SlideShare a Scribd company logo

Secure hash based distributed framework for utpc based cloud authorization

IAEME Publication
IAEME Publication

This document discusses secure authorization for cloud computing using smartphones. It proposes a distributed framework that uses a Unit Transaction Permission Coin (UTPC) as a security token for cloud user authorization. The UTPC is generated using a hash function like SHA or MD5, making it difficult for intruders to break. The framework registers and authenticates trusted smartphone devices using their IMEI and IMSI identifiers in an untrusted computing environment. The resulting UTPC-based authorization method is lightweight and compatible with real-time cloud applications.

1 of 12
Download to read offline
INTERNATIONAL JOURNAL OF COMPUTER ENGINEERING & International Journal of Computer Engineering and Technology (IJCET), ISSN 0976 – 6367(Print), TECHNOLOGY (IJCET) ISSN 0976 – 6375(Online) Volume 3, Issue 3, October-December (2012), © IAEME ISSN 0976 – 6367(Print) ISSN 0976 – 6375(Online) Volume 3, Issue 3, October - December (2012), pp. 54-65 IJCET © IAEME: www.iaeme.com/ijcet.asp Journal Impact Factor (2012): 3.9580 (Calculated by GISI) ©IAEME www.jifactor.com SECURE HASH BASED DISTRIBUTED FRAMEWORK FOR UTPC BASED CLOUD AUTHORIZATION C. Lalrinawma Dr. Masih Saikia Dept of Computer Sciences. HOD. Dept. of Computer Sciences Govt. Zirtiri Residential Science College Pragjyotish College Mizoram, India Guwahati, India E-Mail: lalrinawma.gzrsc@gmail.com ABSTRACT The paper introduces a cloud-enabled framework for parameterized security in large-scale Smartphone based wireless sensor network. The research work also highlights some of the effective implementation of service broker included in aggregation service in sensor network. The cumulative collected throughput information is considered to be forwarded to the cloud users using conventional cloud interfaces. A cloud interface is built with newly introduced concept of Unit Transaction permission coin (UTPC) as a security token for cloud user authorization that is integrated in Android platform (v2.2). The UTPC generation process includes hash function (SHA/MD5) that is most difficult to break by any intruder. The empirical process consists of registration and authentication phase using micro-platform computation in untrusted environment considering the IMEI and IMSI of the considered trusted handheld device. The result accomplished is unique and lightweight that is easily compatible with any real time application that runs on cloud environment. Keywords-: Smartphone, Android, Cloud Computing, Cloud Security, SHA, MD5, Hash Function. I. INTRODUCTION Cloud computing [1] gets its name from the drawings usually accustomed illustrate the internet. Cloud computing may considered as a new consumption and delivery model for IT services. The idea of cloud computing represent a shift in paradigm where the end user need not 54
International Journal of Computer Engineering and Technology (IJCET), ISSN 0976 – 6367(Print), ISSN 0976 – 6375(Online) Volume 3, Issue 3, October-December (2012), © IAEME recognize the main points of a selected technology. The service is totally managed by the supplier. Users will consume services at a rate that's set by their explicit requirements. Such on-demand services are often provided at any time. There is an critical need to ensure secure storage, managing, sharing and analyzing the huge amounts of complicated (e.g., semi-structured and unstructured) information to work out patterns and trends so as to enhance the standard of care, higher safeguard the state and explore energy. Attributable to the essential nature of the applications, it is vital that cloud platform should be secure. The main security challenge with cloud application is that the owner of the information might not have control management of wherever the information is located. This is often as a result of if one desire to take advantage of the advantages of victimization cloud computing, one should additionally utilize the resource allocation and programming provided by clouds. Therefore, if user wants to safeguard the information within the interior of untrusted processes, the security protocols within client interface should be stressed more. The rising cloud computing model tries to deal with the explosive growth of web-connected devices, and handle huge amounts of knowledge [2]. With the increased pervasiveness of sensory devices for military and civilian uses comes the demand for effective processing of the large amounts of data they collect. This demand can only be met with the low-cost computing resources offered by today’s cloud computing systems. Today’s cloud [3] can already support data-intensive computing at a low cost: for example, a large-scale computing task can be accomplished on Amazon’s Elastic Compute Cloud (EC2) [4] at an expense as low as 10 cents per CPU hour. So far little effort has been made in applying the ultra cost effective cloud platform towards analyzing and managing sensor data. Recently, we have made the first step towards building a practical sensor cloud system. Different from prior work on sensor networks, we assume that sensors communicate directly with a proxy or broker on a cloud. In our research, we consider a group of sensors organized as a hierarchical structure or some types of partitions, which communicate with their cloud proxies through wireless channels. The sensor platforms studied in our research are ones with multiple sensors that can each measure different properties of the environment. For example, we might have GPS for positioning, microphones for sound, laser-range finders for scanning surroundings, temperature indicators, wireless radios etc. We can imagine a host of different autonomous and manned devices that contain these sensors including vehicles, robots, smart-grid nodes, mobile computers, and smart phones. For each device, we have a number of different sensors that can provide different environmental readings on a near continuous basis, further these hosts all contain reasonable computational power and power supplies for continuous function. Finally, they all have reliable cellular network conductivities. We imagine that these hosts are continually collecting data from their environment, performing some level of data processing and publishing the outcomes to a cloud for further analysis or data storage. For the purposes of our studies, we examine modern Android smart phones as exemplar hosts in our work. Cloud computing exhibit five essential characteristics defined by NIST (National Institute of Standards and Technology) [5]. a) On-demand self-service. A consumer can unilaterally provision computing capabilities. b) Broad network access. Capabilities are available over the network and accessed through standard mechanisms that promote use by heterogeneous thin or thick client platforms. c) Resource pooling. The provider’s computing resources are pooled to serve multiple consumers, with different physical and virtual resources dynamically assigned and reassigned according to consumer demand. d) Rapid elasticity. Capabilities can be rapidly and elastically provisioned, in some cases automatically, to quickly scale out and rapidly released to quickly scale in. 55
International Journal of Computer Engineering and Technology (IJCET), ISSN 0976 – 6367(Print), ISSN 0976 – 6375(Online) Volume 3, Issue 3, October-December (2012), © IAEME e) Measured service. Cloud systems automatically control and optimize resource use by leveraging a metering capability at some level of abstraction appropriate to the type of service. Cloud computing can be defined as the provision of computing services via the Internet such as [5] Applications (software-as-a-service, or SaaS), Platforms, Infrastructure (IaaS), Process orchestration and integration Figure 1 shows the proposed open secure architecture of cloud computing which is enhanced version of work done in [6]. The Open Security Architecture cloud computing pattern is an attempt to illustrate core cloud functions, the key roles for oversight and risk mitigation, collaboration across various internal organizations, and the controls that require additional emphasis. The security aspects of cloud computing is as follows: a) Infrastructure Security: The security challenges at various levels namely network level, host level and application level are not specifically caused by cloud computing instead are exacerbated by its use. The issues of infrastructure security and cloud computing can be addressed by clearly defining trust boundaries by understanding which party provides which part of security [5]. b) Data Security and Storage: Data security [10][11] is a significant task, with a lot of complexity. Methods of data protection, such as redaction, truncations, obfuscation, and others, should be viewed with great concern. Not only are there no accepted standards for these alternative methods, but also there are no programs to validate the implementations of whatever could possibly be developed. Homomorphic encryption can be used for data security encryption. But with this approach key management is a problem [5]. c) Identity and Access Management: The key critical success factor to managing identities at cloud providers is to have a robust federated identity management architecture and strategy internal to the organization. Using cloud-based “Identity as a Service” providers may be a useful tool for outsourcing some identity management capabilities and facilitating federated identity management with cloud providers [7]. d) Security Management: From a security management perspective, a key issue is the lack of enterprise-grade access management features. The scope of security management of cloud services will vary with the service delivery model, provider capabilities, and maturity. Customers will have to make trade-offs with respect to the flexibility and control offered by the SPI services. The more flexible the service, the more control you can exercise on the service, and with that come additional security management responsibilities. In a virtualized environment where infrastructure is shared across multiple tenants, your data is commingled with that of other customers at every phase of the life cycle—during transit, processing, and storage. Hence, it is important to understand the location of the service, service-level guarantees such as inter-node communication, and storage access (read and write) latency [5]. e) Privacy: Privacy is an important issue for cloud computing, both in terms of legal compliance and user trust and this need to be considered at every phase of design. The key challenge for software engineers to design cloud services in such a way as to decrease privacy risk and to ensure legal compliance. The following tips are recommended for cloud system designers, architects, developers and Testers [8]. a. Minimize personal information sent to and stored in the cloud. b. Protect personal information in the cloud. c. Maximize user control. 56
International Journal of Computer Engineering and Technology (IJCET), ISSN 0976 – 6367(Print), ISSN 0976 – 6375(Online) Volume 3, Issue 3, October-December (2012), © IAEME d. Allow user choice. e. Specify and limit the purpose of data usage. f. Provide feedback. f) Audit and Compliance: A programmatic approach to monitoring and compliance will help prepare CSPs (Cloud Service Provider) and their users to address emerging requirements and the evolution of cloud business models. To drive efficiency, risk management, and compliance, CSPs need to implement a strong internal control monitoring function coupled with a robust external audit process. To gain comfort over their in-cloud activities, CSP users need to define their control requirements, understand their CSP’s internal control monitoring processes, analyze relevant external audit reports, and properly execute their responsibilities as CSP users [5]. g) Security-as-a-Service: Security-as-a-service is likely to see significant future growth for two reasons. First, a continuing shift in information security work from in-house to outsourced will continue. Second, several other information security needs are present for organizations currently, but they will accelerate in need and complexity with the growing adoption of cloud computing. The two proactive controls are important to the growth of cloud computing: identity management that is inter-cloud and scalable to the cloud size, and (encryption) key management. The two reactive controls are needed for audit and compliance purposes as well: scalable and effective SIEM, and data leakage prevention (DLP). Providing solutions to each of these controls will be difficult and requires significant complexity that must be hugely scalable and yet easy to use [5]. II.PROBLEM DESCRIPTION While cost and ease of use are two great benefits of cloud computing, there are significant security concerns that need to be addressed when considering moving critical applications and sensitive data to public and shared cloud environments. To address these concerns, the cloud provider must develop sufficient controls to provide the same or a greater level of security than the organization would have if the cloud were not used. Listed here are ten items to review when considering cloud computing. As more companies move to cloud computing, look for hackers to follow. Some of the potential attack vectors criminals may attempt include: • Denial of Service (DoS) attacks - Some security professionals have argued that the cloud is more vulnerable to DoS attacks, because it is shared by many users, which makes DoS attacks much more damaging. Twitter suffered a devastating DoS attack during 2009. • Side Channel attacks – An attacker could attempt to compromise the cloud by placing a malicious virtual machine in close proximity to a target cloud server and then launching a side channel attack. • Authentication attacks – Authentication is a weak point in hosted and virtual services and is frequently targeted. There are many different ways to authenticate users; for example, based on what a person knows, has, or is. The mechanisms used to secure the authentication process and the methods used are a frequent target of attackers. • Man-in-the-middle cryptographic attacks – This attack is carried out when an attacker places himself between two users. Anytime attackers can place themselves in the communication’s path, there is the possibility that they can intercept and modify communications. 57
International Journal of Computer Engineering and Technology (IJCET), ISSN 0976 – 6367(Print), ISSN 0976 – 6375(Online) Volume 3, Issue 3, October-December (2012), © IAEME In prior research work, we summarize the security and privacy challenges we face when building a trustworthy sensor-cloud system, which come from the following perspectives: • The environment in which sensors work can be compromised by the adversary. For example, the adversary can artificially reduce or raise temperatures to cause the sensors to collect improper data. • Individual sensors can be vulnerable to attacks. This can happen when the adversary has physical access to the sensors, or remote access through propagating malware. • Information flows within the cloud can be intercepted and stolen or modified by compromised cloud nodes. • The cloud client can be infected by malicious code implanted by an adversary, which can lead to further security breaches within a sensor-cloud system. • The communication channels between the sensors and the cloud and between the client and the cloud are vulnerable to different types of attacks. Even when the data transferred over the channels is fully encrypted: side-channel information leaks constitute creditable threats. The prior research pinpoints a subset of issues within the problem space that need immediately attention. Specifically, we investigated I) techniques for detecting anomalous use of sensors, particularly, when the adversary gains unauthorized physical access to smart phones; ii) we demonstrated that intelligent Smartphone-based malware can be built to “understand” the context of a phone conversation and extract a small amount of high-value information from the context (Given the small quantity of such sensitive information, the malware can deliver it to its master through covert channels, even without direct network access); and iii) prior research shows that even in the presence of Wi-Fi encryption and HTTPS protection, the traffic features of the communication between sensors and the cloud, and between the cloud and its clients can easily be analyzed to infer highly-sensitive user data. III. PROPOSED SYSTEM The proposed system identifies recent progress and follow-up on previously discussed research plans on these fronts, including detection of anomalous use of sensors, and defenses against Smartphone malware and side-channel leaks. 58
