Security Issues in cloud Computing Research Papers (original) (raw)

Abstract— Cloud computing are the modern way of staring data and other important resources the company wants to retrieve safely and conveniently. It offers an innovative way of investment especially to start up enterprises and adopt IT operations without high upfront costs. Despite its potential, cloud computing is affected by various security issues. These include account highjacking, data breaches, malware injection, data recovery, wicked inside attackers, segregation of data, lack of investigative support, and shared vulnerabilities. The challenges facing cloud computing include security and privacy, application issues, accessibility, continuous evolvement, interoperability issues, service level agreements and data center issues.

- by
- •
- Cloud Computing Security, Security Issues in cloud Computing

The landscape of information technology (IT) is continuously developing, and organizations are increasingly
looking to automation as a fundamental approach for maximizing service delivery while simultaneously cutting
costs. When it comes to the delivery of information technology services, automation refers to the use of cutting edge technologies like artificial intelligence (AI), machine learning (ML), robotic process automation (RPA), and
cloud computing. These technologies are utilized to simplify processes, reduce the amount of human
interaction, and improve efficiency. Within the context of information technology service delivery, this abstract
investigates the potential for automation to reduce costs, with a particular emphasis on the tactics and tools
that may be used to generate considerable financial gains.
The decrease of operating expenses is one of the key benefits that automation brings to the supply of
information technology services. The execution of operations that are repetitive and time-consuming may be
accomplished with minimum involvement from humans thanks to automation, which in turn reduces the
chance of human mistake and the expenses associated with labor. By automating routine procedures,
businesses are able to reallocate their human resources to tasks that are more strategic and bring more value to
the firm. This results in an increase in both productivity and cost cost effectiveness. In addition, automation
makes it possible to provide services in a more timely and correct manner, which may result in increased client
satisfaction and retention, eventually leading to an increase in income.
The administration of information technology infrastructure is yet another essential area where automation is
responsible for cost reductions. The monitoring, maintenance, and optimization of information technology
infrastructure may be accomplished with higher accuracy and efficiency by automated systems than by human
methods. Automated monitoring technologies, for instance, have the ability to proactively detect and handle
possible problems before they develop into expensive outages or downtime. In addition, automation makes it
possible to enhance the efficiency with which resources are used. For instance, it may automatically scale cloud
resources in response to demand, which helps to reduce expenditures that are not essential. Because of this
dynamic allocation of resources, information technology services are provided in an effective manner, making
the most of the infrastructure that is available, which ultimately results in a reduction in total operational
expenses.
Furthermore, automation is a crucial factor in the enhancement of the scalability and flexibility of information
technology services. When firms have automated procedures in place, they are able to rapidly expand their
information technology services to meet the ever-changing needs of their businesses without having to make
significant extra expenditures in either their infrastructure or their human resources. This scalability is
especially important in the fast-paced business world of today, when organizations are required to be
adaptable and sensitive to changes in the market. By using automation, organizations are able to reach a better
degree of scalability while simultaneously maintaining cost control, so obtaining an advantage relative to their
competitors.
Additionally, automation helps to save costs by improving compliance and security management, which in turn
leads to additional cost savings. Automated systems have the ability to enforce regulations and compliance
requirements that are uniform throughout the whole information technology ecosystem. It is possible for automation in the supply of information technology services to provide long-term financial
advantages via continual development and innovation, in addition to the immediate cost reductions it may
generate. Systems that are automated are able to gather and analyze huge volumes of data, which may provide
useful insights that can be utilized to optimize procedures, improve service quality, and uncover new potential
for cost savings. This method, which is driven by data, gives enterprises the ability to constantly enhance the
delivery of their information technology services, which ultimately results in consistent cost savings and better
operational efficiency over time.vIn conclusion, the adoption of automation in IT service delivery offers
significant cost-saving opportunities for businesses. By automating routine tasks, optimizing IT infrastructure,
enhancing scalability, improving compliance, and driving continuous improvement, organizations can achieve
substantial financial benefits while maintaining high levels of service quality. As automation technologies
continue to advance, the potential for cost savings in IT service delivery will only grow, making it a critical
component of any organization’s cost management strategy.

- by Srikanthudu Avancha
- •

This paper explores the modernization of legacy data architectures through cloud solutions, focusing on various approaches and their associated benefits. It examines the challenges organizations face with outdated data systems and presents cloud-based strategies such as rehosting, refactoring, replatforming, replacing, and hybrid/multi-cloud approaches. By highlighting the advantages of scalability, cost-effectiveness, performance improvement, and enhanced data management, this study aims to provide insights into how cloud solutions can transform legacy systems and support digital transformation. The paper also addresses potential challenges and considerations in the modernization process, offering practical recommendations for organizations seeking to leverage cloud technologies for improved data architecture.

