Solutions for Securing End User Data over the Cloud Deployed Applications

Cloud Security ◽

10.4018/978-1-5225-8176-5.ch053 ◽

2019 ◽

pp. 1030-1046

Author(s):

Akashdeep Bhardwaj

Keyword(s):

Cloud Service ◽

Public Key Cryptography ◽

End Users ◽

Public Key ◽

End User ◽

Sensitive Data ◽

Cloud Service Provider ◽

User Data ◽

The Times ◽

In Transit

With more and more organizations working on the cloud over unsecure internet, sharing files and emails and saving them on cloud storage imperative. Securing the end user sensitive data in transit has thus started to get maximum priority to protect it from Cloud company staff, hackers and data thieves. In this study, an attempt is made to review the research of end user data security. There is an urgent need for solutions for end users' data protection, privacy and during the times when migrating from one Cloud service provider to other. This chapter identifies end user data challenges and issues on cloud and presents use of Public Key Cryptography, Multi Factor Authentication and use of Cloud Aware applications as possible solutions.

Download Full-text

Enhanced layered fog architecture for IoT sensing and actuation as a service

Scientific Reports ◽

10.1038/s41598-021-00926-y ◽

2021 ◽

Vol 11 (1) ◽

Author(s):

Abdulsalam Alammari ◽

Salman Abdul Moiz ◽

Atul Negi

Keyword(s):

Network Connectivity ◽

Cloud Service ◽

End Users ◽

End User ◽

Cloud Service Provider ◽

Network Connection ◽

Services Delivery ◽

Service Paradigm ◽

Parent Node ◽

Failed Node

AbstractThe reduced service cost offered by Sensing and Actuation as a Service paradigm, particularly in Internet of Things (IoT) era, has encouraged many establishments to start without worrying about having their own infrastructure. Such a paradigm is typically managed by a centralized cloud service provider. Fog paradigm has emerged as a mini-cloud that if designed with care to assist the cloud, together will achieve better performance. This article introduces a layered fog architecture called Sensors and Actuator Layered Fog Services Delivery (SALFSD) for IoT ecosystems. The significance of SALFSD is being fault resistant; it dynamically reassigns tasks of the failed node to the nearest active node to maintain the network connection. Besides, SALFSD monitors end users pre-specified cases closer to the physical devices hired by end users to fasten generating the actuation commands. Such node may offload its monitoring responsibility to its parent node in case it is overloaded. SALFSD is evaluated using Yet Another Fog Simulator in different scenarios (numbers of users, sensors, actuators, and areas). A comparison was made for Sensing and Actuating as a Service (SAaaS) with/without layered fog, and layered fog with/without (failure reassignment, pre-specified cases in fog nodes, and offloading). The comparison was conducted in terms of computing/communication latencies and the number of missed messages for both observations and actuation commands. Results show that failure reassignment prevented losing messages and maintained network connectivity. Also, wisely selecting the monitoring fog node per end user pre-specified cases and the offloading scheme decreased actuation latency.

Download Full-text

SECURITY IN CLOUD COMPUTING IN INDIAN GOVERNMENT

INTERNATIONAL JOURNAL OF NEXT-GENERATION COMPUTING ◽

10.47164/ijngc.v12i3.808 ◽

2021 ◽

Vol 12 (3) ◽

Author(s):

Nitin Vishnu Choudhari ◽

Dr. Ashish B Sasankar

Keyword(s):

Cloud Computing ◽

Service Delivery ◽

Service Providers ◽

Cloud Service ◽

Cloud Security ◽

End Users ◽

Security Architecture ◽

Security Measures ◽

End User ◽

Cloud Service Providers

Abstract –Today Security issue is the topmost problem in the cloud computing environment. It leads to serious discomfort to the Governance and end-users. Numerous security solutions and policies are available however practically ineffective in use. Most of the security solutions are centered towards cloud technology and cloud service providers only and no consideration has been given to the Network, accessing, and device securities at the end-user level. The discomfort at the end-user level was left untreated. The security of the various public, private networks, variety of devices used by end-users, accessibility, and capacity of end-users is left untreated. This leads towards the strong need for the possible modification of the security architecture for data security at all levels and secured service delivery. This leads towards the strong need for the possible adaption of modified security measures and provisions, which shall provide secured hosting and service delivery at all levels and reduce the security gap between the cloud service providers and end-users. This paper investigates the study and analyze the security architecture in the Cloud environment of Govt. of India and suggest the modifications in the security architecture as per the changing scenario and to fulfill the future needs for the secured service delivery from central up to the end-user level. Keywords: Cloud Security, Security in GI Cloud, Cloud Security measures, Security Assessment in GI Cloud, Proposed Security for GI cloud

