SlideShare a Scribd company logo

Cloud Computing Security Issues

Download as PPTX, PDF
Stelios Krasadakis
Stelios Krasadakis

Sections: Introduction Cloud Computing background Securing the Cloud Virtualization Mobile Cloud Computing User safety & energy consumption Author’s proposal Conclusion In order to make cloud computing to be adopted by users and enterprises, security concerns of users should be rectified by making cloud environment trustworthy, discussed by Latif et al. in the assessment of cloud computing risks[2]. We address the questions related to: security concerns and threats over general cloud computing, (2) the solutions for these problems and (3) mobile users safety in convergence with energy consumption.

Engineering
1 of 18
Cloud Security Issues A comprehensive survey on mobile cloud computing security issues in convergence with energy consumption MSc Candidate: Krasadakis Stelios February 17, 2017 Technological Educational Institute Of Crete Department of Informatics Engineering MSc “Informatics & Multimedia
Sections: I. Introduction I. Cloud Computing background II. Securing the Cloud III. Virtualization IV. Mobile Cloud Computing V. User safety & energy consumption VI. Author’s proposal VII. Conclusion Paper Structure February 17, 2017
Cloud computing is a model for enabling ubiquitous, convenient, on demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) . Why aren’t more hosts/companies following this model? • A survey indicated that 80% enterprises hesitate to implement cloud due to security and privacy issues[1]. Cloud data security is more complicated than data security in traditional information systems because data is scattered onto different machines. In order to make cloud computing to be adopted by users and enterprises, security concerns of users should be rectified by making cloud environment trustworthy, discussed by Latif et al. in the assessment of cloud computing risks[2]. We address the questions related to: (1) security concerns and threats over general cloud computing, (2) the solutions for these problems and (3) mobile users safety in convergence with energy consumption. Introduction February 17, 2017
IaaS, users are allowed to run any applications and operating systems they please. The principal unit of IaaS is the server, which can be physical or virtual. Cloud users are capable of configuring security policies, however cloud vendors must secure their systems to minimize other threats such as deletion, modification [8], [9]. PaaS, is used to motivate developers to create their own programs on top of the platform, while developers must take into account security measures for the applications they build and run [8]. SaaS, is the software that is accessed through the Internet via web browsers, from various devices. The application may be used free of charge or in a “pay as you go” model, depending on the provider’s policy. SaaS users have a limited control in security in comparison with the other two models [8]. PaaS and SaaS are on top of IaaS. All of them are inversely related. As a consequence of this dependency, any violation to any cloud layer can compromise the other layers as well. Cloud Architecture Models February 17, 2017
Providers ability to clearly demonstrate the core principles of information security (CIA) namely as: 1. Data Confidentiality, 2. Data Integrity and 3. Data Availability Confidentiality Ensuring user data travelling along the cloud cannot be accessed by unauthorized parties but traditional solutions like identification and authentication are inadequate. Solutions: 1) Proper encryption techniques either symmetric or asymmetric with a fixed key length [10] 2) Zissis propose a combination of the two cryptographic, known as hybrid cryptography [11] 3) Homomorphic encryption, the best solution, since decryption is not needed in users side[12], but its not applied because of having huge impact in power consumption and responsive time[7] Securing the cloud February 17, 2017
Integrity, Constitutes another crucial factor, since it refers to protecting data from illegal modification, deletion or fabrication. Solutions: 1) Message Authentication Code (MAC), where a symmetric key provides a check sum appending in the data [10]. 2) Digital Signature, which relies on public key structure. 3) Proofs of Retrievability (PoR), a protocol in which a server proves to a client that the data is intact, by combining error correction and spot-checking [12]. Computationally obstacle for mobile devices. 4) Based on PoR, another approach which is a local client process of encrypting suitable metadata in each data block with a secret key, known only by the authorized user [13]. 5) High Availability Integrity Layer (HAIL) is one more improved mechanism which also uses PoR and overcomes the mobile adversary [14]. Securing the cloud 2 February 17, 2017
Availability, Embodies the idea of anywhere and anytime access to data by users, even if there is some misbehavior in the system. Availability bows to three risks factors, which are difficult to detect, including hijacking, DNS attacks and denial of service. Solutions: 1. Bowers et al. advocate that HAIL could also be used for availability, other than integrity [14]. 2. Author in [11] propose a Third Trusted Party which is a legal organization with the aim to amplify security. The security requirement for availability, according to TTP is a combination of Public Key Infrastructure, Lightweight Directory Access Protocol and Single Sign On. 3. As we were conducting our research, we found out that there are no specific solutions for availability issues. The authors propose general solutions for integrity and confidentiality and they imply that availability is guaranteed, only if these two principles are protected. Securing the cloud 3 February 17, 2017
Virtualization is an essential part of cloud computing. It can be applied to anything, including memory, networks, storage, hardware, operating systems. It allows users to move, copy, and manipulate Virtual Machines (VMs) at their will. Keeping that in mind, virtualization is an extra layer in cloud that must be secured, since it is more vulnerable for attackers. Issues in Virtualization: 1. The major problem that arises by introducing virtualization in cloud is that during migration, an attacker can compromise the hypervisor (Virtual machine monitor) and transfer VMs to malicious servers. Its after effect is that integrity is violated. 2. Confidentiality could also be compromised due to VM image files. These files are configuration files which are used to create VMs and they reside in the provider’s pool. Any attacker can take advantage of this public pool and create malicious VM images that can contaminate others who download it. A direct consequence of that is sensitive data leakage. 3. Last but not least, other types of attacks are also available, such as denial of service that can tamper with availability [15]. Virtualization February 17, 2017
Solutions: 1. Hypervisor is a software, which is responsible for separating every VM (isolation). Hashizume et al. [8] suggest that keeping a hypervisor simple and small reduces the chances of violating CIA. 2. The writers in [3], [16] propose the hyper safe approach, which provides hypervisor control-flow integrity by using two techniques. The first one protects the hypervisor’s code and data by locking down write protected memory pages and the second one restricts indexing in order to convert the control data into pointer indexes. 3. Another accepted solution to prevent this is the Advanced Cloud Protection System (ACPS), which is suggested by Lombardi and Pietro [15]. The purpose of this framework is to monitor cloud components and defend VMs against intruders and attacks such as worms, Trojans and viruses. Virtualization 2 February 17, 2017
