scispace - formally typeset
Search or ask a question
Journal ArticleDOI

Security Issues and Solutions in Cloud Computing

TL;DR: The security challenges in the application and data security at SaaS service and how to resolve that problem in this paper is described.
Abstract: Cloud Computing provide a solution of computing problems. Cloud users can fulfill his/her need for all hardware, operating system and software applications by using the Cloud services. These features of cloud attract to people to use them. Cloud users mainly don’t know about the vulnerabilities and threats before adopting the cloud services. This paper represents the brief knowledge of cloud services and cloud deployment models. In this paper, We attempt to describe the Security challenges in the application and data security at SaaS. This paper purpose is to provide a security perspective of SaaS service and how to resolve that problem in

Content maybe subject to copyright    Report

Citations
More filters
Journal ArticleDOI
TL;DR: This research work presents taxonomy of cloud security attacks and potential mitigation strategies with the aim of providing an in-depth understanding of security requirements in the cloud environment and highlights the importance of intrusion detection and prevention as a service.

167 citations


Cites background from "Security Issues and Solutions in Cl..."

  • ...Thus it is very important to investigate the effective way to defend against these types of attacks [107]....

    [...]

Proceedings ArticleDOI
01 Oct 2018
TL;DR: In this paper, security threats and risks related to the virtualization in cloud computing and its viable counter measures are presented.
Abstract: Cloud Computing is a scalable system of shared resource pooling with the help of virtualization. For secure resource pooling, we need a secure way to isolate every virtual machine from each other. Hypervisors help in secure isolation of multiple virtual machines running on single physical hardware. The hypervisor is a piece of software which works between the guest virtual machines and the physical hardware. Hypervisors help in partitioning the actual hardware into multiple logical virtual hardware to be able to run multiple operating systems simultaneously. Security is a major concern when multiple tenants working on the same physical machine. Hypervisors are also known as virtual machine monitor which has the complete control over all the hosted virtual machines so in this way security related to hypervisors is a real critical concern. As the more small and medium businesses moving towards the cloud so as the security risks increase related to the privacy protection and control of data. In this paper, security threats and risks related to the virtualization in cloud computing and its viable counter measures are presented.

10 citations

Journal ArticleDOI
TL;DR: The trusted platform module in the IOT architecture is integrated to establish the trust in IOT computing and to enhance the cybersecurity challenges and is evaluated with the help of mathematical/algorithms/graph theory/matrices and logical diagrams.
Abstract: With the increasing day-to-day acceptance of IOT computing, the issues related to it are also getting more attention. The current IOT computing infrastructure brings some security challenges concerned with the users/customers and CSP. The users can store their confidential data at IOT storage and can access them anytime when they need. Lack of trust exists among IOT users and between IOT users and CSP. The prevention of this risk is a big research issue and it needs to be solved. There is a need for trusted IOT computing in recent times to provide trusted services. Here, we propose the integration of TPM in IOT computing to performs cryptographic operations and provide hardware-based security. In this domain, different schemes and methods have been proposed to build trust in IOT computing, but the suitable solution has not been presented by these schemes because these schemes lack in terms of some security services. A comparative study based on trusted computing schemes has also been presented in this paper along with different implementations of critical analysis. Our study is based on an overview of the main issues and summarizing the literature along with their strengths and limitations. In the end, we integrated the trusted platform module in the IOT architecture to establish the trust in IOT computing and to enhance the cybersecurity challenges and evaluated it with the help of mathematical/algorithms/graph theory/matrices and logical diagrams.

10 citations


Cites background or methods from "Security Issues and Solutions in Cl..."

  • ...So TPM offers a root of trust for users in IOT computing because customers have full information about their identity [9]....

    [...]

  • ...Private Master Key is used by TPM to provide security for other pieces of information stored in the IOT computing system and TPM also stores hardware certificate to thwart attacks [9]....

    [...]

Proceedings ArticleDOI
21 Feb 2015
TL;DR: This work will enable researchers and security professionals to know about users and vendors concerns and identifies relevant countermeasures to strengthen security and privacy in the Cloud environment.
Abstract: Since the inception in 2006, cloud computing has been a hot researching area of computer network technology. Some giant companies are offering the cloud services now. Migrating data to the cloud remains a tempting trend from a financial perspective but there are several other aspects that must be taken into account before it is decided to do so. One of the most important aspects is security. Cloud computing security refers to a broad set of policies, technologies, and controls deployed to protect data, applications, and the associated infrastructure of cloud computing. This work will enable researchers and security professionals to know about users and vendors concerns and identifies relevant countermeasures to strengthen security and privacy in the Cloud environment.

