Abstract
Cloud computing is a very huge entity, as a technology, in recent era, evolving at a very rapid pace. There is a wide progress from mainframe computers toward the client/server infrastructures, including cloud computing deployment models with rudiments from autonomic computing, grid computing, and utility computing. This transition has brought tremendous effects on areas of information security and communications. These effects are majorly viewed positively, but there are some critical issues to be concerned. Due to this major transition toward cloud, various risks and challenges, identified and unidentified, have been discovered weakening the traditional security approaches. For this reason, that paper is aimed twofold: First to evaluate the requirements for cloud security and second is to propose a viable solution which would eradicate major potential threats. The model introduced in this paper will help to demolish network-related threats that arise due to trusted third party. The proposed solution will also enhance cryptography with Public-Key Infrastructure and helps in mitigating security threats. The solution presents a broad way of trusting services that realizes any security threats.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Murugesan S (2011) Cloud computing gives emerging markets a lift. IT Pro, IEEE, pp 60–62
National Institute of Standards and Technology (2008) Guide for mapping types of information and information systems to security categories. NIST 800-60
Hashizume K et al (2013) An analysis of security issues for cloud computing. J Internet Serv Appl 4(1):1–13
Zhu W, Luo C, Wang J, Li S (2011) Multimedia cloud computing. IEEE Signal Process Mag 59–69
Rimal BP, Choi E, Lumb I (2009) A taxanomy and survey of cloud computing. In: 2009 fifth international joint conference on INC, IMS and IDC, IEEE, pp 44–51
Tangwongsan S, Itthisombat V (2014) A highly effective security model for privacy preserving on cloud storage. Cloud Comput Intell Syst (CCIS). In: IEEE 3rd international conference
Somani U, Lakhani K, Mundra M (2010) Implementing digital signature with RSA encryption algorithms to enhance the data security of cloud in cloud computing. IEEE
Rafique S et al (2015) Web application security vulnerabilities detection approaches: a systematic mapping study. In: 16th IEEE/ACIS international conference on software engineering, artificial intelligence, networking and parallel/distributed computing (SNPD). IEEE
Fernandes DAB et al (2014) Security issues in cloud environments: a survey. Int J Inf Secur 13(2):113–170
GroBauer B, Walloschek T, Stocker E (2011) Understanding cloud computing vulnerabilities. IEEE, pp 50–57
Schneiderman R (2011) For cloud computing, the sky is the limit. IEEE Signal Process Mag 15–17
Heier H, Borgman HP, Bahli B (2012) Cloudrise: opportunities and challenges for IT governance at the dawn of cloud computing. In: 45th Hawaii international conference on system science (HICSS). IEEE
Gartner (2008) Assessing the security risks of cloud computing. Gartner
Parekh DH, Sridaran R (2013) An analysis of security challenges in cloud computing. In: IJACSA
Cloud Security Alliance (2010) Top threats to cloud computing, Cloud Security Alliance
Harauz J, Kaufman LM, Potter B (2009) Data security in the world of cloud computing, IEEE, pp 61–64
Aazam M et al (2014) Cloud of things: integrating internet of things and cloud computing and the issues involved. 2014 11th international Bhurban conference on applied sciences and technology (IBCAST)
Yu S, Wang C, Ren K, Lou W (2010) Achieving secure, scalable, and fine-grained data access control in cloud computing
Yu S, Ren K, Lou W, Li J (2009) Defending against key abuse attacks in kp-abe enabled broadcast systems, In: Proceedings of SECURECOMM’09
Wang C et al (2010) Privacy-preserving public auditing for data storage security in cloud computing. In: Proceedings of INFOCOM. IEEE
Wang Q et al (2009) Enabling public verifiability and data dynamics for storage security in cloud computing. In: Computer Security—ESORICS 2009. Springer, Berlin, pp 355–370
Armbrust M et al (2010) A view of cloud computing. Commun ACM 53(4):50–58
Zhang Q, Cheng L, Boutaba R (2010) Cloud computing: state-of-the-art and research challenges. J Internet Serv Appl 1(1):7–18
Popović K (2010) Cloud computing security issues and challenges. In: MIPRO, proceedings of the 33rd international convention. IEEE
Subashini S, Kavitha V (2011) A survey on security issues in service delivery models of cloud computing. J Network Comput Appl. Elsevier, pp 1–11
Sun D et al (2011) Surveying and analyzing security, privacy and trust issues in cloud computing environments. Proc Eng 15:2852–2856
Buyya R et al (2009) Cloud computing and emerging IT platforms: vision, hype, and reality for delivering computing as the 5th utility. Fut Gener Comput Syst 25(6):599–616
Shao J, He Z (2004) High-speed implementation of 3DES encryption algorithm based on FPGA. Mod Electron Technol
National Institute of Standard and Technology (1999) Data encryption standard (DES)[EB/OL]. http://www.csrc.nist.gov/publications/fips/fips46-3/fips46-3.pdf
Sanaei Z et al Heterogeneity in mobile cloud computing: taxonomy and open challenges. Commun Surv Tutorials 16(1):369–392
Xiao Z, Xiao Y (2013) Security and privacy in cloud computing. Commun Surv Tutorials 15(2):843–859
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Parekh, D.H., Sridaran, R. (2018). Mitigating Cloud Security Threats Using Public-Key Infrastructure. In: Bokhari, M., Agrawal, N., Saini, D. (eds) Cyber Security. Advances in Intelligent Systems and Computing, vol 729. Springer, Singapore. https://doi.org/10.1007/978-981-10-8536-9_17
Download citation
DOI: https://doi.org/10.1007/978-981-10-8536-9_17
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-10-8535-2
Online ISBN: 978-981-10-8536-9
eBook Packages: EngineeringEngineering (R0)