Security issues in cloud computing thesis

Students will gain both practical engineering knowledge and theoretical insights into secure systems engineering, distributed application development, network and service architectures, and cloud and mobile platforms. We believe in combining theoretical knowledge and security expertise with product development skills.

The studies are also closely linked with research at Aalto University. More specifically, the learning outcomes are the following:. The major covers fundamental concepts, methods and the latest technologies on secure systems engineering, distributed application development, ubiquitous computing, network and service architectures, ubiquitous computing, and cloud and mobile computing platforms.

The studies are closely bound to the research done by the teachers, for example, on the Internet of Things, pervasive and ubiquitous computing, cloud platforms and services, mobile platform security, and network security. Special attention is paid to security and privacy issues as they are critical requirements in developing and deploying services in open networks and distributed systems. The teaching methods combine theory with hands-on exercises and software development on cloud platform and mobile devices.

Students also practice writing and presentation skills and learn to follow the latest research. Engineers must be able to apply theoretical knowledge to real world engineering tasks. Therefore, the program combines theoretical studies with continuous hand-on exercises and projects where the new knowledge is applied.

In the courses that involve classroom teaching, it takes varied forms from traditional lectures and exercise sessions to discussion of group projects and student presentations. All students participate in a seminar course where students learn to write a technical or research article and present their own work. The studies include opportunities for networking with local and European companies. Long-term viability: It alludes to the capability to withdraw an agreement and all information if the current supplier is bought out by another firm.

Investigative support: In case a customer suspects defective movement from the supplier, he might not have numerous legitimate ways seek after an investigation.

Essay writing rubric grade 7

Recovery: Each supplier ought to have a disaster recovery convention to ensure client data is protected in case of a disaster also. Privileged user access: Data transmitted from the customer through the Internet represents a certain level of risk, in view of issues of information possession; ventures ought to invest time getting to know their suppliers and their regulations however much as could be expected before allotting some trivial applications.

Risks In Cloud Computing The six specific areas of cloud computing where substantial security attention is required is are as foolows 1. Security of data in transit. Security of data at rest. Cloud legal and regulatory issues. Robust separation between data belonging to different customers. Incedent response.

Cloud security - An approach with modern cryptographic solutions

The information and data that is stored on the Cloud is important to people with noxious intent so security is very important in cloud environment. A considerable measure of conceivably secure information and particular data is put away on Pcs, and this basic data is currently being put away and exchanged to Cloud. So understanding the security measures that the Cloud provider uses is very important. The principal thing that must be dealt with is the efforts to establish safety that the cloud supplier recently has set up.

These efforts to establish safety that cloud service provider give change from supplier to supplier and around the different types of Clouds. Some of the important issues [6] are: 1. What are the encryption methods that providers are using? How is the actual hardware where data wil be stored is protected?

Is the backup provided for data that is stored in cloud?

  • dream house essay spanish;
  • uchicago creative writing supplement.
  • essays conclusion of endangered species.
  • To implement a Multi-level Security in Cloud Computing using Cryptography Novel Approach!
  • Topics in Cloud Computing for Thesis and Research.
  • thesis by published papers;

Are the firewalls set up? In case of a community Cloud, how is the information from one company separated from other company? Standard terms and conditions as characterized by the cloud suppliers may address these inquiries. The home client for the most part have exceptionally little negotiation room to talk about the terms and condition in their Cloud contract while a small business client generally have slightly more room to discuss terms and conditions and large have marginally more room to examine the terms of their 7.

By subscribing to the Cloud the control of data is given to some outside source. This separation between cloud user and the physical location of information stored in cloud makes a hindrance and in the meantime more space is made for an outsider to get to critical data. Therefore, currently security is one of the biggest challanges in cloud computing.

Top Five Emerging Cybersecurity Challenges - Srini Sampalli - TEDxDalhousieU

However, to take the advantage of the benifits provided by the cloud it is required to transfer the direct control of users data in the cloud. Objective to improve the key management and data security in cloud computing based on advanced secret sharing key management algorithm. Our proposed method helps to give better fault tolerance against Byzantine attacks,server colluding and data modification attacks.

The thesis is organized in the following way chapter 2 describes the existing architecture and literature review that was done for this thesis. In chapter 3 the proposed model and how the methods is applied to make system more secure is discussed. In Chapter 4 the implementationand results are discussed. Finally chapter 5 concludes with the summary of work done. In this chapter overview of cloud computing is given which includes types of clouds, characteristics of cloud, architecture of cloud, security and risk issues, motivation and objective of our work.

