GUO Rui-peng

DOI: https://doi.org/10.3969/j.issn.1006-2475.2012.06.047

2012-01-01

Abstract:The emergence of cloud computing enables the enterprises and individuals through the network to use computing resources and storage resources conveniently,cloud computing in data security issues are also increasingly attracted widespread attention.This paper discusses the objectives and requirements of cloud computing security,and analyzes the cloud computing user access,encryption technology,access control,virtualization security and other critical security technologies.

Wenjuan Li,Lingdi Ping,Xuezeng Pan

DOI: https://doi.org/10.1109/iceie.2010.5559829

2010-01-01

Abstract:Security and interoperability is the biggest challenge to promote cloud computing currently. Trust has proved to be one of the most important and effective alternative means to construct security in distributed systems. In order to efficiently and safely construct entities' trust relationship in cloud and cross-clouds environment, this paper proposed a novel cloud trust model and a new cloud security framework. The propose trust model is domain-based. It divides one cloud provider's resource nodes into the same trust domain. It designs different trust strategies for different roles. Trust recommendation is treated as one type of cloud services just like computation or storage. Based on the proposed trust model, it introduced a novel cloud security framework with an independent trust management module. Using the proposed security model, it introduced some trust-based security mechanisms. Results of simulation experiments show that the proposed security model can achieve high transaction success rate with high trust accuracy.

Scott Paquette,Paul T. Jaeger,Susan C. Wilson

DOI: https://doi.org/10.1016/j.giq.2010.01.002

IF: 8.49

2010-07-01

Government Information Quarterly

Abstract:Cloud computing, which refers to an emerging computing model where machines in large data centers can be used to deliver services in a scalable manner, has become popular for corporations in need of inexpensive, large scale computing. Recently, the United States government has begun to utilize cloud computing architectures, platforms, and applications to deliver services and meet the needs of their constituents. Surrounding the use of cloud computing are many risks that can have major impacts on the information and services supported by this technology. This paper discusses the current use of cloud computing in government, and the risks–tangible and intangible–associated with its use. Examining specific cases of government cloud computing, this paper explores the level of understanding of the risks by the departments and agencies that implement this technology. This paper argues that a defined risk management program focused on cloud computing is an essential part of the government IT environment.

information science & library science

Victor Chang,Yen-Hung Kuo,Muthu Ramachandran

DOI: https://doi.org/10.1016/j.future.2015.09.031

IF: 7.307

2016-04-01

Future Generation Computer Systems

Abstract:This article presents a cloud computing adoption framework (CCAF) security suitable for business clouds. CCAF multilayered security is based on the development and integration of three major security technologies: firewall, identity management, and encryption based on the development of enterprise file sync and share technologies. This article presents the vision, related works, and views on security framework. Core technologies have been explained in detail, and experiments were designed to demonstrate the robustness of the CCAF multilayered security. In penetration testing, CCAF multilayered security could detect and block 99.95% viruses and trojans, and could achieve ≥85% of blocking for 100 h of continuous attack. Detection and blocking took <0.012s/trojan or virus. A full CCAF multilayered security protection could block all SQL (structured query language) injection, providing real protection to data. CCAF multilayered security did not report any false alarm. All F-measures for CCAF test results were ≥99.75%. The mechanism of blending of CCAF multilayered security with policy, real services, and business activities has been illustrated. Research contributions have been justified and CCAF multilayered security can be beneficial for volume, velocity, and veracity of big data services operated in the cloud.

