasures in data to be stored. Proposed system provides reliable storage while maintaining the integrity of the data. The files are split into parts to get an extra layer of securit

Trusted Computing and Secure Virtualization in Cloud Computing

Large-scale deployment and use of cloud computing in industry is accompanied and in the same time hampered by concerns regarding protection of data handled by cloud computing providers. One of the consequences of moving data processing and storage off company premises is that organizations have less control over their infrastructure. As a result, cloud service (CS) clients must trust that the CS provider is able to protect their data and infrastructure from both external and internal attacks. Currently however, such trust can only rely on organizational processes declared by the CS provider and can not be remotely verified and validated by an external party. Enabling the CS client to verify the integrity of the host where the virtual machine instance will run, as well as to ensure that the virtual machine image has not been tampered with, are some steps towards building trust in the CS provider. Having the tools to perform such verifications prior to the launch of the VM instance allows the CS clients to decide in runtime whether certain data should be stored- or calculations should be made on the VM instance offered by the CS provider. This thesis combines three components -- trusted computing, virtualization technology and cloud computing platforms -- to address issues of trust and security in public cloud computing environments. Of the three components, virtualization technology has had the longest evolution and is a cornerstone for the realization of cloud computing. Trusted computing is a recent industry initiative that aims to implement the root of trust in a hardware component, the trusted platform module. The initiative has been formalized in a set of specifications and is currently at version 1.2. Cloud computing platforms pool virtualized computing, storage and network resources in order to serve a large number of customers customers that use a multi-tenant multiplexing model to offer on-demand self-service over broad network. Open source cloud computing platforms are, similar to trusted computing, a fairly recent technology in active development. The issue of trust in public cloud environments is addressed by examining the state of the art within cloud computing security and subsequently addressing the issues of establishing trust in the launch of a generic virtual machine in a public cloud environment. As a result, the thesis proposes a trusted launch protocol that allows CS clients to verify and ensure the integrity of the VM instance at launch time, as well as the integrity of the host where the VM instance is launched. The protocol relies on the use of Trusted Platform Module (TPM) for key generation and data protection. The TPM also plays an essential part in the integrity attestation of the VM instance host. Along with a theoretical, platform-agnostic protocol, the thesis also describes a detailed implementation design of the protocol using the OpenStack cloud computing platform. In order the verify the implementability of the proposed protocol, a prototype implementation has built using a distributed deployment of OpenStack. While the protocol covers only the trusted launch procedure using generic virtual machine images, it presents a step aimed to contribute towards the creation of a secure and trusted public cloud computing environment

Security-oriented cloud computing platform for critical infrastructures

The rise of virtualisation and cloud computing is one of the most significant features of computing in the last 10 years. However, despite its popularity, there are still a number of technical barriers that prevent it from becoming the truly ubiquitous service it has the potential to be. Central to this are the issues of data security and the lack of trust that users have in relying on cloud services to provide the foundation of their IT infrastructure. This is a highly complex issue, which covers multiple inter-related factors such as platform integrity, robust service guarantees, data and network security, and many others that have yet to be overcome in a meaningful way. This paper presents a concept for an innovative integrated platform to reinforce the integrity and security of cloud services and we apply this in the context of Critical Infrastructures to identify the core requirements, components and features of this infrastructure

Fuzzy logic approach to modelling trust in cloud computing

Despite the growing deployment of mission critical applications on computing systems, trust and security continues to hinder its full adoption and deployment on cloud computing platforms. In addition to accountability and non-repudiation on the cloud deployment, end-users want to be confident of availability and reliability of services. For any cloud platform to be secure and trusted, the individual layers of the platform must be secure as there is no 'one fits all solution' for securing all the layers. This work presents a multi-layer trust security model (MLTSM) based on unified cloud platform trust that employs a fuzzy logic combination of on-demand states of several different security mechanisms, such as identification, direct and in-direct trust, across all cloud layers. In addition, results from a MATLAB-based simulation of the model are also presented. A MLTSM can improve the secure deployment of cloud infrastructure in mission critical sectors such as electrical power system operation, as it provides empirical evidence that allows direct (on-demand) determination and verification of the trust state of any given cloud computing platform or service. Such a modelling approach is useful for comparison, classification and improving end-user confidence in selecting or consuming cloud computing resources