8 citations

Journal ArticleDOI
TL;DR: The objective of this paper is to discuss the implementation of security checklist in IaaS layer and the result from interview session that had been conducted by the author with several data centers (DCs) and experts regarding the Implementation of security measures in small cloud DCs.
Abstract: Security checklist is an important element in measuring the level of computing security, especially in cloud computing. Vulnerability in cloud computing become major concern because it will lead to security issue. While security awareness and training can educate users on the severe impact of malware, implementation on data governance and security checklist also can help to reduce the risk of being attacked. Since security checklist is important element to measure security level in cloud computing, data governance can help to manage data right with correct procedure. Due to increasing threats and attacks, service providers and service consumers need to adhere to guidelines and/or checklists when measuring the security level of services and to be prepared for unforeseen circumstances, especially in the IaaS platform. As the IaaS platform lies at the lower level in cloud computing where data are stored, it is vital that IaaS security be given serious consideration to prevent not only data breaches but also data losses. The objective of this paper is to discuss the implementation of security checklist in IaaS layer. In this paper also, several studies related with security assessment and checklist that had been discussed and developed by previous researchers and professional bodies will be discussed. This paper will also discuss the result from interview session that had been conducted by the author with several data centers (DCs) and experts regarding the implementation of security measures in small cloud DCs.

8 citations


Cites background from "Security Issues and Solutions in Cl..."

  • ...Cloud computing brings advantages in terms of storage capability [1]–[4]; virtualization [5]–[7]; and cost savings [2]– [4], [8]....

    [...]

  • ...These issues of security threats at the data location [1], [4], [7], [9]; external attacks, for instance, by hackers [4], [9]–[11]; as well as advanced persistent threats (APTs) attacks [10], [11], cannot be simply solved with knowledge of information technology (IT) alone....

    [...]

References
More filters
Journal ArticleDOI
TL;DR: This paper proposes introducing a Trusted Third Party, tasked with assuring specific security characteristics within a cloud environment, and presents a horizontal level of service, available to all implicated entities, that realizes a security mesh, within which essential trust is maintained.

1,728 citations

01 Jan 2011
TL;DR: A detailed analysis of the cloud computing security issues and challenges focusing on the cloud Computing types and the service delivery types is introduced.
Abstract: Cloud computing is a set of IT services that are provided to a customer over a network on a leased basis and with the ability to scale up or down their service requirements. Usually cloud computing services are delivered by a third party provider who owns the infrastructure. It advantages to mention but a few include scalability, resilience, flexibility, efficiency and outsourcing non-core activities. Cloud computing offers an innovative business model for organizations to adopt IT services without upfront investment. Despite the potential gains achieved from the cloud computing, the organizations are slow in accepting it due to security issues and challenges associated with it. Security is one of the major issues which hamper the growth of cloud. The idea of handing over important data to another company is worrisome; such that the consumers need to be vigilant in understanding the risks of data breaches in this new environment. This paper introduces a detailed analysis of the cloud computing security issues and challenges focusing on the cloud computing types and the service delivery types. Keywords: Cloud

301 citations


"Security Issues and Solutions in Cl..." refers background in this paper

  • ...They also allow varying degrees of financial and functional flexibility not found in internal data centers or with co-location services, because computing resources can be added or released much more quickly and cost-effectively than in an internal data center or with a co-location service [14,16]....

    [...]

Proceedings ArticleDOI
03 Jan 2007
TL;DR: It is shown that this property of the SAAS licensing model leads to greater investment in product development under most conditions, which leads to higher software quality in equilibrium under SaaS compared to perpetual licensing.
Abstract: Software as a service (SaaS) is a rapidly growing model of software licensing. In contrast to traditional software where users buy a perpetual-use license, SaaS users buy a subscription from the publisher. Whereas traditional software publishers typically release new product features as part of new versions of software once in a few years, publishers using SaaS have an incentive to release new features as soon as they are completed. We show that this property of the SaaS licensing model leads to greater investment in product development under most conditions. This increased investment leads to higher software quality in equilibrium under SaaS compared to perpetual licensing. The software publisher earns greater profits under SaaS while social welfare is also higher

193 citations


"Security Issues and Solutions in Cl..." refers background in this paper

  • ...So, it becomes important to the user to ensure that right security measures are in place and also difficult to get an assurance that the application will be available when needed[6,7]....

    [...]

Journal ArticleDOI
TL;DR: This paper primarily aims to highlight the major security, privacy and trust issues in current existing cloud computing environments and help users recognize the tangible and intangible threats associated with their uses, and analyze the way that may be addressed to eliminate these potential privacy, security and trust threats.

178 citations


"Security Issues and Solutions in Cl..." refers background in this paper

  • ...Cloud computing, the long-held dream of "computing as a utility", has opened up the new era of future computing, transform a large part of IT industry, reshape the purchase and use of IT software and hardware, and receive considerable attention from global and local IT players, national governments, and international agencies [1]....

    [...]

Proceedings ArticleDOI
30 Jun 2011
TL;DR: This paper intends to discuss some of the key security issues that cloud computing are bound to be confronted with, as well as current implementations that provides a solution to these vulnerabilities.
Abstract: This paper provides a brief introduction to the cloud computing platform and the services it provides. In particular, we intend to discuss some of the key security issues that cloud computing are bound to be confronted with, as well as current implementations that provides a solution to these vulnerabilities. In this paper we have discussed policy, software- and hardware security.

90 citations