International Journal of Computer Engineering and Technology (IJCET), ISSN 0976 – 6367(Print), ISSN 0976 – 6375(Online) Volume 3, Issue 3, October-December (2012), © IAEME Cloud User Access User_ID, Pswd User Unlock Access Authentication UTPC Generated on Stud’s Mobile Matches with the Android Handset Server’s generated Password UTPC Generation Process Password generated SHA Hash Function and entered by the MD5 Hash Function Stud using IMEI, IMSI and using the result of Registration time of SHA function Mobile Phone Generated Challenge Final UTPC for Hash function entered by Send to Stud User UTPC generated by Server Sent to Server and match with UTPC entered by the Stud Figure 1 Proposed Schema The main aim of the project work is to develop an Architectural Model for multi-factor authentication system for secure sensor cloud application, where we will produce unit instance authorization token in the forward direction. The core idea is to produce multiple Unit Transaction Permission Coin (UTPC) from an initial seed in a parallel process with the service provider itself, e.g., an online bank, by utilizing two different types of hash functions, which come with a nested chain using Brokering network. The resulting chain provides forwardness and infiniteness and it should run on multiple systems of wired or wireless network. The base paper “Towards Secure Cloud Bursting, Brokerage and Aggregation” drafted by Srijith K. Nair, Sakshi Porwal, Theo Dimitrakos, Ana Juan Ferrer, Johan Tordsson, Tabassum Sharif, Craig Sheridan, Muttukrishnan Rajarajan, and Afnan Ullah Khan. The respective author proposed the concept of cloud bursting and cloud brokerage and elaborates the open management and security issues connected with the two models. The work also introduces a feasible model that is capable of enhancing the brokerage based cloud services. But unfortunately, security concerns written in the paper is not enough to mitigate core attacks like side-channel leak or DoS attack. Moreover, the paper is more theoretical in nature without any core information of implementation modules or algorithms or any research methodology nor any performance analysis results or implementation. Some other past research work has also seen the discussion related to the requirements for securing communication using in Smartphone towards cloud computing. Therefore, the current paper has considered the sensors to be modern Smartphone. Therefore, the proposed project work will be towards implementing the core concept written in the above mentioned base paper with our contribution in designing a secure real-time application on Android based smart phone using brokering network. Our proposed system is mainly classified into two modules: A. Registration Phase: The cloud user gets the two different hash functions, and an initial seed, established on his mobile phone. To ensure that the information is completely shared with the service provider, the seed is 59
International Journal of Computer Engineering and Technology (IJCET), ISSN 0976 – 6367(Print), ISSN 0976 – 6375(Online) Volume 3, Issue 3, October-December (2012), © IAEME produced by the shared and unique parameters of the host and user, e.g., the International Mobile Equipment Identity (IMEI), International Mobile Subscriber Identity (IMSI), and registration date. B. Authentication Phase: The steps of the login and authentication process between the user and service provider are as follows. The user logs in to the service provider’s website, e.g., an online bank, requesting access. As a response to this access request, a secure session is established, i.e., an SSL session, allowing the user to enter his authentication privileges, i.e., user name and password, the first factor of authentication, what the user knows. Also the user provides the server with his unit instance authorization token current status. The current status allows the server to synchronize his seed with the client’s current seed to get the same seed value on both sides before sending a challenge. The server randomly challenges the user with new indexes. The user enters those indexes, in his Unit Transaction Permission Coin (UTPC)) generator to get the corresponding UTPC. The user responds with this corresponding UTPC. The server compares the received UTPC with the calculated one. According to the server check, done in the previous step, the server will transfer an authorization execution or a communication termination. Through the registration process, the user gets two different hash functions, which could be SHA- 1, and hB(.), which could be MD5 [11], along with an initial seed, “Sint” as the concatenation of the IMEI, IMSI, and registration time, which could be “1234567891234561234567891234507012010200259” Assuming IMEI is “123456789123456,” IMSI is “12345678912345,” and the registration time is “7/1/2010 20:02:59.” After logging into the service provider’s website using a different and static username and password, the first factor of authentication, the server asks the user for the UTPC’s current status. If the user has generated numerous UTPCs without using them, he might have reached an UTPC status of, for example, “17.” The user will submit his current status to the server to allow the server to calculate the current seed Scrt=hA17(Sint)= 1220848648030773785924867285680707842195071405780, that means that the server has calculated seventeen cascaded hashes of its initial seed “Sint” using the SHA-1 algorithm, to be synchronized with the client. After that the server sends a random challenge value of new indexes, e.g., x, y = 3, 4, which means the user has to calculate his session UTPC using this formula: UTPC=hB4(hA3(Scrt))= 68606061177919188523363813602016333158. The server has to calculate the same value in a parallel process, and as soon as the client responds, the server will match the two values to give either a yes or no. C. Micro Platform Computation Phase: The android enabled phones may be in the control of trusted (or semi-trusted) individuals, or be located in some potentially untrusted environment. Certain reasons for using Samsung Android (v2.2) are: • Improved Security: With the addition of numeric pin or alpha-numeric password options to unlock device. Exchange administrators can enforce password policy across devices. • Remote Wipe: Exchange administrators can remotely reset the device to factory defaults to secure data in case device is lost or stolen. 60
International Journal of Computer Engineering and Technology (IJCET), ISSN 0976 – 6367(Print), ISSN 0976 – 6375(Online) Volume 3, Issue 3, October-December (2012), © IAEME • Java Compatibility: Performance of the browser has been enhanced using the V8 engine, which enables faster loading of JavaScript-heavy pages. • Kernel Memory Management Boost: Improved memory reclaim by up to 20x, which results in faster app switching and smoother performance on memory-constrained devices Further, they have a reasonable processing capability on modern low-power processors, such as an ARM architecture processor running at 500–800MHZ. It is assumed that the phones have standard sensors including, eGPS, 802.11x, Bluetooth v2 (Class 1, 2 or 3), temperature, orientation, acceleration, audio microphone, and camera (stills or video). In particular, our project focuses on the use of Samsung Android (v2.2) development phones, due to the ease of programming and their ability to multi-task. The communication between the sensors and the computing infrastructure is mediated by a brokering network that uses a publish / subscribe model. IV. FRAMEWORK IMPLEMENTATION The computing environments of a sensor grid are fraught with different kinds of threats, which endanger the security and privacy assurance the system can provide. Mitigation of these threats relies on establishing trust on individual system layers through proper security control. In this section, we survey the security and privacy risks on each layer of senor-grid computing and the technical challenges for controlling them. A sensor grid interacts with its operating environment through a set of sensors. Those sensors work either autonomously or collaboratively to gather data and dispatch them to the grid. Within the grid, a brokering system filters and routes the data to their subscribers, the clients of the sensor grid. We now describe the security and privacy issues on each layer of such an operation. This includes the environment the sensors are working in; the sensors; the grid; the clients; and the communications between the sensor and grid, and the grid and clients. The proposed system is designed on Windows 32-bit OS with 1.84 GHz processor with broadband connectivity of 100 Mpbs. The programming is done on MyEclipse IDE. The experiment for the proposed system is done on real time Samsung Galaxy Smartphone with Android 2.2. Hence Android Development Tools (ADT) is used as it is a plug-in for the MyEclipse IDE that is designed to give a powerful, integrated environment in which to build Android applications. ADT extends the capabilities of Eclipse to let you quickly set up new Android projects, create an application UI, add packages based on the Android Framework API, debug your applications using the Android SDK tools, and even export signed (or unsigned) .apk files in order to distribute your application. The Android software development kit (SDK) includes a comprehensive set of development tools. These include a debugger, libraries, a handset emulator based on QEMU, documentation, sample code, and tutorials. Currently supported development platforms include computers running Linux, Mac OS X 10.5.8 or later, Windows XP or later. The proposed system will be experimented with active wireless connectivity between the system and Android enable device. 61
International Journal of Computer Engineering and Technology (IJCET), ISSN 0976 – 6367(Print), ISSN 0976 – 6375(Online) Volume 3, Issue 3, October-December (2012), © IAEME Figure 2 Broker Login Options Figure 3 Generation of the UTPC, IMEI No, IMSI No and Registration time stamp The above figure 3 highlights the initial authentication login for student. Initially the student has to sign up a new account where they have to furnish all the details as shown in Figure 4. Figure 4: Sign-up Information feeding. 62
International Journal of Computer Engineering and Technology (IJCET), ISSN 0976 – 6367(Print), ISSN 0976 – 6375(Online) Volume 3, Issue 3, October-December (2012), © IAEME After the successful sign-up, the student can log in to their privilege account using the similar user ID and password, which was successfully fed at the time of sign up process. Figure 5: Captacha Authentication. Once the student logs and their initial user ID and password are accepted, then they will be prompted to feed the random digital information displayed by Captacha application as shown in Figure 5. Now, after the successful sign up, the student can now perform initial login authentication for which they will be asked to feed UTPC and Current status, both of which is generated at the Mobile interface as shown in Figure 6 and 7. Figure 6: UTPC & Current Status generation in Android Interface Figure 7 Feeding UTPC and Current Status from Android Interface to Client interface. 63
International Journal of Computer Engineering and Technology (IJCET), ISSN 0976 – 6367(Print), ISSN 0976 – 6375(Online) Volume 3, Issue 3, October-December (2012), © IAEME Once the UTPC and current status is authenticated, the new index will be generated automatically in web interface as shown in Figure 8. Figure 8 Generation of new Index The generated new index value will be then fed to the Android mobile interface. Once the new index value is authenticated in the mobile interface, the next sequence, it will generate a new UTPC, in same mobile interface as shown in Figure 9. The student needs to take the newly generated UTPC and feed in to their web-interface for final authentication as shown in Figure 10. Figure 9: Generation of UTPC in Android Interface. Figure 10 Feeding newly generated UTPC in Client Interface. Cloud computing facilitates storage of data at a remote site to maximize resource utilization. As a result, it is critical that this data be protected and only given to authorized individuals. This essentially amounts to secure third party publication of data that is necessary for data outsourcing, as well as external publications. Since data in the cloud will be placed anywhere, it is important that the data is encrypted. We are using secure co-processor as part of the cloud infrastructure to enable efficient encrypted storage of sensitive data. 64
International Journal of Computer Engineering and Technology (IJCET), ISSN 0976 – 6367(Print), ISSN 0976 – 6375(Online) Volume 3, Issue 3, October-December (2012), © IAEME V. CONCLUSION The current paper has outlined the research on secure sensor networks in the context of a high- level cloud based brokering architecture and highlighted various research challenges going forward. The analysis for security challenges are illustrated related to assessing the trustiness of the sensing elements supported environmental sensor knowledge, police investigation and defensive against “sensory malware” on such sensors, and mitigating aspect channel leaks once sensing element devices communicate with the cloud. The work attempts to believe these elements of the general cloud based mostly sensing element specific area unit the smallest amount trustworthy since they're out of the management of the cloud “back end.” Thus, addressing these challenges can facilitate defend the integrity of the sensing platforms, the privacy of users UN agency carry mobile sensors, yet because the delivery of sensing element knowledge to the cloud. the long run work of the Cloud computing can improve organization’s performance by utilizing minimum resources and management support, with a shared network, valuable resources , bandwidth, software’s and hardware’s in a very value effective manner and restricted service supplier dealings. the long run sweetening of the this application, we tend to explore the “middle ground”, wherever users will still share physical hardware resource, however user networks area unit isolated and accesses area unit controlled within the method the same as that in enterprise networks REFERENCES [1] http://www.ibm.com/cloud-computing/us/en/. Accessed on 27th Aug, 2012 [2] Michael Gregg, Security Concerns for Cloud Computing, Global Knowledge Training LLC, 2012 [3] Wang, L., Laszewski,V., Gregor, Kunze, Marcel, Tao, Jie. Cloud computing: A Perspective study, Proceedings of the Grid Computing Environments (GCE) workshop. Held at the Austin Civic Center: Austin, Texas: 16 November 2008. [4] Michael, A, Fox,A., Rean Griffith, Anthony D. Joseph, Randy Katz, Andy Konwinski, Gunho Lee, David Patterson, Ariel Rabkin, Ion Stoica, Matei Zaharia. A view of cloud computing. Communications of the ACM , Volume 53 Issue 4, pages 50-58. April 2010. [5] The NIST Definition of Cloud Computing, version 15, by Peter Mell and Tim Grance, October 7, 2009, National Institute of Standards and Technology (NIST), Information Technology Laboratory (www.csrc.nist.gov) [6] Tim Mather, Subra Kumaraswamy, Shahed Latif Cloud Security and Privacy : An Enterprise perspective of Risks and Compliance, O'Reilly Media, Inc., 2009 [7] Open Security Architecture http://www.opensecurityarchitecture.org/ [8] Discovering Identity: Cloud Computing: Identity and Access Management DOI =http://blogs.sun.com/identity/entry/cloud_computing_identity_and_access [9] Siani Pearson. Taking Account of Privacy when Designing Cloud Computing Services. CLOUD '09: Proceedings of the 2009 ICSE Workshop on Software Engineering Challenges of Cloud Computing, pages 44-52. May 2009 [10] Security Guidance for Critical Areas of Focus in Cloud Computing, April 2009. DOI =http://www.cloudsecurityalliance.org/topthreats/csathreats.v1.0.pdf [11] Weichao Wang, Zhiwei Li, Rodney Owens, Bharat Bhargava. Secure and Efficient Access to Outsourced Data. CCSW '09: Proceedings of the 2009 ACM workshop on Cloud computing security, pages 55-65. November 2009 65
Ad