MCC, refers to a new infrastructure platform for combining both, cloud computing and mobile devices where data storage and data processing happen outside of the mobile device [17], [18]. Regarding the definition, Cloud computing exists when tasks and data are kept on the Internet rather than on individual devices, providing on-demand access. Applications are run on a remote server and then sent to the user [17]. It can be thought of as a combination of the cloud computing and mobile environment. The cloud can be used for power and storage, as mobile devices don’t have powerful resources compared to traditional computation devices. As the computing has been moved surrounding mobile cloud computing, the attacks and malware shifted their targets toward mobile cloud computing [19]. Mobile cloud computing February 17, 2017
Since mobile cloud computing is a combination of mobile networks and cloud computing, the security related issues are then divided into two categories: • 1. Mobile user’s security on network. • 2. Cloud security issues (discussed before) Offloading is one of the main advantages of mobile cloud computing to improve the battery lifetime for the mobile devices. Most authors propose of using security software into the cloud for securing mobile clients and we agree partially with this philosophy. Before mobile users could use a certain application, it should go through some level of threat evaluation. All file activities to be sent to mobile devices will be verified if it is malicious or not. However there are many related issues about efficiency under environmental changes. For example a code compilation, offloading might consume more energy in order to send data to the cloud, than that of local processing when the size of codes is small Users safety and energy consumption February 17, 2017
A research by A. Rudenko et al. [20] shows that offloading is not always the best way to save energy, and this is an issue for mobile users. Solutions in security regarding energy consumption 1. K. Kumar suggests a partitioning program, based on the estimation of the energy consumption before the program execution. The optimal partitioning program for offloading is calculated based on the trade-off between the communication and computation costs [21] 2. Authors in [22], present a partitioning pattern to offload computational tasks on mobile devices. The idea of this pattern is a construction of a cost graph with objective to minimize the computation and data communication cost with an algorithm that prunes the search space to obtain an approximated solution. Users safety and energy consumption 2 February 17, 2017
Based on mobile cloud computing definition and under its offload advantage, in order to secure clients we propose running security software on both client device and offloaded in cloud, instead of running anti-virus software just only locally or remote on cloud. There will be a heuristic algorithm like genetic algorithm for solving the optimization problem between locally computation consumption and network communication energy consumption. This algorithm should find the approximate best solution about energy efficiency for the mobile user. In case the local computation energy consumption is less that the network communication offload, the security software will run tasks locally and simultaneously the security software on cloud will be deactivated. In contrast, if the network communication offload consumption is less that local computation consumption then the local security software tasks will be disabled and the security software for the mobile clients will be running on cloud. Authors perspective February 17, 2017
Answers: • As an answer to our first question, we discussed concerns on cloud are concentrated on violation of CIA and threats. • As for the second question, we demonstrated a number of solutions for each section separately in order be obvious the insurance of each principle. • As for the third question, data security and client’s security coupled and proposed a security method for mobile users without increasing the overall energy consumption. Despite the huge evolution that cloud has brought in computer science, certain security hinders raise concerns. From our research we could claim that effective solutions for security already exist in all sections. However, some of them affect the performance of the systems, consequently they are not applied. Thus, instead of striving to find new solutions, researchers could focus on how the existing solutions can be implemented in cloud without deteriorating system performance and local power consumption. Conclusion February 17, 2017
[1] “80% of Enterprises Can’t Rely on Perimeter Security to Protect Cloud Infrastructures Survey Finds - CloudPassage.” [Online]. Available: https://www.cloudpassage.com/press-releases/80-of-enterprises-cant- rely-onperimeter-security-to-protect-cloud-infrastructures-survey-finds. [2] R. Latif, H. Abbas, S. Assar, and Q. Ali, “Cloud computing risk assessment: a systematic literature review,” in Future Information Technology, pp. 285– 295, Springer, Berlin, Germany, 2014. [3] J. Scanlon and B. Wieners, “The internet cloud,” The Industry Standard, Tech. Rep., 1999. [4] L.M. Vaquero, L. Rodero-Merino, J. Caceres, and M. Lindner, “A break in the clouds: towards a cloud definition,” SIGCOMM Comput. Commun. Rev., vol. 39, 2009, pp. 50–55. [5] P. Mell and T. Grance, “The NIST Definition of Cloud Computing Recommendations of the National Institute of Standards and Technology,” Natl. Inst. Stand. Technol. Inf. Technol. Lab., vol. 145, p. 7, 2011. [6] S. Ramgovind, M. M. Eloff, and E. Smith, “The management of security in Cloud computing,” 2010 Inf. Secur. South Africa, pp. 1–7, 2010. [7] F. Sabahi, “Cloud computing security threats and responses,” 2011 IEEE 3rd Int. Conf. Commun. Softw. Networks, pp. 245–249, 2011. References February 17, 2017
[8] K. Hashizume, D. G. Rosado, E. Fernández-Medina, and E. B. Fernandez, “An analysis of security issues for cloud computing,” J. Internet Serv. Appl., vol. 4, no. 1, p. 5, 2013. [9] B. R. Cyril and S. B. R. Kumar, “Cloud Computing Data Security Issues Challenges , Architecture and Methods- A Survey,” pp. 848–857, 2015. [10] S. A. Almulla and C. Y. Yeun, “Cloud computing security management,” Eng. Syst. Manag. Its Appl. (ICESMA), 2010 Second Int. Conf., pp. 1–7, 2010. [11] D. Zissis and D. Lekkas, “Addressing cloud computing security issues,” Futur. Gener. Comput. Syst., vol. 28, no. 3, pp. 583–592, 2012. [12] X. Zhifeng and X. Yang, “Security and Privacy in Cloud Computing,” Commun. Surv. Tutorials, IEEE, vol. 15, no. 2, pp. 843–859, 2013. [13] R. S. Kumar and A. Saxena, “Data integrity proofs in cloud storage,” Int. Conf. Commun. Syst. Networks, pp. 1–4, 2011. [14] K. D. Bowers, A. Juels, and A. Oprea, “Hail,” Proc. 16th ACM Conf. Comput. Commun. Secur. - CCS ’09, vol. 489, p. 187, 2009. K. D. Bowers, A. Juels, and A. Oprea, “Hail,” Proc. 16th ACM Conf. Comput. [15] F. Lombardi and R. Di Pietro, “Secure virtualization for cloud computing,” J. Netw. Comput. Appl., vol. 34, no. 4, pp. 1113–1122, 2011. References February 17, 2017
[16] Z. Wang and X. Jiang, “HyperSafe: A lightweight approach to provide lifetime hypervisor control-flow integrity,” Proc. - IEEE Symp. Secur. Priv.,pp.380–395,2010. [17] H. T. Dinh, C. Lee, D. Niyato and P. Wang, "A survey of mobile cloud computing: architecture, applications, and approaches", Wireless Communications and Mobile Computing - Wiley, (2011) October [18] Fernando, Niroshinie, Seng W. Loke, and Wenny Rahayu. "Mobile cloud computing: A survey." Future Generation Computer Systems 29.1 (2013): 84-106. [19] K. H. Jashizume, D. Rosado, E. Fernandez-Medina, and B. nEduardo, “An analysis of security issues for cloud computing,” Journal of Internet Services and Applications, vol. 4, no. 5, pp. 1-13, 2013. [20] A. Rudenko, P. Reiher, G. J. Popek, and G. H. Kuenning, “Saving portable computer battery power through remote process execution, “Journal of ACM SIGMOBILE on Mobile Computing and Communications Review, vol. 2, no. 1, January 1998. [21] K. Kumar and Y. Lu,“Cloud Computing for Mobile Users: Can Offloading Computation Save Energy,”IEEE Computer Society, vol.43, no. 4, April 2010. References February 17, 2017
[22] Z. Li, C. Wang, and R. Xu, “Computation offloading to save energy on handheld devices: a partition scheme,” in Proceedings of the 2001 international conference on Compilers, architecture, and synthesis for embedded systems (CASES), pp. 238 - 246, November 2001 References February 17, 2017

