Security and Privacy Problems in Cloud Computing

  IJCOT-book-cover
 
International Journal of Computer & Organization Trends  (IJCOT)          
 
© 2019 by IJCOT Journal
Volume - 9 Issue - 4
Year of Publication : 2019
AuthorsRicha kunal Sharma, Dr. Nalini Kant Joshi
  10.14445/22492593/IJCOT-V9I4P306

MLA

MLA Style: Richa kunal Sharma, Dr. Nalini Kant Joshi"Security and Privacy Problems in Cloud Computing" International Journal of Engineering Trends and Technology 9.4 (2019): 30-39.

APA Style: Richa kunal Sharma, Dr. Nalini Kant Joshi(2019). Security and Privacy Problems in Cloud Computing International Journal of Engineering Trends and Technology, 9(4), 30-39.

Abstract

Cloud computing has formed the conceptual and infrastructural basis for tomorrow’s computing. The global computing infrastructure is rapidly moving towards cloud-based architecture. While it is important to take advantages of could base computing by means of deploying it in diversified sectors, the security aspects in a cloud-based computing environment remains at the core of interest. Cloud based services and service providers are being evolved which has resulted in a new business trend based on cloud technology. With the introduction of numerous cloud-based services and geographically dispersed cloud service providers, sensitive information of different entities is normally stored in remote servers and locations with the possibilities of being exposed to unwanted parties in situations where the cloud servers storing that information are compromised. If security is not robust and consistent, the flexibility and advantages that cloud computing has to offer will have little credibility. This paper presents on the cloud computing concepts as well as the all these classes of problems, categorizing them as either security-related issues, privacy-related issues inherent within the context of cloud computing and cloud infrastructure.

