| Peer-Reviewed

Security of Cloud Virtualized Resource on a SaaS Encryption Solution

Received: 22 February 2018     Accepted: 9 March 2018     Published: 3 April 2018
Views:       Downloads:
Abstract

Protection of user data against data breaches in cloud applications and the potential security failures of the service providers coupled with heightened cloud user apprehension, have in no small degree defied measures taken to demystify cloud services as to unveil its enormous capacity and awesome benefits such as accessibility, availability, collaboration, to name a few. The security of the cloud infrastructure entails protecting cloud data from unauthorized access, preventing malicious programs from corrupting the virtual resource and ensuring the secure cloud data remains unintelligible to any unauthorized access or intrusion by malicious users. This paper is aimed at building a cryptographically secure cloud application environment. Its major objective is to design and implement an encryption system for protecting valuable data (such as passwords, messages, files) in the cloud environment. The design and implementation extended some basic security and privacy requirements including data confidentiality, integrity, and availability by considering fairness as a viable factor. This paper employed the Structured Systems Analysis and Design Methodology (SSADM) in the software development life. It evolves a novel cryptographically-secure cloud algorithm based on a proposed “Deciv Algorithm” tagged “D65- Enc” algorithm that would effectively hide meaningful user data from all external parties to a virtual network as well as the service provider by putting control in the hands of users. The algorithm is carefully crafted to frustrate any cryptanalyst, hacker or cybercriminal who would try to decipher the algorithm. This implementation is expected to assist cloud users in maintaining control over their data whether at rest or in transit within the cloud networks rather than outsource control to external vendors as usual. Moreover, this algorithm also improves the existing state of data privacy, and security in the cloud.

Published in Science Journal of Energy Engineering (Volume 6, Issue 1)
DOI 10.11648/j.sjee.20180601.12
Page(s) 8-17
Creative Commons

This is an Open Access article, distributed under the terms of the Creative Commons Attribution 4.0 International License (http://creativecommons.org/licenses/by/4.0/), which permits unrestricted use, distribution and reproduction in any medium or format, provided the original work is properly cited.