Recommended

70 74
70 7470 74
70 74
Editor IJARCET
 
Eb31854857
Eb31854857Eb31854857
Eb31854857
IJERA Editor
 
Cloud computing security through symmetric cipher model
Cloud computing security through symmetric cipher modelCloud computing security through symmetric cipher model
Cloud computing security through symmetric cipher model
ijcsit
 
A survey on secured data outsourcing in cloud computing
A survey on secured data outsourcing in cloud computingA survey on secured data outsourcing in cloud computing
A survey on secured data outsourcing in cloud computing
IAEME Publication
 
EFFECTIVE METHOD FOR MANAGING AUTOMATION AND MONITORING IN MULTI-CLOUD COMPUT...
EFFECTIVE METHOD FOR MANAGING AUTOMATION AND MONITORING IN MULTI-CLOUD COMPUT...EFFECTIVE METHOD FOR MANAGING AUTOMATION AND MONITORING IN MULTI-CLOUD COMPUT...
EFFECTIVE METHOD FOR MANAGING AUTOMATION AND MONITORING IN MULTI-CLOUD COMPUT...
IJNSA Journal
 
A brief review: security issues in cloud computing and their solutions
A brief review: security issues in cloud computing and their solutionsA brief review: security issues in cloud computing and their solutions
A brief review: security issues in cloud computing and their solutions
TELKOMNIKA JOURNAL
 
A survey on data security in cloud computing issues and mitigation techniques
A survey on data security in cloud computing issues and mitigation techniquesA survey on data security in cloud computing issues and mitigation techniques
A survey on data security in cloud computing issues and mitigation techniques
eSAT Publishing House
 
Securing Cloud from Cloud Drain
Securing Cloud from Cloud DrainSecuring Cloud from Cloud Drain
Securing Cloud from Cloud Drain
Eswar Publications
 
G033030035
G033030035G033030035
G033030035
ijceronline
 
Security aspects-of-mobile-cloud-computing
Security aspects-of-mobile-cloud-computingSecurity aspects-of-mobile-cloud-computing
Security aspects-of-mobile-cloud-computing
SHREYASSRINATH94
 
Cloud computing and security issues in the
Cloud computing and security issues in theCloud computing and security issues in the
Cloud computing and security issues in the
IJNSA Journal
 
Security Issues’ in Cloud Computing and its Solutions.
Security Issues’ in Cloud Computing and its Solutions. Security Issues’ in Cloud Computing and its Solutions.
Security Issues’ in Cloud Computing and its Solutions.
IJCERT JOURNAL
 
Enhancing Data Integrity in Multi Cloud Storage
Enhancing Data Integrity in Multi Cloud StorageEnhancing Data Integrity in Multi Cloud Storage
Enhancing Data Integrity in Multi Cloud Storage
IJERA Editor
 
489 493
489 493489 493
489 493
Editor IJARCET
 
APPLYING GEO-ENCRYPTION AND ATTRIBUTE BASED ENCRYPTION TO IMPLEMENT SECURE AC...
APPLYING GEO-ENCRYPTION AND ATTRIBUTE BASED ENCRYPTION TO IMPLEMENT SECURE AC...APPLYING GEO-ENCRYPTION AND ATTRIBUTE BASED ENCRYPTION TO IMPLEMENT SECURE AC...
APPLYING GEO-ENCRYPTION AND ATTRIBUTE BASED ENCRYPTION TO IMPLEMENT SECURE AC...
IJCNCJournal
 
Conceptual Model of Real Time Infrastructure Within Cloud Computing Environment
Conceptual Model of Real Time Infrastructure Within Cloud Computing EnvironmentConceptual Model of Real Time Infrastructure Within Cloud Computing Environment
Conceptual Model of Real Time Infrastructure Within Cloud Computing Environment
CSCJournals
 
Security and Privacy Issues of Fog Computing: A Survey
Security and Privacy Issues of Fog Computing: A SurveySecurity and Privacy Issues of Fog Computing: A Survey
Security and Privacy Issues of Fog Computing: A Survey
HarshitParkar6677
 
Assurance of Security and Privacy Requirements for Cloud Deployment Model
Assurance of Security and Privacy Requirements for Cloud Deployment ModelAssurance of Security and Privacy Requirements for Cloud Deployment Model
Assurance of Security and Privacy Requirements for Cloud Deployment Model
IJMTST Journal
 
Ijirsm poornima-km-a-survey-on-security-circumstances-for-mobile-cloud-computing
Ijirsm poornima-km-a-survey-on-security-circumstances-for-mobile-cloud-computingIjirsm poornima-km-a-survey-on-security-circumstances-for-mobile-cloud-computing
Ijirsm poornima-km-a-survey-on-security-circumstances-for-mobile-cloud-computing
IJIR JOURNALS IJIRUSA
 
Ad4502189193
Ad4502189193Ad4502189193
Ad4502189193
IJERA Editor
 
Comparison of data security in grid and cloud computing
Comparison of data security in grid and cloud computingComparison of data security in grid and cloud computing
Comparison of data security in grid and cloud computing
eSAT Journals
 
Maintaining Secure Cloud by Continuous Auditing
Maintaining Secure Cloud by Continuous AuditingMaintaining Secure Cloud by Continuous Auditing
Maintaining Secure Cloud by Continuous Auditing
ijtsrd
 
Comparison of data security in grid and cloud
Comparison of data security in grid and cloudComparison of data security in grid and cloud
Comparison of data security in grid and cloud
eSAT Publishing House
 
fog computing provide security to the data in cloud
fog computing provide security to the data in cloudfog computing provide security to the data in cloud
fog computing provide security to the data in cloud
priyanka reddy
 
INFORMATION SECURITY IN CLOUD COMPUTING
INFORMATION SECURITY IN CLOUD COMPUTINGINFORMATION SECURITY IN CLOUD COMPUTING
INFORMATION SECURITY IN CLOUD COMPUTING
ijitcs
 
Introduction to cloud security
Introduction to cloud securityIntroduction to cloud security
Introduction to cloud security
IAEME Publication
 
Fog computing a new concept to minimize the attacks and to provide security i...
Fog computing a new concept to minimize the attacks and to provide security i...Fog computing a new concept to minimize the attacks and to provide security i...
Fog computing a new concept to minimize the attacks and to provide security i...
eSAT Publishing House
 
Security issues in cloud computing for msmes
Security issues in cloud computing for msmesSecurity issues in cloud computing for msmes
Security issues in cloud computing for msmes
IAEME Publication
 
Performance evaluation of design build projects with and without agency const...
Performance evaluation of design build projects with and without agency const...Performance evaluation of design build projects with and without agency const...
Performance evaluation of design build projects with and without agency const...
IAEME Publication
 
Environmental management accounting – a decision making tools
Environmental management accounting – a decision making toolsEnvironmental management accounting – a decision making tools
Environmental management accounting – a decision making tools
IAEME Publication
 
Ad

More Related Content

What's hot (19)

G033030035
G033030035G033030035
G033030035
ijceronline
 
Security aspects-of-mobile-cloud-computing
Security aspects-of-mobile-cloud-computingSecurity aspects-of-mobile-cloud-computing
Security aspects-of-mobile-cloud-computing
SHREYASSRINATH94
 
Cloud computing and security issues in the
Cloud computing and security issues in theCloud computing and security issues in the
Cloud computing and security issues in the
IJNSA Journal
 
Security Issues’ in Cloud Computing and its Solutions.
Security Issues’ in Cloud Computing and its Solutions. Security Issues’ in Cloud Computing and its Solutions.
Security Issues’ in Cloud Computing and its Solutions.
IJCERT JOURNAL
 
Enhancing Data Integrity in Multi Cloud Storage
Enhancing Data Integrity in Multi Cloud StorageEnhancing Data Integrity in Multi Cloud Storage
Enhancing Data Integrity in Multi Cloud Storage
IJERA Editor
 
489 493
489 493489 493
489 493
Editor IJARCET
 
APPLYING GEO-ENCRYPTION AND ATTRIBUTE BASED ENCRYPTION TO IMPLEMENT SECURE AC...
APPLYING GEO-ENCRYPTION AND ATTRIBUTE BASED ENCRYPTION TO IMPLEMENT SECURE AC...APPLYING GEO-ENCRYPTION AND ATTRIBUTE BASED ENCRYPTION TO IMPLEMENT SECURE AC...
APPLYING GEO-ENCRYPTION AND ATTRIBUTE BASED ENCRYPTION TO IMPLEMENT SECURE AC...
IJCNCJournal
 
Conceptual Model of Real Time Infrastructure Within Cloud Computing Environment
Conceptual Model of Real Time Infrastructure Within Cloud Computing EnvironmentConceptual Model of Real Time Infrastructure Within Cloud Computing Environment
Conceptual Model of Real Time Infrastructure Within Cloud Computing Environment
CSCJournals
 
Security and Privacy Issues of Fog Computing: A Survey
Security and Privacy Issues of Fog Computing: A SurveySecurity and Privacy Issues of Fog Computing: A Survey
Security and Privacy Issues of Fog Computing: A Survey
HarshitParkar6677
 
Assurance of Security and Privacy Requirements for Cloud Deployment Model
Assurance of Security and Privacy Requirements for Cloud Deployment ModelAssurance of Security and Privacy Requirements for Cloud Deployment Model
Assurance of Security and Privacy Requirements for Cloud Deployment Model
IJMTST Journal
 
Ijirsm poornima-km-a-survey-on-security-circumstances-for-mobile-cloud-computing
Ijirsm poornima-km-a-survey-on-security-circumstances-for-mobile-cloud-computingIjirsm poornima-km-a-survey-on-security-circumstances-for-mobile-cloud-computing
Ijirsm poornima-km-a-survey-on-security-circumstances-for-mobile-cloud-computing
IJIR JOURNALS IJIRUSA
 
Ad4502189193
Ad4502189193Ad4502189193
Ad4502189193
IJERA Editor
 
Comparison of data security in grid and cloud computing
Comparison of data security in grid and cloud computingComparison of data security in grid and cloud computing
Comparison of data security in grid and cloud computing
eSAT Journals
 
Maintaining Secure Cloud by Continuous Auditing
Maintaining Secure Cloud by Continuous AuditingMaintaining Secure Cloud by Continuous Auditing
Maintaining Secure Cloud by Continuous Auditing
ijtsrd
 
Comparison of data security in grid and cloud
Comparison of data security in grid and cloudComparison of data security in grid and cloud
Comparison of data security in grid and cloud
eSAT Publishing House
 
fog computing provide security to the data in cloud
fog computing provide security to the data in cloudfog computing provide security to the data in cloud
fog computing provide security to the data in cloud
priyanka reddy
 
INFORMATION SECURITY IN CLOUD COMPUTING
INFORMATION SECURITY IN CLOUD COMPUTINGINFORMATION SECURITY IN CLOUD COMPUTING
INFORMATION SECURITY IN CLOUD COMPUTING
ijitcs
 
Introduction to cloud security
Introduction to cloud securityIntroduction to cloud security
Introduction to cloud security
IAEME Publication
 
Fog computing a new concept to minimize the attacks and to provide security i...
Fog computing a new concept to minimize the attacks and to provide security i...Fog computing a new concept to minimize the attacks and to provide security i...
Fog computing a new concept to minimize the attacks and to provide security i...
eSAT Publishing House
 
G033030035
G033030035G033030035
G033030035
ijceronline
 
Security aspects-of-mobile-cloud-computing
Security aspects-of-mobile-cloud-computingSecurity aspects-of-mobile-cloud-computing
Security aspects-of-mobile-cloud-computing
SHREYASSRINATH94
 
Cloud computing and security issues in the
Cloud computing and security issues in theCloud computing and security issues in the
Cloud computing and security issues in the
IJNSA Journal
 
