GUO Rui-peng

DOI: https://doi.org/10.3969/j.issn.1006-2475.2012.06.047

2012-01-01

Abstract:The emergence of cloud computing enables the enterprises and individuals through the network to use computing resources and storage resources conveniently,cloud computing in data security issues are also increasingly attracted widespread attention.This paper discusses the objectives and requirements of cloud computing security,and analyzes the cloud computing user access,encryption technology,access control,virtualization security and other critical security technologies.

Qiu Xiu-feng,Liu Jian-wei,Zhao Peng-chuan

DOI: https://doi.org/10.1109/aimsec.2011.6010435

2011-01-01

Abstract:There are tremendous business prospects for the cloud computing application on mobile internet. But combining cloud computing technology into mobile internet gives birth to a serial of security problems. One of the challenges is to construct the cloud computing secure architecture on mobile internet. After analyzing the available cloud computing security risks and secure architectures, and taking into account the characteristics of mobile internet, this paper designs a general secure cloud computing architecture on mobile internet with the advantages such as multi-hierarchy, multi-level, elasticity, cross-platform and unified user interface.

Jiaqing Mo,Zhongwang Hu,Hang Chen,Wei Shen

DOI: https://doi.org/10.1155/2019/4520685

2019-01-01

Wireless Communications and Mobile Computing

Abstract:Nowadays, due to the rapid development and wide deployment of handheld mobile devices, the mobile users begin to save their resources, access services, and run applications that are stored, deployed, and implemented in cloud computing which has huge storage space and massive computing capability with their mobile devices. However, the wireless channel is insecure and vulnerable to various attacks that pose a great threat to the transmission of sensitive data. Thus, the security mechanism of how the mobile devices and remote cloud server authenticate each other to create a secure session in mobile cloud computing environment has aroused the interest of researchers. In this paper, we propose an efficient and provably secure anonymous two-factor user authentication protocol for the mobile cloud computing environment. The proposed scheme not only provides mutual authentication between mobile devices and cloud computing but also fulfills the known security evaluation criteria. Moreover, utilization of ECC in our scheme reduces the computing cost for mobile devices that are computation capability limited and battery energy limited. In addition, the formal security proof is given to show that the proposed scheme is secure under random oracle model. Security analysis and performance comparisons indicate that the proposed scheme has reasonable computation cost and communication overhead at the mobile client side as well as the server side and is more efficient and more secure than the related competitive works.

Geethu Thomas,Prem Jose V,P.Afsar

DOI: https://doi.org/10.48550/arXiv.1310.8392

2013-10-31

Abstract:Cloud Computing has been envisioned as the next generation architecture of IT Enterprise. The Cloud computing concept offers dynamically scalable resources provisioned as a service over the Internet. Economic benefits are the main driver for the Cloud, since it promises the reduction of capital expenditure and operational expenditure. In order for this to become reality, however, there are still some challenges to be solved. Most important among these are security and trust issues,since the users data has to be released to the Cloud and thus leaves the protection sphere of the data <a class="link-external link-http" href="http://owner.In" rel="external noopener nofollow">this http URL</a> contrast to traditional solutions, where the IT services are under proper physical,logical and personnel controls, Cloud Computing moves the application software and databases to the large data centers, where the management of the data and services may not be fully trustworthy. This unique attribute, however, poses many new security challenges which have not been well understood. Security is to save data from danger and vulnerability. There are so many dangers and vulnerabilities to be handled. Various security issues and some of their solution are explained and are concentrating mainly on public cloud security issues and their solutions. Data should always be encrypted when stored(using separate symmetric encryption keys)and transmitted. If this is implemented appropriately, even if another tenant can access the data, all that will appear is gibberish. So a method is proposed such that we are encrypting the whole data along with the cryptographic key.

Distributed, Parallel, and Cluster Computing,Cryptography and Security

LIU Jianwei,QIU Xiufeng,LIU Jianhua

DOI: https://doi.org/10.3969/j.issn.1009-6868.2012.03.012

2012-01-01

Abstract:In this paper,we emphasize the necessity of designing a secure cloud computing architecture for mobile Internet.We analyze cloud computing security risks and secure architectures and propose a general secure cloud computing architecture that takes into account the characteristics of mobile Internet.This architecture has a multihierarchy,multilevel,elastic,cross-platform,unified user interface that can provide cloud services with different levels of security.The cross-layer cloud security management platform can be used to monitor the whole system and maintain different security domains and levels.