Ndukwe Ukeje,Jairo Gutierrez,Krassie Petrova

DOI: https://doi.org/10.1007/s10207-023-00797-6

2024-01-04

International Journal of Information Security

Abstract:The advent of new technologies and applications coupled with the COVID-19 pandemic tremendously increased cloud computing adoption in private and public institutions (government) and raised the demand for communication and access to a shared pool of resources and storage capabilities. Governments across the globe are moving to the cloud to improve services, reduce costs, and increase effectiveness and efficiency while fostering innovation and citizen engagement. However, information security and privacy concerns raised in the past remain significant to government adoption and utilisation of cloud computing. The study conducts a systematic literature review (SLR) using the Preferred Reporting Items for Systematic Reviews and Meta-Analyses (PRISMA) approach to examine information security and privacy as the fundamental challenges to government intention to adopt cloud computing. This study screened 758 articles and included 33 articles that revealed information security and privacy as critical factors and barriers to adopting cloud computing through a systematic evaluation (PRISMA approach). The combined two factors contributed 70% of the significant gaps to the cloud computing adoption challenges. In contrast, the individual contribution of information security and privacy as a significant gap to the challenges of cloud adoption yielded 9% and 12%, respectively. Furthermore, 9% of the authors recognised the need for a framework to address the challenges but could not attempt to develop the framework. The study contributes to the information security body of knowledge, PRISMA studies and provides direction in proposing strategies and frameworks to tackle information security and privacy challenges as future research.

computer science, information systems, theory & methods, software engineering

.Dr. Aakriti Sharma,,

DOI: https://doi.org/10.55041/ijsrem31596

2024-04-25

INTERANTIONAL JOURNAL OF SCIENTIFIC RESEARCH IN ENGINEERING AND MANAGEMENT

Abstract:Cloud computing has revolutionized the way businesses operate, offering unprecedented scalability, flexibility, and cost-efficiency. However, alongside its numerous benefits, cloud computing also presents significant security challenges. This research paper aims to provide a comprehensive comparison of cloud security issues, examining the common threats, vulnerabilities, and mitigation strategies across various cloud deployment models and service types. Through a systematic review of existing literature and case studies, this paper highlights the evolving landscape of cloud security, identifies key challenges, evaluates current solutions, and outlines future directions for research and practice in the field.

Guoyou Chen,Jiajia Miao,Feng Xie,Handong Mao

DOI: https://doi.org/10.4028/www.scientific.net/amm.278-280.1767

2013-01-01

Applied Mechanics and Materials

Abstract:Cloud computing has been a hot researching area of computer network technology, since it was proposed in 2007. Cloud computing also has been envisioned as the next-generation architecture of IT Enterprise [1]. Cloud computing infrastructures enable companies to cut costs by outsourcing computations on-demand. It moves the application software and database to the large data centers, where the management of the data and services may not be fully trustworthy [2]. This poses many new security challenges. In this paper, we just focus on data storage security in the cloud, which has been the most important aspect of quality of service. To ensure the confidentiality and integrity of user's data in the cloud, and support of data dynamic operations, such as modification, insertion and deletion, we propose a framework for storage security, which includes cryptographic storage scheme and data structure. With our framework, the untrusted server cannot learn anything about the plaintext, and the dynamic operation can be finished in short time. The encryption algorithm and data storage structure is simple, and it's easy to maintain. Hence, our framework is practical to use today.

Jianhua Che,Yamin Duan,Tao Zhang,Jie Fan

DOI: https://doi.org/10.1016/j.proeng.2011.11.2551

2011-01-01

Procedia Engineering

Abstract:Cloud computing is introducing many huge changes to people's lifestyle and working pattern recently for its multitudinous benefits. However, the security of cloud computing is always the focus of numerous potential cloud customers, and a big barrier for its widespread applications. In this paper, to facilitate customers to understand the security status quo of cloud computing and contribute some efforts to improving the security level of cloud computing, we surveyed the existing popular security models of cloud computing, e.g. multiple-tenancy model, risk accumulation model, cube model of cloud computing, and summarized the main security risks of cloud computing deriving from different organizations. Finally, we gave some security strategies from the perspective of construction, operation and security incident response to relieve the common security issues of cloud computing.

English Else

Xiaowei Yan,Xiaosong Zhang,Ting Chen,Hongtian Zhao,Xiaoshan Li

DOI: https://doi.org/10.1007/978-3-642-25541-0_95

2011-01-01

Abstract:As a new technique, cloud computing has a rapid development in recent years. However, the security problems have caused great influences to the development and popularization of cloud computing, the importance and urgency has not to be ignored. This paper introduces cloud computing and security situation, studies the main security problems of cloud computing, and comes up with a cloud computing security framework which can effectively solve these security problems, and points out that only to solve the security problems, cloud computing can unceasingly expanded, and the application will be more and more widely. © 2011 Springer-Verlag.