Security Issues’ in Cloud Computing and its Solutions.
Security Issues’ in Cloud Computing and its Solutions. Security Issues’ in Cloud Computing and its Solutions.
Security Issues’ in Cloud Computing and its Solutions.
IJCERT JOURNAL
 
Enhancing Data Integrity in Multi Cloud Storage
Enhancing Data Integrity in Multi Cloud StorageEnhancing Data Integrity in Multi Cloud Storage
Enhancing Data Integrity in Multi Cloud Storage
IJERA Editor
 
489 493
489 493489 493
489 493
Editor IJARCET
 
APPLYING GEO-ENCRYPTION AND ATTRIBUTE BASED ENCRYPTION TO IMPLEMENT SECURE AC...
APPLYING GEO-ENCRYPTION AND ATTRIBUTE BASED ENCRYPTION TO IMPLEMENT SECURE AC...APPLYING GEO-ENCRYPTION AND ATTRIBUTE BASED ENCRYPTION TO IMPLEMENT SECURE AC...
APPLYING GEO-ENCRYPTION AND ATTRIBUTE BASED ENCRYPTION TO IMPLEMENT SECURE AC...
IJCNCJournal
 
Conceptual Model of Real Time Infrastructure Within Cloud Computing Environment
Conceptual Model of Real Time Infrastructure Within Cloud Computing EnvironmentConceptual Model of Real Time Infrastructure Within Cloud Computing Environment
Conceptual Model of Real Time Infrastructure Within Cloud Computing Environment
CSCJournals
 
Security and Privacy Issues of Fog Computing: A Survey
Security and Privacy Issues of Fog Computing: A SurveySecurity and Privacy Issues of Fog Computing: A Survey
Security and Privacy Issues of Fog Computing: A Survey
HarshitParkar6677
 
Assurance of Security and Privacy Requirements for Cloud Deployment Model
Assurance of Security and Privacy Requirements for Cloud Deployment ModelAssurance of Security and Privacy Requirements for Cloud Deployment Model
Assurance of Security and Privacy Requirements for Cloud Deployment Model
IJMTST Journal
 
Ijirsm poornima-km-a-survey-on-security-circumstances-for-mobile-cloud-computing
Ijirsm poornima-km-a-survey-on-security-circumstances-for-mobile-cloud-computingIjirsm poornima-km-a-survey-on-security-circumstances-for-mobile-cloud-computing
Ijirsm poornima-km-a-survey-on-security-circumstances-for-mobile-cloud-computing
IJIR JOURNALS IJIRUSA
 
Ad4502189193
Ad4502189193Ad4502189193
Ad4502189193
IJERA Editor
 
Comparison of data security in grid and cloud computing
Comparison of data security in grid and cloud computingComparison of data security in grid and cloud computing
Comparison of data security in grid and cloud computing
eSAT Journals
 
Maintaining Secure Cloud by Continuous Auditing
Maintaining Secure Cloud by Continuous AuditingMaintaining Secure Cloud by Continuous Auditing
Maintaining Secure Cloud by Continuous Auditing
ijtsrd
 
Comparison of data security in grid and cloud
Comparison of data security in grid and cloudComparison of data security in grid and cloud
Comparison of data security in grid and cloud
eSAT Publishing House
 
fog computing provide security to the data in cloud
fog computing provide security to the data in cloudfog computing provide security to the data in cloud
fog computing provide security to the data in cloud
priyanka reddy
 
INFORMATION SECURITY IN CLOUD COMPUTING
INFORMATION SECURITY IN CLOUD COMPUTINGINFORMATION SECURITY IN CLOUD COMPUTING
INFORMATION SECURITY IN CLOUD COMPUTING
ijitcs
 
Introduction to cloud security
Introduction to cloud securityIntroduction to cloud security
Introduction to cloud security
IAEME Publication
 
Fog computing a new concept to minimize the attacks and to provide security i...
Fog computing a new concept to minimize the attacks and to provide security i...Fog computing a new concept to minimize the attacks and to provide security i...
Fog computing a new concept to minimize the attacks and to provide security i...
eSAT Publishing House
 

Viewers also liked (9)

Security issues in cloud computing for msmes
Security issues in cloud computing for msmesSecurity issues in cloud computing for msmes
Security issues in cloud computing for msmes
IAEME Publication
 
Performance evaluation of design build projects with and without agency const...
Performance evaluation of design build projects with and without agency const...Performance evaluation of design build projects with and without agency const...
Performance evaluation of design build projects with and without agency const...
IAEME Publication
 
Environmental management accounting – a decision making tools
Environmental management accounting – a decision making toolsEnvironmental management accounting – a decision making tools
Environmental management accounting – a decision making tools
IAEME Publication
 
Performance analysis of a second order system using mrac
Performance analysis of a second order system using mracPerformance analysis of a second order system using mrac
Performance analysis of a second order system using mrac
IAEME Publication
 
A new nano ceria reinforced epoxy polymer composite
A new nano ceria reinforced epoxy polymer compositeA new nano ceria reinforced epoxy polymer composite
A new nano ceria reinforced epoxy polymer composite
IAEME Publication
 
Verification for modeling of ultimate load for lightweight palm oil clinker r...
Verification for modeling of ultimate load for lightweight palm oil clinker r...Verification for modeling of ultimate load for lightweight palm oil clinker r...
Verification for modeling of ultimate load for lightweight palm oil clinker r...
IAEME Publication
 
The hybrid evolutionary algorithm for optimal planning of hybrid woban
The hybrid evolutionary algorithm for optimal planning of hybrid wobanThe hybrid evolutionary algorithm for optimal planning of hybrid woban
The hybrid evolutionary algorithm for optimal planning of hybrid woban
IAEME Publication
 
The study of e commerce service systems in global viral marketing strategy
The study of e commerce service systems in global viral marketing strategyThe study of e commerce service systems in global viral marketing strategy
The study of e commerce service systems in global viral marketing strategy
IAEME Publication
 
Profile of Qualixa Turnkey Projects Pvt. Ltd.(1)
Profile of Qualixa Turnkey Projects Pvt. Ltd.(1)Profile of Qualixa Turnkey Projects Pvt. Ltd.(1)
Profile of Qualixa Turnkey Projects Pvt. Ltd.(1)
Shailesh Salvi
 
Security issues in cloud computing for msmes
Security issues in cloud computing for msmesSecurity issues in cloud computing for msmes
Security issues in cloud computing for msmes
IAEME Publication
 
Performance evaluation of design build projects with and without agency const...
Performance evaluation of design build projects with and without agency const...Performance evaluation of design build projects with and without agency const...
Performance evaluation of design build projects with and without agency const...
IAEME Publication
 
Environmental management accounting – a decision making tools
Environmental management accounting – a decision making toolsEnvironmental management accounting – a decision making tools
Environmental management accounting – a decision making tools
IAEME Publication
 
Performance analysis of a second order system using mrac
Performance analysis of a second order system using mracPerformance analysis of a second order system using mrac
Performance analysis of a second order system using mrac
IAEME Publication
 
A new nano ceria reinforced epoxy polymer composite
A new nano ceria reinforced epoxy polymer compositeA new nano ceria reinforced epoxy polymer composite
A new nano ceria reinforced epoxy polymer composite
IAEME Publication
 
Verification for modeling of ultimate load for lightweight palm oil clinker r...
Verification for modeling of ultimate load for lightweight palm oil clinker r...Verification for modeling of ultimate load for lightweight palm oil clinker r...
Verification for modeling of ultimate load for lightweight palm oil clinker r...
IAEME Publication
 
The hybrid evolutionary algorithm for optimal planning of hybrid woban
The hybrid evolutionary algorithm for optimal planning of hybrid wobanThe hybrid evolutionary algorithm for optimal planning of hybrid woban
The hybrid evolutionary algorithm for optimal planning of hybrid woban
IAEME Publication
 
The study of e commerce service systems in global viral marketing strategy
The study of e commerce service systems in global viral marketing strategyThe study of e commerce service systems in global viral marketing strategy
The study of e commerce service systems in global viral marketing strategy
IAEME Publication
 
Profile of Qualixa Turnkey Projects Pvt. Ltd.(1)
Profile of Qualixa Turnkey Projects Pvt. Ltd.(1)Profile of Qualixa Turnkey Projects Pvt. Ltd.(1)
Profile of Qualixa Turnkey Projects Pvt. Ltd.(1)
Shailesh Salvi
 
Ad

Similar to Secure hash based distributed framework for utpc based cloud authorization (20)

Proposed system for data security in distributed computing in using triple d...
Proposed system for data security in distributed computing in using triple d...Proposed system for data security in distributed computing in using triple d...
Proposed system for data security in distributed computing in using triple d...
IJECEIAES
 
Secure Channel Establishment Techniques for Homomorphic Encryption in Cloud C...
Secure Channel Establishment Techniques for Homomorphic Encryption in Cloud C...Secure Channel Establishment Techniques for Homomorphic Encryption in Cloud C...
Secure Channel Establishment Techniques for Homomorphic Encryption in Cloud C...
IRJET Journal
 
Evaluation Of The Data Security Methods In Cloud Computing Environments
Evaluation Of The Data Security Methods In Cloud Computing EnvironmentsEvaluation Of The Data Security Methods In Cloud Computing Environments
Evaluation Of The Data Security Methods In Cloud Computing Environments
ijfcstjournal
 
Fog Computing
Fog ComputingFog Computing
Fog Computing
Pachipulusu Giridhar
 
Fog computing
Fog computing Fog computing
Fog computing
Pachipulusu Giridhar
 
Reconfigurable data intensive service for low latency cyber-physical systems ...
Reconfigurable data intensive service for low latency cyber-physical systems ...Reconfigurable data intensive service for low latency cyber-physical systems ...
Reconfigurable data intensive service for low latency cyber-physical systems ...
International Journal of Reconfigurable and Embedded Systems
 
BIOMETRIC SMARTCARD AUTHENTICATION FOR FOG COMPUTING
BIOMETRIC SMARTCARD AUTHENTICATION FOR FOG COMPUTINGBIOMETRIC SMARTCARD AUTHENTICATION FOR FOG COMPUTING
BIOMETRIC SMARTCARD AUTHENTICATION FOR FOG COMPUTING
IJNSA Journal
 
BIOMETRIC SMARTCARD AUTHENTICATION FOR FOG COMPUTING
BIOMETRIC SMARTCARD AUTHENTICATION FOR FOG COMPUTINGBIOMETRIC SMARTCARD AUTHENTICATION FOR FOG COMPUTING
BIOMETRIC SMARTCARD AUTHENTICATION FOR FOG COMPUTING
IJNSA Journal
 
E-Mail Systems In Cloud Computing Environment Privacy,Trust And Security Chal...
E-Mail Systems In Cloud Computing Environment Privacy,Trust And Security Chal...E-Mail Systems In Cloud Computing Environment Privacy,Trust And Security Chal...
E-Mail Systems In Cloud Computing Environment Privacy,Trust And Security Chal...
IJERA Editor
 
Cloud Data Security using Elliptic Curve Cryptography
Cloud Data Security using Elliptic Curve CryptographyCloud Data Security using Elliptic Curve Cryptography
Cloud Data Security using Elliptic Curve Cryptography
IRJET Journal
 
An Overview on Security Issues in Cloud Computing
An Overview on Security Issues in Cloud ComputingAn Overview on Security Issues in Cloud Computing
An Overview on Security Issues in Cloud Computing
IOSR Journals
 
Cloud data security and various cryptographic algorithms
Cloud data security and various cryptographic algorithms Cloud data security and various cryptographic algorithms
Cloud data security and various cryptographic algorithms
IJECEIAES
 
Paper id 27201433
Paper id 27201433Paper id 27201433
Paper id 27201433
IJRAT
 
A premeditated cdm algorithm in cloud computing environment for fpm 2
A premeditated cdm algorithm in cloud computing environment for fpm 2A premeditated cdm algorithm in cloud computing environment for fpm 2
A premeditated cdm algorithm in cloud computing environment for fpm 2
IAEME Publication
 
Fs2510501055
Fs2510501055Fs2510501055
Fs2510501055
IJERA Editor
 
Ijarcet vol-2-issue-3-1128-1131
Ijarcet vol-2-issue-3-1128-1131Ijarcet vol-2-issue-3-1128-1131
Ijarcet vol-2-issue-3-1128-1131
Editor IJARCET
 
improve cloud security
improve cloud securityimprove cloud security
improve cloud security
Balkees Shereek
 
Verifiable data distribution technique for multiple applicants in a cloud com...
Verifiable data distribution technique for multiple applicants in a cloud com...Verifiable data distribution technique for multiple applicants in a cloud com...
Verifiable data distribution technique for multiple applicants in a cloud com...
IAESIJAI
 
