Search results for: Cloud security framework

Authors: Hatim Elhag

Abstract:

Banking and Financial Service Institutions are possibly the most advanced in terms of technology adoption and use it as a key differentiator. With high levels of business process automation, maturity in the functional portfolio, straight through processing and proven technology outsourcing benefits, Banking sector stand to benefit significantly from Cloud computing capabilities. Additionally, with complex Compliance and Regulatory policies, combined with expansive products and geography coverage, the business impact is even greater. While the benefits are exponential, there are also significant challenges in adopting this model– including Legal, Security, Performance, Reliability, Transformation complexity, Operating control and Governance and most importantly proof for the promised cost benefits. However, new architecture designed should be implemented to align this approach.

Keywords: security, cloud, banking sector, cloud computing

Procedia PDF Downloads 475

Authors: Donald Zullick, Cihan Varol

Abstract:

This research paper begins with a look at current work in business continuity as it relates to the cloud and small to medium business (SMB). While cloud services are an emerging paradigm that is quickly making an impact on business, there has been no substantive research applied to SMB. Seeing this lapse, we have taken a fusion of continuity and cloud research with application to the SMB market. It is an initial reflection with base framework guidelines as a starting point for implementation. In this approach, our research ties together existing work and fill the gap with an SMB outlook.

Keywords: business continuity, cloud services, medium size business, risk assessment, small business

Procedia PDF Downloads 373

Authors: Navaneeth Krishnan, Chandan N. Bhagwat, Aparajit P. Utpat

Abstract:

Cloud Computing provides us a means to upload data and use applications over the internet. As the number of devices connecting to the cloud grows, there is undue pressure on the cloud infrastructure. Fog computing or Network Based Computing or Edge Computing allows to move a part of the processing in the cloud to the network devices present along the node to the cloud. Therefore the nodes connected to the cloud have a better response time. This paper proposes a method of moving the computation from the cloud to the network by introducing an android like appstore on the networking devices.

Keywords: cloud computing, fog computing, network devices, appstore

Procedia PDF Downloads 350

Authors: Sana Kouchi, Hassina Nacer, Kadda Beghdad-bey

Abstract:

Cloud computing is growing very fast in the market and has become one of the most controversial discussed developments in recent years. Cloud computing providers become very numerous in these areas and each of them prefers its own cloud computing infrastructure, due to the incompatibility of standards and cloud access formats, which prevents them from accepting to support cloud computing applications in a standardized manner, this heterogeneity creates the problem of interoperability between clouds, and considering that cloud customers are probably in search of an interoperable cloud computing, where they will have total control over their applications and simply migrate their services as needed, without additional development investment. A cloud federation strategy should be considered. In this article, we propose a common architecture for the cloud that is based on existing architectures and also the use of best practices from ICT frameworks, such as IBM, ITIL, NIST, etc., to address the interoperability of architectures issues in a multi-cloud system.

Keywords: cloud computing, reference architecture, interoperability, standard

Procedia PDF Downloads 137

Authors: Shruti Kohli

Abstract:

The sophistication and pervasiveness of cyber-attacks are constantly growing, driven partly by technological progress, profitable applications in organized crime and state-sponsored innovation. The modernization of rail control systems has resulted in an increasing reliance on digital technology and increased the potential for security breaches and cyber-attacks. This research track showcases the need for developing a secure reusable scalable framework for enhancing cyber security of rail assets. A cyber security framework has been proposed that is being developed to detect the tell-tale signs of cyber-attacks against industrial assets.

Keywords: cyber security, rail asset, security threat, cyber ontology

Procedia PDF Downloads 406

Authors: Dongjae Kang, Sokho Son, Jinmee Kim

Abstract:

Cloud service brokering is a new service paradigm that provides interoperability and portability of application across multiple Cloud providers. In this paper, we designed cloud service brokerage system, any broker, supporting integrated service provisioning and SLA based service life cycle management. For the system design, we introduce the system concept and whole architecture, details of main components and use cases of primary operations in the system. These features ease the Cloud service provider and customer’s concern and support new Cloud service open market to increase cloud service profit and prompt Cloud service echo system in cloud computing related area.