References

[1] S. K. Pandey (2013)."Cloud Computing: A new era of Information Technology Management". The Chartered Accountant Student (Students’ Journal). Vol. SJ 4 Issue 1. pp. 10-12.
[2] C. Wang, Q. Wang, K. Ren, and W. Lou, "Privacy-Preserving Public Auditing for Data Storage Security in Cloud Computing,‖"IEEE INFOCOM, 2010, pp. 1–9.
[3] P.L.S. Kumari and A. Damodaram, "An Alternative Methodology for Authentication and Confidentiality Based on Zero Knowledge Protocols Using Diffie-Hellman Key Exchange," Intl. Conf. on Information Technology, 2014, pp. 368–373.
[4] B. Grobauer, T. Walloschek, and E. Stocker, "Understanding Cloud Computing Vulnerabilities," IEEE Secur. Priv. Mag., vol. 9 (2), Mar. 2011, pp. 50–57.
[5] G.-J. Ahn, M. Ko, and M. Shehab, "Privacy-Enhanced User-Centric Identity Management," IEEE Intl. Conf. on Communications, 2009, pp. 1–5.
[6] A. Behl, "Emerging security challenges in cloud computing: An insight to cloud security challenges and their mitigation," World Congress on Information and Communication Technologies, 2011, pp.
[7] F. Rocha, S. Abreu, and M. Correia, "The Final Frontier: Confidentiality and Privacy in the Cloud," IEEE Computer, vol. 44 (9), Sept. 2011, pp. 44–50.
[8] S. Pearson, "Taking account of privacy when designing cloud computing services," ICSE W. on Software Engineering Challenges of Cloud Computing, 2009, pp. 44–52.
[9] J. Ramey and P.G. Rao, "The systematic literature review as a research genre," IEEE Intl. Professional Comm. Conf., 2011, pp. 1–7.
[10] N. T. T. G. M. Bones, "Cloud Computing Security Issues and Challenges," International Journal of Computer Networks (IJCN), vol. 3, no. 5, 2011.
[11] D. S. L. G. J. e. a. Fernandes, "Security Issues in Cloud environments: a survey," International Journal of Information Security, vol. 13, p. 113, 2014.
[12] K. Hashizume, D. Rosado, E. Fernández-Medina and E. Fernandez, "An analysis of security issues for cloud computing", J Internet ServAppl, vol. 4, no. 1, p. 5, 2013.
[13] " Cloud computing service and deployment models: layers and management", Choice Reviews Online, vol. 50, no. 07, pp. 50-3896-50-3896, 2013.
[14] S. Subashini and V. Kavitha, "A survey on security issues in service delivery models of cloud computing", Journal of Network and Computer Applications, vol. 34, no. 1, pp. 1-11, 2011.
[15] Ahmed EL-Yahyaoui& Mohamed DafirEch-Chrif EL Kettani "Data Privacy in Cloud Computing" 2018 4th International Conference on Computer and Technology Applications.
[16] Yunchuan Sun,1 Junsheng Zhang,2 Yongping Xiong,3 and Guangyu Zhu4" Data Security and Privacy in Cloud Computing‖ International Journal of Distributed Sensor Networks Volume 2014, Article ID 190903, 9 pages.
[17] Vaishali Singh & S. K. Pandey" Research In Cloud Security: Problems And Prospects‖ International Journal of Computer Science Engineering and Information Technology Research (IJCSEITR) ISSN 2249-6831 Vol. 3, Issue 3, Aug 2013, 305-314.
[18] Monjur Ahmed1 and Mohammad Ashraf Hossain2" Cloud Computing And Security Issues In The Cloud‖ International Journal of Network Security & Its Applications (IJNSA), Vol.6, No.1, January 2014.
[19] Naseer Amara, Huang Zhiqui&Awaais Ali "Cloud Computing Security Threats and Attacks with their Mitigation Techniques" 2017 International Conference on Cyber-Enabled Distributed Computing and Knowledge Discovery.
[20] Ramakrishnan Krishnan "Security and Privacy in Cloud Computing" Western Michigan University,2017.
[21] M. Waseem, A. Lakhan, and I.A. Jamali, "Data Security of Mobile Cloud Computing on Cloud server," Open Access Libr. J., 2016, vol. 3.
[22] W.R. Claycomb and A. Nicoll, "Insider Threats to Cloud Computing: Directions for New Research Challenges," IEEE 36th Annual Computer Software and Applications Conf., 2012, pp. 387–394.
[23] D. Daniels, "Identity Management Practices and Concerns in Enterprise Cloud Infrastructures," J Gate Acad. J. Database, vol. II, no. 14, 2013, pp. 2321–5518.
[24] S. Hajra et al., "DRECON: DPA Resistant Encryption by Construction," Springer, 2014, pp. 420–439.
[25] S.Y. Zhu, R. Hill, and M. Trovati, "Guide to security assurance for cloud computing," Springer, 2015.
[26] D. Naccache et al., "Buffer Overflow Attacks," Encyclopedia of Cryptography and Security, Boston, MA: Springer US, 2011, pp. 174–177.
[27] D. Fu and F. Shi, "Buffer Overflow Exploit and Defensive Techniques," 4th Intl. Conf. on Multimedia Information Networking and Security, 2012, pp. 87–90.