IRJET- Simultaneous ammunition for the multi-cloud computing simulation
IRJET- Simultaneous ammunition for the multi-cloud computing simulation IRJET- Simultaneous ammunition for the multi-cloud computing simulation
IRJET- Simultaneous ammunition for the multi-cloud computing simulation
IRJET Journal
 
Kamal Jyoti V3I5-0161
Kamal Jyoti V3I5-0161Kamal Jyoti V3I5-0161
Kamal Jyoti V3I5-0161
Kamal Jyoti
 
Proposed system for data security in distributed computing in using triple d...
Proposed system for data security in distributed computing in using triple d...Proposed system for data security in distributed computing in using triple d...
Proposed system for data security in distributed computing in using triple d...
IJECEIAES
 
Secure Channel Establishment Techniques for Homomorphic Encryption in Cloud C...
Secure Channel Establishment Techniques for Homomorphic Encryption in Cloud C...Secure Channel Establishment Techniques for Homomorphic Encryption in Cloud C...
Secure Channel Establishment Techniques for Homomorphic Encryption in Cloud C...
IRJET Journal
 
Evaluation Of The Data Security Methods In Cloud Computing Environments
Evaluation Of The Data Security Methods In Cloud Computing EnvironmentsEvaluation Of The Data Security Methods In Cloud Computing Environments
Evaluation Of The Data Security Methods In Cloud Computing Environments
ijfcstjournal
 
Fog Computing
Fog ComputingFog Computing
Fog Computing
Pachipulusu Giridhar
 
Fog computing
Fog computing Fog computing
Fog computing
Pachipulusu Giridhar
 
Reconfigurable data intensive service for low latency cyber-physical systems ...
Reconfigurable data intensive service for low latency cyber-physical systems ...Reconfigurable data intensive service for low latency cyber-physical systems ...
Reconfigurable data intensive service for low latency cyber-physical systems ...
International Journal of Reconfigurable and Embedded Systems
 
BIOMETRIC SMARTCARD AUTHENTICATION FOR FOG COMPUTING
BIOMETRIC SMARTCARD AUTHENTICATION FOR FOG COMPUTINGBIOMETRIC SMARTCARD AUTHENTICATION FOR FOG COMPUTING
BIOMETRIC SMARTCARD AUTHENTICATION FOR FOG COMPUTING
IJNSA Journal
 
BIOMETRIC SMARTCARD AUTHENTICATION FOR FOG COMPUTING
BIOMETRIC SMARTCARD AUTHENTICATION FOR FOG COMPUTINGBIOMETRIC SMARTCARD AUTHENTICATION FOR FOG COMPUTING
BIOMETRIC SMARTCARD AUTHENTICATION FOR FOG COMPUTING
IJNSA Journal
 
E-Mail Systems In Cloud Computing Environment Privacy,Trust And Security Chal...
E-Mail Systems In Cloud Computing Environment Privacy,Trust And Security Chal...E-Mail Systems In Cloud Computing Environment Privacy,Trust And Security Chal...
E-Mail Systems In Cloud Computing Environment Privacy,Trust And Security Chal...
IJERA Editor
 
Cloud Data Security using Elliptic Curve Cryptography
Cloud Data Security using Elliptic Curve CryptographyCloud Data Security using Elliptic Curve Cryptography
Cloud Data Security using Elliptic Curve Cryptography
IRJET Journal
 
An Overview on Security Issues in Cloud Computing
An Overview on Security Issues in Cloud ComputingAn Overview on Security Issues in Cloud Computing
An Overview on Security Issues in Cloud Computing
IOSR Journals
 
Cloud data security and various cryptographic algorithms
Cloud data security and various cryptographic algorithms Cloud data security and various cryptographic algorithms
Cloud data security and various cryptographic algorithms
IJECEIAES
 
Paper id 27201433
Paper id 27201433Paper id 27201433
Paper id 27201433
IJRAT
 
A premeditated cdm algorithm in cloud computing environment for fpm 2
A premeditated cdm algorithm in cloud computing environment for fpm 2A premeditated cdm algorithm in cloud computing environment for fpm 2
A premeditated cdm algorithm in cloud computing environment for fpm 2
IAEME Publication
 
Fs2510501055
Fs2510501055Fs2510501055
Fs2510501055
IJERA Editor
 
Ijarcet vol-2-issue-3-1128-1131
Ijarcet vol-2-issue-3-1128-1131Ijarcet vol-2-issue-3-1128-1131
Ijarcet vol-2-issue-3-1128-1131
Editor IJARCET
 
improve cloud security
improve cloud securityimprove cloud security
improve cloud security
Balkees Shereek
 
Verifiable data distribution technique for multiple applicants in a cloud com...
Verifiable data distribution technique for multiple applicants in a cloud com...Verifiable data distribution technique for multiple applicants in a cloud com...
Verifiable data distribution technique for multiple applicants in a cloud com...
IAESIJAI
 
IRJET- Simultaneous ammunition for the multi-cloud computing simulation
IRJET- Simultaneous ammunition for the multi-cloud computing simulation IRJET- Simultaneous ammunition for the multi-cloud computing simulation
IRJET- Simultaneous ammunition for the multi-cloud computing simulation
IRJET Journal
 
Kamal Jyoti V3I5-0161
Kamal Jyoti V3I5-0161Kamal Jyoti V3I5-0161
Kamal Jyoti V3I5-0161
Kamal Jyoti
 
Ad

More from IAEME Publication (20)

IAEME_Publication_Call_for_Paper_September_2022.pdf
IAEME_Publication_Call_for_Paper_September_2022.pdfIAEME_Publication_Call_for_Paper_September_2022.pdf
IAEME_Publication_Call_for_Paper_September_2022.pdf
IAEME Publication
 
MODELING AND ANALYSIS OF SURFACE ROUGHNESS AND WHITE LATER THICKNESS IN WIRE-...
MODELING AND ANALYSIS OF SURFACE ROUGHNESS AND WHITE LATER THICKNESS IN WIRE-...MODELING AND ANALYSIS OF SURFACE ROUGHNESS AND WHITE LATER THICKNESS IN WIRE-...
MODELING AND ANALYSIS OF SURFACE ROUGHNESS AND WHITE LATER THICKNESS IN WIRE-...
IAEME Publication
 
A STUDY ON THE REASONS FOR TRANSGENDER TO BECOME ENTREPRENEURS
A STUDY ON THE REASONS FOR TRANSGENDER TO BECOME ENTREPRENEURSA STUDY ON THE REASONS FOR TRANSGENDER TO BECOME ENTREPRENEURS
A STUDY ON THE REASONS FOR TRANSGENDER TO BECOME ENTREPRENEURS
IAEME Publication
 
BROAD UNEXPOSED SKILLS OF TRANSGENDER ENTREPRENEURS
BROAD UNEXPOSED SKILLS OF TRANSGENDER ENTREPRENEURSBROAD UNEXPOSED SKILLS OF TRANSGENDER ENTREPRENEURS
BROAD UNEXPOSED SKILLS OF TRANSGENDER ENTREPRENEURS
IAEME Publication
 
DETERMINANTS AFFECTING THE USER'S INTENTION TO USE MOBILE BANKING APPLICATIONS
DETERMINANTS AFFECTING THE USER'S INTENTION TO USE MOBILE BANKING APPLICATIONSDETERMINANTS AFFECTING THE USER'S INTENTION TO USE MOBILE BANKING APPLICATIONS
DETERMINANTS AFFECTING THE USER'S INTENTION TO USE MOBILE BANKING APPLICATIONS
IAEME Publication
 
ANALYSE THE USER PREDILECTION ON GPAY AND PHONEPE FOR DIGITAL TRANSACTIONS
ANALYSE THE USER PREDILECTION ON GPAY AND PHONEPE FOR DIGITAL TRANSACTIONSANALYSE THE USER PREDILECTION ON GPAY AND PHONEPE FOR DIGITAL TRANSACTIONS
ANALYSE THE USER PREDILECTION ON GPAY AND PHONEPE FOR DIGITAL TRANSACTIONS
IAEME Publication
 
VOICE BASED ATM FOR VISUALLY IMPAIRED USING ARDUINO
VOICE BASED ATM FOR VISUALLY IMPAIRED USING ARDUINOVOICE BASED ATM FOR VISUALLY IMPAIRED USING ARDUINO
VOICE BASED ATM FOR VISUALLY IMPAIRED USING ARDUINO
IAEME Publication
 
IMPACT OF EMOTIONAL INTELLIGENCE ON HUMAN RESOURCE MANAGEMENT PRACTICES AMONG...
IMPACT OF EMOTIONAL INTELLIGENCE ON HUMAN RESOURCE MANAGEMENT PRACTICES AMONG...IMPACT OF EMOTIONAL INTELLIGENCE ON HUMAN RESOURCE MANAGEMENT PRACTICES AMONG...
IMPACT OF EMOTIONAL INTELLIGENCE ON HUMAN RESOURCE MANAGEMENT PRACTICES AMONG...
IAEME Publication
 
VISUALISING AGING PARENTS & THEIR CLOSE CARERS LIFE JOURNEY IN AGING ECONOMY
VISUALISING AGING PARENTS & THEIR CLOSE CARERS LIFE JOURNEY IN AGING ECONOMYVISUALISING AGING PARENTS & THEIR CLOSE CARERS LIFE JOURNEY IN AGING ECONOMY
VISUALISING AGING PARENTS & THEIR CLOSE CARERS LIFE JOURNEY IN AGING ECONOMY
IAEME Publication
 
A STUDY ON THE IMPACT OF ORGANIZATIONAL CULTURE ON THE EFFECTIVENESS OF PERFO...
A STUDY ON THE IMPACT OF ORGANIZATIONAL CULTURE ON THE EFFECTIVENESS OF PERFO...A STUDY ON THE IMPACT OF ORGANIZATIONAL CULTURE ON THE EFFECTIVENESS OF PERFO...
A STUDY ON THE IMPACT OF ORGANIZATIONAL CULTURE ON THE EFFECTIVENESS OF PERFO...
IAEME Publication
 
GANDHI ON NON-VIOLENT POLICE
GANDHI ON NON-VIOLENT POLICEGANDHI ON NON-VIOLENT POLICE
GANDHI ON NON-VIOLENT POLICE
IAEME Publication
 
A STUDY ON TALENT MANAGEMENT AND ITS IMPACT ON EMPLOYEE RETENTION IN SELECTED...
A STUDY ON TALENT MANAGEMENT AND ITS IMPACT ON EMPLOYEE RETENTION IN SELECTED...A STUDY ON TALENT MANAGEMENT AND ITS IMPACT ON EMPLOYEE RETENTION IN SELECTED...
A STUDY ON TALENT MANAGEMENT AND ITS IMPACT ON EMPLOYEE RETENTION IN SELECTED...
IAEME Publication
 
ATTRITION IN THE IT INDUSTRY DURING COVID-19 PANDEMIC: LINKING EMOTIONAL INTE...
ATTRITION IN THE IT INDUSTRY DURING COVID-19 PANDEMIC: LINKING EMOTIONAL INTE...ATTRITION IN THE IT INDUSTRY DURING COVID-19 PANDEMIC: LINKING EMOTIONAL INTE...
ATTRITION IN THE IT INDUSTRY DURING COVID-19 PANDEMIC: LINKING EMOTIONAL INTE...
IAEME Publication
 
INFLUENCE OF TALENT MANAGEMENT PRACTICES ON ORGANIZATIONAL PERFORMANCE A STUD...
INFLUENCE OF TALENT MANAGEMENT PRACTICES ON ORGANIZATIONAL PERFORMANCE A STUD...INFLUENCE OF TALENT MANAGEMENT PRACTICES ON ORGANIZATIONAL PERFORMANCE A STUD...
INFLUENCE OF TALENT MANAGEMENT PRACTICES ON ORGANIZATIONAL PERFORMANCE A STUD...
IAEME Publication
 
A STUDY OF VARIOUS TYPES OF LOANS OF SELECTED PUBLIC AND PRIVATE SECTOR BANKS...
A STUDY OF VARIOUS TYPES OF LOANS OF SELECTED PUBLIC AND PRIVATE SECTOR BANKS...A STUDY OF VARIOUS TYPES OF LOANS OF SELECTED PUBLIC AND PRIVATE SECTOR BANKS...
A STUDY OF VARIOUS TYPES OF LOANS OF SELECTED PUBLIC AND PRIVATE SECTOR BANKS...
IAEME Publication
 
EXPERIMENTAL STUDY OF MECHANICAL AND TRIBOLOGICAL RELATION OF NYLON/BaSO4 POL...
EXPERIMENTAL STUDY OF MECHANICAL AND TRIBOLOGICAL RELATION OF NYLON/BaSO4 POL...EXPERIMENTAL STUDY OF MECHANICAL AND TRIBOLOGICAL RELATION OF NYLON/BaSO4 POL...
EXPERIMENTAL STUDY OF MECHANICAL AND TRIBOLOGICAL RELATION OF NYLON/BaSO4 POL...
IAEME Publication
 