Maziar Janbeglou,WeiQi Yan

DOI: https://doi.org/10.1007/978-3-642-30867-3_42

2013-01-01

Abstract:Cloud computing has been introduced as a tool for improving IT proficiency and business responsiveness for organizations as it delivers flexible hardware and software services as well as providing an array of fundamentally systematized IT processes. Despite its many advantages, cloud computing security has been a major concern for organizations that are making the transition towards usage of this technology. In this paper, we focus on improving cloud computing security by managing and isolating shared network resources in bridge-mode hypervisors.

Hedaia-t-Allah Nabil Abd Al Ghaffar

DOI: https://doi.org/10.1108/reps-09-2019-0125

2020-03-23

Review of Economics and Political Science

Abstract:Purpose The purpose of this paper is to try to reach the main factors that could put national security at risk as a result of government cloud computing programs. Design/methodology/approach The paper adopts the analytical approach to first lay foundations of the relation between national security, cybersecurity and cloud computing, then it moves to analyze the main vulnerabilities that could affect national security in cases of government cloud computing usage. Findings The paper reached several findings such as the relation between cybersecurity and national security as well as a group of factors that may affect national security when governments shift to cloud computing mainly pertaining to storing data over the internet, the involvement of a third party, the lack of clear regulatory frameworks inside and between countries. Practical implications Governments are continuously working on developing their digital capacities to meet citizens’ demands. One of the most trending technologies adopted by governments is “cloud computing”, because of the tremendous advantages that the technology provides; such as huge cost-cutting, huge storage and computing capabilities. However, shifting to cloud computing raises a lot of security concerns. Originality/value The value of the paper resides in the novelty of the topic, which is a new contribution to the theoretical literature on relations between new technologies and national security. It is empirically important as well to help governments stay safe while enjoying the advantages of cloud computing.

English Else

Xuan Zhang,Nattapong Wuwong,Hao Li,Xuejie Zhang

DOI: https://doi.org/10.1109/cit.2010.501

2010-06-01

Abstract:The security risks associated with each cloud delivery model vary and are dependent on a wide range of factors including the sensitivity of information assets, cloud architectures and security controls involved in a particular cloud environment [7]. Over time, organizations tend to relax their security posture. To combat a relaxation of security, the cloud provider should perform regular security assessments [3]. Risk management framework is one of security assessment tool to reduction of threats and vulnerabilities and mitigates security risks. The goal of this paper is to present information risk management framework for better understanding critical areas of focus in cloud computing environment, to identifying a threat and identifying vulnerability. This framework is covering all of cloud service models and cloud deployment models. Cloud provider can be applied this framework to organizations to do risk mitigation.

Kui Ren,Cong Wang,Qian Wang

DOI: https://doi.org/10.1109/MIC.2012.14

IF: 2.68

2012-01-01

IEEE Internet Computing

Abstract:Cloud computing represents today's most exciting computing paradigm shift in information technology. However, security and privacy are perceived as primary obstacles to its wide adoption. Here, the authors outline several critical security challenges and motivate further investigation of security solutions for a trustworthy public cloud environment.

Semen M. Levin

DOI: https://doi.org/10.18799/29495407/2024/2/50

2024-06-25

Abstract:This article is dedicated to the importance of data security on cloud platforms, highlighting the subject relevance in an era where threats to information security are becoming increasingly complex and sophisticated. The primary focus is a comparative analysis of security models employed by leading cloud platforms such as Amazon Web Services, Microsoft Azure, Google Cloud Platform, IBM Cloud, and Oracle Cloud. The research covers various crucial security aspects, including data encryption, identity and access management, monitoring mechanisms and incident response. The article sheds light on current trends and technologies in cloud data protection, including the use of artificial intelligence and machine learning to enhance threat detection efficiency and the implementation of confidential computing and blockchain technologies to improve data protection. Issues of compliance with legal requirements and data security standards are discussed, along with recommendations for organisations to optimise information protection in the cloud environment.