Keywords: cloud service brokerage, multiple Clouds, Integrated service provisioning, SLA, network service

Procedia PDF Downloads 457

Authors: Violeta Damjanovic-Behrendt

Abstract:

This paper presents an approach for optimal cyber security decisions to protect instances of a federated Internet of Things (IoT) platform in the cloud. The presented solution implements the repeated Stackelberg Security Game (SSG) and a model called Stochastic Human behaviour model with AttRactiveness and Probability weighting (SHARP). SHARP employs the Subjective Utility Quantal Response (SUQR) for formulating a subjective utility function, which is based on the evaluations of alternative solutions during decision-making. We augment the repeated SSG (including SHARP and SUQR) with a reinforced learning algorithm called Naïve Q-Learning. Naïve Q-Learning belongs to the category of active and model-free Machine Learning (ML) techniques in which the agent (either the defender or the attacker) attempts to find an optimal security solution. In this way, we combine GT and ML algorithms for discovering optimal cyber security policies. The proposed security optimization components will be validated in a collaborative cloud platform that is based on the Industrial Internet Reference Architecture (IIRA) and its recently published security model.

Keywords: security, internet of things, cloud computing, stackelberg game, machine learning, naive q-learning

Procedia PDF Downloads 327

Authors: P. S. Jagadeesh Kumar, S. Meenakshi Sundaram

Abstract:

With the increase of prevailing non-traditional rivalry, mobile banking experiences an ever changing commercial backdrop. Substantial customer demands have established to be more intricate as customers request more expediency and superintend over their banking services. To enterprise advance and modernization in mobile banking applications, it is gradually obligatory to deeply leapfrog the scuffle using business model transformation. The dramaturgical vicissitudes taking place in mobile banking entail advanced traditions to exploit security. By reforming and transforming older back office into integrated mobile banking applications, banks can engender a supple and nimble banking environment that can rapidly respond to new business requirements over cloud computing. Cloud computing is transfiguring ecosystems in numerous industries, and mobile banking is no exemption providing services innovation, greater flexibility to respond to improved security and enhanced business intelligence with less cost. Cloud technology offer secure deployment possibilities that can provision banks in developing new customer experiences, empower operative relationship and advance speed to efficient banking transaction. Cloud adoption is escalating quickly since it can be made secured for commercial mobile banking transaction through backend as a service in scrutinizing the security strategies of the cloud service provider along with the antiquity of transaction details and their security related practices.

Keywords: cloud adoption, backend as a service, business intelligence, secured mobile banking

Procedia PDF Downloads 231

Authors: Victor Onomza Waziri, John K. Alhassan, Idris Ismaila, Noel Dogonyara

Abstract:

This paper describes the problem of building secure computational services for encrypted information in the Cloud. Computing without decrypting the encrypted data; therefore, it meets the yearning of computational encryption algorithmic aspiration model that could enhance the security of big data for privacy or confidentiality, availability and integrity of the data and user’s security. The cryptographic model applied for the computational process of the encrypted data is the Fully Homomorphic Encryption Scheme. We contribute a theoretical presentations in a high-level computational processes that are based on number theory that is derivable from abstract algebra which can easily be integrated and leveraged in the Cloud computing interface with detail theoretic mathematical concepts to the fully homomorphic encryption models. This contribution enhances the full implementation of big data analytics based on cryptographic security algorithm.

