Cloud Computing Security

Cloud computing has become a growing interest for organizations looking to reduce their IT costs by offloading software costs onto 3rd party organizations who offer software-as -a - service, platform-as-a-service, Security is the key for the Cloud success. There are two technologies Multi -tenancy, Virtualization which provides security about cloud computing

A New Cryptographic Encryption Approach for Cloud Environment

Cloud security and trust management are an important issue in the cloud environment. Cloud computing is the result of the evolution of virtualization, service-oriented design, and the widespread adoption of involuntary and utility computing. Today, cloud computing is the fastest growing technical term and captures a global service-oriented market, so cloud computing service providers and cloud computing consumers need to maintain trust between them. In cloud security, if you discuss the security procedures of traditional IT information systems, designing security into cloud software during the software development life cycle can greatly reduce the cloud attack surface. With cloud computing providing Security as a Service (SAAS), security software is an important issue. From a cloud customer perspective, the use of security services in the cloud reduces the need for security software development. The requirements for security software development are transferred to the cloud provider. This work proposes a new cloud environment security and trust management algorithm, which uses the cryptosystem method to improve the single alphabet based on the concept of multi-letter cipher. Encryption and decryption is applied to plain text to encrypt text and cipher text for plain text conversion. In this work, the algorithm's power consumption, encryption and decryption throughput, and security analysis are also presented

ABC based Double Layer-Triple Encryption Method for Data Security in Cloud

CLOUD computing is a new computing paradigm that is constructed on virtualization, aligned and circulated computing, utility computing, and service oriented architecture. The advantages of cloud computing include decreased charges and capital expenditures, expanded operational efficiencies, scalability, flexibility, immediate time to market, and so on. Distinct service oriented cloud computing forms have been proposed, including Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and programs as a Service (SaaS). In cloud computing, users have to give up their data to the cloud service provider for storage and business operations, while the cloud service provider is generally a financial enterprise, which will not be completely trusted. That is the main reason behind researchers’ motivation of the work. The proposed method provides better the data storage security with lesser time

AN EFFICIENT APPROACH TO IMPLEMENT FEDERATED CLOUDS

Cloud computing is one of the trending technologies that provide boundless virtualized resources to the internet users as an important services through the internet, while providing the privacy and security. By using these cloud services, internet users get many parallel computing resources at low cost. It predicted that till 2016, revenues from the online business management spent $4 billion for data storage. Cloud is an open source platform structure, so it is having more chances to malicious attacks. Privacy, confidentiality, and security of stored data are primary security challenges in cloud computing. In cloud computing, ‘virtualization' is one of the techniques dividing memory into different blocks. In most of the existing systems there is only single authority in the system to provide the encrypted keys. To fill the few security issues, this paper proposed a novel authenticated trust security model for secure virtualization system to encrypt the files. The proposed security model achieves the following functions: 1) allotting the VSM(VM Security Monitor) model for each virtual machine; 2) providing secret keys to encrypt and decrypt information by symmetric encryption.The contribution is a proposed architecture that provides a workable security that a cloud service provider can offer to its consumers. Detailed analysis and architecture design presented to elaborate security model

Cloud Security Issues

The emergence of cloud computing is a recent development, insights into critical aspects of security can be gleaned from reported experiences of early adopters and also from researchers analyzing and experimenting with available cloud provider platforms and associated technologies. The sections below highlight privacy and security-related issues that are believed to have long-term significance for public cloud computing and, in many cases, for other cloud computing service models. Because cloud computing has grown out of an amalgamation of technologies, including service oriented architecture, virtualization, Web 2.0, and utility computing, many of the privacy and security issues involved can be viewed as known problems cast in a new setting. The importance of their combined effect in this setting, however, should not be discounted. Public cloud computing does represent a thought-provoking paradigm shift from conventional norms to an open deperimeterized organizational infrastructure—at the extreme, displacing applications from one organization’s infrastructure to the infrastructure of another organization, where the applications of potential adversaries may also operate. Keywords: cloud security, IaaS, Privac

A JSON Token-Based Authentication and Access Management Schema for Cloud SaaS Applications

Cloud computing is significantly reshaping the computing industry built around core concepts such as virtualization, processing power, connectivity and elasticity to store and share IT resources via a broad network. It has emerged as the key technology that unleashes the potency of Big Data, Internet of Things, Mobile and Web Applications, and other related technologies, but it also comes with its challenges - such as governance, security, and privacy. This paper is focused on the security and privacy challenges of cloud computing with specific reference to user authentication and access management for cloud SaaS applications. The suggested model uses a framework that harnesses the stateless and secure nature of JWT for client authentication and session management. Furthermore, authorized access to protected cloud SaaS resources have been efficiently managed. Accordingly, a Policy Match Gate (PMG) component and a Policy Activity Monitor (PAM) component have been introduced. In addition, other subcomponents such as a Policy Validation Unit (PVU) and a Policy Proxy DB (PPDB) have also been established for optimized service delivery. A theoretical analysis of the proposed model portrays a system that is secure, lightweight and highly scalable for improved cloud resource security and management.Comment: 6 Page

Data security in cloud computing

This paper discusses the security of data in cloud computing. It is a study of data in the cloud and aspects related to it concerning security. The paper will go in to details of data protection methods and approaches used throughout the world to ensure maximum data protection by reducing risks and threats. Availability of data in the cloud is beneficial for many applications but it poses risks by exposing data to applications which might already have security loopholes in them. Similarly, use of virtualization for cloud computing might risk data when a guest OS is run over a hypervisor without knowing the reliability of the guest OS which might have a security loophole in it. The paper will also provide an insight on data security aspects for Data-in-Transit and Data-at-Rest. The study is based on all the levels of SaaS (Software as a Service), PaaS (Platform as a Service) and IaaS (Infrastructure as a Service)

Application-based authentication on an inter-VM traffic in a Cloud environment

Cloud Computing (CC) is an innovative computing model in which resources are provided as a service over the Internet, on an as-needed basis. It is a large-scale distributed computing paradigm that is driven by economies of scale, in which a pool of abstracted, virtualized, dynamically-scalable, managed computing power, storage, platforms, and services are delivered on demand to external customers over the Internet. Since cloud is often enabled by virtualization and share a common attribute, that is, the allocation of resources, applications, and even OSs, adequate safeguards and security measures are essential. In fact, Virtualization creates new targets for intrusion due to the complexity of access and difficulty in monitoring all interconnection points between systems, applications, and data sets. This raises many questions about the appropriate infrastructure, processes, and strategy for enacting detection and response to intrusion in a Cloud environment. Hence, without strict controls put in place within the Cloud, guests could violate and bypass security policies, intercept unauthorized client data, and initiate or become the target of security attacks. This article shines the light on the issues of security within Cloud Computing, especially inter-VM traffic visibility. In addition, the paper lays the proposition of an Application Based Security (ABS) approach in order to enforce an application-based authentication between VMs, through various security mechanisms, filtering, structures, and policies