Cloud Security: Threats, Attacks and Mitigation
K. K. Chauhan1 , A. K. S. Sanger2
- Computer Science & Engineering, Meerut Institute of Engineering & Technology, Meerut, India.
- Computer Science & Engineering, Meerut Institute of Technology, Meerut, India.
Section:Review Paper, Product Type: Journal Paper
Volume-6 ,
Issue-5 , Page no. 473-478, May-2018
CrossRef-DOI: https://doi.org/10.26438/ijcse/v6i5.473478
Online published on May 31, 2018
Copyright © K. K. Chauhan, A. K. S. Sanger . This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.
View this paper at Google Scholar | DPI Digital Library
How to Cite this Paper
- IEEE Citation
- MLA Citation
- APA Citation
- BibTex Citation
- RIS Citation
IEEE Style Citation: K. K. Chauhan, A. K. S. Sanger, “Cloud Security: Threats, Attacks and Mitigation,” International Journal of Computer Sciences and Engineering, Vol.6, Issue.5, pp.473-478, 2018.
MLA Style Citation: K. K. Chauhan, A. K. S. Sanger "Cloud Security: Threats, Attacks and Mitigation." International Journal of Computer Sciences and Engineering 6.5 (2018): 473-478.
APA Style Citation: K. K. Chauhan, A. K. S. Sanger, (2018). Cloud Security: Threats, Attacks and Mitigation. International Journal of Computer Sciences and Engineering, 6(5), 473-478.
BibTex Style Citation:
@article{Chauhan_2018,
author = {K. K. Chauhan, A. K. S. Sanger},
title = {Cloud Security: Threats, Attacks and Mitigation},
journal = {International Journal of Computer Sciences and Engineering},
issue_date = {5 2018},
volume = {6},
Issue = {5},
month = {5},
year = {2018},
issn = {2347-2693},
pages = {473-478},
url = {https://www.ijcseonline.org/full_paper_view.php?paper_id=2007},
doi = {https://doi.org/10.26438/ijcse/v6i5.473478}
publisher = {IJCSE, Indore, INDIA},
}
RIS Style Citation:
TY - JOUR
DO = {https://doi.org/10.26438/ijcse/v6i5.473478}
UR - https://www.ijcseonline.org/full_paper_view.php?paper_id=2007
TI - Cloud Security: Threats, Attacks and Mitigation
T2 - International Journal of Computer Sciences and Engineering
AU - K. K. Chauhan, A. K. S. Sanger
PY - 2018
DA - 2018/05/31
PB - IJCSE, Indore, INDIA
SP - 473-478
IS - 5
VL - 6
SN - 2347-2693
ER -
VIEWS | XML | |
1131 | 340 downloads | 150 downloads |
Abstract
With tremendous growth of cloud computing in IT industries, cloud security has become one of the major issues that garnered noticeable attention of researchers from industries as well as academia. Cloud computing technology is vulnerable to number of security threats and attacks. Security challenges are major barriers in the adaptation of cloud computing model. Security issues are related to virtualization, network and data including eavesdropping, masquerading, privacy, confidentiality, availability of resources, access control, and identity management. In cloud computing, data are stored on a remote server and accessed through public network. Many of the cryptographic based solutions such as encryption/decryption and digital signature for authentication have been developed. In this paper, we have identified and discussed number of security issues such as authentication, access control, data confidentiality, data integrity, identity management, legal and contractual issues, data breaches, data theft, and unavailability. Moreover, we have also discussed some possible solutions to the security issues and their feasibility and security analysis in real time cloud environment.
Key-Words / Index Term
Cloud, Data, Security, Threats, Attacks, Mitigation
References
[1]. P. Mell, T. Grance, “NIST Definition of Cloud Computing”, 2011.
[2]. “Top Threats to cloud Computing”, Cloud Security Alliance (CSA), 2010.
[3]. Y. Ghanam, J. Ferreira, F. Maurer, “Emerging issues & challenges in Cloud- A hybrid approach”. Journal of software engineering and applications, vol. 5, no. 11, pp.923-937, 2012.
[4]. McAfee Labs Threats Reports, 2016.
[5]. L. Wei, H. Zhu, Z. Cao, X. Dong, W. Jia, Y. Chen, A.V. Vasilakos, “Security and privacy for storage and computation in cloud computing”, ACM International Journal of Information Science, vol. 258, pp.371–386, 2014.