One of the most challenging problems of cloud service solicitation is to persuade users to trust the security of cloud service and upload their sensitive data. Although cloud service providers can claim that their services are well-protected by elaborate encryption mechanisms, traditional cloud systems still cannot persuade the users that even if the cloud servers are compromised, the data are still securely protected [17]. Key management is the toughest part to manage in cryptosystems.

In order to manage the encryption keys securely, enterprises need to employ encryption in their cloud environment, while maintaining secure off-site storage of their encryption keys. Keys should never be stored in the same place as encrypted data.


The keys used for encrypting sensitive customer data should be managed effectively by periodic key rotation, and re-encryption of data with new keys. Employees should be not be given more access than what is needed to complete their tasks. Morsy et al, investigated cloud computing problems from the cloud architecture [13], cloud offered characteristics, cloud stakeholders, and cloud service delivery models perspectives. This chapter is organized as follows:Section 2. Section 2. In section 2. One of the critical aspect of cloud computing is the secure management of the resources that are associated with cloud services.

One of the main tasks of secure management is cryptographic operations. Hence, while self configurable resources, elastic capablities and ubiquitous computing isprovided by cloud services at a lower cost, they also entail performing several cryptographic operations for the following: To provide secure storage of data that is processed by those services.

To provide secure interaction of the cloud consumer with various services. The above functions [12] can increase the complexity of the key management system KMS required to support the cryptographic operations for these functions for the above because differences in control and ownership of underlying infrastructures on which the resources and KMS are located.

Selective distribution of keys and encryption that is utilized for security of critical information is a essential system for restricting access to data. Data information is given to encryption algorithm and a few transformations are performed on it utilizing a cryptographic key. A figured content is produced in this procedure. There is no simple approach to recover the original message from the figured content other than by knowing the right decryption key [14].

There are a few diverse methodologies to group key management and these could be partitioned into three fundamental classes: 1. Centralized group key management protocols: In this protocol single entity controls the whole group, hence this protocol minimizes the bandwidth Decentralized architectures: In decentralized architectures a large group is separated into small subgroups and these subgroups are overseen separate subgroup administrators which minimizes the issue of concentrating the work load in a solitary spot.

Distributed key management protocols: In this architecture the key management task is performed by the members themselves and no explicit KDC is required[8]. Some of the issues [15] with encryption key management in the cloud. In the cloud platform, there is always a possibility of insider attack. The keys for all accounts need to be managed properly.

The challenge is to. Another issue with key management is availability. If a system goes offline,. There needs to be key cache in order to retrieve keys, even in the event that a system goes offline. Byzantine failure [17] is very common fault in cloud servers. A storage. Server colluding and data modification attacks are also very common in. Encryption keys should never be stored in the same place as encrypted data. Employees should be not be given more access than what is needed to com-.

Byzantine failure is very common fault in cloud servers,in which a storage server can fail in arbitrary ways. On occurance of a byzantine failure system responds in an unpredictable way[19]. At the point when a Byzantine failure has happened, the framework may react in any erratic way, unless it is intended to have Byzantine fault tolerance. The cloud is also inclined to data modification and server colluding attack in which the storage servers can be compromised by the adversary, as a result of which dat files can be modified as long as they are internally consistent.

For providing secure storage of data in cloud storage server , the data should be encrypted. In , Liu [8] considered the following problem: Eleven scientists are working on a secret project.


They wish to lock up the documents in a cabinet so that the cabinet can be opened, if and only if, six or more of the scientists are present. What is the smallest number of locks needed?

What is th smallest number of keys to the locks each scientist must carry? If five scientists are considered together and there is a specific lock which they cannot open. If we consider a particular scientist, he must have the keys of those. So, the minimal solution requires locks and keys per 14 scientist. This is clearly impractical, and if number of scientists increases it can become exponentially worse. The original share cannot be recovered in case if one or more of the participants are missing, A scheme in which contribution of all the participants is required is known as a perfect secret sharing scheme.

Threshold secret sharing scheme In Shamir [7] and Blakley [16] introduced the concept in order to make the message more secure. This scheme is called a k; n -threshold scheme. The parameter k in k,n is called the threshold value.