- by SWETHA SINGIRI
- •

The expansion of cloud computing has undergone a substantial transformation in the manner in which companies handle their data, which has resulted in an increasing usage of data warehouses that are hosted in the cloud. These platforms provide an unrivaled level of scalability, flexibility, and cost-effectiveness, which makes them appealing to enterprises of varying sizes. The transfer from conventional on-premises data warehouses to cloud settings, on the other hand, brings about a variety of issues that need to be handled in order to guarantee a successful deployment and continued maintenance. One of the most significant difficulties is the integration of data. The data that is stored in a cloud environment often comes from a variety of sources, including as on-premises systems, other cloud platforms, and external partners. For the purpose of preserving the consistency and dependability of the data, it is essential to guarantee the smooth integration and synchronization of the data across all of these different sources. In order for organizations to successfully handle this complexity, they need to implement strong data integration tools and procedures. Some examples of these are ETL (Extract, Transform, Load) processes and real-time data streaming. Compliance with regulations and data security are two other key challenges. Data breaches, unauthorized access, and compliance with standards like as GDPR, HIPAA, and CCPA are some of the specific security problems that cloud environments provide, despite the fact that they come with a high level of protection. It is necessary to take a multi-pronged strategy in order to guarantee the safety of data stored in the cloud. This approach should include encryption, access restrictions, frequent audits, and compliance management systems. Additionally, organizations need to be careful about the shared responsibility model, which involves understanding the separation of security duties between the cloud provider and the client. The management of performance is yet another very important area of concern. Keeping queries and analytics running smoothly in the cloud is of the utmost importance as the volume of data continues to increase. The performance of cloud data warehouses must be optimized so that they can manage the processing of enormous amounts of data without sacrificing efficiency. The optimization of data storage formats, indexing algorithms, and the use of cloud-native capabilities like as auto-scaling and serverless computing are often required activities in this context. A continuous activity that involves experience and the appropriate collection of tools, monitoring and tweaking the performance of the data warehouse is a work that must be performed. There are two sides to the coin when it comes to cost management in cloud data warehousing. In spite of the fact that cloud computing provides the opportunity to save money via pay-as-you-go pricing structures, ineffective management might result in expensive charges that were not anticipated. Budgeting, monitoring, and optimizing resource use are all essential components of effective cost management techniques that organizations are required to undertake. Utilizing cost management tools that are offered by cloud suppliers or third-party solutions may be one way to accomplish this goal. These technologies allow for more visibility into expenditure and the identification of possibilities for cost optimization. Managing data warehouses on the cloud presents a number of challenges, one of the most significant being data governance. Because of the enormous quantity of data that is being produced and kept, it is of the utmost importance to guarantee that the data is correct, consistent, and available to those who are permitted to view it. The establishment of rules and processes for the management of metadata, data lineage, and data quality is an

- by Saketh Reddy Cheruku
- •

This research focuses on securing networked Electrocardiogram (ECG) systems by using a quantitative approach to evaluate the effectiveness of various cybersecurity measures. With the increasing reliance on networked medical devices, these systems have become vulnerable to cyber-attacks that can compromise data integrity, system functionality, and patient safety. The study quantitatively examines the impact of encryption levels, authentication methods, and network segmentation on system security by measuring variables such as attack success rates, data breach occurrences, and unauthorized access attempts. Statistical analysis, including regression and ANOVA, is applied to determine the significance of these measures. The findings aim to provide data-driven insights into enhancing the security of networked ECG systems, ultimately contributing to safer healthcare environments.

- by Engr. Tahir Bashir
- •
- Medical Technology, Cyber Security, ECG analysis

This paper aims to provide a comprehensive overview of reverse engineering, discussing its various techniques, applications, challenges, and opportunities. By exploring these aspects, we can better appreciate the role of reverse engineering in advancing technology and solving complex problems. The primary objective of this paper is to elucidate the process and importance of reverse engineering across different domains. We aim to highlight the techniques used in reverse engineering, its applications in various industries, the challenges faced during the process, and the opportunities it presents for future advancements. Reverse engineering has a wide range of applications. In software development and maintenance, it aids in maintaining legacy systems and ensuring interoperability with modern technologies. It also drives product development and innovation by allowing companies to analyze competitors' products and enhance their own. Additionally, reverse engineering is used in legal and forensic contexts to resolve intellectual property disputes and conduct digital forensics. The process of reverse engineering faces several challenges, including technical, legal, and resource limitations. Technical challenges involve complex obfuscation techniques and evolving technologies that complicate the analysis. Legal and ethical challenges include navigating intellectual property laws and maintaining ethical integrity. Resource and expertise limitations involve the need for specialized tools, skilled personnel, and the significant time and cost involved in the process. Despite the challenges, reverse engineering presents numerous opportunities. Advancements in AI and machine learning have enhanced reverse engineering tools, making them more efficient and accurate.