ROLE OF SOCIAL ENTREPRENEURSHIP IN RURAL DEVELOPMENT OF INDIA - PROBLEMS AND ...
ROLE OF SOCIAL ENTREPRENEURSHIP IN RURAL DEVELOPMENT OF INDIA - PROBLEMS AND ...ROLE OF SOCIAL ENTREPRENEURSHIP IN RURAL DEVELOPMENT OF INDIA - PROBLEMS AND ...
ROLE OF SOCIAL ENTREPRENEURSHIP IN RURAL DEVELOPMENT OF INDIA - PROBLEMS AND ...
IAEME Publication
 
OPTIMAL RECONFIGURATION OF POWER DISTRIBUTION RADIAL NETWORK USING HYBRID MET...
OPTIMAL RECONFIGURATION OF POWER DISTRIBUTION RADIAL NETWORK USING HYBRID MET...OPTIMAL RECONFIGURATION OF POWER DISTRIBUTION RADIAL NETWORK USING HYBRID MET...
OPTIMAL RECONFIGURATION OF POWER DISTRIBUTION RADIAL NETWORK USING HYBRID MET...
IAEME Publication
 
APPLICATION OF FRUGAL APPROACH FOR PRODUCTIVITY IMPROVEMENT - A CASE STUDY OF...
APPLICATION OF FRUGAL APPROACH FOR PRODUCTIVITY IMPROVEMENT - A CASE STUDY OF...APPLICATION OF FRUGAL APPROACH FOR PRODUCTIVITY IMPROVEMENT - A CASE STUDY OF...
APPLICATION OF FRUGAL APPROACH FOR PRODUCTIVITY IMPROVEMENT - A CASE STUDY OF...
IAEME Publication
 
A MULTIPLE – CHANNEL QUEUING MODELS ON FUZZY ENVIRONMENT
A MULTIPLE – CHANNEL QUEUING MODELS ON FUZZY ENVIRONMENTA MULTIPLE – CHANNEL QUEUING MODELS ON FUZZY ENVIRONMENT
A MULTIPLE – CHANNEL QUEUING MODELS ON FUZZY ENVIRONMENT
IAEME Publication
 
IAEME_Publication_Call_for_Paper_September_2022.pdf
IAEME_Publication_Call_for_Paper_September_2022.pdfIAEME_Publication_Call_for_Paper_September_2022.pdf
IAEME_Publication_Call_for_Paper_September_2022.pdf
IAEME Publication
 
MODELING AND ANALYSIS OF SURFACE ROUGHNESS AND WHITE LATER THICKNESS IN WIRE-...
MODELING AND ANALYSIS OF SURFACE ROUGHNESS AND WHITE LATER THICKNESS IN WIRE-...MODELING AND ANALYSIS OF SURFACE ROUGHNESS AND WHITE LATER THICKNESS IN WIRE-...
MODELING AND ANALYSIS OF SURFACE ROUGHNESS AND WHITE LATER THICKNESS IN WIRE-...
IAEME Publication
 
A STUDY ON THE REASONS FOR TRANSGENDER TO BECOME ENTREPRENEURS
A STUDY ON THE REASONS FOR TRANSGENDER TO BECOME ENTREPRENEURSA STUDY ON THE REASONS FOR TRANSGENDER TO BECOME ENTREPRENEURS
A STUDY ON THE REASONS FOR TRANSGENDER TO BECOME ENTREPRENEURS
IAEME Publication
 
BROAD UNEXPOSED SKILLS OF TRANSGENDER ENTREPRENEURS
BROAD UNEXPOSED SKILLS OF TRANSGENDER ENTREPRENEURSBROAD UNEXPOSED SKILLS OF TRANSGENDER ENTREPRENEURS
BROAD UNEXPOSED SKILLS OF TRANSGENDER ENTREPRENEURS
IAEME Publication
 
DETERMINANTS AFFECTING THE USER'S INTENTION TO USE MOBILE BANKING APPLICATIONS
DETERMINANTS AFFECTING THE USER'S INTENTION TO USE MOBILE BANKING APPLICATIONSDETERMINANTS AFFECTING THE USER'S INTENTION TO USE MOBILE BANKING APPLICATIONS
DETERMINANTS AFFECTING THE USER'S INTENTION TO USE MOBILE BANKING APPLICATIONS
IAEME Publication
 
ANALYSE THE USER PREDILECTION ON GPAY AND PHONEPE FOR DIGITAL TRANSACTIONS
ANALYSE THE USER PREDILECTION ON GPAY AND PHONEPE FOR DIGITAL TRANSACTIONSANALYSE THE USER PREDILECTION ON GPAY AND PHONEPE FOR DIGITAL TRANSACTIONS
ANALYSE THE USER PREDILECTION ON GPAY AND PHONEPE FOR DIGITAL TRANSACTIONS
IAEME Publication
 
VOICE BASED ATM FOR VISUALLY IMPAIRED USING ARDUINO
VOICE BASED ATM FOR VISUALLY IMPAIRED USING ARDUINOVOICE BASED ATM FOR VISUALLY IMPAIRED USING ARDUINO
VOICE BASED ATM FOR VISUALLY IMPAIRED USING ARDUINO
IAEME Publication
 
IMPACT OF EMOTIONAL INTELLIGENCE ON HUMAN RESOURCE MANAGEMENT PRACTICES AMONG...
IMPACT OF EMOTIONAL INTELLIGENCE ON HUMAN RESOURCE MANAGEMENT PRACTICES AMONG...IMPACT OF EMOTIONAL INTELLIGENCE ON HUMAN RESOURCE MANAGEMENT PRACTICES AMONG...
IMPACT OF EMOTIONAL INTELLIGENCE ON HUMAN RESOURCE MANAGEMENT PRACTICES AMONG...
IAEME Publication
 
VISUALISING AGING PARENTS & THEIR CLOSE CARERS LIFE JOURNEY IN AGING ECONOMY
VISUALISING AGING PARENTS & THEIR CLOSE CARERS LIFE JOURNEY IN AGING ECONOMYVISUALISING AGING PARENTS & THEIR CLOSE CARERS LIFE JOURNEY IN AGING ECONOMY
VISUALISING AGING PARENTS & THEIR CLOSE CARERS LIFE JOURNEY IN AGING ECONOMY
IAEME Publication
 
A STUDY ON THE IMPACT OF ORGANIZATIONAL CULTURE ON THE EFFECTIVENESS OF PERFO...
A STUDY ON THE IMPACT OF ORGANIZATIONAL CULTURE ON THE EFFECTIVENESS OF PERFO...A STUDY ON THE IMPACT OF ORGANIZATIONAL CULTURE ON THE EFFECTIVENESS OF PERFO...
A STUDY ON THE IMPACT OF ORGANIZATIONAL CULTURE ON THE EFFECTIVENESS OF PERFO...
IAEME Publication
 
GANDHI ON NON-VIOLENT POLICE
GANDHI ON NON-VIOLENT POLICEGANDHI ON NON-VIOLENT POLICE
GANDHI ON NON-VIOLENT POLICE
IAEME Publication
 
A STUDY ON TALENT MANAGEMENT AND ITS IMPACT ON EMPLOYEE RETENTION IN SELECTED...
A STUDY ON TALENT MANAGEMENT AND ITS IMPACT ON EMPLOYEE RETENTION IN SELECTED...A STUDY ON TALENT MANAGEMENT AND ITS IMPACT ON EMPLOYEE RETENTION IN SELECTED...
A STUDY ON TALENT MANAGEMENT AND ITS IMPACT ON EMPLOYEE RETENTION IN SELECTED...
IAEME Publication
 
ATTRITION IN THE IT INDUSTRY DURING COVID-19 PANDEMIC: LINKING EMOTIONAL INTE...
ATTRITION IN THE IT INDUSTRY DURING COVID-19 PANDEMIC: LINKING EMOTIONAL INTE...ATTRITION IN THE IT INDUSTRY DURING COVID-19 PANDEMIC: LINKING EMOTIONAL INTE...
ATTRITION IN THE IT INDUSTRY DURING COVID-19 PANDEMIC: LINKING EMOTIONAL INTE...
IAEME Publication
 
INFLUENCE OF TALENT MANAGEMENT PRACTICES ON ORGANIZATIONAL PERFORMANCE A STUD...
INFLUENCE OF TALENT MANAGEMENT PRACTICES ON ORGANIZATIONAL PERFORMANCE A STUD...INFLUENCE OF TALENT MANAGEMENT PRACTICES ON ORGANIZATIONAL PERFORMANCE A STUD...
INFLUENCE OF TALENT MANAGEMENT PRACTICES ON ORGANIZATIONAL PERFORMANCE A STUD...
IAEME Publication
 
A STUDY OF VARIOUS TYPES OF LOANS OF SELECTED PUBLIC AND PRIVATE SECTOR BANKS...
A STUDY OF VARIOUS TYPES OF LOANS OF SELECTED PUBLIC AND PRIVATE SECTOR BANKS...A STUDY OF VARIOUS TYPES OF LOANS OF SELECTED PUBLIC AND PRIVATE SECTOR BANKS...
A STUDY OF VARIOUS TYPES OF LOANS OF SELECTED PUBLIC AND PRIVATE SECTOR BANKS...
IAEME Publication
 
EXPERIMENTAL STUDY OF MECHANICAL AND TRIBOLOGICAL RELATION OF NYLON/BaSO4 POL...
EXPERIMENTAL STUDY OF MECHANICAL AND TRIBOLOGICAL RELATION OF NYLON/BaSO4 POL...EXPERIMENTAL STUDY OF MECHANICAL AND TRIBOLOGICAL RELATION OF NYLON/BaSO4 POL...
EXPERIMENTAL STUDY OF MECHANICAL AND TRIBOLOGICAL RELATION OF NYLON/BaSO4 POL...
IAEME Publication
 
ROLE OF SOCIAL ENTREPRENEURSHIP IN RURAL DEVELOPMENT OF INDIA - PROBLEMS AND ...
ROLE OF SOCIAL ENTREPRENEURSHIP IN RURAL DEVELOPMENT OF INDIA - PROBLEMS AND ...ROLE OF SOCIAL ENTREPRENEURSHIP IN RURAL DEVELOPMENT OF INDIA - PROBLEMS AND ...
ROLE OF SOCIAL ENTREPRENEURSHIP IN RURAL DEVELOPMENT OF INDIA - PROBLEMS AND ...
IAEME Publication
 
OPTIMAL RECONFIGURATION OF POWER DISTRIBUTION RADIAL NETWORK USING HYBRID MET...
OPTIMAL RECONFIGURATION OF POWER DISTRIBUTION RADIAL NETWORK USING HYBRID MET...OPTIMAL RECONFIGURATION OF POWER DISTRIBUTION RADIAL NETWORK USING HYBRID MET...
OPTIMAL RECONFIGURATION OF POWER DISTRIBUTION RADIAL NETWORK USING HYBRID MET...
IAEME Publication
 
APPLICATION OF FRUGAL APPROACH FOR PRODUCTIVITY IMPROVEMENT - A CASE STUDY OF...
APPLICATION OF FRUGAL APPROACH FOR PRODUCTIVITY IMPROVEMENT - A CASE STUDY OF...APPLICATION OF FRUGAL APPROACH FOR PRODUCTIVITY IMPROVEMENT - A CASE STUDY OF...
APPLICATION OF FRUGAL APPROACH FOR PRODUCTIVITY IMPROVEMENT - A CASE STUDY OF...
IAEME Publication
 
A MULTIPLE – CHANNEL QUEUING MODELS ON FUZZY ENVIRONMENT
A MULTIPLE – CHANNEL QUEUING MODELS ON FUZZY ENVIRONMENTA MULTIPLE – CHANNEL QUEUING MODELS ON FUZZY ENVIRONMENT
A MULTIPLE – CHANNEL QUEUING MODELS ON FUZZY ENVIRONMENT
IAEME Publication
 