Recommended

Security Issues of Cloud Computing
Security Issues of Cloud ComputingSecurity Issues of Cloud Computing
Security Issues of Cloud ComputingFalgun Rathod
 
Cloud computing security issues and challenges
Cloud computing security issues and challengesCloud computing security issues and challenges
Cloud computing security issues and challengesDheeraj Negi
 
Cloud Computing Security Challenges
Cloud Computing Security ChallengesCloud Computing Security Challenges
Cloud Computing Security ChallengesYateesh Yadav
 
Cloud Security, Standards and Applications
Cloud Security, Standards and ApplicationsCloud Security, Standards and Applications
Cloud Security, Standards and ApplicationsDr. Sunil Kr. Pandey
 
security Issues of cloud computing
security Issues of cloud computingsecurity Issues of cloud computing
security Issues of cloud computingprachupanchal
 
Cloud computing
Cloud computingCloud computing
Cloud computingAditya Dwivedi
 
Privacy issues in the cloud
Privacy issues in the cloudPrivacy issues in the cloud
Privacy issues in the cloudConstantine Karbaliotis
 
Cloud Computing Security
Cloud Computing SecurityCloud Computing Security
Cloud Computing SecurityNinh Nguyen
 

Recommended

Security Issues of Cloud Computing
Security Issues of Cloud ComputingSecurity Issues of Cloud Computing
Security Issues of Cloud ComputingFalgun Rathod
 
Cloud computing security issues and challenges
Cloud computing security issues and challengesCloud computing security issues and challenges
Cloud computing security issues and challengesDheeraj Negi
 
Cloud Computing Security Challenges
Cloud Computing Security ChallengesCloud Computing Security Challenges
Cloud Computing Security ChallengesYateesh Yadav
 
Cloud Security, Standards and Applications
Cloud Security, Standards and ApplicationsCloud Security, Standards and Applications
Cloud Security, Standards and ApplicationsDr. Sunil Kr. Pandey
 
security Issues of cloud computing
security Issues of cloud computingsecurity Issues of cloud computing
security Issues of cloud computingprachupanchal
 
Cloud computing
Cloud computingCloud computing
Cloud computingAditya Dwivedi
 
Privacy issues in the cloud
Privacy issues in the cloudPrivacy issues in the cloud
Privacy issues in the cloudConstantine Karbaliotis
 
Cloud Computing Security
Cloud Computing SecurityCloud Computing Security
Cloud Computing SecurityNinh Nguyen
 
Cloud Computing and Security - ISACA Hyderabad Chapter Presentation
Cloud Computing and Security - ISACA Hyderabad Chapter PresentationCloud Computing and Security - ISACA Hyderabad Chapter Presentation
Cloud Computing and Security - ISACA Hyderabad Chapter PresentationVenkateswar Reddy Melachervu
 
Cloud computing
Cloud computingCloud computing
Cloud computingReetesh Gupta
 
Security in cloud computing
Security in cloud computingSecurity in cloud computing
Security in cloud computingveena venugopal
 
Cloud Security Mechanisms
Cloud Security MechanismsCloud Security Mechanisms
Cloud Security MechanismsMohammed Sajjad Ali
 
Virtualization
VirtualizationVirtualization
VirtualizationShivam Singh
 
Cloud Security - Security Aspects of Cloud Computing
Cloud Security - Security Aspects of Cloud ComputingCloud Security - Security Aspects of Cloud Computing
Cloud Security - Security Aspects of Cloud ComputingJim Geovedi
 
Cloud Security
Cloud SecurityCloud Security
Cloud SecurityAWS User Group Bengaluru
 
Cloud security Presentation
Cloud security PresentationCloud security Presentation
Cloud security PresentationAjay p
 
Cloud Computing - Benefits and Challenges
Cloud Computing - Benefits and ChallengesCloud Computing - Benefits and Challenges
Cloud Computing - Benefits and ChallengesThoughtWorks Studios
 
Virtualize of IO Devices .docx
Virtualize of IO Devices .docxVirtualize of IO Devices .docx
Virtualize of IO Devices .docxkumari36
 
Cloud security
Cloud security Cloud security
Cloud security Mohamed Shalash
 
Cloud Services: Types of Cloud
Cloud Services: Types of CloudCloud Services: Types of Cloud
Cloud Services: Types of CloudDr. Sunil Kr. Pandey
 
Evolution of Cloud Computing
Evolution of Cloud ComputingEvolution of Cloud Computing
Evolution of Cloud ComputingNephoScale
 
Benefits of Cloud Computing
Benefits of Cloud ComputingBenefits of Cloud Computing
Benefits of Cloud ComputingKNOWARTH - Software Development Company
 
History of cloud computing
History of cloud computingHistory of cloud computing
History of cloud computingsankalp810108
 
Cloud Computing Security
Cloud Computing SecurityCloud Computing Security
Cloud Computing SecurityNithin Raj
 
Cloud computing risks
Cloud computing risksCloud computing risks
Cloud computing riskssripriya78
 
Cloud Security Top Threats
Cloud Security Top ThreatsCloud Security Top Threats
Cloud Security Top ThreatsTiago de Almeida
 
Cloud adoption and rudiments
Cloud adoption and rudimentsCloud adoption and rudiments
Cloud adoption and rudimentsgaurav jain
 
Cloud security and security architecture
Cloud security and security architectureCloud security and security architecture
Cloud security and security architectureVladimir Jirasek
 
Knapsack problem solved by Genetic Algorithms
Knapsack problem solved by Genetic AlgorithmsKnapsack problem solved by Genetic Algorithms
Knapsack problem solved by Genetic AlgorithmsStelios Krasadakis
 
Data security in cloud computing
Data security in cloud computingData security in cloud computing
Data security in cloud computingPrince Chandu
 

More Related Content

What's hot

Cloud Computing and Security - ISACA Hyderabad Chapter Presentation
Cloud Computing and Security - ISACA Hyderabad Chapter PresentationCloud Computing and Security - ISACA Hyderabad Chapter Presentation
Cloud Computing and Security - ISACA Hyderabad Chapter PresentationVenkateswar Reddy Melachervu
 
Security in cloud computing
Security in cloud computingSecurity in cloud computing
Security in cloud computingveena venugopal
 
Cloud Security - Security Aspects of Cloud Computing
Cloud Security - Security Aspects of Cloud ComputingCloud Security - Security Aspects of Cloud Computing
Cloud Security - Security Aspects of Cloud ComputingJim Geovedi
 
Cloud security Presentation
Cloud security PresentationCloud security Presentation
Cloud security PresentationAjay p
 
Cloud Computing - Benefits and Challenges
Cloud Computing - Benefits and ChallengesCloud Computing - Benefits and Challenges
Cloud Computing - Benefits and ChallengesThoughtWorks Studios
 
Virtualize of IO Devices .docx
Virtualize of IO Devices .docxVirtualize of IO Devices .docx
Virtualize of IO Devices .docxkumari36
 
Evolution of Cloud Computing
Evolution of Cloud ComputingEvolution of Cloud Computing
Evolution of Cloud ComputingNephoScale
 
History of cloud computing
History of cloud computingHistory of cloud computing
History of cloud computingsankalp810108
 
Cloud Computing Security
Cloud Computing SecurityCloud Computing Security
Cloud Computing SecurityNithin Raj
 
Cloud computing risks
Cloud computing risksCloud computing risks
Cloud computing riskssripriya78
 
Cloud Security Top Threats
Cloud Security Top ThreatsCloud Security Top Threats
Cloud Security Top ThreatsTiago de Almeida
 
Cloud adoption and rudiments
Cloud adoption and rudimentsCloud adoption and rudiments
Cloud adoption and rudimentsgaurav jain
 
Cloud security and security architecture
Cloud security and security architectureCloud security and security architecture
Cloud security and security architectureVladimir Jirasek
 

What's hot (20)

Cloud Computing and Security - ISACA Hyderabad Chapter Presentation
Cloud Computing and Security - ISACA Hyderabad Chapter PresentationCloud Computing and Security - ISACA Hyderabad Chapter Presentation
Cloud Computing and Security - ISACA Hyderabad Chapter Presentation
 
Cloud computing
Cloud computingCloud computing
Cloud computing
 
Security in cloud computing
Security in cloud computingSecurity in cloud computing
Security in cloud computing
 
Cloud Security Mechanisms
Cloud Security MechanismsCloud Security Mechanisms
Cloud Security Mechanisms
 
Virtualization
VirtualizationVirtualization
Virtualization
 
Cloud Security - Security Aspects of Cloud Computing
Cloud Security - Security Aspects of Cloud ComputingCloud Security - Security Aspects of Cloud Computing
Cloud Security - Security Aspects of Cloud Computing
 