In the fast-paced world of financial services, managing vast amounts of data efficiently and securely is paramount. Hybrid cloud architectures are emerging as a key solution, blending the strengths of on-premises and cloudbased data lakes. This approach offers flexibility, scalability, and enhanced data management capabilities, essential for handling the diverse and dynamic data environments typical of financial institutions. Hybrid cloud architectures enable organizations to leverage their existing on-premises infrastructure while seamlessly integrating with public cloud services. This dual approach ensures that sensitive financial data can be stored securely on-premises, adhering to regulatory requirements, while less sensitive data can benefit from the scalability and cost-efficiency of the cloud. By using a hybrid model, financial institutions can optimize their data storage and processing strategies, ensuring data is always in the right place for the right purpose. Several design patterns facilitate the effective implementation of hybrid cloud architectures in financial data lakes. These include data partitioning, where data is divided based on sensitivity and usage, and hybrid data processing, which leverages both on-premises and cloud resources to meet varying performance and compliance needs. Additionally, data replication and synchronization patterns ensure consistency and availability across both environments, providing robust disaster recovery and business continuity capabilities. Real-world use cases highlight the practical benefits of hybrid cloud architectures. For instance, financial firms can perform complex risk analysis and fraud detection by leveraging cloud-based analytics platforms, while keeping customer data securely on-premises. Another use case involves the integration of real-time market data from the cloud with historical transaction data stored on-premises, enabling more comprehensive and timely insights for trading and investment strategies.

Seamless data migration is crucial for modern enterprises striving to stay competitive and efficient in today's digital landscape. As businesses increasingly move their operations to the cloud and adopt containerization technologies like Kubernetes, ensuring a smooth transition of data becomes a top priority. Data migration, when done right, minimizes downtime, mitigates risks, and enhances performance, ultimately leading to improved business agility and innovation. In this context, cloud environments and Kubernetes pods emerge as pivotal areas of focus. Cloud environments offer scalability, flexibility, and cost-efficiency, making them an attractive option for businesses looking to optimize their IT infrastructure. However, migrating data to the cloud requires careful planning and execution to avoid disruptions and data loss. It involves understanding the unique characteristics of different cloud providers, selecting appropriate migration tools, and ensuring data security and compliance. Kubernetes, on the other hand, revolutionizes how applications are deployed and managed by providing a platform for automating the deployment, scaling, and operations of application containers. Migrating data to Kubernetes pods involves addressing the complexities of container orchestration, managing persistent storage, and ensuring seamless integration with existing systems. Properly configuring Kubernetes clusters, implementing robust backup and recovery strategies, and monitoring the migration process are essential steps to achieve a seamless transition.

Secure cloud architectures are pivotal for the successful implementation of AI-enhanced banking and insurance services in today's digital landscape. As financial institutions increasingly leverage artificial intelligence (AI) to improve operational efficiency, enhance customer experiences, and mitigate risks, ensuring the security and resilience of cloud-based infrastructures becomes paramount. This paper explores the critical role of secure cloud architectures in enabling AI-driven innovations within the banking and insurance sectors. It examines key considerations such as data privacy, encryption, access control, and regulatory compliance to safeguard sensitive financial information and maintain customer trust. Additionally, the paper discusses emerging trends and best practices in cloud security, highlighting the importance of collaboration between industry stakeholders, regulators, and technology providers to address evolving cybersecurity challenges effectively. By adopting robust and scalable cloud architectures, banks and insurance companies can unlock the full potential of AI technologies while mitigating security risks and maintaining regulatory compliance in an increasingly digital and interconnected world.

- by Sridhar Madasamy
- •

This article investigates the full pathway for deploying a modern Warehouse Management System (WMS) and its revolutionary effect on warehouse operations. Beginning with a thorough needs assessment and requirement analysis, the technique includes vendor selection, system integration, customisation, data migration, pilot testing, and complete training. The findings show considerable gains in inventory accuracy, order fulfillment timelines, and operational efficiency, all thanks to real-time data visibility and advanced analytics. A WMS's financial and operational benefits include increased customer satisfaction and significant cost reductions. Despite hurdles such as staff opposition and integration complications, strategic planning and thorough training effectively addressed these issues. Case examples from the retail, manufacturing, and ecommerce industries demonstrate the broad applicability and beneficial effects of WMS deployment. Looking ahead, incorporating technology such as artificial intelligence, machine learning, and the Internet of Things promises to accelerate progress. This article indicates that a contemporary WMS is critical for optimizing warehouse operations and establishing a competitive advantage in a changing market scenario.

- by Mahboob Al Bashar
- •
- Industrial Engineering

In the ever-evolving landscape of digital infrastructure, the adoption of cloud computing has ushered in unparalleled opportunities for innovation but has also introduced complex challenges in securing sensitive data. This research, titled "Beyond the Firewall: Understanding and Mitigating Cloud Security Challenges," embarks on a comprehensive exploration of the multifaceted dimensions surrounding cloud security. The study delves into the intricacies of cloud security, transcending traditional boundaries set by firewalls. From elucidating the dynamics of shared responsibility models to dissecting the nuances of identity and access management, the research unravels the complexities inherent in safeguarding data within the expansive digital cosmos. It addresses elusive threats like data breaches and underscores the critical importance of adaptive strategies to navigate the ever-changing threat landscape. This research goes beyond theoretical discourse, offering actionable insights for organizations seeking to fortify their cyber defenses. It emphasizes the need for a paradigm shift in understanding security challenges in the cloud era and advocates for a proactive approach to mitigate potential risks. By illuminating the path "Beyond the Firewall," this study aims to empower stakeholders with practical knowledge, enabling them to establish robust security frameworks that resonate with the dynamic nature of modern digital ecosystems. Join us on this expedition into the heart of cloud security challenges, as we decipher the complexities and chart a course towards a more resilient and secure digital future.

