An analysis of cloud computing security issues

Behl, Akhil; Behl, Kanika

doi:10.1109/wict.2012.6409059

Cited by 92 publications

(33 citation statements)

References 1 publication

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…KPIs are the key to achieving business improvement for sustainability and performance evaluation. Most of the existing work in this area [27][28][29] has largely focused on performance evaluation of core business process only. This work has applied to study the performance of cloud data security process.…”

Section: The Integrated Solution Of Data Security Simulated By Businementioning

confidence: 99%

Towards Achieving Data Security with the Cloud Computing Adoption Framework

Chang

Ramachandran

2016

IEEE Trans. Serv. Comput.

250

View full text Add to dashboard Cite

Abstract-Offering real-time data security for petabytes of data is important for Cloud Computing. A recent survey on cloud security states that the security of users' data has the highest priority as well as concern. We believe this can only be able to achieve with an approach that is systematic, adoptable and well-structured. Therefore, this paper has developed a framework known as Cloud Computing Adoption Framework (CCAF) which has been customized for securing cloud data. This paper explains the overview, rationale and components in the CCAF to protect data security. CCAF is illustrated by the system design based on the requirements and the implementation demonstrated by the CCAF multi-layered security. Since our Data Center has 10 petabytes of data, there is a huge task to provide real-time protection and quarantine. We use Business Process Modeling Notation (BPMN) to simulate how data is in use. The use of BPMN simulation allows us to evaluate the chosen security performances before actual implementation. Results show that the time to take control of security breach can take between 50 and 125 hours. This means that additional security is required to ensure all data is well-protected in the crucial 125 hours. This paper has also demonstrated that CCAF multi-layered security can protect data in real-time and it has three layers of security: 1) firewall and access control; 2) identity management and intrusion prevention and 3) convergent encryption. To validate CCAF, this paper has undertaken two sets of ethical-hacking experiments involved with penetration testing with 10,000 trojans and viruses. The CCAF multi-layered security can block 9,919 viruses and trojans which can be destroyed in seconds and the remaining ones can be quarantined or isolated. The experiments show although the percentage of blocking can decrease for continuous injection of viruses and trojans, 97.43% of them can be quarantined. Our CCAF multi-layered security has an average of 20% better performance than the single-layered approach which could only block 7,438 viruses and trojans. CCAF can be more effective when combined with BPMN simulation to evaluate security process and penetrating testing results.

show abstract

Section: The Integrated Solution Of Data Security Simulated By Businementioning

confidence: 99%

Towards Achieving Data Security with the Cloud Computing Adoption Framework

Chang

Ramachandran

2016

IEEE Trans. Serv. Comput.

250

View full text Add to dashboard Cite

show abstract

“…Identified cloud security aspects include governance and compliance, virtualization, identity management [21][22] [23], and various threats aspects [24] [25]. Cloud Security Alliance (CSA) published the security report namely The Treacherous Twelve Cloud Computing Top Threats in 2016 providing organizations with the awareness of cloud security issues in making educated risk-management decisions [26].…”

Section: 2mentioning

confidence: 99%

Capability Maturity Model and Metrics Framework for Cyber Cloud Security

Le¹,

Hoang²

2017

SCPE

View full text Add to dashboard Cite

Abstract. Cyber space is affecting all areas of our life. Cloud computing is the cutting-edge technology of this cyber space and has established itself as one of the most important resources sharing technologies for future on-demand services and infrastructures that support Internet of Things (IOTs), big data platforms and software-defined systems/services. More than ever, security is vital for cloud environment. There exist several cloud security models and standards dealing with emerging cloud security threats. However, these models are mostly reactive rather than proactive and they do not provide adequate measures to assess the overall security status of a cloud system. Out of existing models, capability maturity models, which have been used by many organizations, offer a realistic approach to address these problems using management by security domains and security assessment on maturity levels. The aim of the paper is twofold: first, it provides a review of cyber space, cyber security, cloud security models and standards, cyber security capability maturity models and security metrics; second, it proposes a cloud security capability maturity model (CSCMM) that extends existing cyber security models with a security metric framework. CSCMM aims to present a credible overall security assessment of a cloud system to senior managers and to enable security experts to predict and identify necessary security measures.

show abstract

“…Both the actual data and its backup is stored in a physical device only. In case of any loss of data, it can be recovered from its backup [9]. A proper and genuine restoration of all the data is must.…”

Section: B Data Securitymentioning

confidence: 99%

Dissection and Proposal of Multitudinal Security Threats and Menace in Cloud Computing

Rawat

Dhruv

Kumar

et al. 2015

2015 IEEE International Conference on Computational Intelligence &Amp; Communication Technology

View full text Add to dashboard Cite

Cloud computing has emerged as a amazing field in IT world today. It fords all the impediment of computing technology and allows the working and storage of data over internet itself. It has allowed the IT workers to expand their business over internet giving a hike to capabilities and potential in the business field. But the question of security remains unanswered as till now all the IT firms have not accepted cloud completely. Business firms still fear to deploy their enterprise solely on cloud due to the security issues. In this paper, we study about issues in the cloud service delivery models and the various security issue faced in cloud computing. Based on this detailed study, we further provide recommendation that could be followed to conquer the security concerns in the cloud.

show abstract

An analysis of cloud computing security issues

Cited by 92 publications

References 1 publication

Towards Achieving Data Security with the Cloud Computing Adoption Framework

Towards Achieving Data Security with the Cloud Computing Adoption Framework

Capability Maturity Model and Metrics Framework for Cyber Cloud Security

Dissection and Proposal of Multitudinal Security Threats and Menace in Cloud Computing

Contact Info

Product

Resources

About