Secure hash based distributed framework for utpc based cloud authorization

  • 1. INTERNATIONAL JOURNAL OF COMPUTER ENGINEERING & International Journal of Computer Engineering and Technology (IJCET), ISSN 0976 – 6367(Print), TECHNOLOGY (IJCET) ISSN 0976 – 6375(Online) Volume 3, Issue 3, October-December (2012), © IAEME ISSN 0976 – 6367(Print) ISSN 0976 – 6375(Online) Volume 3, Issue 3, October - December (2012), pp. 54-65 IJCET © IAEME: www.iaeme.com/ijcet.asp Journal Impact Factor (2012): 3.9580 (Calculated by GISI) ©IAEME www.jifactor.com SECURE HASH BASED DISTRIBUTED FRAMEWORK FOR UTPC BASED CLOUD AUTHORIZATION C. Lalrinawma Dr. Masih Saikia Dept of Computer Sciences. HOD. Dept. of Computer Sciences Govt. Zirtiri Residential Science College Pragjyotish College Mizoram, India Guwahati, India E-Mail: [email protected] ABSTRACT The paper introduces a cloud-enabled framework for parameterized security in large-scale Smartphone based wireless sensor network. The research work also highlights some of the effective implementation of service broker included in aggregation service in sensor network. The cumulative collected throughput information is considered to be forwarded to the cloud users using conventional cloud interfaces. A cloud interface is built with newly introduced concept of Unit Transaction permission coin (UTPC) as a security token for cloud user authorization that is integrated in Android platform (v2.2). The UTPC generation process includes hash function (SHA/MD5) that is most difficult to break by any intruder. The empirical process consists of registration and authentication phase using micro-platform computation in untrusted environment considering the IMEI and IMSI of the considered trusted handheld device. The result accomplished is unique and lightweight that is easily compatible with any real time application that runs on cloud environment. Keywords-: Smartphone, Android, Cloud Computing, Cloud Security, SHA, MD5, Hash Function. I. INTRODUCTION Cloud computing [1] gets its name from the drawings usually accustomed illustrate the internet. Cloud computing may considered as a new consumption and delivery model for IT services. The idea of cloud computing represent a shift in paradigm where the end user need not 54
  • 2. International Journal of Computer Engineering and Technology (IJCET), ISSN 0976 – 6367(Print), ISSN 0976 – 6375(Online) Volume 3, Issue 3, October-December (2012), © IAEME recognize the main points of a selected technology. The service is totally managed by the supplier. Users will consume services at a rate that's set by their explicit requirements. Such on-demand services are often provided at any time. There is an critical need to ensure secure storage, managing, sharing and analyzing the huge amounts of complicated (e.g., semi-structured and unstructured) information to work out patterns and trends so as to enhance the standard of care, higher safeguard the state and explore energy. Attributable to the essential nature of the applications, it is vital that cloud platform should be secure. The main security challenge with cloud application is that the owner of the information might not have control management of wherever the information is located. This is often as a result of if one desire to take advantage of the advantages of victimization cloud computing, one should additionally utilize the resource allocation and programming provided by clouds. Therefore, if user wants to safeguard the information within the interior of untrusted processes, the security protocols within client interface should be stressed more. The rising cloud computing model tries to deal with the explosive growth of web-connected devices, and handle huge amounts of knowledge [2]. With the increased pervasiveness of sensory devices for military and civilian uses comes the demand for effective processing of the large amounts of data they collect. This demand can only be met with the low-cost computing resources offered by today’s cloud computing systems. Today’s cloud [3] can already support data-intensive computing at a low cost: for example, a large-scale computing task can be accomplished on Amazon’s Elastic Compute Cloud (EC2) [4] at an expense as low as 10 cents per CPU hour. So far little effort has been made in applying the ultra cost effective cloud platform towards analyzing and managing sensor data. Recently, we have made the first step towards building a practical sensor cloud system. Different from prior work on sensor networks, we assume that sensors communicate directly with a proxy or broker on a cloud. In our research, we consider a group of sensors organized as a hierarchical structure or some types of partitions, which communicate with their cloud proxies through wireless channels. The sensor platforms studied in our research are ones with multiple sensors that can each measure different properties of the environment. For example, we might have GPS for positioning, microphones for sound, laser-range finders for scanning surroundings, temperature indicators, wireless radios etc. We can imagine a host of different autonomous and manned devices that contain these sensors including vehicles, robots, smart-grid nodes, mobile computers, and smart phones. For each device, we have a number of different sensors that can provide different environmental readings on a near continuous basis, further these hosts all contain reasonable computational power and power supplies for continuous function. Finally, they all have reliable cellular network conductivities. We imagine that these hosts are continually collecting data from their environment, performing some level of data processing and publishing the outcomes to a cloud for further analysis or data storage. For the purposes of our studies, we examine modern Android smart phones as exemplar hosts in our work. Cloud computing exhibit five essential characteristics defined by NIST (National Institute of Standards and Technology) [5]. a) On-demand self-service. A consumer can unilaterally provision computing capabilities. b) Broad network access. Capabilities are available over the network and accessed through standard mechanisms that promote use by heterogeneous thin or thick client platforms. c) Resource pooling. The provider’s computing resources are pooled to serve multiple consumers, with different physical and virtual resources dynamically assigned and reassigned according to consumer demand. d) Rapid elasticity. Capabilities can be rapidly and elastically provisioned, in some cases automatically, to quickly scale out and rapidly released to quickly scale in. 55
  • 3. International Journal of Computer Engineering and Technology (IJCET), ISSN 0976 – 6367(Print), ISSN 0976 – 6375(Online) Volume 3, Issue 3, October-December (2012), © IAEME e) Measured service. Cloud systems automatically control and optimize resource use by leveraging a metering capability at some level of abstraction appropriate to the type of service. Cloud computing can be defined as the provision of computing services via the Internet such as [5] Applications (software-as-a-service, or SaaS), Platforms, Infrastructure (IaaS), Process orchestration and integration Figure 1 shows the proposed open secure architecture of cloud computing which is enhanced version of work done in [6]. The Open Security Architecture cloud computing pattern is an attempt to illustrate core cloud functions, the key roles for oversight and risk mitigation, collaboration across various internal organizations, and the controls that require additional emphasis. The security aspects of cloud computing is as follows: a) Infrastructure Security: The security challenges at various levels namely network level, host level and application level are not specifically caused by cloud computing instead are exacerbated by its use. The issues of infrastructure security and cloud computing can be addressed by clearly defining trust boundaries by understanding which party provides which part of security [5]. b) Data Security and Storage: Data security [10][11] is a significant task, with a lot of complexity. Methods of data protection, such as redaction, truncations, obfuscation, and others, should be viewed with great concern. Not only are there no accepted standards for these alternative methods, but also there are no programs to validate the implementations of whatever could possibly be developed. Homomorphic encryption can be used for data security encryption. But with this approach key management is a problem [5]. c) Identity and Access Management: The key critical success factor to managing identities at cloud providers is to have a robust federated identity management architecture and strategy internal to the organization. Using cloud-based “Identity as a Service” providers may be a useful tool for outsourcing some identity management capabilities and facilitating federated identity management with cloud providers [7]. d) Security Management: From a security management perspective, a key issue is the lack of enterprise-grade access management features. The scope of security management of cloud services will vary with the service delivery model, provider capabilities, and maturity. Customers will have to make trade-offs with respect to the flexibility and control offered by the SPI services. The more flexible the service, the more control you can exercise on the service, and with that come additional security management responsibilities. In a virtualized environment where infrastructure is shared across multiple tenants, your data is commingled with that of other customers at every phase of the life cycle—during transit, processing, and storage. Hence, it is important to understand the location of the service, service-level guarantees such as inter-node communication, and storage access (read and write) latency [5]. e) Privacy: Privacy is an important issue for cloud computing, both in terms of legal compliance and user trust and this need to be considered at every phase of design. The key challenge for software engineers to design cloud services in such a way as to decrease privacy risk and to ensure legal compliance. The following tips are recommended for cloud system designers, architects, developers and Testers [8]. a. Minimize personal information sent to and stored in the cloud. b. Protect personal information in the cloud. c. Maximize user control. 56
  • 4. International Journal of Computer Engineering and Technology (IJCET), ISSN 0976 – 6367(Print), ISSN 0976 – 6375(Online) Volume 3, Issue 3, October-December (2012), © IAEME d. Allow user choice. e. Specify and limit the purpose of data usage. f. Provide feedback. f) Audit and Compliance: A programmatic approach to monitoring and compliance will help prepare CSPs (Cloud Service Provider) and their users to address emerging requirements and the evolution of cloud business models. To drive efficiency, risk management, and compliance, CSPs need to implement a strong internal control monitoring function coupled with a robust external audit process. To gain comfort over their in-cloud activities, CSP users need to define their control requirements, understand their CSP’s internal control monitoring processes, analyze relevant external audit reports, and properly execute their responsibilities as CSP users [5]. g) Security-as-a-Service: Security-as-a-service is likely to see significant future growth for two reasons. First, a continuing shift in information security work from in-house to outsourced will continue. Second, several other information security needs are present for organizations currently, but they will accelerate in need and complexity with the growing adoption of cloud computing. The two proactive controls are important to the growth of cloud computing: identity management that is inter-cloud and scalable to the cloud size, and (encryption) key management. The two reactive controls are needed for audit and compliance purposes as well: scalable and effective SIEM, and data leakage prevention (DLP). Providing solutions to each of these controls will be difficult and requires significant complexity that must be hugely scalable and yet easy to use [5]. II.PROBLEM DESCRIPTION While cost and ease of use are two great benefits of cloud computing, there are significant security concerns that need to be addressed when considering moving critical applications and sensitive data to public and shared cloud environments. To address these concerns, the cloud provider must develop sufficient controls to provide the same or a greater level of security than the organization would have if the cloud were not used. Listed here are ten items to review when considering cloud computing. As more companies move to cloud computing, look for hackers to follow. Some of the potential attack vectors criminals may attempt include: • Denial of Service (DoS) attacks - Some security professionals have argued that the cloud is more vulnerable to DoS attacks, because it is shared by many users, which makes DoS attacks much more damaging. Twitter suffered a devastating DoS attack during 2009. • Side Channel attacks – An attacker could attempt to compromise the cloud by placing a malicious virtual machine in close proximity to a target cloud server and then launching a side channel attack. • Authentication attacks – Authentication is a weak point in hosted and virtual services and is frequently targeted. There are many different ways to authenticate users; for example, based on what a person knows, has, or is. The mechanisms used to secure the authentication process and the methods used are a frequent target of attackers. • Man-in-the-middle cryptographic attacks – This attack is carried out when an attacker places himself between two users. Anytime attackers can place themselves in the communication’s path, there is the possibility that they can intercept and modify communications. 57
  • 5. International Journal of Computer Engineering and Technology (IJCET), ISSN 0976 – 6367(Print), ISSN 0976 – 6375(Online) Volume 3, Issue 3, October-December (2012), © IAEME In prior research work, we summarize the security and privacy challenges we face when building a trustworthy sensor-cloud system, which come from the following perspectives: • The environment in which sensors work can be compromised by the adversary. For example, the adversary can artificially reduce or raise temperatures to cause the sensors to collect improper data. • Individual sensors can be vulnerable to attacks. This can happen when the adversary has physical access to the sensors, or remote access through propagating malware. • Information flows within the cloud can be intercepted and stolen or modified by compromised cloud nodes. • The cloud client can be infected by malicious code implanted by an adversary, which can lead to further security breaches within a sensor-cloud system. • The communication channels between the sensors and the cloud and between the client and the cloud are vulnerable to different types of attacks. Even when the data transferred over the channels is fully encrypted: side-channel information leaks constitute creditable threats. The prior research pinpoints a subset of issues within the problem space that need immediately attention. Specifically, we investigated I) techniques for detecting anomalous use of sensors, particularly, when the adversary gains unauthorized physical access to smart phones; ii) we demonstrated that intelligent Smartphone-based malware can be built to “understand” the context of a phone conversation and extract a small amount of high-value information from the context (Given the small quantity of such sensitive information, the malware can deliver it to its master through covert channels, even without direct network access); and iii) prior research shows that even in the presence of Wi-Fi encryption and HTTPS protection, the traffic features of the communication between sensors and the cloud, and between the cloud and its clients can easily be analyzed to infer highly-sensitive user data. III. PROPOSED SYSTEM The proposed system identifies recent progress and follow-up on previously discussed research plans on these fronts, including detection of anomalous use of sensors, and defenses against Smartphone malware and side-channel leaks. 58