Cloud Security
Cloud SecurityCloud Security
Cloud Security
 
Cloud security Presentation
Cloud security PresentationCloud security Presentation
Cloud security Presentation
 
Cloud Computing - Benefits and Challenges
Cloud Computing - Benefits and ChallengesCloud Computing - Benefits and Challenges
Cloud Computing - Benefits and Challenges
 
Virtualize of IO Devices .docx
Virtualize of IO Devices .docxVirtualize of IO Devices .docx
Virtualize of IO Devices .docx
 
Cloud security
Cloud security Cloud security
Cloud security
 
Cloud Services: Types of Cloud
Cloud Services: Types of CloudCloud Services: Types of Cloud
Cloud Services: Types of Cloud
 
Evolution of Cloud Computing
Evolution of Cloud ComputingEvolution of Cloud Computing
Evolution of Cloud Computing
 
Benefits of Cloud Computing
Benefits of Cloud ComputingBenefits of Cloud Computing
Benefits of Cloud Computing
 
History of cloud computing
History of cloud computingHistory of cloud computing
History of cloud computing
 
Cloud Computing Security
Cloud Computing SecurityCloud Computing Security
Cloud Computing Security
 
Cloud computing risks
Cloud computing risksCloud computing risks
Cloud computing risks
 
Cloud Security Top Threats
Cloud Security Top ThreatsCloud Security Top Threats
Cloud Security Top Threats
 
Cloud adoption and rudiments
Cloud adoption and rudimentsCloud adoption and rudiments
Cloud adoption and rudiments
 
Cloud security and security architecture
Cloud security and security architectureCloud security and security architecture
Cloud security and security architecture
 

Viewers also liked

Knapsack problem solved by Genetic Algorithms
Knapsack problem solved by Genetic AlgorithmsKnapsack problem solved by Genetic Algorithms
Knapsack problem solved by Genetic AlgorithmsStelios Krasadakis
 
Data security in cloud computing
Data security in cloud computingData security in cloud computing
Data security in cloud computingPrince Chandu
 
Genetic Algorithm based Approach to solve Non-Fractional (0/1) Knapsack Optim...
Genetic Algorithm based Approach to solve Non-Fractional (0/1) Knapsack Optim...Genetic Algorithm based Approach to solve Non-Fractional (0/1) Knapsack Optim...
Genetic Algorithm based Approach to solve Non-Fractional (0/1) Knapsack Optim...International Islamic University
 
Privacy Concerns and Cloud Computing
Privacy Concerns and Cloud ComputingPrivacy Concerns and Cloud Computing
Privacy Concerns and Cloud ComputingAIIM International
 
Grow your business by shaping the human impacts of technology
Grow your business by shaping the human impacts of technologyGrow your business by shaping the human impacts of technology
Grow your business by shaping the human impacts of technologyMichael Siepmann, Ph.D.
 
10 security concerns cloud computing
10 security concerns cloud computing10 security concerns cloud computing
10 security concerns cloud computingHossam Zein
 
MEDIA ICMI EDISI 11
MEDIA ICMI EDISI 11 MEDIA ICMI EDISI 11
MEDIA ICMI EDISI 11 ICMI Pusat
 
Performance Analysis of Mobile Security Protocols: Encryption and Authenticat...
Performance Analysis of Mobile Security Protocols: Encryption and Authenticat...Performance Analysis of Mobile Security Protocols: Encryption and Authenticat...
Performance Analysis of Mobile Security Protocols: Encryption and Authenticat...CSCJournals
 
Babadook
BabadookBabadook
Babadookjupton1
 
Mobile security
Mobile securityMobile security
Mobile securityStefaan
 
Looking for Information Vacuums
Looking for Information VacuumsLooking for Information Vacuums
Looking for Information VacuumsInfo Ops HQ
 
Mobile security
Mobile securityMobile security
Mobile securityMphasis
 
Cloud Monitoring And Forensic Using Security Metrics
Cloud Monitoring And Forensic Using Security MetricsCloud Monitoring And Forensic Using Security Metrics
Cloud Monitoring And Forensic Using Security MetricsSandeep Saxena
 
Mobile Application Security by Design
Mobile Application Security by DesignMobile Application Security by Design
Mobile Application Security by DesignDMI
 
Greedy Knapsack Problem - by Y Achchuthan
Greedy Knapsack Problem - by Y AchchuthanGreedy Knapsack Problem - by Y Achchuthan
Greedy Knapsack Problem - by Y AchchuthanAchchuthan Yogarajah
 
The shortest path to cloud success - your roadmap
The shortest path to cloud success - your roadmapThe shortest path to cloud success - your roadmap
The shortest path to cloud success - your roadmapGabe Akisanmi
 

Viewers also liked (20)

Knapsack problem solved by Genetic Algorithms
Knapsack problem solved by Genetic AlgorithmsKnapsack problem solved by Genetic Algorithms
Knapsack problem solved by Genetic Algorithms
 
Data security in cloud computing
Data security in cloud computingData security in cloud computing
Data security in cloud computing
 
Genetic Algorithm based Approach to solve Non-Fractional (0/1) Knapsack Optim...
Genetic Algorithm based Approach to solve Non-Fractional (0/1) Knapsack Optim...Genetic Algorithm based Approach to solve Non-Fractional (0/1) Knapsack Optim...
Genetic Algorithm based Approach to solve Non-Fractional (0/1) Knapsack Optim...
 
How to Overcome Content Security Concerns in the Cloud
How to Overcome Content Security Concerns in the CloudHow to Overcome Content Security Concerns in the Cloud
How to Overcome Content Security Concerns in the Cloud
 
Privacy Concerns and Cloud Computing
Privacy Concerns and Cloud ComputingPrivacy Concerns and Cloud Computing
Privacy Concerns and Cloud Computing
 
Grow your business by shaping the human impacts of technology
Grow your business by shaping the human impacts of technologyGrow your business by shaping the human impacts of technology
Grow your business by shaping the human impacts of technology
 
10 security concerns cloud computing
10 security concerns cloud computing10 security concerns cloud computing
10 security concerns cloud computing
 
Cloud Computing & Security Concerns
Cloud Computing & Security ConcernsCloud Computing & Security Concerns
Cloud Computing & Security Concerns
 
Updated CV
Updated CVUpdated CV
Updated CV
 
MEDIA ICMI EDISI 11
MEDIA ICMI EDISI 11 MEDIA ICMI EDISI 11
MEDIA ICMI EDISI 11
 
Performance Analysis of Mobile Security Protocols: Encryption and Authenticat...
Performance Analysis of Mobile Security Protocols: Encryption and Authenticat...Performance Analysis of Mobile Security Protocols: Encryption and Authenticat...
Performance Analysis of Mobile Security Protocols: Encryption and Authenticat...
 
