Security of Cloud Virtualized Resource on a SaaS Encryption Solution
Science Journal of Energy Engineering
Volume 6, Issue 1, March 2018, Pages: 8-17
Received: Feb. 22, 2018; Accepted: Mar. 9, 2018; Published: Apr. 3, 2018
Views 827      Downloads 35
Authors
Chinedu Paschal Uchenna, Department of Computer Science, Wellspring University, Benin City, Nigeria
Nwankwo Wilson, Department of Computer Science, Wellspring University, Benin City, Nigeria
Article Tools
Follow on us
Abstract
Protection of user data against data breaches in cloud applications and the potential security failures of the service providers coupled with heightened cloud user apprehension, have in no small degree defied measures taken to demystify cloud services as to unveil its enormous capacity and awesome benefits such as accessibility, availability, collaboration, to name a few. The security of the cloud infrastructure entails protecting cloud data from unauthorized access, preventing malicious programs from corrupting the virtual resource and ensuring the secure cloud data remains unintelligible to any unauthorized access or intrusion by malicious users. This paper is aimed at building a cryptographically secure cloud application environment. Its major objective is to design and implement an encryption system for protecting valuable data (such as passwords, messages, files) in the cloud environment. The design and implementation extended some basic security and privacy requirements including data confidentiality, integrity, and availability by considering fairness as a viable factor. This paper employed the Structured Systems Analysis and Design Methodology (SSADM) in the software development life. It evolves a novel cryptographically-secure cloud algorithm based on a proposed “Deciv Algorithm” tagged “D65- Enc” algorithm that would effectively hide meaningful user data from all external parties to a virtual network as well as the service provider by putting control in the hands of users. The algorithm is carefully crafted to frustrate any cryptanalyst, hacker or cybercriminal who would try to decipher the algorithm. This implementation is expected to assist cloud users in maintaining control over their data whether at rest or in transit within the cloud networks rather than outsource control to external vendors as usual. Moreover, this algorithm also improves the existing state of data privacy, and security in the cloud.
Keywords
Cloud Computing, Cloud Security, Encryption, Algorithms
To cite this article
Chinedu Paschal Uchenna, Nwankwo Wilson, Security of Cloud Virtualized Resource on a SaaS Encryption Solution, Science Journal of Energy Engineering. Vol. 6, No. 1, 2018, pp. 8-17. doi: 10.11648/j.sjee.20180601.12
Copyright
Copyright © 2018 Authors retain the copyright of this article.
This article is an open access article distributed under the Creative Commons Attribution License (http://creativecommons.org/licenses/by/4.0/) which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.
References
[1]
Sample, C. (2012) “IaaS security puts spotlight on hypervisor security, tenant Management” [Online]. Available from http://searchcloudsecurity.techtarget.com/tip/IaaS-security-puts-spotlight-on-hypervisor-security-tenant-management [Accessed: August 16, 2012]
[2]
Nolle, T. (2012) “Pros and cons of a non-VM-based IaaS model” [Online]. Available from http://searchcloudcomputing.techtarget.com/tip/Pros-and-cons-of-a-non-VM-based-IaaS-model [Accessed: 23 February, 2018]
[3]
Reilly, D.; Wren, C. & Berry, T. (2011) “Cloud Computing: Pros and Cons for Computer Forensic Investigations”, International Journal Multimedia and Image Processing Vol. 1, Issue 1
[4]
Siddiqui, M. (2011). Cloud Computing Security: [Online] Final paper submitted spring 2011. Available from: http://blogs.techconception.com/manny/content/binary/Manny%20Siddiqui%20-%20Cloud%20Computing%20Security.pdf [Accessed: 20 May 2011]
[5]
Warr (2009). Cloud computing. Available from http://www.qsarworld.com/files/Cloud-computing.pdf [Accessed: 14 August 2012]
[6]
Samson, T. (2013) “9 top threats to cloud computing security. Conference processing by Cloud Security Alliance”[Online]. Available from http://www.infoworld.com/t/cloud-security/9-top-threats-cloud-computing-security-213428?page=0,0 [Accessed: 05/06/2014]
[7]
IBM Research (2011) “Protocols for Secure Cloud Computing: Christian Cachin, Zurich” [Online]. Available from http://www.zurich.ibm.com/~cca/talks/metis2011.pdf [Accessed: 21 May 2013]
[8]
Frye, S. (2013) “Crypton for developers: Toward cryptographically- secure cloud apps”[Online]. Available at: http://www.techrepublic.com/blog/linux-and-open-source/crypton-for-developers-toward-cryptographically-secure-cloud-apps/ [Accessed: 27/05/2014]
[9]
Violino, B(2018) “The dirty dozen: 12 top cloud security threats for 2018”[online]. Available at: https://www.csoonline.com/article/3043030/security/12-top-cloud-security-threats-for-2018.html. [Accessed 7 March 2018]
[10]
Hellman, M. E. (1980) “A cryptanalytic time-memory trade-off. Information Theory”, IEEE Transactions, Vol. 26, Issue: 4
[11]
AL Beshri, A. M. (2013) Outsourcing data storage without outsourcing trust in cloud Computing, A Thesis submitted in partial fulfilment of the Requirements of Queensland University of Technology for the Degree of Doctor of Philosophy. Available from http://eprints.qut.edu.au/61738/ [Accessed: June 05, 2017]
[12]
Paar, C.; Pelzl, J. & Preneel, B. (2010) Understanding Cryptography: A Textbook for Students and Practitioners, Springer
[13]
Graham, R. D. (2011). "Password cracking, mining, and GPUs"[Online]. Available from http://www.erratasec.com [Accessed: 17 August 2011]
[14]
Ristic (2010) “Internet SSL Survey 2010 Black Hat USA” [Online]. Available from https://media.blackhat.com/bh-us-10/presentations/Ristic/BlackHat-USA-2010-Ristic-Qualys-SSL-Survey-HTTP-Rating-Guide-slides.pdf [Accessed: August 02, 2014]
[15]
Chinedu, P. U. (2015) Modelling a Secured Cloud-based Framework for ICT intensive Virtual Organization. A Thesis submitted in partial fulfilment of the Requirement of Federal University of Technology, Owerri for the Degree of Doctor of Philosophy. (Unpublished)
[16]
Cloud Standards Customer Council(2017) “Security for Cloud Computing: Ten Steps to Ensure Success”[online]. Available at: http://www.cloud-council.org/deliverables/CSCC-Security-for-Cloud-Computing-10-Steps-to-Ensure-Success.pdf. [Accessed 7 March 2018]
ADDRESS
Science Publishing Group
1 Rockefeller Plaza,
10th and 11th Floors,
New York, NY 10020
U.S.A.
Tel: (001)347-983-5186