Keywords: big data analytics, security, privacy, bootstrapping, Fully Homomorphic Encryption Scheme

Procedia PDF Downloads 443

Authors: Rachna Jain, Sushila Madan, Bindu Garg

Abstract:

Cloud computing is the key powerhouse in numerous organizations due to shifting of their data to the cloud environment. In recent years it has been observed that cloud-based-services are being used on large scale for content storage, distribution and processing. Various issues have been observed in cloud computing environment that need to be addressed. Security and privacy are found topmost concern area. In this paper, a novel security model is proposed to secure data by utilizing CDN services like image to icon conversion. CDN Service is a content delivery service which converts an image to icon, word to pdf & Latex to pdf etc. Presented model is used to convert an image into icon by keeping image secret. Here security of image is imparted so that image should be encrypted and decrypted by data owners only. It is also discussed in the paper that how server performs multiplication and selection on encrypted data without decryption. The data can be image file, word file, audio or video file. Moreover, the proposed model is capable enough to multiply images, encrypt them and send to a server application for conversion. Eventually, the prime objective is to encrypt an image and convert the encrypted image to image Icon by utilizing homomorphic encryption.

Keywords: cloud computing, user data security, homomorphic encryption, image multiplication, CDN service

Procedia PDF Downloads 315

Authors: Elmahdi Khalil, Saad Enniari, Mostapha Zbakh

Abstract:

Cloud computing promises to increase innovation and the velocity with witch applications are deployed, all while helping any enterprise meet most IT service needs at a lower total cost of ownership and higher return investment. As the march of cloud continues, it brings both new opportunities and new security challenges. To take advantages of those opportunities while minimizing risks, we think that Intrusion Detection Systems (IDS) integrated in the cloud is one of the best existing solutions nowadays in the field. The concept of intrusion detection was known since past and was first proposed by a well-known researcher named Anderson in 1980's. Since that time IDS's are evolving. Although, several efforts has been made in the area of Intrusion Detection systems for cloud computing environment, many attacks still prevail. Therefore, the work presented in this paper proposes a multi criteria analysis and a comparative study between several IDS architectures designated to work in a cloud computing environments. To achieve this objective, in the first place we will search in the state of the art of several consistent IDS architectures designed to work in a cloud environment. Whereas, in a second step we will establish the criteria that will be useful for the evaluation of architectures. Later, using the approach of multi criteria decision analysis Mac Beth (Measuring Attractiveness by a Categorical Based Evaluation Technique we will evaluate the criteria and assign to each one the appropriate weight according to their importance in the field of IDS architectures in cloud computing. The last step is to evaluate architectures against the criteria and collecting results of the model constructed in the previous steps.

Keywords: cloud computing, cloud security, intrusion detection/prevention system, multi-criteria decision analysis

Procedia PDF Downloads 443

Authors: A. R. Manu, V. K. Agrawal, K. N. Balasubramanya Murthy

Abstract:

Authentication is required in stored database systems so that only authorized users can access the data and related cloud infrastructures. This paper proposes an authentication technique using multi-factor and multi-dimensional authentication system with multi-level security. The proposed technique is likely to be more robust as the probability of breaking the password is extremely low. This framework uses a multi-modal biometric approach and SMS to enforce additional security measures with the conventional Login/password system. The robustness of the technique is demonstrated mathematically using a statistical analysis. This work presents the authentication system along with the user authentication architecture diagram, activity diagrams, data flow diagrams, sequence diagrams, and algorithms.

Keywords: design, implementation algorithms, performance, biometric approach

Procedia PDF Downloads 443

Authors: Waziri Victor Onomza, John K. Alhassan, Idris Ismaila, Noel Dogonyaro Moses

Abstract:

This paper describes the problem of building secure computational services for encrypted information in the Cloud Computing without decrypting the encrypted data; therefore, it meets the yearning of computational encryption algorithmic aspiration model that could enhance the security of big data for privacy, confidentiality, availability of the users. The cryptographic model applied for the computational process of the encrypted data is the Fully Homomorphic Encryption Scheme. We contribute theoretical presentations in high-level computational processes that are based on number theory and algebra that can easily be integrated and leveraged in the Cloud computing with detail theoretic mathematical concepts to the fully homomorphic encryption models. This contribution enhances the full implementation of big data analytics based cryptographic security algorithm.