Babadook
BabadookBabadook
Babadook
 
Mobile security
Mobile securityMobile security
Mobile security
 
Looking for Information Vacuums
Looking for Information VacuumsLooking for Information Vacuums
Looking for Information Vacuums
 
Mobile security
Mobile securityMobile security
Mobile security
 
Cloud Monitoring And Forensic Using Security Metrics
Cloud Monitoring And Forensic Using Security MetricsCloud Monitoring And Forensic Using Security Metrics
Cloud Monitoring And Forensic Using Security Metrics
 
Mobile Application Security by Design
Mobile Application Security by DesignMobile Application Security by Design
Mobile Application Security by Design
 
Mobile Apps Security
Mobile Apps SecurityMobile Apps Security
Mobile Apps Security
 
Greedy Knapsack Problem - by Y Achchuthan
Greedy Knapsack Problem - by Y AchchuthanGreedy Knapsack Problem - by Y Achchuthan
Greedy Knapsack Problem - by Y Achchuthan
 
The shortest path to cloud success - your roadmap
The shortest path to cloud success - your roadmapThe shortest path to cloud success - your roadmap
The shortest path to cloud success - your roadmap
 

Similar to Cloud Computing Security Issues

Challenges and Mechanisms for Securing Data in Mobile Cloud Computing
Challenges and Mechanisms for Securing Data in Mobile Cloud ComputingChallenges and Mechanisms for Securing Data in Mobile Cloud Computing
Challenges and Mechanisms for Securing Data in Mobile Cloud Computingijcnes
 
fog computing provide security to the data in cloud
fog computing provide security to the data in cloudfog computing provide security to the data in cloud
fog computing provide security to the data in cloudpriyanka reddy
 
Ijirsm poornima-km-a-survey-on-security-circumstances-for-mobile-cloud-computing
Ijirsm poornima-km-a-survey-on-security-circumstances-for-mobile-cloud-computingIjirsm poornima-km-a-survey-on-security-circumstances-for-mobile-cloud-computing
Ijirsm poornima-km-a-survey-on-security-circumstances-for-mobile-cloud-computingIJIR JOURNALS IJIRUSA
 
Fog computing document
Fog computing documentFog computing document
Fog computing documentsravya raju
 
Security Issues in Cloud Computing by rahul abhishek
Security Issues in Cloud Computing by rahul abhishekSecurity Issues in Cloud Computing by rahul abhishek
Security Issues in Cloud Computing by rahul abhishekEr. rahul abhishek
 
Cloud Computing Using Encryption and Intrusion Detection
Cloud Computing Using Encryption and Intrusion DetectionCloud Computing Using Encryption and Intrusion Detection
Cloud Computing Using Encryption and Intrusion Detectionijsrd.com
 
Cloud data security and various cryptographic algorithms
Cloud data security and various cryptographic algorithms Cloud data security and various cryptographic algorithms
Cloud data security and various cryptographic algorithms IJECEIAES
 
A Systematic Literature Review On Cloud Computing Security Threats And Mitig...
A Systematic Literature Review On Cloud Computing Security Threats And Mitig...A Systematic Literature Review On Cloud Computing Security Threats And Mitig...
A Systematic Literature Review On Cloud Computing Security Threats And Mitig...Claire Webber
 
Iaetsd cloud computing and security challenges
Iaetsd cloud computing and security challengesIaetsd cloud computing and security challenges
Iaetsd cloud computing and security challengesIaetsd Iaetsd
 
Migration of Virtual Machine to improve the Security in Cloud Computing
Migration of Virtual Machine to improve the Security in Cloud Computing Migration of Virtual Machine to improve the Security in Cloud Computing
Migration of Virtual Machine to improve the Security in Cloud Computing IJECEIAES
 
A survey on data security in cloud computing issues and mitigation techniques
A survey on data security in cloud computing issues and mitigation techniquesA survey on data security in cloud computing issues and mitigation techniques
A survey on data security in cloud computing issues and mitigation techniqueseSAT Publishing House
 
The Riisk and Challllenges off Clloud Computtiing
The Riisk and Challllenges off Clloud ComputtiingThe Riisk and Challllenges off Clloud Computtiing
The Riisk and Challllenges off Clloud ComputtiingIJERA Editor
 
Security threat issues and countermeasures in cloud computing
Security threat issues and countermeasures in cloud computingSecurity threat issues and countermeasures in cloud computing
Security threat issues and countermeasures in cloud computingJahangeer Qadiree
 
An Overview on Security Issues in Cloud Computing
An Overview on Security Issues in Cloud ComputingAn Overview on Security Issues in Cloud Computing
An Overview on Security Issues in Cloud ComputingIOSR Journals
 
Solutions of cloud computing security issues
Solutions of cloud computing security issuesSolutions of cloud computing security issues
Solutions of cloud computing security issuesJahangeer Qadiree
 
SECURE CLOUD ARCHITECTURE
SECURE CLOUD ARCHITECTURESECURE CLOUD ARCHITECTURE
SECURE CLOUD ARCHITECTUREacijjournal
 
Security Issues in Cloud Computing by rahul abhishek
Security Issues in Cloud Computing by rahul abhishekSecurity Issues in Cloud Computing by rahul abhishek
Security Issues in Cloud Computing by rahul abhishekEr. rahul abhishek
 
Security aspects-of-mobile-cloud-computing
Security aspects-of-mobile-cloud-computingSecurity aspects-of-mobile-cloud-computing
Security aspects-of-mobile-cloud-computingSHREYASSRINATH94
 

Similar to Cloud Computing Security Issues (20)

Challenges and Mechanisms for Securing Data in Mobile Cloud Computing
Challenges and Mechanisms for Securing Data in Mobile Cloud ComputingChallenges and Mechanisms for Securing Data in Mobile Cloud Computing
Challenges and Mechanisms for Securing Data in Mobile Cloud Computing
 
fog computing provide security to the data in cloud
fog computing provide security to the data in cloudfog computing provide security to the data in cloud
fog computing provide security to the data in cloud
 
Fog doc
Fog doc Fog doc
Fog doc
 
Ijirsm poornima-km-a-survey-on-security-circumstances-for-mobile-cloud-computing
Ijirsm poornima-km-a-survey-on-security-circumstances-for-mobile-cloud-computingIjirsm poornima-km-a-survey-on-security-circumstances-for-mobile-cloud-computing
Ijirsm poornima-km-a-survey-on-security-circumstances-for-mobile-cloud-computing
 
Fog computing document
Fog computing documentFog computing document
Fog computing document
 
Security Issues in Cloud Computing by rahul abhishek
Security Issues in Cloud Computing by rahul abhishekSecurity Issues in Cloud Computing by rahul abhishek
Security Issues in Cloud Computing by rahul abhishek
 
Cloud Computing Using Encryption and Intrusion Detection
Cloud Computing Using Encryption and Intrusion DetectionCloud Computing Using Encryption and Intrusion Detection
Cloud Computing Using Encryption and Intrusion Detection
 
Cloud data security and various cryptographic algorithms
Cloud data security and various cryptographic algorithms Cloud data security and various cryptographic algorithms
Cloud data security and various cryptographic algorithms
 
A Systematic Literature Review On Cloud Computing Security Threats And Mitig...
A Systematic Literature Review On Cloud Computing Security Threats And Mitig...A Systematic Literature Review On Cloud Computing Security Threats And Mitig...
A Systematic Literature Review On Cloud Computing Security Threats And Mitig...
 