[28] C. Cowan, P. Wagle, C. Pu, S. Beattie, and J. Walpole, "Buffer overflows: attacks and defenses for the vulnerability of the decade," Foundations of Intrusion Tolerant Systems, 2003, pp. 227–237.
[29] C. Cowan et al., "StackGuard: Automatic Adaptive Detection and Prevention of Buffer-Overflow Attacks," 7th USENIX Security Symp., San Antonio, Texas, Jan. 1998.
[30] K.S. Kumar and N.R. Kisore, "Protection against Buffer Overflow Attacks through Runtime Memory Layout Randomization," in Intl Conf. on Information Technology, 2014, pp. 184–189.
[31] A. Chonka, Y. Xiang, W. Zhou, and A. Bonti, "Cloud security defence to protect cloud computing against HTTP-DoS and XML-DoS attacks," J. Netw. Comput. Appl., vol. 34 (4), July 2011, pp. 1097–1107.
[32] A. Mitrokotsa and C. Douligeris, "Detecting denial of service attacks using emergent self-organizing maps," 5th IEEE Intl. Sym. on Signal Processing and Information Technology, 2005, pp. 375–380.
[33] Y. Wang, C. Lin, Q.-L. Li, and Y. Fang, "A queueing analysis for the denial of service (DoS) attacks in computer networks," Comput. Networks, vol. 51 (12), Aug 2007, pp. 3564–3573.
[34] R. Ranchal, B. Bhargava, L. Ben Othmane, L. Lilien, A. Kim, M. Kang, and M. Linderman, "Protection of Identity Information in Cloud Computing without Trusted Third Party," Third Intl. W. on Dependable Network Computing and Mobile Systems (DNCMS 2010), New Delhi, India, Oct. 2010, pp. 368-372.
[35] What are the 5 most common attacks on websites? - Quora. [Online]. Available: https://www.quora.com/What-are-the-5-most-common-attacks-on-websites. [Accessed: 15 Mar. 2017].
[36] SaaS Vs. PaaS Vs. IaaS – An Ultimate Guide on When to Use What. Available: https://www.linkedin.com/pulse/saas-vs-paas-iaas-ultimate-guide-when-use-what-sonia-patel. [Accessed: 7 Mar. 2017]
[37] F. Greitzer, L. Kangas, C. Noonan, A. Dalton, and R. Hohimer,"Identifying at-risk employees: Modeling psychosocial precursors of potential insider threats," in 45th Hawaii International Conference on System Science (HICSS), January 2012.
[38] C. Wang, Q. Wang, K. Ren, and W. Lou, "Privacy-Preserving Public Auditing for Data Storage Security in Cloud Computing,"IEEE INFOCOM, 2010, pp. 1–9.
[39] P.L.S. Kumari and A. Damodaram, "An Alternative Methodology for Authentication and Confidentiality Based on Zero Knowledge Protocols Using Diffie-Hellman Key Exchange," Intl. Conf. on Information Technology, 2014, pp. 368–373.
[40] B. Grobauer, T. Walloschek, and E. Stocker, "Understanding Cloud Computing Vulnerabilities," IEEE Secur. Priv. Mag., vol. 9 (2), Mar. 2011, pp. 50–57.
[41] G.-J. Ahn, M. Ko, and M. Shehab, "Privacy-Enhanced User-Centric Identity Management," IEEE Intl. Conf. on Communications, 2009, pp. 1–5.
[42] A. Behl, "Emerging security challenges in cloud computing: An insight to cloud security challenges and their mitigation," World Congress on Information and Communication Technologies, 2011, pp.217–222.
[43] R.K. Banyal, P. Jain, and V. K. Jain, "Multi-factor Authentication Framework for Cloud Computing," in 5th Intl. Conf. on Computational Intelligence, Modelling and Simulation, 2013, pp. 105–110.
[44] H. Chen, Y. Xiao, X. Hong, F. Hu, and J. (Linda) Xie, "A survey of anonymity in wireless communication systems," Secur. Commun. Networks, vol. 2 (5), Sept. 2009, pp. 427–444.
[45] M. Despotović-Zrakić, V. Milutinović, and A. Belić, "Handbook of research on high performance and cloud computing in scientific research and education," IGI-Global, Mar. 2014.
[46] R.L. Krutz and R.D. Vines, "Cloud security : a comprehensive guide to secure cloud computing," Wiley, 2010.
[47] S.K. Das, K. Kant, and N. Zhang, "Handbook on securing cyber-physical critical infrastructure," Morgan Kaufmann, 2012.
[48] C. Phua, "Protecting organizations from personal data breaches," Comput. Fraud Secur., vol 1, Jan. 2009, pp. 13–18.
[49] N. Attrapadung, J. Herranz, F. Laguillaumie, B. Libert, E. de Panafieu, and C. Ràfols, "Attributebased encryption schemes with constant-size ciphertexts," Theor. Comput. Sci., vol. 422, Mar. 2012, pp. 15–38.
[50] F. Sabahi, "Virtualization-level security in cloud computing," IEEE 3rd Intl. Conf. onCommunication Software and Networks, pp. 250–254, 2013.

Keywords
Cloud computing, cloud service, cloud security, cloud privacy, distributed computing, security.