[6]. S. Sajithabanu, E. G. P. Raj, “Data Storage Security in Cloud”. International Journal of Computer Science and Technology, vol. 2, no. 4, pp.37-44, 2011.
[7]. S. Ruj, A. Nayak, V. Stojmenovic, “DACC: Distributed Access Control in Clouds”. In the proceeding of International Joint Conference of IEEE TrustCom, pp.91-98, 2011.
[8]. C. Gentry, “A Fully Homomorphic Encryption Scheme”, 2009.
[9]. P. Paillier, “Public-key Cryptosystems based on Composite Degree Residuosity Classes”. In the proceeding of International Conference on Theory and Application of Cryptographic Techniques, Heidelberg: Springer-Verlag, pp.223–238, 1999.
[10]. R. Rivest, A. Shamir, L. Adleman, “A Method for Obtaining Digital Signatures and Public-key Cryptosystems”. Communications of the ACM, vol. 2, pp.120–12, 1978.
[11]. S. Halevi and V. Shoup, “Design and Implementation of a Homomorphic - Encryption Library”, Nov, 2012.
[12]. R.D. Dhungana, A. Mohammad, A. Sharma, I. Schoen, “Identity management framework for cloud networking infrastructure”. In the proceeding of IEEE International Conference on Innovations in Information Technology, South Africa, pp.13–17, 2013.
[13]. G. Wang, Q. Liu, J. Wu, “Hierarchical Attribute-Based Encryption for Fine-Grained Access Control in Cloud Storage Services”, In the proceeding of 17thACM conference on Computer and communications Security, USA, pp.735-737, 2010.
[14]. Z. Wan, J. Liu, R.H. Deng, “HASBE: a hierarchical attribute-based solution for flexible and scalable access control in cloud computing”. IEEE Transaction Information Forensics Section, vol. 7, no. 2, pp.743–754, 2012.
[15]. Boneh, Dan, M. Franklin, “Identity-based encryption from the Weil pairing”, SIAM Journal on Computing”, vol. 32, no.3, pp.586-615, 2003.
[16]. Q. Liu, G. Wang, J. Wu, “Time-based proxy re-encryption scheme for secure data sharing in a cloud environment”, ACM International Journal Information Science, vol. 258, pp.355–370, 2014.
[17]. M. Rak, N. Suri, J. Luna, D. Petcu, V. Casola, U. Villano, “Security as a service using an SLA-based approach via SPEC”.In the proceeding of 5th IEEE International Conference on Cloud Computing Technology and Science, UK, pp.1-6, 2013.
[18]. M.L. Hale, R. Gamble, “Secagreement: advancing security risk calculations in cloud services”. In the proceeding of 8th IEEE World Congress on Services, pp.133-140, 2012.
[19]. “Best Practice for Mitigating Risks in Virtual Environments”, Cloud Security Alliance (CSA), April, 2015.
[20]. Z. Tari, “Security and privacy in cloud computing”. IEEE Cloud Computing, vol. 1, no. 1, pp.54–57, 2014.
[21]. A. Singh, K. Chatterjee, “Cloud security issues and challenges: a survey”. Elsevier Journal of Network and Computer Application, vol. 79, no. 1, pp.88-115, 2016.
[22]. K. K. Chauhan, A. Sanger, A. Verma, “Homomorphic Encryption for Data Security in Cloud Computing”, In the proceeding of 14th IEEE International conference on Information Technology, India, pp.206-209, 2015.
[23]. S. Subashini, V. Kavitha, “A Survey on Security issues in Service delivery models of Cloud Computing”, Elsevier Journal of Network and Computer Applications, vol. 34, pp.1-11, 2011.
[24]. N. Jain, P. Sharma, “A Security Key Management Model for Cloud Environment”, International Journal of Scientific Research in Computer Science and Engineering, vol.5, issue.1, pp.45-48, Feb-2017.
[25]. S. Kathuria, “A Survey on Security Provided by Multi-Cloud in Cloud Computing”, International Journal of Scientific Research in Network Security and Communication, vol.6, issue.1, pp.23-27, Feb-2018.
[26]. M.A. Khan, “A Survey of Security issues for Cloud Computing”, Elsevier Journal of Network and Computer Applications, vol. 71, pp. 11-29, 2016.