Iaetsd cloud computing and security challenges
Iaetsd cloud computing and security challengesIaetsd cloud computing and security challenges
Iaetsd cloud computing and security challenges
 
B1802041217
B1802041217B1802041217
B1802041217
 
Migration of Virtual Machine to improve the Security in Cloud Computing
Migration of Virtual Machine to improve the Security in Cloud Computing Migration of Virtual Machine to improve the Security in Cloud Computing
Migration of Virtual Machine to improve the Security in Cloud Computing
 
A survey on data security in cloud computing issues and mitigation techniques
A survey on data security in cloud computing issues and mitigation techniquesA survey on data security in cloud computing issues and mitigation techniques
A survey on data security in cloud computing issues and mitigation techniques
 
The Riisk and Challllenges off Clloud Computtiing
The Riisk and Challllenges off Clloud ComputtiingThe Riisk and Challllenges off Clloud Computtiing
The Riisk and Challllenges off Clloud Computtiing
 
Security threat issues and countermeasures in cloud computing
Security threat issues and countermeasures in cloud computingSecurity threat issues and countermeasures in cloud computing
Security threat issues and countermeasures in cloud computing
 
An Overview on Security Issues in Cloud Computing
An Overview on Security Issues in Cloud ComputingAn Overview on Security Issues in Cloud Computing
An Overview on Security Issues in Cloud Computing
 
Solutions of cloud computing security issues
Solutions of cloud computing security issuesSolutions of cloud computing security issues
Solutions of cloud computing security issues
 
SECURE CLOUD ARCHITECTURE
SECURE CLOUD ARCHITECTURESECURE CLOUD ARCHITECTURE
SECURE CLOUD ARCHITECTURE
 
Security Issues in Cloud Computing by rahul abhishek
Security Issues in Cloud Computing by rahul abhishekSecurity Issues in Cloud Computing by rahul abhishek
Security Issues in Cloud Computing by rahul abhishek
 
Security aspects-of-mobile-cloud-computing
Security aspects-of-mobile-cloud-computingSecurity aspects-of-mobile-cloud-computing
Security aspects-of-mobile-cloud-computing
 

Recently uploaded

Navigating Complexity: The Role of Trusted Partners and VIAS3D in Dassault Sy...
Navigating Complexity: The Role of Trusted Partners and VIAS3D in Dassault Sy...Navigating Complexity: The Role of Trusted Partners and VIAS3D in Dassault Sy...
Navigating Complexity: The Role of Trusted Partners and VIAS3D in Dassault Sy...Arindam Chakraborty, Ph.D., P.E. (CA, TX)
 
Intro To Electric Vehicles PDF Notes.pdf
Intro To Electric Vehicles PDF Notes.pdfIntro To Electric Vehicles PDF Notes.pdf
Intro To Electric Vehicles PDF Notes.pdfrs7054576148
 
Generative AI or GenAI technology based PPT
Generative AI or GenAI technology based PPTGenerative AI or GenAI technology based PPT
Generative AI or GenAI technology based PPTbhaskargani46
 
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756dollysharma2066
 
UNIT - IV - Air Compressors and its Performance
UNIT - IV - Air Compressors and its PerformanceUNIT - IV - Air Compressors and its Performance
UNIT - IV - Air Compressors and its Performancesivaprakash250
 
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXssuser89054b
 
Double Revolving field theory-how the rotor develops torque
Double Revolving field theory-how the rotor develops torqueDouble Revolving field theory-how the rotor develops torque
Double Revolving field theory-how the rotor develops torqueBhangaleSonal
 
VIP Call Girls Palanpur 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Palanpur 7001035870 Whatsapp Number, 24/07 BookingVIP Call Girls Palanpur 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Palanpur 7001035870 Whatsapp Number, 24/07 Bookingdharasingh5698
 
Unit 1 - Soil Classification and Compaction.pdf
Unit 1 - Soil Classification and Compaction.pdfUnit 1 - Soil Classification and Compaction.pdf
Unit 1 - Soil Classification and Compaction.pdfRagavanV2
 
Intze Overhead Water Tank Design by Working Stress - IS Method.pdf
Intze Overhead Water Tank Design by Working Stress - IS Method.pdfIntze Overhead Water Tank Design by Working Stress - IS Method.pdf
Intze Overhead Water Tank Design by Working Stress - IS Method.pdfSuman Jyoti
 
Bhosari ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For ...
Bhosari ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For ...Bhosari ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For ...
Bhosari ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For ...tanu pandey
 
Thermal Engineering Unit - I & II . ppt
Thermal Engineering Unit - I & II . pptThermal Engineering Unit - I & II . ppt
Thermal Engineering Unit - I & II . pptDineshKumar4165
 
Thermal Engineering-R & A / C - unit - V
Thermal Engineering-R & A / C - unit - VThermal Engineering-R & A / C - unit - V
Thermal Engineering-R & A / C - unit - VDineshKumar4165
 
notes on Evolution Of Analytic Scalability.ppt
notes on Evolution Of Analytic Scalability.pptnotes on Evolution Of Analytic Scalability.ppt
notes on Evolution Of Analytic Scalability.pptMsecMca
 
Work-Permit-Receiver-in-Saudi-Aramco.pptx
Work-Permit-Receiver-in-Saudi-Aramco.pptxWork-Permit-Receiver-in-Saudi-Aramco.pptx
Work-Permit-Receiver-in-Saudi-Aramco.pptxJuliansyahHarahap1
 
Unit 2- Effective stress & Permeability.pdf
Unit 2- Effective stress & Permeability.pdfUnit 2- Effective stress & Permeability.pdf
Unit 2- Effective stress & Permeability.pdfRagavanV2
 

Recently uploaded (20)

Navigating Complexity: The Role of Trusted Partners and VIAS3D in Dassault Sy...
Navigating Complexity: The Role of Trusted Partners and VIAS3D in Dassault Sy...Navigating Complexity: The Role of Trusted Partners and VIAS3D in Dassault Sy...
Navigating Complexity: The Role of Trusted Partners and VIAS3D in Dassault Sy...
 
Intro To Electric Vehicles PDF Notes.pdf
Intro To Electric Vehicles PDF Notes.pdfIntro To Electric Vehicles PDF Notes.pdf
Intro To Electric Vehicles PDF Notes.pdf
 
Generative AI or GenAI technology based PPT
Generative AI or GenAI technology based PPTGenerative AI or GenAI technology based PPT
Generative AI or GenAI technology based PPT
 
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
 
UNIT - IV - Air Compressors and its Performance
UNIT - IV - Air Compressors and its PerformanceUNIT - IV - Air Compressors and its Performance
UNIT - IV - Air Compressors and its Performance
 
(INDIRA) Call Girl Bhosari Call Now 8617697112 Bhosari Escorts 24x7
(INDIRA) Call Girl Bhosari Call Now 8617697112 Bhosari Escorts 24x7(INDIRA) Call Girl Bhosari Call Now 8617697112 Bhosari Escorts 24x7
(INDIRA) Call Girl Bhosari Call Now 8617697112 Bhosari Escorts 24x7
 
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
 
Double Revolving field theory-how the rotor develops torque
Double Revolving field theory-how the rotor develops torqueDouble Revolving field theory-how the rotor develops torque
Double Revolving field theory-how the rotor develops torque
 
VIP Call Girls Palanpur 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Palanpur 7001035870 Whatsapp Number, 24/07 BookingVIP Call Girls Palanpur 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Palanpur 7001035870 Whatsapp Number, 24/07 Booking
 
Unit 1 - Soil Classification and Compaction.pdf
Unit 1 - Soil Classification and Compaction.pdfUnit 1 - Soil Classification and Compaction.pdf
Unit 1 - Soil Classification and Compaction.pdf
 
Intze Overhead Water Tank Design by Working Stress - IS Method.pdf
Intze Overhead Water Tank Design by Working Stress - IS Method.pdfIntze Overhead Water Tank Design by Working Stress - IS Method.pdf
Intze Overhead Water Tank Design by Working Stress - IS Method.pdf
 
FEA Based Level 3 Assessment of Deformed Tanks with Fluid Induced Loads
FEA Based Level 3 Assessment of Deformed Tanks with Fluid Induced LoadsFEA Based Level 3 Assessment of Deformed Tanks with Fluid Induced Loads
FEA Based Level 3 Assessment of Deformed Tanks with Fluid Induced Loads
 
Bhosari ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For ...
Bhosari ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For ...Bhosari ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For ...
Bhosari ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For ...
 