Denial of service (DOS) and distributed denial of service (DDOS) have become major threats in a computer network. The function of a DDOS attack is fundamental to make the system not to respond any requests or providing services. Detection and prevention of DOS/DDOS is a tedious process. In the earlier days, it can be prevented by using the puzzle-solving technique. In puzzle-solving technique first, the server generates some puzzles and it sends to the client. Then the client solves the puzzle and it sends it to the server then the server confirms that the client able to obtain the service from the server. In this type of puzzle-solving technique attackers can merely reply to the server it cannot be identified in this puzzle-solving technique and Graphics Processing Unit (GPU)-inflation DoS doesn't work and it publish puzzle function in advance. It can be enhanced or overcome by using software puzzle-solving technique it dynamically generates puzzle function. This technique expl...

- by S Tharni
- •

The Python programming language has various module libraries for network scanning of hosts. In this paper the performance and implementation of a modified script for Linux based operating systems using a linear algorithm for network port... more

An increasing number of organizations are adopting cloud technologies, often in conjunction with existing data center (DC) facilities. This hybrid approach, blending traditional and cloud environments, necessitates a dual focus on maintaining traditional security measures while also protecting cloud-based operations with compatible tools. Current literature typically addresses the security aspects of these environments separately, overlooking the nuances of a combined cybersecurity setup. This gap is particularly evident in the ongoing evolution of cyber defense maturity in parallel environments. This paper introduces a novel and practical hybrid model designed to assess and enhance organizational cyber maturity across both traditional environment and cloud environment operating in tandem. By applying this unified model, organizations can set improvement targets for cyber defense maturity, tailor responses to emerging digital threats, and simultaneously safeguard the integrity of their traditional systems. The procedure is fundamentally fluid, entailing ongoing enhancement of cybersecurity practices and consistently revising maturity goals to match the changing needs of the business and the organization's shifting landscape.

In today's digital age with cloud computing at its forefront, the importance of robust security frameworks, especially the Shared Responsibility Model (SRM) in cloud security, is increasingly recognized. Literature has focused on technical and legal aspects of SRM deployment leaving its strategic integration through Cloud Security Maturity Model (CSMM) underexplored. This research meticulously explores the escalating necessity for employing a CSMM amidst organizations, strategically integrating the deployment of a SRM during their cloud adoption journey. It delves into the nuances of two primary CSMMs: the vendor-specific "AWS Security Maturity Model" and the vendor-neutral "CSA Cloud Security Maturity Model". A detailed comparative analysis reveals the intricacies, benefits, and challenges inherent in each model, offering practical insights for diverse organizational security needs. By blending theoretical and pragmatical perspectives, this study provides actionable recommendations for organizations to customize their cloud security approach. The manifesto not only augments scholarly discussions on cloud security maturity but also equips organizations with a strategic blueprint for tailoring their cloud security initiatives in an ever-evolving digital landscape.

Cloud computing is a new paradigm model that offers different services to its customers. The increasing number of users for cloud services i.e. software, platform or infrastructure is one of the major reasons for security threats for customers' data. Some major security issues are highlighted in data storage service in the literature. Data of thousands of users are stored on a single centralized place where the possibility of data threat is high. There are many techniques discussed in the literature to keep data secure in the cloud, such as data encryption, private cloud and multiple clouds concepts. Data encryption is used to encrypt the data or change the format of the data into the unreadable format that unauthorized users could not understand even if they succeed to get access of the data. Data encryption is very expensive technique, it takes time to encrypt and decrypt the data. Deciding the security approach for data security without understanding the security needs of the data is a technically not a valid approach. It is a basic requirement that one should understand the security level of data before applying data encryption security approach. To discover the data security level of the data, the authors used machine learning approach in the cloud. In this paper, a data classification approach is proposed for the cloud and is implemented in a virtual machine named as Master Virtual Machine (Vmm). Other Vms are the slave virtual machines which will receive from Vmm the classified information for further processing in cloud. In this study the authors used three (3) virtual machines, one master Vmm and two slaves Vms. The master Vmm is responsible for finding the classes of the data based on its confidentiality level. The data is classified into two classes, confidential (sensitive) and nonconfidential (non-sensitive/public) data using K-NN algorithm. After classification phase, the security phase (encryption phase) shall encrypt only the confidential (sensitive) data. The confidentiality based data classification is using K-NN in cloud virtual environment as the method to encrypt efficiently the only confidential data. The proposed approach is efficient and memory space friendly and these are the major findings of this work.