Keywords: big data analytics, security, privacy, bootstrapping, homomorphic, homomorphic encryption scheme

Procedia PDF Downloads 339

Authors: Seyed Mohammadbagher Jafari, Elahe Mahdizadeh, Masomeh Ghahremani

Abstract:

Nowadays almost all organizations depend on information systems to run their businesses. Investment on information systems and their maintenance to keep them always in best situation to support firm business is one of the main issues for every organization. The new concept of cloud computing was developed as a technical and economic model to address this issue. In cloud computing the computing resources, including networks, applications, hardwares and services are configured as needed and are available at the moment of request. However, migration to cloud is not an easy task and there are many issues that should be taken into account. This study tries to provide a comprehensive model to assess a firm readiness to implement cloud computing. By conducting a systematic literature review, four dimensions of readiness were extracted which include technological, human, organizational and environmental dimensions. Every dimension has various criteria that have been discussed in details. This model provides a framework for cloud computing readiness assessment. Organizations that intend to migrate to cloud can use this model as a tool to assess their firm readiness before making any decision on cloud implementation.

Keywords: cloud computing, human readiness, organizational readiness, readiness assessment model

Procedia PDF Downloads 367

Authors: Wafa' Slaibi Alsharafat

Abstract:

Cloud computing is a modern approach in network environment. According to increased number of network users and online systems, there is a need to help these systems to be away from unauthorized resource access and detect any attempts for privacy contravention. For that purpose, Intrusion Detection System is an effective security mechanism to detect any attempts of attacks for cloud resources and their information. In this paper, Cloud Intrusion Detection System has been proposed in term of reducing or eliminating any attacks. This model concerns about achieving high detection rate after conducting a set of experiments using benchmarks dataset called KDD'99.

Keywords: IDS, cloud computing, anticipating classifier system, intrusion detection

Procedia PDF Downloads 446

Authors: Femi Elegbeleye, Omobayo Esan, Muienge Mbodila, Patrick Bowe

Abstract:

This paper focused on cost effective storage architecture using fog and cloud data storage gateway and presented the design of the framework for the data privacy model and data analytics framework on a real-time analysis when using machine learning method. The paper began with the system analysis, system architecture and its component design, as well as the overall system operations. The several results obtained from this study on data privacy model shows that when two or more data privacy model is combined we tend to have a more stronger privacy to our data, and when fog storage gateway have several advantages over using the traditional cloud storage, from our result shows fog has reduced latency/delay, low bandwidth consumption, and energy usage when been compare with cloud storage, therefore, fog storage will help to lessen excessive cost. This paper dwelt more on the system descriptions, the researchers focused on the research design and framework design for the data privacy model, data storage, and real-time analytics. This paper also shows the major system components and their framework specification. And lastly, the overall research system architecture was shown, its structure, and its interrelationships.

Keywords: IoT, fog, cloud, data analysis, data privacy

Procedia PDF Downloads 69

Authors: Sandesh Achar

Abstract:

Artificial intelligence is being increasingly incorporated into many applications across various sectors such as health, education, security, and agriculture. Recently, there has been rapid development in cloud computing technology, resulting in AI’s implementation into cloud computing to enhance and optimize the technology service rendered. The deployment of AI in cloud-based applications has brought about autonomous computing, whereby systems achieve stated results without human intervention. Despite the amount of research into autonomous computing, work incorporating AI/ML into cloud computing to enhance its performance and resource allocation remain a fundamental challenge. This paper highlights different manifestations, roles, trends, and challenges related to AI-based cloud computing models. This work reviews and highlights excellent investigations and progress in the domain. Future directions are suggested for leveraging AI/ML in next-generation computing for emerging computing paradigms such as cloud environments. Adopting AI-based algorithms and techniques to increase operational efficiency, cost savings, automation, reducing energy consumption and solving complex cloud computing issues are the major findings outlined in this paper.