Thermal Engineering Unit - I & II . ppt
Thermal Engineering Unit - I & II . pptThermal Engineering Unit - I & II . ppt
Thermal Engineering Unit - I & II . ppt
 
Thermal Engineering-R & A / C - unit - V
Thermal Engineering-R & A / C - unit - VThermal Engineering-R & A / C - unit - V
Thermal Engineering-R & A / C - unit - V
 
(INDIRA) Call Girl Meerut Call Now 8617697112 Meerut Escorts 24x7
(INDIRA) Call Girl Meerut Call Now 8617697112 Meerut Escorts 24x7(INDIRA) Call Girl Meerut Call Now 8617697112 Meerut Escorts 24x7
(INDIRA) Call Girl Meerut Call Now 8617697112 Meerut Escorts 24x7
 
notes on Evolution Of Analytic Scalability.ppt
notes on Evolution Of Analytic Scalability.pptnotes on Evolution Of Analytic Scalability.ppt
notes on Evolution Of Analytic Scalability.ppt
 
Work-Permit-Receiver-in-Saudi-Aramco.pptx
Work-Permit-Receiver-in-Saudi-Aramco.pptxWork-Permit-Receiver-in-Saudi-Aramco.pptx
Work-Permit-Receiver-in-Saudi-Aramco.pptx
 
Water Industry Process Automation & Control Monthly - April 2024
Water Industry Process Automation & Control Monthly - April 2024Water Industry Process Automation & Control Monthly - April 2024
Water Industry Process Automation & Control Monthly - April 2024
 
Unit 2- Effective stress & Permeability.pdf
Unit 2- Effective stress & Permeability.pdfUnit 2- Effective stress & Permeability.pdf
Unit 2- Effective stress & Permeability.pdf
 