- by Teejay Low
- •
- Computer Science, Computer Security, Encryption, Cloud Computing

If all of the top levels of security fail, the final and most critical tier, data security, must not fail [1]. By breaching this layer of defence, the CIA's triad principles of confidentiality, integrity, and availability are undermined. However, increasing security reduces the performance of the system and usability. This paper addresses the fundamentals of cloud computing as well as its key challenge: security. This paper examines a variety of cryptographic methods used by major cloud providers. It proposes an alternative algorithm for encrypting data in transit from the user to the cloud in order to ensure data security and defend against Man-in-the-Middle (MitM) attacks like sniffing. The paper concludes by urging further study into the proposed cryptography algorithm in order to ensure data protection and privacy in all three data states.

- by Felix Bentil
- •
- Computer Science, Computer Security, Cryptography, Cloud Computing

The SHAMEL Exam is the second important exam in Jordan; accordingly, the preservation of confidentiality and security are the most important priorities of the exam managers. Recently, AL-Balqa Applied University (BAU) in Jordan has computerized the exam and one of the suggestions was to utilize the cloud computing applications. However, cloud computing entails many security concerns that may have impacts on the exam information security. This research discusses the current use the cloud computing in many life aspects and then concentrate on online exams aspect; also, this research clarifies the tangible and intangible risks associated with cloud computing adoption. Then, the research examined a specific case study related to the subject matter. Finally, this research explores the level of understanding risks and methods may be used to reduce it and help in protecting data from unauthorized persons.

In addition to security advantages like implementing defense in depth and complying with compliance standards, current bastion services are simple to deploy and fit into the DevOps culture. Bastions continue to be the most dependable and secure options for secure access to cloud infrastructures because they offer administrative simplicity without surrendering compliance and security. In this paper, an experimental set up was conducted to measure the cycle time it takes to provision resources using manual point-and-click graphical user interface (GUI) in Amazon web services (AWS) and time it takes for codified infrastructure to make application programming interface (API) calls using terraform. It also focuses on the design and deployment of Bastion host on AWS and terraform, and the comparison between the two with respect to various parameters.

In today's highly interconnected world, network security has become a critical aspect of protecting organizations from cyber-attacks. The increasing sophistication of attackers and their ability to exploit software and firmware vulnerabilities pose significant dangers to the security of networks. However, many organizations often neglect the essential steps required to secure their networks, leading to an increased risk of security breaches. In this research article, we aim to address this issue by investigating network security concepts, potential dangers, and practical defense strategies. We begin by exploring the different types of cyber-attacks and their sources, highlighting the various ways attackers exploit network vulnerabilities. We also examine the reasons why organizations often overlook network security and the consequences of not prioritizing it. To better understand the complexity of network security, we categorize the different security concerns using the CIA (confidentiality, integrity, and availability) triangle. This approach allows us to identify the various areas of vulnerability and their potential impact on network security. Next, we focus on the most crucial basic concepts and steps involved in various network security operations. We outline the best practices and practical approaches organizations can take to improve their network security, including implementing security policies and procedures, using encryption and authentication methods, and conducting regular security assessments. By highlighting the importance of network security and providing practical guidance on how organizations can defend against cyber-attacks, we hope to raise awareness and help prevent security breaches.

Cloud computing is emerging software technology based on the network and it is a technique that provide to access data from server. It describes extremely scalable computing assets provided as an external service via the internet on a pay- as- you-go basis. As we all know about cloud computing so there are many factors which we have to focus on. ―Security‖ is one of the major topic in cloud computing or we can say security of customer‘s sensitive information. With the increase in popularity of cloud data storage, efficiently proving the integrity of the data stored at an untrusted server has become significant. A cloud storage system, consisting of a group of storage servers, provides long storage services over net. Storing information in third party‘s cloud system causes serious concern over information confidentiality. General coding schemes protect information confidentiality, however also limit the functionality of the storage system as a result of a couple of operations are sup...

- by Yogesh Bhardwaj
- •
- Computer Science, Computer Security, Encryption, Cloud Computing

Cloud computing is a distributed computing environment that provides on demand services to the users for deploying their computational needs in a virtualized environment without the knowledge of technical infrastructure. Due to reliability, scalability, high performance and low band width most of the organizations are running their applications in cloud. The cloud service providers provide the services to the registered cloud users on payment basic across the glove. The cloud services are basically categorized as SaaS, PaaS, and IaaS. The services are available to the users depending on cloud deployment and the SLA (service level agreements) between the service providers and the users. Providing security to the users and trust into cloud environment is the responsibility of the cloud service providers. The main objective of this paper is to provide a clear idea about the cloud service models and outline the security issues in the service models.

- by Dr.Satyabrata Dash
- •
- Business, Information Systems, Computer Science, Information Security

This paper presents an methodology for providing high availability to the demands of cloud"s clients. To succeed this objective, failover approaches for cloud computing using combined checkpointing procedures with load balancing algorithms are purposed in this paper. Purposed methodology assimilate checkpointing feature with load balancing algorithms and also make multilevel barrier to diminution checkpointing overheads. For execution of purposed failover approaches, a cloud simulation environment is established, which the ability to provide high availability to clients in case of disaster/recovery of service nodes. Also in this paper comparison of developed simulator is made with existing approaches. The purposed failover strategy will work on application layer and provide highly availability for Platform as a Service (PaaS) feature of cloud computing.