LIU Kai-hua,LI Xiong

DOI: https://doi.org/10.3969/j.issn.1009-3044.2011.08.016

2011-01-01

Abstract:Cloud Computing is currently a hot spot of information industry.On the hand,it brings about not only convenience and efficiency problems,but also great challenges in the field of information security and privacy protection.This paper is to introduce the basic concept,and analyze the challenges of security model and policy in cloud computing.

XUE Yibo,WANG Dawei

DOI: https://doi.org/10.3969/j.issn.1009-6868.2012.04.005

2012-01-01

Abstract:In this paper,we propose a model for securing cloud content.This model has three security levels:management security,access security,and condition of cloud content.We propose a security framework that includes isolated security,cloud storage security,encryption storage,private key management,disaster backup,data destruction,password and private key authentication,authority management,griddle method,encryption protocol identification,and access behavior detection.

Jie Xu,Paul Townend,Junaid Arshad,Wei Jie

DOI: https://doi.org/10.4018/jghpc.2012010104

2012-01-01

International Journal of Grid and High Performance Computing

Abstract:The evolution of modern computing systems has lead to the emergence of Cloud computing. Cloud computing facilitates on-demand establishment of dynamic, large scale, flexible, and highly scalable computing infrastructures. However, as with any other emerging technology, security underpins widespread adoption of Cloud computing. This paper presents the state-of-the-art about Cloud computing along with its different deployment models. The authors also describe various security challenges that can affect an organization's decision to adopt Cloud computing. Finally, the authors list recommendations to mitigate with these challenges. Such review of state-of-the-art about Cloud computing security can serve as a useful barometer for an organization to make an informed decision about Cloud computing adoption.

WenJun Zhang,Qi Chen

DOI: https://doi.org/10.1109/ICEE.2010.177

2010-01-01

Abstract:To address the pressures and challenges in e-government, the author introduced Cloud computing into e-government, proposed the concept of C-government with transparency, participation and collaboration, designed the Cloud architecture and layer implementation of C-government, presented a complete solution for C-government Cloud, and deployed its data, services and applications to remote “Cloud”.

Jiyi Wu,Qianli Shen,Tong Wang,Ji Zhu,Jianlin Zhang

DOI: https://doi.org/10.4304/jcp.6.10.2156-2163

2011-01-01

Abstract:Cloud computing emerges as a new computing paradigm which aims to provide reliable, customized and QoS guaranteed dynamic computing environments for endusers. Although cloud computing industry promises tremendous prospects of market growth, for users of cloud services, cloud computing has a wide range of potential risks and safety issues. This article gives a quick introduction to cloud security. It covers the key technologies of cloud computing, security challenge and problem in cloud computing, recent advances in cloud security. © 2011 ACADEMY PUBLISHER.

Mohemed Almorsy,John Grundy,Amani S. Ibrahim

DOI: https://doi.org/10.1109/cloud.2011.9

2011-07-01

Abstract:Although the cloud computing model is considered to be a very promising internet-based computing platform, it results in a loss of security control over the cloud-hosted assets. This is due to the outsourcing of enterprise IT assets hosted on third-party cloud computing platforms. Moreover, the lack of security constraints in the Service Level Agreements between the cloud providers and consumers results in a loss of trust as well. Obtaining a security certificate such as ISO 27000 or NIST-FISMA would help cloud providers improve consumers trust in their cloud platforms' security. However, such standards are still far from covering the full complexity of the cloud computing model. We introduce a new cloud security management framework based on aligning the FISMA standard to fit with the cloud computing model, enabling cloud providers and consumers to be security certified. Our framework is based on improving collaboration between cloud providers, service providers and service consumers in managing the security of the cloud platform and the hosted services. It is built on top of a number of security standards that assist in automating the security management process. We have developed a proof of concept of our framework using. NET and deployed it on a testbed cloud platform. We evaluated the framework by managing the security of a multi-tenant SaaS application exemplar.