Copyright

Copyright © The Author(s), 2018. Published by Science Publishing Group

Keywords

Cloud Computing, Cloud Security, Encryption, Algorithms

References
[1] Sample, C. (2012) “IaaS security puts spotlight on hypervisor security, tenant Management” [Online]. Available from http://searchcloudsecurity.techtarget.com/tip/IaaS-security-puts-spotlight-on-hypervisor-security-tenant-management [Accessed: August 16, 2012]
[2] Nolle, T. (2012) “Pros and cons of a non-VM-based IaaS model” [Online]. Available from http://searchcloudcomputing.techtarget.com/tip/Pros-and-cons-of-a-non-VM-based-IaaS-model [Accessed: 23 February, 2018]
[3] Reilly, D.; Wren, C. & Berry, T. (2011) “Cloud Computing: Pros and Cons for Computer Forensic Investigations”, International Journal Multimedia and Image Processing Vol. 1, Issue 1
[4] Siddiqui, M. (2011). Cloud Computing Security: [Online] Final paper submitted spring 2011. Available from: http://blogs.techconception.com/manny/content/binary/Manny%20Siddiqui%20-%20Cloud%20Computing%20Security.pdf [Accessed: 20 May 2011]
[5] Warr (2009). Cloud computing. Available from http://www.qsarworld.com/files/Cloud-computing.pdf [Accessed: 14 August 2012]
[6] Samson, T. (2013) “9 top threats to cloud computing security. Conference processing by Cloud Security Alliance”[Online]. Available from http://www.infoworld.com/t/cloud-security/9-top-threats-cloud-computing-security-213428?page=0,0 [Accessed: 05/06/2014]
[7] IBM Research (2011) “Protocols for Secure Cloud Computing: Christian Cachin, Zurich” [Online]. Available from http://www.zurich.ibm.com/~cca/talks/metis2011.pdf [Accessed: 21 May 2013]
[8] Frye, S. (2013) “Crypton for developers: Toward cryptographically- secure cloud apps”[Online]. Available at: http://www.techrepublic.com/blog/linux-and-open-source/crypton-for-developers-toward-cryptographically-secure-cloud-apps/ [Accessed: 27/05/2014]
[9] Violino, B(2018) “The dirty dozen: 12 top cloud security threats for 2018”[online]. Available at: https://www.csoonline.com/article/3043030/security/12-top-cloud-security-threats-for-2018.html. [Accessed 7 March 2018]
[10] Hellman, M. E. (1980) “A cryptanalytic time-memory trade-off. Information Theory”, IEEE Transactions, Vol. 26, Issue: 4
[11] AL Beshri, A. M. (2013) Outsourcing data storage without outsourcing trust in cloud Computing, A Thesis submitted in partial fulfilment of the Requirements of Queensland University of Technology for the Degree of Doctor of Philosophy. Available from http://eprints.qut.edu.au/61738/ [Accessed: June 05, 2017]
[12] Paar, C.; Pelzl, J. & Preneel, B. (2010) Understanding Cryptography: A Textbook for Students and Practitioners, Springer
[13] Graham, R. D. (2011). "Password cracking, mining, and GPUs"[Online]. Available from http://www.erratasec.com [Accessed: 17 August 2011]
[14] Ristic (2010) “Internet SSL Survey 2010 Black Hat USA” [Online]. Available from https://media.blackhat.com/bh-us-10/presentations/Ristic/BlackHat-USA-2010-Ristic-Qualys-SSL-Survey-HTTP-Rating-Guide-slides.pdf [Accessed: August 02, 2014]
[15] Chinedu, P. U. (2015) Modelling a Secured Cloud-based Framework for ICT intensive Virtual Organization. A Thesis submitted in partial fulfilment of the Requirement of Federal University of Technology, Owerri for the Degree of Doctor of Philosophy. (Unpublished)
[16] Cloud Standards Customer Council(2017) “Security for Cloud Computing: Ten Steps to Ensure Success”[online]. Available at: http://www.cloud-council.org/deliverables/CSCC-Security-for-Cloud-Computing-10-Steps-to-Ensure-Success.pdf. [Accessed 7 March 2018]
Cite This Article
  • APA Style

    Chinedu Paschal Uchenna, Nwankwo Wilson. (2018). Security of Cloud Virtualized Resource on a SaaS Encryption Solution. Science Journal of Energy Engineering, 6(1), 8-17. https://doi.org/10.11648/j.sjee.20180601.12

    Copy | Download

    ACS Style

    Chinedu Paschal Uchenna; Nwankwo Wilson. Security of Cloud Virtualized Resource on a SaaS Encryption Solution. Sci. J. Energy Eng. 2018, 6(1), 8-17. doi: 10.11648/j.sjee.20180601.12

    Copy | Download

    AMA Style

    Chinedu Paschal Uchenna, Nwankwo Wilson. Security of Cloud Virtualized Resource on a SaaS Encryption Solution. Sci J Energy Eng. 2018;6(1):8-17. doi: 10.11648/j.sjee.20180601.12