- by Amit Chhabra
- •
- Computer Science, Distributed Computing, Cloud Computing, Failover

Cloud computing technology is the modern trend in the information technology era. In general, the word computing gives a meaning of evolution of an existing IT infrastructure that provides a long-dreamed vision of computing as a utility for the existing resources. The rapid development of the cloud services and its technology to play an inevitable role in the profit centric organizations. Now-a-days more number of business firms utilizes the cloud services in an effective and efficient manner. Due to the more concern on the data transaction conducted by the business organizations as well as more number of government organizations bring an question mark for the security. The way of data transaction for cloud computing under different cloud models (such as Private, Public, Hybrid, Community …).There will be a mechanism to protect the data under each cloud by different security as well as authentication algorithm. In this paper, mainly focus on the security mechanism data transaction u...

- by Mohamed Sirajudeen
- •
- Business, Computer Science, Authentication, Computer Network

Cloud computing is a revolutionary mechanism that changing way to enterprise hardware and software design and procurements. Because of cloud simplicity everyone is moving data and application software to cloud data centers there still exist significant issues that need to be considered before shifting into cloud. Security stands as major obstacle in cloud computing. This paper gives an overview of the security issues on data storage along with its possible solutions many companies are not ready to implement cloud computing technology due to lack of proper security control policy and weakness in protection which lead to many challenge in cloud computing. An independent mechanism is required to make sure that data is correctly hosted in to the cloud storage server. In this paper, we will discuss the different techniques that are used for secure data storage on cloud. This paper also provides a process to avoid Collusion attacks of server modification by unauthorized users.

- by IJRASET Publication
- •
- Cloud Computing, Cloud Storage, Issues, Conclusion

In this paper, security issues associated with cloud computing are reviewed. Additionally, the types of cloud and service models have also been pointed out. Cloud computing has ruled the data innovation industry as of late. Giant data centers that provide cloud services are been set up due to the global approval of cloud and virtualization innovations. Cloud computing is characterized as a web-based software service since Information Technology (IT) resources like network, server, storage, and so on are based on the Web. Along these lines, cloud computing services can be utilized at any place and whenever on the Personal Computer (PC) or smart mobile phones. In light of the on-demand, adaptable and versatile administration it can give, a considerable measure of companies that beforehand deployed locally has moved their organizations to the cloud. Although cloud computing brings a whole lot of advantages, many security challenges have been brought up to both cloud providers and clients.

- by Evans Kwame Opoku
- •
- Computer Science, IT and Innovation, Cloud Computing, Cloud Computing Security

Honeypots are security defence tools. They are fake hosts designed to lure attackers away from real systems and capture malware threat analytics and attacker behaviour data for later analysis. The efficacy of a honeypot in attack mitigation and collecting attack behaviour
analysis lies in its ability to obfuscate itself as a real system. Attackers are often successful in
identifying honeypots because of the limitations inherent to fake systems. Honeypots are a
vital part of the defence against attacks on computer networks. Their ability to lure attackers
away from real targets makes them a crucial security tool. However, attackers are coming up
with new ways of identifying and taking over honeypots. In the never-ending race against
novel attacks, honeypots and how we use them must also be further developed.
This project solves some of the inherent limitations of honeypots by designing, building and
evaluating a novel honeypot deployment concept leveraging cloud technologies. This new
concept, a small, substantial contribution in the field, shifts the approach of deploying
honeypots into the cloud. It is a new development in how honeypots are used and deployed
in the cloud reducing the maintenance costs of honeypots in mitigating attacks by relying on
resources that do not exist when the attack is started.
In section one of the project, the efficacy of common honeypots is researched, and gaps are
identified in the literature to explore the state of the art of honeypot development and to
pinpoint the issues with common honeypots, how attackers can identify them and the lack of
research in leveraging the possibilities of the cloud in honeypot deployment. Section two
breaks down the issues identified to honeypot believability, security, availability, automation
and resource usage, setting the objectives to deploy honeypots in a resource-aware, timely
and stealthy manner to resist identification by attackers by making honeypots
indistinguishable from legitimate hosts. A novel, dynamic honeypot deployment concept is
designed and implemented on a cloud platform in section three. Tests are set up, executed,
and test results are captured in section four to prove the feasibility of the novel honeypot
deployment design. Section five contains the analysis of the test results, and section 6
concludes the project. In section seven, further research opportunities of interest are
discussed.

- by S Kumar
- •
- Cloud Computing, Risk Analysis, Data Security, Data Processing

Cloud Computing refers to the use of computer resources as a service on-demand via internet. It is mainly based on data and applications outsourcing, traditionally stored on users' computers, to remote servers (datacenters) owned, administered and managed by third parts. This paper is an overview of data security issues in the cloud computing. Its objective is to highlight the principal issues related to data security that raised by cloud environment. To do this, these issues was classified into three categories: 1-data security issues raised by single cloud characteristics compared to traditional infrastructure, 2-data security issues raised by data life cycle in cloud computing (stored, used and transferred data), 3-data security issues associated to data security attributes (confidentiality, integrity and availability). For each category, the common solutions used to secure data in the cloud were emphasized.