Download Full-text

An Analysis on the Terms and Conditions of the Clickwrap Agreement and the Benefits of Maintaining the Click Wrap Agreement in Cloud Computing

10.4018/978-1-7998-7927-5.ch010 ◽

2022 ◽

pp. 205-224

Author(s):

Dhiviya Ram

Keyword(s):

Cloud Computing ◽

Service Provider ◽

Service Providers ◽

Cloud Service ◽

Cloud Services ◽

End User ◽

Cloud Service Provider ◽

Novel Approach ◽

Cloud Service Providers ◽

Provider Perspective

One of the most unique forms of contracting is apparent in cloud computing. Cloud computing, unlike other conventional methods, has adopted a different approach in the formation of binding contract that will be used for the governance of the cloud. This method is namely the clickwrap agreement. Click wrap agreement follows a take it or leave it basis in which the end users are provided with limited to no option in terms of having a say on the contract that binds them during the use of cloud services. The terms found in the contract are often cloud service provider friendly and will be less favourable to the end user. In this article, the authors examine the terms that are often found in the cloud computing agreement as well as study the benefit that is entailed in adopting this contracting method. This chapter has undertaken a qualitative study that comprises interviews of cloud service providers in Malaysia. Hence, this study is a novel approach that also provides insight in terms of the cloud service provider perspective regarding the click wrap agreement.

Download Full-text

A systematic review of security threats and countermeasures in SaaS

Journal of Computer Security ◽

10.3233/jcs-200002 ◽

2020 ◽

Vol 28 (6) ◽

pp. 635-653

Author(s):

Miguel Ángel Díaz de León Guillén ◽

Víctor Morales-Rocha ◽

Luis Felipe Fernández Martínez

Keyword(s):

Systematic Review ◽

Cloud Service ◽

Security Threats ◽

Negative Consequences ◽

Shared Resources ◽

Sensitive Data ◽

Cloud Service Provider ◽

Software Designers ◽

Attractive Option

Among the service models provided by the cloud, the software as a service (SaaS) model has had the greatest growth. This service model is an attractive option for organizations, as they can transfer part or all of their IT functions to a cloud service provider. However, there is still some uncertainty about deciding to carry out a migration of all data to the cloud, mainly due to security concerns. The SaaS model not only inherits the security problems of a traditional application, but there are unique attacks and vulnerabilities for a SaaS architecture. Additionally, some of the attacks in this environment are more devastating due to nature of shared resources in the SaaS model. Some of these attacks and vulnerabilities are not yet well known to software designers and developers. This lack of knowledge has negative consequences as it can expose sensitive data of users and organizations. This paper presents a rigorous systematic review using the SALSA framework to know the threats, attacks and countermeasures to mitigate the security problems that occur in a SaaS environment. As part of the results of this review, a classification of threats, attacks and countermeasures in the SaaS environment is presented.

Download Full-text

Secure Cloud Storage using Secret Key Sharing and Proxy Re-Encryption Based Third Party Auditing Service

International Journal of Engineering and Advanced Technology - Regular Issue ◽

10.35940/ijeat.f7925.088619 ◽

2019 ◽

Vol 8 (6) ◽

pp. 1927-1931

Keyword(s):

Research Work ◽

Personal Data ◽

Cloud Service ◽

Third Party ◽

Secret Key ◽

Sensitive Data ◽

Cloud Service Provider ◽

Security Issues ◽

Secure Cloud Storage ◽

Third Party Auditing

Cloud Computing (CC) provides an easy way to access and store the information by vast remote servers, instead of using personal computer. There is no physical control over personal data by user, hence some security issues may arise for users and organization to secure the data in cloud. The sensitive data can be hacked by attackers, so the integrity of data stored in cloud is a major concern for users. In this research work, the data integrity can be ensured by using Third Party Storage Auditing Service (TPSAS), where it satisfies all the requirements of users in cloud. The ultimate aim of this research is to avoid the unauthorized access of user’s data stored in the cloud. In this paper, two major problems are considered for attaining the integrity of data in the cloud. The first one is, the unauthorized user tries to modify the data, which is solved by the proposed TPSAS. The second problem considered in this research is, since the Cloud Service Provider (CSP) is semi trustable it can be malfunctioned at any time, which can be solved based on the secure secret key sharing algorithm and proxy re-encryption methodology. The secure secret key sharing is implemented based on the Shamir key sharing algorithm and the proxy re-encryption process is implemented based on the bear and lion proxy re-encryption methodology.