Keywords: artificial intelligence, cloud computing, deep learning, machine learning, internet of things

Procedia PDF Downloads 77

Authors: Aishwarya Shekhar, Himanshu Sharma

Abstract:

Data deduplication is one of important data compression techniques for eliminating duplicate copies of repeating data, and has been widely used in cloud storage to reduce the amount of storage space and save bandwidth. In this process, duplicate data is expunged, leaving only one copy means single instance of the data to be accumulated. Though, indexing of each and every data is still maintained. Data deduplication is an approach for minimizing the part of storage space an organization required to retain its data. In most of the company, the storage systems carry identical copies of numerous pieces of data. Deduplication terminates these additional copies by saving just one copy of the data and exchanging the other copies with pointers that assist back to the primary copy. To ignore this duplication of the data and to preserve the confidentiality in the cloud here we are applying the concept of hybrid nature of cloud. A hybrid cloud is a fusion of minimally one public and private cloud. As a proof of concept, we implement a java code which provides security as well as removes all types of duplicated data from the cloud.

Keywords: confidentiality, deduplication, data compression, hybridity of cloud

Procedia PDF Downloads 358

Authors: Lauren Provost

Abstract:

The digital world remains increasingly vulnerable, making the development of effective cybersecurity approaches even more critical in supporting the success of the digital economy and national security. Although approaches to cybersecurity have shifted and improved in the last decade with new models, especially with cloud computing and mobility, a record number of high severity vulnerabilities were recorded in the National Institute of Standards and Technology (NIST), and its National Vulnerability Database (NVD) in 2020. This is due, in part, to the increasing complexity of cyber ecosystems. Security must be approached with a more comprehensive, multi-tool strategy that addresses the complexity of cyber ecosystems, including the human factor. Ethical hacking has emerged as such an approach: a more effective, multi-strategy, comprehensive approach to cyber security's most pressing needs, especially understanding the human factor. Research on ethical hacking, however, is limited in scope. The two main objectives of this work are to (1) provide highlights of case studies in ethical hacking, (2) provide a conceptual framework for research in ethical hacking that embraces and addresses both technical and nontechnical security measures. Recommendations include an improved conceptual framework for research centered on ethical hacking that addresses many factors and attributes of significant attacks that threaten computer security; a more robust, integrative multi-layered framework embracing the complexity of cybersecurity ecosystems.

Keywords: ethical hacking, literature review, penetration testing, social engineering

Procedia PDF Downloads 184

Authors: Panita Wannapiroon, Noppadon Phumeechanya, Sitthichai Laisema

Abstract:

This study is the research and development which is intended to: 1) design the ubiquitous cloud learning management system and: 2) assess the suitability of the design of the ubiquitous cloud learning management system. Its methods are divided into 2 phases. Phase 1 is the design of the ubiquitous cloud learning management system, phase 2 is the assessment of the suitability of the design the samples used in this study are work done by 25 professionals in the field of Ubiquitous cloud learning management systems and information and communication technology in education selected using the purposive sampling method. Data analyzed by arithmetic mean and standard deviation. The results showed that the ubiquitous cloud learning management system consists of 2 main components which are: 1) the ubiquitous cloud learning management system server (u-Cloud LMS Server) including: cloud repository, cloud information resources, social cloud network, cloud context awareness, cloud communication, cloud collaborative tools, and: 2) the mobile client. The result of the system suitability assessment from the professionals is in the highest range.