Mujeeb-ur- Rehman Jamali,Shahmurad Chandio,Nadeem Ahmed Kanasro

DOI: https://doi.org/10.21015/vtse.v11i1.1391

2023-03-26

VFAST Transactions on Software Engineering

Abstract:E-commerce and mobile commerce are two new business methodologies that utilize the cloud. A new technology called cloud computing uses the Internet to process and store data from a network of distant computers that are dispersed around the globe. Any online transaction must have security as a necessary component. Therefore, one of the main issues with the cloud is security. If electronic commerce's security is breached, customers can lose trust in it. An unauthorized individual should not have access to or be able to intercept a customer's personal information while it is being transmitted. Data integrity is a major problem since personal information shouldn't be changed before, during, or even after it is at rest on the network. The suggested solution ensures the protection of personal data and the avoidance of security problems. We have developed a solution in this study to address issues with privacy, confidentiality, and the integrity of data stored in the cloud, among other security-related issues. The suggested method employs over-encryption that is double encryption, to avoid the various security issues. It can be inferred from the results that ECC (secp256r1) utilised less time for encryption operation as compared to others asymmetric algorithms with small dispersion from means and recorded results behaviour of data is consistent because data point tends to be very close, Decryption operation ElGamal during of time was smaller than ECC and RSA with small consistent behaviour.

Sandeep K. Sood

DOI: https://doi.org/10.1016/j.jnca.2012.07.007

IF: 7.574

2012-11-01

Journal of Network and Computer Applications

Abstract:Cloud computing is a forthcoming revolution in information technology (IT) industry because of its performance, accessibility, low cost and many other luxuries. It is an approach to maximize the capacity or step up capabilities vigorously without investing in new infrastructure, nurturing new personnel or licensing new software. It provides gigantic storage for data and faster computing to customers over the internet. It essentially shifts the database and application software to the large data centers, i.e., cloud, where management of data and services may not be completely trustworthy. That is why companies are reluctant to deploy their business in the cloud even cloud computing offers a wide range of luxuries. Security of data in cloud is one of the major issues which acts as an obstacle in the implementation of cloud computing. In this paper, a frame work comprising of different techniques and specialized procedures is proposed that can efficiently protect the data from the beginning to the end, i.e., from the owner to the cloud and then to the user. We commence with the classification of data on the basis of three cryptographic parameters presented by the user, i.e., Confidentiality (C), Availability (A) and Integrity (I).The strategy followed to protect the data utilizes various measures such as the SSL (Secure Socket Layer) 128-bit encryption and can also be raised to 256-bit encryption if needed, MAC (Message Authentication Code) is used for integrity check of data, searchable encryption and division of data into three sections in cloud for storage. The division of data into three sections renders supplementary protection and simple access to the data. The user who wishes to access the data is required to provide the owner login identity and password, before admittance is given to the encrypted data in Section 1, Section 2, and Section 3.

computer science, interdisciplinary applications, software engineering, hardware & architecture

Ruay-Shiung Chang,Jerry Gao,Volker Gruhn,Jingrui He,George Roussos,Wei‐Tek Tsai,Richard K. Lomotey,Yan Zhu,Di Ma,Dijiang Huang,Changjun Hu

2016-01-01

Abstract:Mobile cloud computing (MCC) is just cloud computing in which at least some of the devices like mobiles, PDA etc are involved. This paper drives over several authentication techniques and methods for mobile cloud computing. An analysis of the existing works are carried out. This Paper also analyses the attacks and Issues that occur during authentication in the mobile cloud environment. Security is the main issue that obstructs cloud from being widely adopted. A framework called the Mobile Cloud Authenticator (MCA) is proposed for authenticating the mobile users in the mobile cloud environment. The overall framework of MCA consists of three major entities namely, Cloud users, Mobile network and Cloud. There is a system called Unified Cloud Authenticator (UCA) which is placed in between the mobile network and Cloud Service Provider (CSP). It authenticates both users and CSP. The UCA contains Authentication Server