  • 6. International Journal of Computer Engineering and Technology (IJCET), ISSN 0976 – 6367(Print), ISSN 0976 – 6375(Online) Volume 3, Issue 3, October-December (2012), © IAEME Cloud User Access User_ID, Pswd User Unlock Access Authentication UTPC Generated on Stud’s Mobile Matches with the Android Handset Server’s generated Password UTPC Generation Process Password generated SHA Hash Function and entered by the MD5 Hash Function Stud using IMEI, IMSI and using the result of Registration time of SHA function Mobile Phone Generated Challenge Final UTPC for Hash function entered by Send to Stud User UTPC generated by Server Sent to Server and match with UTPC entered by the Stud Figure 1 Proposed Schema The main aim of the project work is to develop an Architectural Model for multi-factor authentication system for secure sensor cloud application, where we will produce unit instance authorization token in the forward direction. The core idea is to produce multiple Unit Transaction Permission Coin (UTPC) from an initial seed in a parallel process with the service provider itself, e.g., an online bank, by utilizing two different types of hash functions, which come with a nested chain using Brokering network. The resulting chain provides forwardness and infiniteness and it should run on multiple systems of wired or wireless network. The base paper “Towards Secure Cloud Bursting, Brokerage and Aggregation” drafted by Srijith K. Nair, Sakshi Porwal, Theo Dimitrakos, Ana Juan Ferrer, Johan Tordsson, Tabassum Sharif, Craig Sheridan, Muttukrishnan Rajarajan, and Afnan Ullah Khan. The respective author proposed the concept of cloud bursting and cloud brokerage and elaborates the open management and security issues connected with the two models. The work also introduces a feasible model that is capable of enhancing the brokerage based cloud services. But unfortunately, security concerns written in the paper is not enough to mitigate core attacks like side-channel leak or DoS attack. Moreover, the paper is more theoretical in nature without any core information of implementation modules or algorithms or any research methodology nor any performance analysis results or implementation. Some other past research work has also seen the discussion related to the requirements for securing communication using in Smartphone towards cloud computing. Therefore, the current paper has considered the sensors to be modern Smartphone. Therefore, the proposed project work will be towards implementing the core concept written in the above mentioned base paper with our contribution in designing a secure real-time application on Android based smart phone using brokering network. Our proposed system is mainly classified into two modules: A. Registration Phase: The cloud user gets the two different hash functions, and an initial seed, established on his mobile phone. To ensure that the information is completely shared with the service provider, the seed is 59
  • 7. International Journal of Computer Engineering and Technology (IJCET), ISSN 0976 – 6367(Print), ISSN 0976 – 6375(Online) Volume 3, Issue 3, October-December (2012), © IAEME produced by the shared and unique parameters of the host and user, e.g., the International Mobile Equipment Identity (IMEI), International Mobile Subscriber Identity (IMSI), and registration date. B. Authentication Phase: The steps of the login and authentication process between the user and service provider are as follows. The user logs in to the service provider’s website, e.g., an online bank, requesting access. As a response to this access request, a secure session is established, i.e., an SSL session, allowing the user to enter his authentication privileges, i.e., user name and password, the first factor of authentication, what the user knows. Also the user provides the server with his unit instance authorization token current status. The current status allows the server to synchronize his seed with the client’s current seed to get the same seed value on both sides before sending a challenge. The server randomly challenges the user with new indexes. The user enters those indexes, in his Unit Transaction Permission Coin (UTPC)) generator to get the corresponding UTPC. The user responds with this corresponding UTPC. The server compares the received UTPC with the calculated one. According to the server check, done in the previous step, the server will transfer an authorization execution or a communication termination. Through the registration process, the user gets two different hash functions, which could be SHA- 1, and hB(.), which could be MD5 [11], along with an initial seed, “Sint” as the concatenation of the IMEI, IMSI, and registration time, which could be “1234567891234561234567891234507012010200259” Assuming IMEI is “123456789123456,” IMSI is “12345678912345,” and the registration time is “7/1/2010 20:02:59.” After logging into the service provider’s website using a different and static username and password, the first factor of authentication, the server asks the user for the UTPC’s current status. If the user has generated numerous UTPCs without using them, he might have reached an UTPC status of, for example, “17.” The user will submit his current status to the server to allow the server to calculate the current seed Scrt=hA17(Sint)= 1220848648030773785924867285680707842195071405780, that means that the server has calculated seventeen cascaded hashes of its initial seed “Sint” using the SHA-1 algorithm, to be synchronized with the client. After that the server sends a random challenge value of new indexes, e.g., x, y = 3, 4, which means the user has to calculate his session UTPC using this formula: UTPC=hB4(hA3(Scrt))= 68606061177919188523363813602016333158. The server has to calculate the same value in a parallel process, and as soon as the client responds, the server will match the two values to give either a yes or no. C. Micro Platform Computation Phase: The android enabled phones may be in the control of trusted (or semi-trusted) individuals, or be located in some potentially untrusted environment. Certain reasons for using Samsung Android (v2.2) are: • Improved Security: With the addition of numeric pin or alpha-numeric password options to unlock device. Exchange administrators can enforce password policy across devices. • Remote Wipe: Exchange administrators can remotely reset the device to factory defaults to secure data in case device is lost or stolen. 60
  • 8. International Journal of Computer Engineering and Technology (IJCET), ISSN 0976 – 6367(Print), ISSN 0976 – 6375(Online) Volume 3, Issue 3, October-December (2012), © IAEME • Java Compatibility: Performance of the browser has been enhanced using the V8 engine, which enables faster loading of JavaScript-heavy pages. • Kernel Memory Management Boost: Improved memory reclaim by up to 20x, which results in faster app switching and smoother performance on memory-constrained devices Further, they have a reasonable processing capability on modern low-power processors, such as an ARM architecture processor running at 500–800MHZ. It is assumed that the phones have standard sensors including, eGPS, 802.11x, Bluetooth v2 (Class 1, 2 or 3), temperature, orientation, acceleration, audio microphone, and camera (stills or video). In particular, our project focuses on the use of Samsung Android (v2.2) development phones, due to the ease of programming and their ability to multi-task. The communication between the sensors and the computing infrastructure is mediated by a brokering network that uses a publish / subscribe model. IV. FRAMEWORK IMPLEMENTATION The computing environments of a sensor grid are fraught with different kinds of threats, which endanger the security and privacy assurance the system can provide. Mitigation of these threats relies on establishing trust on individual system layers through proper security control. In this section, we survey the security and privacy risks on each layer of senor-grid computing and the technical challenges for controlling them. A sensor grid interacts with its operating environment through a set of sensors. Those sensors work either autonomously or collaboratively to gather data and dispatch them to the grid. Within the grid, a brokering system filters and routes the data to their subscribers, the clients of the sensor grid. We now describe the security and privacy issues on each layer of such an operation. This includes the environment the sensors are working in; the sensors; the grid; the clients; and the communications between the sensor and grid, and the grid and clients. The proposed system is designed on Windows 32-bit OS with 1.84 GHz processor with broadband connectivity of 100 Mpbs. The programming is done on MyEclipse IDE. The experiment for the proposed system is done on real time Samsung Galaxy Smartphone with Android 2.2. Hence Android Development Tools (ADT) is used as it is a plug-in for the MyEclipse IDE that is designed to give a powerful, integrated environment in which to build Android applications. ADT extends the capabilities of Eclipse to let you quickly set up new Android projects, create an application UI, add packages based on the Android Framework API, debug your applications using the Android SDK tools, and even export signed (or unsigned) .apk files in order to distribute your application. The Android software development kit (SDK) includes a comprehensive set of development tools. These include a debugger, libraries, a handset emulator based on QEMU, documentation, sample code, and tutorials. Currently supported development platforms include computers running Linux, Mac OS X 10.5.8 or later, Windows XP or later. The proposed system will be experimented with active wireless connectivity between the system and Android enable device. 61
  • 9. International Journal of Computer Engineering and Technology (IJCET), ISSN 0976 – 6367(Print), ISSN 0976 – 6375(Online) Volume 3, Issue 3, October-December (2012), © IAEME Figure 2 Broker Login Options Figure 3 Generation of the UTPC, IMEI No, IMSI No and Registration time stamp The above figure 3 highlights the initial authentication login for student. Initially the student has to sign up a new account where they have to furnish all the details as shown in Figure 4. Figure 4: Sign-up Information feeding. 62
  • 10. International Journal of Computer Engineering and Technology (IJCET), ISSN 0976 – 6367(Print), ISSN 0976 – 6375(Online) Volume 3, Issue 3, October-December (2012), © IAEME After the successful sign-up, the student can log in to their privilege account using the similar user ID and password, which was successfully fed at the time of sign up process. Figure 5: Captacha Authentication. Once the student logs and their initial user ID and password are accepted, then they will be prompted to feed the random digital information displayed by Captacha application as shown in Figure 5. Now, after the successful sign up, the student can now perform initial login authentication for which they will be asked to feed UTPC and Current status, both of which is generated at the Mobile interface as shown in Figure 6 and 7. Figure 6: UTPC & Current Status generation in Android Interface Figure 7 Feeding UTPC and Current Status from Android Interface to Client interface. 63
  • 11. International Journal of Computer Engineering and Technology (IJCET), ISSN 0976 – 6367(Print), ISSN 0976 – 6375(Online) Volume 3, Issue 3, October-December (2012), © IAEME Once the UTPC and current status is authenticated, the new index will be generated automatically in web interface as shown in Figure 8. Figure 8 Generation of new Index The generated new index value will be then fed to the Android mobile interface. Once the new index value is authenticated in the mobile interface, the next sequence, it will generate a new UTPC, in same mobile interface as shown in Figure 9. The student needs to take the newly generated UTPC and feed in to their web-interface for final authentication as shown in Figure 10. Figure 9: Generation of UTPC in Android Interface. Figure 10 Feeding newly generated UTPC in Client Interface. Cloud computing facilitates storage of data at a remote site to maximize resource utilization. As a result, it is critical that this data be protected and only given to authorized individuals. This essentially amounts to secure third party publication of data that is necessary for data outsourcing, as well as external publications. Since data in the cloud will be placed anywhere, it is important that the data is encrypted. We are using secure co-processor as part of the cloud infrastructure to enable efficient encrypted storage of sensitive data. 64
  • 12. International Journal of Computer Engineering and Technology (IJCET), ISSN 0976 – 6367(Print), ISSN 0976 – 6375(Online) Volume 3, Issue 3, October-December (2012), © IAEME V. CONCLUSION The current paper has outlined the research on secure sensor networks in the context of a high- level cloud based brokering architecture and highlighted various research challenges going forward. The analysis for security challenges are illustrated related to assessing the trustiness of the sensing elements supported environmental sensor knowledge, police investigation and defensive against “sensory malware” on such sensors, and mitigating aspect channel leaks once sensing element devices communicate with the cloud. The work attempts to believe these elements of the general cloud based mostly sensing element specific area unit the smallest amount trustworthy since they're out of the management of the cloud “back end.” Thus, addressing these challenges can facilitate defend the integrity of the sensing platforms, the privacy of users UN agency carry mobile sensors, yet because the delivery of sensing element knowledge to the cloud. the long run work of the Cloud computing can improve organization’s performance by utilizing minimum resources and management support, with a shared network, valuable resources , bandwidth, software’s and hardware’s in a very value effective manner and restricted service supplier dealings. the long run sweetening of the this application, we tend to explore the “middle ground”, wherever users will still share physical hardware resource, however user networks area unit isolated and accesses area unit controlled within the method the same as that in enterprise networks REFERENCES [1] http://www.ibm.com/cloud-computing/us/en/. Accessed on 27th Aug, 2012 [2] Michael Gregg, Security Concerns for Cloud Computing, Global Knowledge Training LLC, 2012 [3] Wang, L., Laszewski,V., Gregor, Kunze, Marcel, Tao, Jie. Cloud computing: A Perspective study, Proceedings of the Grid Computing Environments (GCE) workshop. Held at the Austin Civic Center: Austin, Texas: 16 November 2008. [4] Michael, A, Fox,A., Rean Griffith, Anthony D. Joseph, Randy Katz, Andy Konwinski, Gunho Lee, David Patterson, Ariel Rabkin, Ion Stoica, Matei Zaharia. A view of cloud computing. Communications of the ACM , Volume 53 Issue 4, pages 50-58. April 2010. [5] The NIST Definition of Cloud Computing, version 15, by Peter Mell and Tim Grance, October 7, 2009, National Institute of Standards and Technology (NIST), Information Technology Laboratory (www.csrc.nist.gov) [6] Tim Mather, Subra Kumaraswamy, Shahed Latif Cloud Security and Privacy : An Enterprise perspective of Risks and Compliance, O'Reilly Media, Inc., 2009 [7] Open Security Architecture http://www.opensecurityarchitecture.org/ [8] Discovering Identity: Cloud Computing: Identity and Access Management DOI =http://blogs.sun.com/identity/entry/cloud_computing_identity_and_access [9] Siani Pearson. Taking Account of Privacy when Designing Cloud Computing Services. CLOUD '09: Proceedings of the 2009 ICSE Workshop on Software Engineering Challenges of Cloud Computing, pages 44-52. May 2009 [10] Security Guidance for Critical Areas of Focus in Cloud Computing, April 2009. DOI =http://www.cloudsecurityalliance.org/topthreats/csathreats.v1.0.pdf [11] Weichao Wang, Zhiwei Li, Rodney Owens, Bharat Bhargava. Secure and Efficient Access to Outsourced Data. CCSW '09: Proceedings of the 2009 ACM workshop on Cloud computing security, pages 55-65. November 2009 65