Keywords: learning management system, cloud computing, ubiquitous learning, ubiquitous learning management system

Procedia PDF Downloads 492

Authors: Roman Kulikov, Svetlana Kolesnikova

Abstract:

Last decade Cloud Computing technologies have been rapidly becoming ubiquitous. Each year more and more organizations, corporations, internet services and social networks trust their business sensitive information to Public Cloud. The data storage in Public Cloud is protected by security mechanisms such as firewalls, cryptography algorithms, backups, etc.. In this way, however, only outsider attacks can be prevented, whereas virtualization tools can be easily compromised by insider. The protection of Public Cloud’s critical elements from internal intruder remains extremely challenging. A hypervisor, also called a virtual machine manager, is a program that allows multiple operating systems (OS) to share a single hardware processor in Cloud Computing. One of the hypervisor's functions is to enforce access control policies. Furthermore, it prevents guest OS from disrupting each other and from accessing each other's memory or disk space. Hypervisor is the one of the most critical and vulnerable elements in Cloud Computing infrastructure. Nevertheless, it has been poorly protected from being compromised by insider. By exploiting certain vulnerabilities, privilege escalation can be easily achieved in insider attacks on hypervisor. In this way, an internal intruder, who has compromised one process, is able to gain control of the entire virtual machine. Thereafter, the consequences of insider attacks in Public Cloud might be more catastrophic and significant to virtual tools and sensitive data than of outsider attacks. So far, almost no preventive security countermeasures have been developed. There has been little attention paid for developing models to assist risks mitigation strategies. In this paper formal model of insider attacks on hypervisor is designed. Our analysis identifies critical hypervisor`s vulnerabilities that can be easily compromised by internal intruder. Consequently, possible conditions for successful attacks implementation are uncovered. Hence, development of preventive security countermeasures can be improved on the basis of the proposed model.

Keywords: insider attack, public cloud, cloud computing, hypervisor

Procedia PDF Downloads 337

Authors: Sushant Singh, Anurag Jain, Seema Sabharwal

Abstract:

Cloud computing is advancing with a rapid speed. Already, it has been adopted by a huge set of users. Easy to use and anywhere access like potential of cloud computing has made it more attractive relative to other technologies. This has resulted in reduction of deployment cost on user side. It has also allowed the big companies to sell their infrastructure to recover the installation cost for the organization. Roots of cloud computing have extended from Grid computing. Along with the inherited characteristics of its predecessor technologies it has also adopted the loopholes present in those technologies. Some of the loopholes are identified and corrected recently, but still some are yet to be rectified. Two major areas where still scope of improvement exists are security and performance. The proposed work is devoted to performance enhancement for the user of the existing cloud system by improving the basic throttled mapping approach between task and resources. The improved procedure has been tested using the cloud analyst simulator. The results are compared with the original and it has been found that proposed work is one step ahead of existing techniques.

Keywords: cloud analyst, cloud computing, load balancing, throttled

Procedia PDF Downloads 218

Authors: Sandesh Achar

Abstract:

The cloud computing industry has set new goals for better service delivery and deployment, so anyone can access services such as computation, application, and storage anytime. Cloud computing promises new possibilities for approaching sustainable solutions to deploy and advance their services in this distributed environment. This work explores energy-efficient approaches and how cloud-based architecture can reduce energy consumption levels amongst enterprises leveraging cloud computing services. Adopting cloud-based networking, database, and server machines provide a comprehensive means of achieving the potential gains in energy efficiency that cloud computing offers. In energy-efficient cloud computing, virtualization is one aspect that can integrate several technologies to achieve consolidation and better resource utilization. Moreover, the Green Cloud Architecture for cloud data centers is discussed in terms of cost, performance, and energy consumption, and appropriate solutions for various application areas are provided.

Keywords: greener cloud, cloud computing, energy efficiency, energy consumption, metadata tags, green cloud advisor

Procedia PDF Downloads 52

Authors: Rashid Mahmood

Abstract:

The network as a service (NaaS) usage has been well-known from the last few years in the many applications, like mission critical applications. In the NaaS, prevention method is not adequate as the security concerned, so the detection method should be added to the security issues in NaaS. The authentication and encryption are considered the first solution of the NaaS problem whereas now these are not sufficient as NaaS use is increasing. In this paper, we are going to present the concept of intrusion detection and then survey some of major intrusion detection techniques in NaaS and aim to compare in some important fields.