- by Abdelhafid Zitouni
- •
- Computer Science, Cloud Computing, Cloud Computing Security, arXiv

In this work, we employ a key access control management scheme which effortlessly transitions any organization-like security policy to state of the art cloud level security. Offering a very flexible, secure, and hierarchical key access mechanism for institutions that deal with mission-critical data. The scheme also minimizes concerns about moving critical data to the public cloud and ensures only the users with sufficient permission from equal or higher privileged members can access the key by the use of topological ordering of a directed graph which includes self-loop. The main overheads such as public and private storage needs are restricted to a level that is tolerable, and the derivation of key is computationally fast and efficient. From a security perspective, the proposed scheme would be resistant to collaboration attacks and would provide key in distinguishability security. Since the key isn't stored anywhere so, the problem of a data breach is eliminated.

The version presented here may differ from the published version or, version of record, if you wish to cite this item you are advised to consult the publisher's version. Please see the 'permanent WRAP URL' above for details on accessing... more

- by sahel alouneh
- •
- Computer

The study of the mind and how we behave regarding certain things is tied to psychology. Psychology in itself is merely a field of study that studies the scientific nature of the mental states and processes of the mind. American Psychological Association defines psychology as the study of the mind and behavior. The question of how our minds affect our physical processes is a topic of great concern in psychology. Asserts that psychology is considered mainly a" hub science," having hefty connections to social sciences, medical science, and education. The interactions involve the mutuality between our internal and external states, and what extends from it plays an essential role in shaping the manifestations of our life's endeavors. The outfits of psychology determine how we handle tools, people, processes, etc., even in our places of work; the way we address our fellow workers, devices, and tools has almost everything to do with our psychological makeup.

- by Sadiq Abdulkarim and +1
- •
- Cyber Security, Computer science & Information Technology, Security Issues in cloud Computing, Internet of Things (IoTs)

Insider threat has become a serious information security issues within organizations. In this paper, we analyze the problem of insider threats with emphases on the Cloud computing platform. Security is one of the major anxieties when planning to adopt the Cloud. This paper will contribute towards the conception of mitigation strategies that can be relied on to solve the malicious insider threats. While Cloud computing relieves organizations from the burden of the data management and storage costs, security in general and the malicious insider threats in particular is the main concern in cloud environments. We will analyses the existing mitigation strategies to reduce malicious insiders threats in Cloud computing.

- by Jemal H . Abawajy
- •
- Data Security, Cloud Computing Security

• Check any questions that have arisen during copy editing or typesetting and insert your answers/corrections. •Check that the text is complete and that all figures, tables and their legends are included. Also check the accuracy of special characters, equations, and additional files if applicable. Substantial changes in content, e.g., new results, corrected values, title and authorship are not allowed without the approval of the responsible editor. In such a case, please contact us for futher advice. • If we do not receive your corrections within 48 hours, we will send you a reminder. • The final versions of your article will be published around one week after receipt of your corrected proofs.

- by Tereza Cristina Carvalho
- •
- Network Security, Taxonomy, Computing, Cloud Computing

Presentation for paper "Checkpointing as a counter to security issues in cloud computing"

The growth of cloud computing over the years has been phenomenal with users and organizations alike relying more and more on the services offered on the cloud. Outages, however, have been a thorn in the flesh for service providers over the years. The objective of this study was to determine whether checkpointing can be proactively used as a counter to security issues. FTCloudSim was used as a simulator to test the effect of checkpointing on data losses caused by security breaches. The simulator was set up to create checkpoints at recommended intervals thus saving images of the state of cloudlets periodically. Outages were then randomly injected during the simulation. Results showed that checkpointing recovered 93% of the tasks using both service availability and execution availability as parametric measures. The results show that checkpointing can effectively be used in cloud computing infrastructure as a suitable measure against data losses caused by security breaches.

- by European Scientific Journal ESJ
- •
- Computer Science, IT and Innovation, Engenering

Abstract
Most healthcare organizations are rapidly moving toward cloud computing technology as it is a reliable source of secured storage centre and easily accessible through the internet. Tradition hard drive storage containing organization resources, program and data are often vulnerable to untimely breakdowns, low service utilization, gross inefficiently, and inflexibility especially at a time when organizations desire stable and continued network operations. As such, cloud computing technology is a promising and attractive secured storage centre for vital healthcare patient data and records. Remarkably, cloud computing technology operations are design for multiple organizations and functions with the flexibility to accommodate healthcare facilities, private and public organization and education enterprises.