    Copy | Download

  • @article{10.11648/j.sjee.20180601.12,
      author = {Chinedu Paschal Uchenna and Nwankwo Wilson},
      title = {Security of Cloud Virtualized Resource on a SaaS Encryption Solution},
      journal = {Science Journal of Energy Engineering},
      volume = {6},
      number = {1},
      pages = {8-17},
      doi = {10.11648/j.sjee.20180601.12},
      url = {https://doi.org/10.11648/j.sjee.20180601.12},
      eprint = {https://article.sciencepublishinggroup.com/pdf/10.11648.j.sjee.20180601.12},
      abstract = {Protection of user data against data breaches in cloud applications and the potential security failures of the service providers coupled with heightened cloud user apprehension, have in no small degree defied measures taken to demystify cloud services as to unveil its enormous capacity and awesome benefits such as accessibility, availability, collaboration, to name a few. The security of the cloud infrastructure entails protecting cloud data from unauthorized access, preventing malicious programs from corrupting the virtual resource and ensuring the secure cloud data remains unintelligible to any unauthorized access or intrusion by malicious users. This paper is aimed at building a cryptographically secure cloud application environment. Its major objective is to design and implement an encryption system for protecting valuable data (such as passwords, messages, files) in the cloud environment. The design and implementation extended some basic security and privacy requirements including data confidentiality, integrity, and availability by considering fairness as a viable factor. This paper employed the Structured Systems Analysis and Design Methodology (SSADM) in the software development life. It evolves a novel cryptographically-secure cloud algorithm based on a proposed “Deciv Algorithm” tagged “D65- Enc” algorithm that would effectively hide meaningful user data from all external parties to a virtual network as well as the service provider by putting control in the hands of users. The algorithm is carefully crafted to frustrate any cryptanalyst, hacker or cybercriminal who would try to decipher the algorithm. This implementation is expected to assist cloud users in maintaining control over their data whether at rest or in transit within the cloud networks rather than outsource control to external vendors as usual. Moreover, this algorithm also improves the existing state of data privacy, and security in the cloud.},
     year = {2018}
    }
    

    Copy | Download

  • TY  - JOUR
    T1  - Security of Cloud Virtualized Resource on a SaaS Encryption Solution
    AU  - Chinedu Paschal Uchenna
    AU  - Nwankwo Wilson
    Y1  - 2018/04/03
    PY  - 2018
    N1  - https://doi.org/10.11648/j.sjee.20180601.12
    DO  - 10.11648/j.sjee.20180601.12
    T2  - Science Journal of Energy Engineering
    JF  - Science Journal of Energy Engineering
    JO  - Science Journal of Energy Engineering
    SP  - 8
    EP  - 17
    PB  - Science Publishing Group
    SN  - 2376-8126
    UR  - https://doi.org/10.11648/j.sjee.20180601.12
    AB  - Protection of user data against data breaches in cloud applications and the potential security failures of the service providers coupled with heightened cloud user apprehension, have in no small degree defied measures taken to demystify cloud services as to unveil its enormous capacity and awesome benefits such as accessibility, availability, collaboration, to name a few. The security of the cloud infrastructure entails protecting cloud data from unauthorized access, preventing malicious programs from corrupting the virtual resource and ensuring the secure cloud data remains unintelligible to any unauthorized access or intrusion by malicious users. This paper is aimed at building a cryptographically secure cloud application environment. Its major objective is to design and implement an encryption system for protecting valuable data (such as passwords, messages, files) in the cloud environment. The design and implementation extended some basic security and privacy requirements including data confidentiality, integrity, and availability by considering fairness as a viable factor. This paper employed the Structured Systems Analysis and Design Methodology (SSADM) in the software development life. It evolves a novel cryptographically-secure cloud algorithm based on a proposed “Deciv Algorithm” tagged “D65- Enc” algorithm that would effectively hide meaningful user data from all external parties to a virtual network as well as the service provider by putting control in the hands of users. The algorithm is carefully crafted to frustrate any cryptanalyst, hacker or cybercriminal who would try to decipher the algorithm. This implementation is expected to assist cloud users in maintaining control over their data whether at rest or in transit within the cloud networks rather than outsource control to external vendors as usual. Moreover, this algorithm also improves the existing state of data privacy, and security in the cloud.
    VL  - 6
    IS  - 1
    ER  - 

    Copy | Download

Author Information
  • Department of Computer Science, Wellspring University, Benin City, Nigeria

  • Department of Computer Science, Wellspring University, Benin City, Nigeria

  • Sections