Keywords: IDS, cloud, naas, detection

Procedia PDF Downloads 284

Authors: Karim Sobh, Khaled El-Ayat, Fady Morcos, Amr El-Kadi

Abstract:

Distributed applications deployed on LEO satellites and ground stations require substantial communication between different members in a constellation to overcome the earth coverage barriers imposed by GEOs. Applications running on LEO constellations suffer the earth line-of-sight blockage effect. They need adequate lab testing before launching to space. We propose a scalable cloud-based net-work simulation framework to simulate problems created by the earth line-of-sight blockage. The framework utilized cloud IaaS virtual machines to simulate LEO satellites and ground stations distributed software. A factorial ANOVA statistical analysis is conducted to measure simulator overhead on overall communication performance. The results showed a very low simulator communication overhead. Consequently, the simulation framework is proposed as a candidate for testing LEO constellations with distributed software in the lab before space launch.

Keywords: LEO, cloud computing, constellation, satellite, network simulation, netfilter

Procedia PDF Downloads 357

Authors: Mayada Al Meghari

Abstract:

Recently, grid middlewares have provided large integrated use of network resources as the shared data and the CPU to become a virtual supercomputer. In this work, we present the design and implementation of the middleware for Data Warehouse Signature, DWS Framework. The aim of using the middleware in our DWS framework is to achieve the high performance by the parallel computing. This middleware is developed on Alchemi.Net framework to increase the security among the network nodes through the authentication and group-key distribution model. This model achieves the key security and prevents any intermediate attacks in the middleware. This paper presents the flow process structures of the middleware design. In addition, the paper ensures the implementation of security for DWS middleware enhancement with the authentication and group-key distribution model. Finally, from the analysis of other middleware approaches, the developed middleware of DWS framework is the optimal solution of a complete covering of security issues.

Keywords: middleware, parallel computing, data warehouse, security, group-key, high performance

Procedia PDF Downloads 88

Authors: Rebecca Zahra, Joseph G. Vella, Ernest Cachia

Abstract:

The notion of cloud computing is rapidly gaining ground in the IT industry and is appealing mostly due to making computing more adaptable and expedient whilst diminishing the total cost of ownership. This paper focuses on the software as a service (SaaS) architecture of cloud computing which is used for the outsourcing of databases with their associated business processes. One approach for offering SaaS is basing the system’s architecture on multi-tenancy. Multi-tenancy allows multiple tenants (users) to make use of the same single application instance. Their requests and configurations might then differ according to specific requirements met through tenant customisation through the software. Despite the known advantages, companies still feel uneasy to opt for the multi-tenancy with data security being a principle concern. The fact that multiple tenants, possibly competitors, would have their data located on the same server process and share the same database tables heighten the fear of unauthorised access. Security is a vital aspect which needs to be considered by application developers, database administrators, data owners and end users. This is further complicated in cloud-based multi-tenant system where boundaries must be established between tenants and additional access control models must be in place to prevent unauthorised cross-tenant access to data. Moreover, when altering the database state, the transactions need to strictly adhere to the tenant’s known business processes. This paper focuses on the fact that security in cloud databases should not be considered as an isolated issue. Rather it should be included in the initial phases of the database design and monitored continuously throughout the whole development process. This paper aims to identify a number of the most common security risks and threats specifically in the area of multi-tenant cloud systems. Issues and bottlenecks relating to security risks in cloud databases are surveyed. Some techniques which might be utilised to overcome them are then listed and evaluated. After a description and evaluation of the main security threats, this paper produces a list of software requirements to ensure that proper security policies are implemented by a software development team when designing and implementing a multi-tenant based SaaS. This would then assist the cloud service providers to define, implement, and manage security policies as per tenant customisation requirements whilst assuring security for the customers’ data.