Cloud Computing Security Issues

  • 1. Cloud Security Issues A comprehensive survey on mobile cloud computing security issues in convergence with energy consumption MSc Candidate: Krasadakis Stelios February 17, 2017 Technological Educational Institute Of Crete Department of Informatics Engineering MSc “Informatics & Multimedia
  • 2. Sections: I. Introduction I. Cloud Computing background II. Securing the Cloud III. Virtualization IV. Mobile Cloud Computing V. User safety & energy consumption VI. Author’s proposal VII. Conclusion Paper Structure February 17, 2017
  • 3. Cloud computing is a model for enabling ubiquitous, convenient, on demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) . Why aren’t more hosts/companies following this model? • A survey indicated that 80% enterprises hesitate to implement cloud due to security and privacy issues[1]. Cloud data security is more complicated than data security in traditional information systems because data is scattered onto different machines. In order to make cloud computing to be adopted by users and enterprises, security concerns of users should be rectified by making cloud environment trustworthy, discussed by Latif et al. in the assessment of cloud computing risks[2]. We address the questions related to: (1) security concerns and threats over general cloud computing, (2) the solutions for these problems and (3) mobile users safety in convergence with energy consumption. Introduction February 17, 2017
  • 4. IaaS, users are allowed to run any applications and operating systems they please. The principal unit of IaaS is the server, which can be physical or virtual. Cloud users are capable of configuring security policies, however cloud vendors must secure their systems to minimize other threats such as deletion, modification [8], [9]. PaaS, is used to motivate developers to create their own programs on top of the platform, while developers must take into account security measures for the applications they build and run [8]. SaaS, is the software that is accessed through the Internet via web browsers, from various devices. The application may be used free of charge or in a “pay as you go” model, depending on the provider’s policy. SaaS users have a limited control in security in comparison with the other two models [8]. PaaS and SaaS are on top of IaaS. All of them are inversely related. As a consequence of this dependency, any violation to any cloud layer can compromise the other layers as well. Cloud Architecture Models February 17, 2017
  • 5. Providers ability to clearly demonstrate the core principles of information security (CIA) namely as: 1. Data Confidentiality, 2. Data Integrity and 3. Data Availability Confidentiality Ensuring user data travelling along the cloud cannot be accessed by unauthorized parties but traditional solutions like identification and authentication are inadequate. Solutions: 1) Proper encryption techniques either symmetric or asymmetric with a fixed key length [10] 2) Zissis propose a combination of the two cryptographic, known as hybrid cryptography [11] 3) Homomorphic encryption, the best solution, since decryption is not needed in users side[12], but its not applied because of having huge impact in power consumption and responsive time[7] Securing the cloud February 17, 2017
  • 6. Integrity, Constitutes another crucial factor, since it refers to protecting data from illegal modification, deletion or fabrication. Solutions: 1) Message Authentication Code (MAC), where a symmetric key provides a check sum appending in the data [10]. 2) Digital Signature, which relies on public key structure. 3) Proofs of Retrievability (PoR), a protocol in which a server proves to a client that the data is intact, by combining error correction and spot-checking [12]. Computationally obstacle for mobile devices. 4) Based on PoR, another approach which is a local client process of encrypting suitable metadata in each data block with a secret key, known only by the authorized user [13]. 5) High Availability Integrity Layer (HAIL) is one more improved mechanism which also uses PoR and overcomes the mobile adversary [14]. Securing the cloud 2 February 17, 2017
  • 7. Availability, Embodies the idea of anywhere and anytime access to data by users, even if there is some misbehavior in the system. Availability bows to three risks factors, which are difficult to detect, including hijacking, DNS attacks and denial of service. Solutions: 1. Bowers et al. advocate that HAIL could also be used for availability, other than integrity [14]. 2. Author in [11] propose a Third Trusted Party which is a legal organization with the aim to amplify security. The security requirement for availability, according to TTP is a combination of Public Key Infrastructure, Lightweight Directory Access Protocol and Single Sign On. 3. As we were conducting our research, we found out that there are no specific solutions for availability issues. The authors propose general solutions for integrity and confidentiality and they imply that availability is guaranteed, only if these two principles are protected. Securing the cloud 3 February 17, 2017
  • 8. Virtualization is an essential part of cloud computing. It can be applied to anything, including memory, networks, storage, hardware, operating systems. It allows users to move, copy, and manipulate Virtual Machines (VMs) at their will. Keeping that in mind, virtualization is an extra layer in cloud that must be secured, since it is more vulnerable for attackers. Issues in Virtualization: 1. The major problem that arises by introducing virtualization in cloud is that during migration, an attacker can compromise the hypervisor (Virtual machine monitor) and transfer VMs to malicious servers. Its after effect is that integrity is violated. 2. Confidentiality could also be compromised due to VM image files. These files are configuration files which are used to create VMs and they reside in the provider’s pool. Any attacker can take advantage of this public pool and create malicious VM images that can contaminate others who download it. A direct consequence of that is sensitive data leakage. 3. Last but not least, other types of attacks are also available, such as denial of service that can tamper with availability [15]. Virtualization February 17, 2017
  • 9. Solutions: 1. Hypervisor is a software, which is responsible for separating every VM (isolation). Hashizume et al. [8] suggest that keeping a hypervisor simple and small reduces the chances of violating CIA. 2. The writers in [3], [16] propose the hyper safe approach, which provides hypervisor control-flow integrity by using two techniques. The first one protects the hypervisor’s code and data by locking down write protected memory pages and the second one restricts indexing in order to convert the control data into pointer indexes. 3. Another accepted solution to prevent this is the Advanced Cloud Protection System (ACPS), which is suggested by Lombardi and Pietro [15]. The purpose of this framework is to monitor cloud components and defend VMs against intruders and attacks such as worms, Trojans and viruses. Virtualization 2 February 17, 2017
  • 10. MCC, refers to a new infrastructure platform for combining both, cloud computing and mobile devices where data storage and data processing happen outside of the mobile device [17], [18]. Regarding the definition, Cloud computing exists when tasks and data are kept on the Internet rather than on individual devices, providing on-demand access. Applications are run on a remote server and then sent to the user [17]. It can be thought of as a combination of the cloud computing and mobile environment. The cloud can be used for power and storage, as mobile devices don’t have powerful resources compared to traditional computation devices. As the computing has been moved surrounding mobile cloud computing, the attacks and malware shifted their targets toward mobile cloud computing [19]. Mobile cloud computing February 17, 2017
  • 11. Since mobile cloud computing is a combination of mobile networks and cloud computing, the security related issues are then divided into two categories: • 1. Mobile user’s security on network. • 2. Cloud security issues (discussed before) Offloading is one of the main advantages of mobile cloud computing to improve the battery lifetime for the mobile devices. Most authors propose of using security software into the cloud for securing mobile clients and we agree partially with this philosophy. Before mobile users could use a certain application, it should go through some level of threat evaluation. All file activities to be sent to mobile devices will be verified if it is malicious or not. However there are many related issues about efficiency under environmental changes. For example a code compilation, offloading might consume more energy in order to send data to the cloud, than that of local processing when the size of codes is small Users safety and energy consumption February 17, 2017
  • 12. A research by A. Rudenko et al. [20] shows that offloading is not always the best way to save energy, and this is an issue for mobile users. Solutions in security regarding energy consumption 1. K. Kumar suggests a partitioning program, based on the estimation of the energy consumption before the program execution. The optimal partitioning program for offloading is calculated based on the trade-off between the communication and computation costs [21] 2. Authors in [22], present a partitioning pattern to offload computational tasks on mobile devices. The idea of this pattern is a construction of a cost graph with objective to minimize the computation and data communication cost with an algorithm that prunes the search space to obtain an approximated solution. Users safety and energy consumption 2 February 17, 2017
  • 13. Based on mobile cloud computing definition and under its offload advantage, in order to secure clients we propose running security software on both client device and offloaded in cloud, instead of running anti-virus software just only locally or remote on cloud. There will be a heuristic algorithm like genetic algorithm for solving the optimization problem between locally computation consumption and network communication energy consumption. This algorithm should find the approximate best solution about energy efficiency for the mobile user. In case the local computation energy consumption is less that the network communication offload, the security software will run tasks locally and simultaneously the security software on cloud will be deactivated. In contrast, if the network communication offload consumption is less that local computation consumption then the local security software tasks will be disabled and the security software for the mobile clients will be running on cloud. Authors perspective February 17, 2017
  • 14. Answers: • As an answer to our first question, we discussed concerns on cloud are concentrated on violation of CIA and threats. • As for the second question, we demonstrated a number of solutions for each section separately in order be obvious the insurance of each principle. • As for the third question, data security and client’s security coupled and proposed a security method for mobile users without increasing the overall energy consumption. Despite the huge evolution that cloud has brought in computer science, certain security hinders raise concerns. From our research we could claim that effective solutions for security already exist in all sections. However, some of them affect the performance of the systems, consequently they are not applied. Thus, instead of striving to find new solutions, researchers could focus on how the existing solutions can be implemented in cloud without deteriorating system performance and local power consumption. Conclusion February 17, 2017
  • 15. [1] “80% of Enterprises Can’t Rely on Perimeter Security to Protect Cloud Infrastructures Survey Finds - CloudPassage.” [Online]. Available: https://www.cloudpassage.com/press-releases/80-of-enterprises-cant- rely-onperimeter-security-to-protect-cloud-infrastructures-survey-finds. [2] R. Latif, H. Abbas, S. Assar, and Q. Ali, “Cloud computing risk assessment: a systematic literature review,” in Future Information Technology, pp. 285– 295, Springer, Berlin, Germany, 2014. [3] J. Scanlon and B. Wieners, “The internet cloud,” The Industry Standard, Tech. Rep., 1999. [4] L.M. Vaquero, L. Rodero-Merino, J. Caceres, and M. Lindner, “A break in the clouds: towards a cloud definition,” SIGCOMM Comput. Commun. Rev., vol. 39, 2009, pp. 50–55. [5] P. Mell and T. Grance, “The NIST Definition of Cloud Computing Recommendations of the National Institute of Standards and Technology,” Natl. Inst. Stand. Technol. Inf. Technol. Lab., vol. 145, p. 7, 2011. [6] S. Ramgovind, M. M. Eloff, and E. Smith, “The management of security in Cloud computing,” 2010 Inf. Secur. South Africa, pp. 1–7, 2010. [7] F. Sabahi, “Cloud computing security threats and responses,” 2011 IEEE 3rd Int. Conf. Commun. Softw. Networks, pp. 245–249, 2011. References February 17, 2017
  • 16. [8] K. Hashizume, D. G. Rosado, E. Fernández-Medina, and E. B. Fernandez, “An analysis of security issues for cloud computing,” J. Internet Serv. Appl., vol. 4, no. 1, p. 5, 2013. [9] B. R. Cyril and S. B. R. Kumar, “Cloud Computing Data Security Issues Challenges , Architecture and Methods- A Survey,” pp. 848–857, 2015. [10] S. A. Almulla and C. Y. Yeun, “Cloud computing security management,” Eng. Syst. Manag. Its Appl. (ICESMA), 2010 Second Int. Conf., pp. 1–7, 2010. [11] D. Zissis and D. Lekkas, “Addressing cloud computing security issues,” Futur. Gener. Comput. Syst., vol. 28, no. 3, pp. 583–592, 2012. [12] X. Zhifeng and X. Yang, “Security and Privacy in Cloud Computing,” Commun. Surv. Tutorials, IEEE, vol. 15, no. 2, pp. 843–859, 2013. [13] R. S. Kumar and A. Saxena, “Data integrity proofs in cloud storage,” Int. Conf. Commun. Syst. Networks, pp. 1–4, 2011. [14] K. D. Bowers, A. Juels, and A. Oprea, “Hail,” Proc. 16th ACM Conf. Comput. Commun. Secur. - CCS ’09, vol. 489, p. 187, 2009. K. D. Bowers, A. Juels, and A. Oprea, “Hail,” Proc. 16th ACM Conf. Comput. [15] F. Lombardi and R. Di Pietro, “Secure virtualization for cloud computing,” J. Netw. Comput. Appl., vol. 34, no. 4, pp. 1113–1122, 2011. References February 17, 2017
  • 17. [16] Z. Wang and X. Jiang, “HyperSafe: A lightweight approach to provide lifetime hypervisor control-flow integrity,” Proc. - IEEE Symp. Secur. Priv.,pp.380–395,2010. [17] H. T. Dinh, C. Lee, D. Niyato and P. Wang, "A survey of mobile cloud computing: architecture, applications, and approaches", Wireless Communications and Mobile Computing - Wiley, (2011) October [18] Fernando, Niroshinie, Seng W. Loke, and Wenny Rahayu. "Mobile cloud computing: A survey." Future Generation Computer Systems 29.1 (2013): 84-106. [19] K. H. Jashizume, D. Rosado, E. Fernandez-Medina, and B. nEduardo, “An analysis of security issues for cloud computing,” Journal of Internet Services and Applications, vol. 4, no. 5, pp. 1-13, 2013. [20] A. Rudenko, P. Reiher, G. J. Popek, and G. H. Kuenning, “Saving portable computer battery power through remote process execution, “Journal of ACM SIGMOBILE on Mobile Computing and Communications Review, vol. 2, no. 1, January 1998. [21] K. Kumar and Y. Lu,“Cloud Computing for Mobile Users: Can Offloading Computation Save Energy,”IEEE Computer Society, vol.43, no. 4, April 2010. References February 17, 2017
  • 18. [22] Z. Li, C. Wang, and R. Xu, “Computation offloading to save energy on handheld devices: a partition scheme,” in Proceedings of the 2001 international conference on Compilers, architecture, and synthesis for embedded systems (CASES), pp. 238 - 246, November 2001 References February 17, 2017