Download Full-text

PASSWORD PROTECTION: END USER SECURITY BEHAVIOR

International Journal of Computing ◽

10.47839/ijc.13.1.616 ◽

2014 ◽

pp. 8-16

Author(s):

Keisuke Kato ◽

Vitaly Klyuev

Keyword(s):

End Users ◽

End User ◽

Sensitive Data ◽

Password Authentication ◽

Standard Technology ◽

Security Behavior ◽

Essential Services ◽

Password Protection ◽

Key Issues ◽

The University

Password authentication is one of essential services in our life for protecting data. In other words, we may loose a lot of money, sensitive data, etc., if passwords leak out. Thus, we have to understand clearly what is important for creating and/or changing passwords. Our goal is to analyze key issues for setting passwords. We surveyed 262 students of the University of Aizu, Japan. We discussed key security problems, main password protection issues and techniques, and misunderstandings about passwords by end users. Furthermore, we compared the obtained data with results provided by the National Institute of Standard Technology (NIST) and others. The results can help the users set stronger passwords.

Download Full-text

Security Flaws and Design Issues in Cloud Infrastructure

Detection and Mitigation of Insider Attacks in a Cloud Infrastructure - Advances in Information Security, Privacy, and Ethics ◽

10.4018/978-1-5225-7924-3.ch004 ◽

2019 ◽

pp. 52-61

Keyword(s):

Cloud Computing ◽

Cloud Service ◽

Vital Role ◽

Sensitive Information ◽

Cloud Infrastructure ◽

Cloud Data Center ◽

Sensitive Data ◽

Cloud Service Provider ◽

Cloud Data ◽

Malicious Intent

Information security plays a vital role in cloud computing. Sensitive information should be kept in secure mode for providing integrity and confidentiality from insiders and outsiders. An insider is an employee who has legitimate access to cloud resources which are hosted at cloud data center. They can perform malicious activities on consumer sensitive data with or without malicious intent. This security beach is obvious and the provider needs to protect from such attacks. In this chapter, insider attacks are demonstrated with empirical approach to breach consumer-sensitive data. In this chapter, the authors present the threat models where an insider can manipulate user VMs in the node controller of cloud platform. Here, they assume that cloud service provider is malicious and cloud consumer does not have any security constraints to access their cloud assets. The model described two locations in the cloud infrastructure.

Download Full-text

Issues in On-Demand Cloud-Based Gaming Storage

Emerging Technologies and Applications for Cloud-Based Gaming - Advances in Multimedia and Interactive Technologies ◽

10.4018/978-1-5225-0546-4.ch006 ◽

2017 ◽

pp. 115-138

Author(s):

Ebin Deni Raj ◽

L. D. Dhinesh Babu

Keyword(s):

Mathematical Model ◽

Cloud Computing ◽

Quality Of Service ◽

Service Provider ◽

Quality Of Experience ◽

Cloud Service ◽

End User ◽

Cloud Service Provider ◽

On Demand

Cloud computing is the most utilized and evolving technology in the past few years and has taken computing to a whole new level such that even common man is receiving the benefits. The end user in cloud computing always prefers a cloud service provider which is efficient, reliable and best quality of service at the lowest possible price. A cloud based gaming system relieves the player from the burden of possessing high end processing and graphic units. The storage of games hosted in clouds using the latest technologies in cloud has been discussed in detail. The Quality of service of games hosted in cloud is the main focus of this chapter and we have proposed a mathematical model for the same. The various factors in dealing with the quality of service on cloud based games have been analyzed in detail. The quality of experience of cloud based games and its relation with quality of service has been derived. This chapter focuses on the various storage techniques, quality of experience factors and correlates the same with QoS in cloud based games.

Download Full-text

Audited credential delegation: a usable security solution for the virtual physiological human toolkit

Interface Focus ◽

10.1098/rsfs.2010.0026 ◽

2011 ◽

Vol 1 (3) ◽

pp. 462-473 ◽

Cited By ~ 4

Author(s):

Ali N. Haidar ◽

Stefan J. Zasada ◽

Peter V. Coveney ◽

Ali E. Abdallah ◽

Bruce Beckles ◽

...

Keyword(s):

Personalized Medicine ◽

End Users ◽

Public Key Infrastructure ◽

Public Key ◽

End User ◽

Usable Security ◽

Secure Access ◽

Digital Certificates ◽

Access Grid ◽

Grid Based

We present applications of audited credential delegation (ACD), a usable security solution for authentication, authorization and auditing in distributed virtual physiological human (VPH) project environments that removes the use of digital certificates from end-users' experience. Current security solutions are based on public key infrastructure (PKI). While PKI offers strong security for VPH projects, it suffers from serious usability shortcomings in terms of end-user acquisition and management of credentials which deter scientists from exploiting distributed VPH environments. By contrast, ACD supports the use of local credentials. Currently, a local ACD username–password combination can be used to access grid-based resources while Shibboleth support is underway. Moreover, ACD provides seamless and secure access to shared patient data, tools and infrastructure, thus supporting the provision of personalized medicine for patients, scientists and clinicians participating in e-health projects from a local to the widest international scale.

Download Full-text