Keywords: cloud computing, data management, multi-tenancy, requirements, security

Procedia PDF Downloads 129

Authors: Jaimin Patel

Abstract:

Cloud computing is one of the most sharp and important movement in various computing technologies. It provides flexibility to users, cost effectiveness, location independence, easy maintenance, enables multitenancy, drastic performance improvements, and increased productivity. On the other hand, there are also major issues like security. Being a common server, security for a cloud is a major issue; it is important to provide security to protect user’s private data, and it is especially important in e-commerce and social networks. In this paper, encryption algorithms such as Advanced Encryption Standard algorithms, their vulnerabilities, risk of attacks, optimal time and complexity management and comparison with other algorithms based on software implementation is proposed. Encryption techniques to improve the performance of AES algorithms and to reduce risk management are given. Secure Hash Algorithms, their vulnerabilities, software implementations, risk of attacks and comparison with other hashing algorithms as well as the advantages and disadvantages between hashing techniques and encryption are given.

Keywords: Cloud computing, encryption algorithm, secure hashing algorithm, brute force attack, birthday attack, plaintext attack, man in middle attack

Procedia PDF Downloads 252

Authors: Ali Elshabrawy

Abstract:

Cloud computing is expected to be important for e Government in near future. Governments need it for solving some of its e Government, financial, infrastructure, legacy systems and integration problems. It reduces information technology (IT) infrastructure needs and support costs, and offers on-demand infrastructure and computational power, improved collaboration capabilities, which are important for e Government projects start up and sustainability. Budget pressures will continue to drive more and more government IT to hybrid and even public clouds, and more cooperation between cloud service providers and governmental agencies are expected, Or developing governmental private, community clouds. Motivation to convince governments to use cloud computing services, will create a pressure on cloud service providers to cope with government's requirements for interoperability, security standards, open data and integration between their cloud systems There will be significant legal action arising out of governmental uses of cloud computing, and legislation addressing both IT and business needs and consumer fears and protections. Cloud computing is a considered a revolution for IT and E business in general and e commerce, e Government in particular. As governments faces increasing challenges regarding IT infrastructure required for e Government projects implementation. As a result of Lack of required financial resources allocated for e Government projects in developed and developing countries. Cloud computing can play a major role to solve some of e Government projects challenges such as, lack of financial resources, IT infrastructure, Human resources trained to manage e Government applications, interoperability, cost efficiency challenges. If we could solve some security issues related to cloud computing usage which considered critical for e Government projects. Pretty sure it’s Just a matter of time before cloud service providers will find out solutions to attract governments as major customers for their business.

Keywords: cloud computing, e-government, adoption, supply side barriers, e-government requirements, challenges

Procedia PDF Downloads 329

Authors: Asim Majeed, Rehan Bhana, Mak Sharma, Rebecca Goode, Nizam Bolia, Mike Lloyd-Williams

Abstract:

This study aims to investigate and explore the underlying causes of security concerns of customers emerged when WHSmith transformed its physical system to virtualized business model through NetSuite. NetSuite is essentially fully integrated software which helps transforming the physical system to virtualized business model. Modern organisations are moving away from traditional business models to cloud based models and consequently it is expected to have a better, secure and innovative environment for customers. The vital issue of the modern age race is the security when transforming virtualized through cloud based models and designers of interactive systems often misunderstand privacy and even often ignore it, thus causing concerns for users. The content analysis approach is being used to collect the qualitative data from 120 online bloggers including TRUSTPILOT. The results and finding provide useful new insights into the nature and form of security concerns of online users after they have used the WHSmith services offered online through their website. Findings have theoretical as well as practical implications for the successful adoption of cloud computing Business-to-Business model and similar systems.

Keywords: innovation, virtualization, cloud computing, organizational flexibility

Procedia PDF Downloads 357