Jacques Bou Abdo

DOI: https://doi.org/10.48550/arXiv.2102.09051

2021-02-17

Networking and Internet Architecture

Abstract:Mobile cloud computing is a very strong candidate for the title "Next Generation Network" which empowers mobile users with extended mobility, service continuity and superior performance. Users can expect to execute their jobs faster, with lower battery consumption and affordable prices; however this is not always the case. Various mobile applications have been developed to take advantage of this new technology, but each application has its own requirements. Several mobile cloud architectures have been proposed but none was suitable for all mobile applications which resulted in lower customer satisfaction. In addition to that, the absence of a valid business model to motivate investors hindered its deployment on production scale. This dissertation proposes a new mobile cloud architecture which positions the mobile operator at the core of this technology equipped with a revenue-making business model. This architecture, named OCMCA (Operator Centric Mobile Cloud Architecture), connects the user from one side and the Cloud Service Provider (CSP) from the other and hosts a cloud within its network. The OCMCA/user connection can utilize multicast channels leading to a much cheaper service for the users and more revenues, lower congestion and rejection rates for the operator.

Hui Suo,Zhuohua Liu,Jiafu Wan,Keliang Zhou

DOI: https://doi.org/10.1109/iwcmc.2013.6583635

2013-01-01

Abstract:With the development of cloud computing and mobility, mobile cloud computing has emerged and become a focus of research. By the means of on-demand self-service and extendibility, it can offer the infrastructure, platform, and software services in a cloud to mobile users through the mobile network. Security and privacy are the key issues for mobile cloud computing applications, and still face some enormous challenges. In order to facilitate this emerging domain, we firstly in brief review the advantages and system model of mobile cloud computing, and then pay attention to the security and privacy in the mobile cloud computing. By deeply analyzing the security and privacy issues from three aspects: mobile terminal, mobile network and cloud, we give the current security and privacy approaches.

Dimitrios Zissis,Dimitrios Lekkas

DOI: https://doi.org/10.1016/j.future.2010.12.006

IF: 7.307

2012-03-01

Future Generation Computer Systems

Abstract:The recent emergence of cloud computing has drastically altered everyone’s perception of infrastructure architectures, software delivery and development models. Projecting as an evolutionary step, following the transition from mainframe computers to client/server deployment models, cloud computing encompasses elements from grid computing, utility computing and autonomic computing, into an innovative deployment architecture. This rapid transition towards the clouds, has fuelled concerns on a critical issue for the success of information systems, communication and information security. From a security perspective, a number of unchartered risks and challenges have been introduced from this relocation to the clouds, deteriorating much of the effectiveness of traditional protection mechanisms. As a result the aim of this paper is twofold; firstly to evaluate cloud security by identifying unique security requirements and secondly to attempt to present a viable solution that eliminates these potential threats. This paper proposes introducing a Trusted Third Party, tasked with assuring specific security characteristics within a cloud environment. The proposed solution calls upon cryptography, specifically Public Key Infrastructure operating in concert with SSO and LDAP, to ensure the authentication, integrity and confidentiality of involved data and communications. The solution, presents a horizontal level of service, available to all implicated entities, that realizes a security mesh, within which essential trust is maintained.

Sakshi Chhabra,Ashutosh Kumar Singh

DOI: https://doi.org/10.48550/arXiv.2212.05319

2022-12-10

Abstract:The core of the computer business now offers subscription-based on-demand services with the help of cloud computing. We may now share resources among multiple users by using virtualization, which creates a virtual instance of a computer system running in an abstracted hardware layer. It provides infinite computing capabilities through its massive cloud datacenters, in contrast to early distributed computing models, and has been incredibly popular in recent years because to its continually growing infrastructure, user base, and hosted data volume. This article suggests a conceptual framework for a workload management paradigm in cloud settings that is both safe and performance-efficient. A resource management unit is used in this paradigm for energy and performing virtual machine allocation with efficiency, assuring the safe execution of users' applications, and protecting against data breaches brought on by unauthorised virtual machine access real-time. A secure virtual machine management unit controls the resource management unit and is created to produce data on unlawful access or intercommunication. Additionally, a workload analyzer unit works simultaneously to estimate resource consumption data to help the resource management unit be more effective during virtual machine allocation. The suggested model functions differently to effectively serve the same objective, including data encryption and decryption prior to transfer, usage of trust access mechanism to prevent unauthorised access to virtual machines, which creates extra computational cost overhead.