- by Paul Bukie
- •
- Oil and Gas Pipeline, Pipeline Monitoring, Big Data Analytics, Pipeline Issues

• To introduce the emerging technologies, their perspectives and other imperatives; • To understand the paradigm of cloud computing, its goals and utilities in today's' computing scenarios; • To inculcate the concepts of mobile computing, its goals and applications; • To discuss the application of emerging technologies; • To sensitize about the emerging issues and the concept of green IT and related security issues; and • To know the concept of BYOD and Web 2.0 technologies and related challenges. Task Statements • To understand various emerging technologies; and • To suitably adopt the same in enterprises. Knowledge Statements • To know the concept of cloud computing and mobile computing; • To know about Green IT and related security issues; and • To know the concept of BYOD & Web 2.0. 8.1 Introduction Recently, emerging technologies are seen to be having enormous potential to meet the global challenges. One of the high-potential technologies is considered to be informatics. It is expected to revolutionize the value-additions to the huge information component, which is growing exponentially. Technological innovations in the field of storage, mining and services may be the key to address emerging challenges. Though a number of other advance technologies include synthetic biology, Nano-scale design, systems biology, wireless networks, ICT (Information and Communications Technology) enhanced educational systems etc. ICT appears to be spearheading all such developments at one or the other levels. In order to add some flavor to address the challenges, some of the technologies, which have recently emerged and are being rapidly adapted include cloud, grid, mobile, and green computing.

- by Prince George
- •

Cloud computing is an internet-based computing service in which large groups of remote severs are networked to allow centralized data storage and online access to computer services or resources. Cloud service provider can enable a pay as you-go model, where customers are charged based on the type of resources and per usage. This paper will give a about different security aspect of cloud environment that provides virtual hardware and software to its user.

- by kanchan matta
- •
- Security Issues in cloud Computing

Cloud computing provides exceptional flexibility of sharing of resources among millions of user across the globe covering small business to large enterprise. It also provides an infrastructure to compile and process the complex scientific data for various data mining applications. It offers numerous benefits that help small and medium scale businesses to extract computing services at very affordable cost. As the consumption of cloud services is increasing, various security issues came into existence. In this paper we collect the information regarding number of security issues and categorize them.

- by Riya Pathak
- •
- by Mohammad Samadi
- •
- Information Security, Database Systems, Privacy, Network Security

Master's (two year) thesis in Informatics (30 credits) Muhammad Inam ul Haq i Title: The major security challenges to cloud computing.

- by mike Imbo
- •

Advancement in computing facilities marks back from 1960's with introduction of mainframes. Each of the computing has one or the other issues, so keeping this in mind cloud computing was introduced. Cloud computing has its roots in older technologies such as hardware virtualization, distributed computing, internet technologies, and autonomic computing. Cloud computing can be described with two models, one is service model and second is deployment model. While providing several services, cloud management's primary role is resource provisioning. While there are several such benefits of cloud computing, there are challenges in adopting public clouds because of dependency on infrastructure that is shared by many enterprises. In this paper, we present core knowledge of cloud computing, highlighting its key concepts, deployment models, service models, benefits as well as security issues related to cloud data. The aim of this paper is to provide a better understanding of the cloud computing and to identify important research directions in this field

- by IJERA Journal
- •
- by Tasmain gorag
- •

Malicious Insider threats consist of employees, contractors, or business partners who either have current authorized access, or have had authorized access to an organization’s critical information and have intentionally misused that access in a manner that compromised the organization. Although incidents initiated by malicious insiders are fewer in number than those initiated by external threats, insider incidents are more costly on average because the threat is already trusted by the organization and often has privileged access to the organization’s most sensitive information. In spite of the damage they cause there are indications that the seriousness of insider incidents are underappreciated as threats by management. The purpose of this research was to investigate who constitutes MI threats, why and how they initiate attacks, the extent to which MI activity can be modeled or predicted, and to suggest some risk mitigation strategies. The results reveal that addressing the Malicious Insider threat is much more than just a technical issue. Dealing effectively with the threat involves managing the dynamic interaction between employees, their work environment and work associates, the systems with which they interact, and organizational policies and procedures. Techniques for detecting and mitigating the threat are available and can be effectively applied. Some of the procedural and technical methods include definition of, follow through, and consistent application of corporate, and dealing with adverse events indigenous to the business environment. Other methods include conduct of a comprehensive Malicious Insider risk assessment, selective monitoring of employees in response to behavioral precursors, minimizing unknown access paths, control of the organization’s production software baseline, and effective use of peer reporting. Keywords: Cybersecurity, Professor Paul Pantani, CERT, malicious, insider,IDS, SIEMS. FIM, RBAC, ABAC, behavioral, peer, precursors, access, authentication, predictive, analytics, system, dynamics, demographics

- by larry schluderburg
- •

To reduce Cost of data ware house deployment , virtualization is very Important. virtualization can reduce Cost and as well as tremendous Pressure of managing devices, Storages Servers, application models & main Power. In current time, data were house is more effective and important Concepts that can make much impact in decision support system in Organization. Data ware house system takes large amount of time, cost and efforts then data base system to Deploy and develop in house system for an Organization. Due to this reason that, people now think about cloud computing as a solution of the problem instead of implementing their own data were house system. In this paper, how cloud environment can be established as an alternative of data ware house system. It will given the some knowledge about better environment choice for the organizational need. Organizational Data were house and EC2 (elastic cloud computing) are discussed with different parameter like ROI, Security, scalability, robustness of data, maintained of system etc.

- by IJERA Journal
- •
- Information Systems, Computer Science