An Enhanced Security Framework for a Cloud Application

Conference paper
Part of the Advances in Intelligent Systems and Computing book series (AISC, volume 324)


Cloud computing has gained momentum over the past few years where numerous business domains have shown a radical shift from their traditional software. Cloud apps can run weeks with minimum cost and user maintenance, which overcomes the drawback of a traditional software approach. However, cloud security is still in its infancy stage; hence, there are a numerous security issues possible. The purpose of this paper is to device a mechanism to store and retrieve data securely from cloud, overpowering as many threats as possible. The paper starts with a general introduction about cloud security and its advantages, which leads way to the major security challenges known about cloud and a framework to overcome it. We specifically concentrate on secure access of data over cloud, sharing data between multiple cloud users and the cloud data center. A simulator “Cloudsim” has been used.


Access control Cloud computing Security Cloudsim Encryption/decryption Digital signature 


  1. 1.
    M.N. Islam, M. Mia, M. Chowdhury, M.A. Matin, Effect of security increment to symmetric data encryption through AES methodology, in Ninth ACIS International Conference on Software Engineering, Artificial Intelligence, Networking, and Parallel/Distributed Computing, SNPD’08, (2008), pp. 291–294Google Scholar
  2. 2.
    B.P. Rimal, E. Choi, I. Lumb, A taxonomy and survey of cloud computing systems, in Fifth International Joint Conference on INC, IMS and IDC 2009, NCM’09, (2009), pp. 44–51Google Scholar
  3. 3.
    T. Olavsrud, D. Muse, How secure is the cloud?, IT Pros Speak Up (2009)Google Scholar
  4. 4.
    A. Kesarwani, C. Gupta, M.M. Tripathi, V. Gupta, R. Gupta, V.K. Chaurasiya, in Implementation of Chinese wall model in cloud computing for enhanced security. International Conference on Emerging Trends in Networks and Computer Communications (ETNCC), vol 22(24), (2011), pp. 411–413Google Scholar
  5. 5.
    D.L. Gazzoni Filho, P.S.L.M. Barreto. Demonstrating data possession and uncheatable data transfer. IACR Cryptology ePrint Arch. (2006), p. 150Google Scholar
  6. 6.
    Y. Fu, S. Luo, J. Shu. Survey of secure cloud storage system and key technologies. JisuanjiYanjiu Yu Fazhan/Comput. Res. Dev. 50(1), pp. 136–145 (2013)Google Scholar
  7. 7.
    R. Bhadauria, R. Chaki, N. Chaki, S. Sanyal. A survey on security issues in cloud computing. (2011)Google Scholar
  8. 8.
    Y. Chen, V. Paxson, R.H. Katz. What’s new about cloud computing security? (2010)Google Scholar
  9. 9.
    M. Kirkpatrick, IBM Unveils Blue Cloud—What Data Would You Like to Crunch? (2007)Google Scholar
  10. 10.
    M. Jensen, J. Schwenk, N. Gruschka, L.L. Iacono, On Technical Security Issues in Cloud Computing, IEEE CLOUD. pp. 109–116, 2009Google Scholar
  11. 11.
    A. Chonka, Y. Xiang, W. Zhou, A. Bonti, Cloud security defence to protect cloud computing against HTTP-DoS and XML-DoS attacks. J. Network. Comput. Appl 34(4), 1097–1107 (2011)CrossRefGoogle Scholar
  12. 12.
    M. Almorsy, J. Grundy, A.S. Ibrahim, Collaboration-based cloud computing security management framework. Cloud computing (CLOUD), IEEE International Conference. (2011), pp. 364–371Google Scholar
  13. 13.
    P. Kumar, N. Nitin, V. Sehgal, K. Shah, S.S.P. Shukla, D.S. Chauhan. A novel approach for security in cloud computing using hidden markov model and clustering. Inf. Commun. Technol (WICT). pp. 810–815 (2011) Google Scholar
  14. 14.
    R.N. Calheiros, R. Ranjan, A Beloglazov, C.A. De Rose, R. Buyya. Cloudsim: a toolkit for modeling and simulation of cloud computing environments and evaluation of resource provisioning algorithms. Softw: Pract. Exper. 41(1), pp. 23–50 (2011)Google Scholar
  15. 15.
    S. Ristov, M. Gusev, M. Kostoska, A new methodology for security evaluation in cloud computing, MIPRO, in Proceedings of the 35th International Convention. pp. 1484–1489, 2012Google Scholar
  16. 16.
    A. Chonka, Y. Xiang, W. Zhou, and A. Bonti. Cloud security defence to protect cloud computing against HTTP-DoS and XML-DoS attacks. J. Netw. Comput. Appl. 34(4), pp. 1097–1107, 2011Google Scholar
  17. 17.
    M. Firdhous, O. Ghazali, S. Hassan, A memoryless trust computing mechanism for cloud computing. NDT 1, 174–185 (2012)Google Scholar
  18. 18.
    P. Syam Kumar, R. Subramanian, D. ThamizhSelvam, Ensuring data storage security in cloud computing using Sobol Sequence. Parallel distributed and Grid Computing (PDGC), 1st International Conference. pp. 217–222, 2010Google Scholar
  19. 19.
    C. Wang, Q. Wang, K. Ren, W. Lou. Ensuring data storage security in cloud computing. IACR Cryptology ePrint Archive. (2009)Google Scholar
  20. 20.
    M. Mulazzani, S. Schrittwieser, M. Leithner, M. Huber, E. Weippl. Dark clouds on the horizon: using cloud storage as attack vector and online slack space. USENIX Security Symposium. (2011) Google Scholar
  21. 21.
    P.V. Krishna, S. Misra, D. Joshi, A. Gupta, M.S. Obaidat, Secure Socket Layer (SSL) Certificate verification using learning automata. Secur. Commun. Netw. (2013)Google Scholar

Copyright information

© Springer India 2015

Authors and Affiliations

  1. 1.VIT UniversityVelloreIndia

Personalised recommendations