Distributed, Parallel, and Cluster Computing,Artificial Intelligence

Hongbin Liang,Dijiang Huang,Cai, L.X.,Xuemin Shen

DOI: https://doi.org/10.1109/infcomw.2011.5928806

2011-01-01

Abstract:Mobile cloud is a machine-to-machine service model, where a mobile device can use the cloud for searching, data mining, and multimedia processing. To protect the processed data, security services, i.e., encryption, decryption, authentications, etc., are performed in the cloud. In general, we can classify cloud security services in two categories: Critical Security (CS) service and Normal Security (NS) service. CS service provides strong security protection such as using longer key size, strict security access policies, isolations for protecting data, and so on. The CS service usually occupies more cloud computing resources, however it generates more rewards to the cloud provider since the CS service users need to pay more for using the CS service. With the increase of the number of CS and NS service users, it is important to allocate the cloud resource to maximize the system rewards with the considerations of the cloud resource consumption and incomes generated from cloud users. To address this issue, we propose a Security Service Admission Model (SSAM) based on Semi-Markov Decision Process to model the system reward for the cloud provider. We, first, define system states by a tuple represented by the numbers of cloud users and their associated security service categories, and current event type (i.e., arrival or departure).We then derive the system steady-state probability and service request blocking probability by using the proposed SSAM. Numerical results show that the obtained theoretic probabilities are consistent with our simulation results.

Devu Manikantan Shila,Wenlong Shen,Yu Cheng,Xiaohua Tian,Xuemin (Sherman) Shen

DOI: https://doi.org/10.1109/mwc.2016.1500119rp

IF: 12.777

2017-01-01

IEEE Wireless Communications

Abstract:Cloud computing is a revolutionary paradigm to deliver computing resources, ranging from data storage/processing to software, as a service over the network, with the benefits of efficient resource utilization and improved manageability. The current popular cloud computing models encompass a cluster of expensive and dedicated machines to provide cloud computing services, incurring significant investment in capital outlay and ongoing costs. A more cost effective solution would be to exploit the capabilities of an ad hoc cloud which consists of a cloud of distributed and dynamically untapped local resources. The ad hoc cloud can be further classified into static and mobile clouds: an ad hoc static cloud harnesses the underutilized computing resources of general purpose machines, whereas an ad hoc mobile cloud harnesses the idle computing resources of mobile devices. However, the dynamic and distributed characteristics of ad hoc cloud introduce challenges in system management. In this article, we propose a generic em autonomic mobile cloud (AMCloud) management framework for automatic and efficient service/resource management of ad hoc cloud in both static and mobile modes. We then discuss in detail the possible security and privacy issues in ad hoc cloud computing. A general security architecture is developed to facilitate the study of prevention and defense approaches toward a secure autonomic cloud system. This article is expected to be useful for exploring future research activities to achieve an autonomic and secure ad hoc cloud computing system.

Chaoyang Zhu,Qing Ding,Xiangzhou Chen,Zhu Shi

DOI: https://doi.org/10.22323/1.299.0070

2017-01-01

Abstract:With the trend of Mobile Cloud Computing, the establishment of trust between mobile consumers and cloud service providers become the primary issue as it relates to the cloud platform security. Subjective or objective trust model are typically adopted in the Cloud environment; however, none of these models can easily go for MCC because they only cover a few aspects of trust establishment and do not support all the essential features. In this paper, a Service Level Agreements (SLAs) server assisted distributed trust management framework is designed for such networks that enables mobile users to quickly adapt itself to change local conditions. Based on this architecture, an innovative trust model is presented which integrates objective and subjective trust aggregated in a distributed manner. The simulation results demonstrate that this model can be effective to differentiate trustworthy and untrustworthy Cloud Service Providers (CSP) and the service users in the presence of few untrustworthy nodes. In particular, it provides a more effective method to meet the mobile users' individualization requirement.

N. Jayapandian,Rahman,S. Radhikadevi,M. Koushikaa,A. M. J. Md. Zubair Rahman

DOI: https://doi.org/10.1109/startup.2016.7583904

2016-02-01

Abstract:Cloud is a modern business sharing data or information with great effectiveness of infrastructures it plays a major role in world wide. As in the information technology sector defines cloud security is the evolving sub domain of computer security and information security. Here the organization uses the cloud as a many service model (Saas, Pass and Iass)and deployment model (private, public, hybrid and community). In this type of model the responsibilities more for secure the information of the customer, So the organization ensures the different way to monitor and secure the data and information from hacking. They offer suspicious activity for their customer data by enhancing the data with encryption and decryption. Encryption makes the access method of proving the original data to be duplicated form and then the client can also be constructed with the proper decryption of the data to prevent the information from eavesdroppers from accessing Symmetric keys encryption or secret key encryption. The Key should be distributed before transmission between entities, then key play vital role for security. DES is In Asymmetric key encryption or public key encryption on that private and public keys are used in the encryption level on cloud. The Public key is used for encrypting the file and private key is used to decrypt the file. Because user tends to use two keys public this is known to public and private who is known to the user a type of algorithm such as RSA. Here we analysis the document is encrypted and then which efficient in that way of approach.

