A cybersecurity model in cloud computing environments

Rabai, Latifa Ben Arfa; Jouini, Mouna; Aissa, Anis Ben; Mili, Ali

doi:10.1016/j.jksuci.2012.06.002

Cited by 66 publications

(40 citation statements)

References 13 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…Most of the existing work [27][28][29] on the data privacy preservation is based on web services, which address the issues of data control and security in a cloud environment. This includes data access, data integrity, data recovery, data separation, data disposition, and data regulations [27].…”

Section: Related Workmentioning

confidence: 99%

“…Sengupta et al [28] addressed the cloud security and privacy concerns such as data access, data compliance, and cloud hosted code. Rabai et al [29] introduced a quantitative cloud security model which helps the subscribers and providers to measure the security risks related to the resources. The model assists the subscribers and providers to investigate and identify the security related issues.…”

Section: Related Workmentioning

confidence: 99%

See 1 more Smart Citation

Privacy preserving model: a new scheme for auditing cloud stakeholders

Razaque

Rizvi

2017

J Cloud Comp

View full text Add to dashboard Cite

The Cloud computing paradigm provides numerous attractive services to customers such as the provision of the on-demand self-service, usage-based pricing, ubiquitous network access, transference of risk, and location independent resource sharing. However, the security of cloud computing, especially its data privacy, is a highly challengeable task. To address the data privacy issues, several mechanisms have been proposed that use the third party auditor (TPA) to ensure the integrity of outsourced data for the satisfaction of cloud users (CUs). However, the role of the TPA could be the potential security threat itself and can create new security vulnerabilities for the customer's data. Moreover, the cloud service providers (CSPs) and the CUs could also be the adversaries while deteriorating the stored private data. As a result, the objective of this research is twofold. Our first research goal is to analyze the data privacy-preserving issues by identifying unique privacy requirements and presenting a supportable solution that eliminates the possible threats towards data privacy. Our second research goal is to develop the privacy-preserving model (PPM) to audit all the stakeholders in order to provide a relatively secure cloud computing environment. Specifically, the proposed model ensures the quality of service (QoS) of cloud services and detects potential malicious insiders in CSPs and TPAs. Furthermore, our proposed model provides a methodology to audit a TPA for minimizing any potential insider threats. In addition, CUs can use the proposed model to periodically audit the CSPs using the TPA to ensure the integrity of the outsourced data. For demonstrating and validating the performance, the proposed PPM is programmed in C++ and tested on GreenCloud with NS2 by applying merging processes. The experimental results help to identify the effectiveness, operational efficiency, and reliability of the CSPs. In addition, the results demonstrate the successful rate of handling the negative role of the TPA and determining the TPA's malicious insider detection capabilities.

show abstract

Section: Related Workmentioning

confidence: 99%

Section: Related Workmentioning

confidence: 99%

Privacy preserving model: a new scheme for auditing cloud stakeholders

Razaque

Rizvi

2017

J Cloud Comp

View full text Add to dashboard Cite

show abstract

“…The main requirements for information security are data integrity that refers to the guarantee that users' data are not modified without authorization [10,13], in other words, data can be modified only by authorized users. In order to provide data integrity from both the provider and subscriber perspectives, secure encryption algorithms are generally used.…”

Section: Data Securitymentioning

confidence: 99%

“…There several cyber-security threats that may face the cloud services availability. These are network based attacks such as Distributed Denial of Service (DDoS) attacks [10]. To ensure the safety and the availability of data, cloud providers should maintain an appropriate action plan for risk management to deal efficiently with these threats and to guarantee the cloud based services continuity [9].…”

Section: Data Securitymentioning

confidence: 99%

Classification of Cloud Systems Cyber-security Threats and Solutions Directives

Bennasar¹,

Essaaidi²,

Bendahmane³

et al. 2017

Appl. Theory Comput. Technol.

View full text Add to dashboard Cite

Abstract:Cloud computing cyber security is a subject that has been in top flight for a long period and even in near future. However, cloud computing permit to stock up a huge number of data in the cloud stockage, and allow the user to pay per utilization from anywhere via any terminal equipment. Among the major issues related to Cloud Computing security, we can mention data security, denial of service attacks, confidentiality, availability, and data integrity. This paper is dedicated to a taxonomic classification study of cloud computing cyber-security. With the main objective to identify the main challenges and issues in this field, the different approaches and solutions proposed to address them and the open problems that need to be addressed.

show abstract

“…Security concerns raised by cloud computing are generally provider-related vulnerabilities, additional security concerns, availability, and third party data control [7].…”

Section: Cloud Perspectivementioning

confidence: 99%

Perspectives of Managing Mobile Service Security Risks

AlSudiary

2015

International Journal of Distributed Sensor Networks

View full text Add to dashboard Cite

The rapid growth of mobile telecommunications industry has been influencing the tremendous technological diffusion offering lower access cost, mobility, and convenience based communication as compared to wired telecom. The global rise of mobile competition helped service providers to offer much improved services both in terms of capabilities, information processing, retrieval, and communication over typical problems of inefficiencies generated by monopolies in wired networks. While there are significant opportunities to leverage the growth of mobile devices to increase the effectiveness of mobile users, also there are significant concerns about security and privacy of sensitive data that must be handled in these devices. Correspondingly, cyber security is becoming one of the top priorities for any nation. This paper reviews and presents some of the literature exercises in this regard. Objectives of this paper are: (i) to bring into light the explicit and implicit assumptions on the nature of technological change and how they could raise security issues, (ii) to discuss the technology and management perspectives on the security issues, and (iii) to present them through a methodology oriented taxonomy. It is believed that the adoption of methodology driven by sense-and-respond model would serve as an effective means to achieve these objectives.

show abstract

A cybersecurity model in cloud computing environments

Cited by 66 publications

References 13 publications

Privacy preserving model: a new scheme for auditing cloud stakeholders

Privacy preserving model: a new scheme for auditing cloud stakeholders

Classification of Cloud Systems Cyber-security Threats and Solutions Directives

Perspectives of Managing Mobile Service Security Risks

Contact Info

Product

Resources

About