Rajesh De

DOI: https://doi.org/10.26480/aem.01.2022.01.03

2022-11-23

Acta Electronica Malaysia

Abstract:Small and medium-sized enterprises are now aiming to adopt a cost-effective computing resource for their business applications, i.e. by using the novel idea of cloud computing in their environment, in addition to major corporations. Utilizing less resources and management support, a shared network, valuable resources, bandwidth, software, and hardware in a cost-effective manner, and fewer service provider interactions, cloud computing enhances the performance of companies. In essence, it’s a novel idea for giving consumers access to virtualized resources. Customers can use the cloud to store a lot of data from several locations and request services, applications, and solutions. But as cloud computing’s popularity grows, there is a growing danger that security will overtake other concerns as the primary one. The current article suggests a backup strategy needed to address cloud computing security concerns.

Rohit Bhadauria,Rajdeep Borgohain,Abirlal Biswas,Sugata Sanyal

DOI: https://doi.org/10.48550/arXiv.1308.0824

2013-08-04

Cryptography and Security

Abstract:Cloud computing is a revolutionary concept that has brought a paradigm shift in the IT world. This has made it possible to manage and run businesses without even setting up an IT infrastructure. It offers multi-fold benefits to the users moving to a cloud, while posing unknown security and privacy issues. User authentication is one such growing concern and is greatly needed in order to ensure privacy and security in a cloud computing environment. This paper discusses the security at different levels viz. network, application and virtualization, in a cloud computing environment. A security framework based on one-time pass key mechanism has been proposed. The uniqueness of the proposed security protocol lies in the fact, that it provides security to both the service providers as well the users in a highly conflicting cloud environment.

Lian-chi Zhou,Chundi Xiu,Zhuohua Liu,Jiafu Wan,Keliang Zhou,Thai-Mai Thi Dinh,Chonho Lee,Jon Oberheide,Evan Cooke,Farnam Jahanian

2016-01-01

Abstract:The concept of Mobile Cloud Computing is relatively new in the research. It brings various advantages for mobile devices since it enables the use of Cloud resources and services. This paper gives a survey of MCC security frameworks, which helps general readers have an overview of the MCC. The issues, existing solutions, and approaches are presented. The paper is organized as follows. In the next section, we will go through some papers and get a brief idea about MCC, which helps general readers have an overview of the MCC. The issues, existing solutions, and what is actually going on in the current cloud based mobile security research and analyze two frameworks for security of mobile cloud computing.

Hootan Alavizadeh,Hooman Alavizadeh,Dong Seong Kim,Julian Jang-Jaccard,Masood Niazi Torshiz

DOI: https://doi.org/10.48550/arXiv.1904.01758

2019-04-03

Abstract:Cloud service providers offer their customers with on-demand and cost-effective services, scalable computing, and network infrastructures. Enterprises migrate their services to the cloud to utilize the benefit of cloud computing such as eliminating the capital expense of their computing need. There are security vulnerabilities and threats in the cloud. Many researches have been proposed to analyze the cloud security using Graphical Security Models (GSMs) and security metrics. In addition, it has been widely researched in finding appropriate defensive strategies for the security of the cloud. Moving Target Defense (MTD) techniques can utilize the cloud elasticity features to change the attack surface and confuse attackers. Most of the previous work incorporating MTDs into the GSMs are theoretical and the performance was evaluated based on the simulation. In this paper, we realized the previous framework and designed, implemented and tested a cloud security assessment tool in a real cloud platform named UniteCloud. Our security solution can (1) monitor cloud computing in real-time, (2) automate the security modeling and analysis and visualize the GSMs using a Graphical User Interface via a web application, and (3) deploy three MTD techniques including Diversity, Redundancy, and Shuffle on the real cloud infrastructure. We analyzed the automation process using the APIs and showed the practicality and feasibility of automation of deploying all the three MTD techniques on the UniteCloud.

Cryptography and Security