Adoption of Cloud Enabling Cyber-Security Model in Organizations

Ali Zaheer Agha; Rajesh Kumar Shukla; Ratnesh Mishra; Ravi Shankar Shukla

doi:10.17485/IJST/v15i48.1592

Article

Adoption of Cloud Enabling Cyber-Security Model in Organizations

VIEWS 835
PDF 176

Indian Journal of Science and Technology

DOI: 10.17485/IJST/v15i48.1592

Year: 2022, Volume: 15, Issue: 48, Pages: 2727-2739

Original Article

Adoption of Cloud Enabling Cyber-Security Model in Organizations

Ali Zaheer Agha^1,2*, Rajesh Kumar Shukla³, Ratnesh Mishra⁴, Ravi Shankar Shukla⁵

¹Research Scholar, Invertis University, Bareilly, Uttar Pradesh, India
²Assistant Professor, Computer Science & Engineering department, Dr.Rizvi College of Engineering, Kaushambi, Uttar Pradesh, India
³Professor & Dean, Faculty of Engineering and Technology, Invertis University, Bareilly, Uttar Pradesh, India
⁴Sr. Assistant Professor, Department of Computer Science and Engineering, BIT Mesra, Patna Campus, Patna, Bihar, India
⁵Assistant Professor, Department of Computer Science, College of Computing and Informatics, Saudi Electronic University, Saudi Arabia

*Corresponding Author
Email: [email protected]

Received Date:12 August 2022, Accepted Date:29 October 2022, Published Date:27 December 2022

This work is licensed under a Creative Commons Attribution 4.0 International License.

Abstract

Objectives: To carry out a systematic review on Cloud Computing (CC) security problems in order to suggest a cyber-security model for a secure CC environment. Methods: ResearchGate, PLOS One, MDPI, Wiley, Springer, Scopus, IEEE Xplore, IOP Conf. Series, and TechScience Press are used as sources in this research. Cloud security, risks to CC, issues with the current models, and the proposed model are among the significant keywords included in this article. Analysis and evaluation of the cloud computing security models have been conducted on the basis of factors like the technology used, authorization, security level, malicious insiders, VPN, encryption, etc. Findings: After doing comprehensive study of the previous models, it was analyzed that the client service provider’s (CSP) are focusing on their own security but not of client’s security. One problem is that there is no real set of standards to measure cloud security. Encryption key should be known to client only. Also, clients are not aware of security policies of CSPs. Furthermore, to overcome some issues certification programs should be there for CSPs so that clients are able to judge the CSPs according to their needs. Lastly, periodical awareness programs should be conducted for both CSP and client employees. Novelty: In this research a security model is proposed in which it is tried to implement solutions to various threats like hacking, unauthorized access of data, data encryption and authentication. It has proposed to develop a Cyber Security Model (CSM) for improvement of security features of cloud when it is used by organizations. In this study features like Single Sign-On for users to get proper authorization; key supervision is used for encryption of data and VPN controller is implemented to guard data from hackers have been added.

Keywords: Cloud Computing; CyberSecurity; Cloud Security Challenges; Data Protection; Security Model

References

Ahmed I. A brief review: security issues in cloud computing and their solutions. TELKOMNIKA (Telecommunication Computing Electronics and Control). 2019;17(6):2812. Available from: http://doi.org/10.12928/telkomnika.v17i6.12490
Dinesh K, Gopalakrishna DN, . Cloud Computing and its variable techniques in obtaining data security parameter. Journal of Engineering Sciences. 2022;13(1).
Amalarethinam G, Josephine DRS. A Survey on Security Challenges in Cloud Computing. 2019;24.
Sibai E, Rayane&gemayel N, &bouabdo, &demerjian JJ. A Survey on Access Control Mechanisms for Cloud Computing. Transactions on Emerging Telecommunications Technologies. 2019. Available from: https://doi.org/10.1002/ett.3720
Sharma, Pradeep. Review Of Cloud Computing Data Security And Threats. International journal of creative research thoughts. 2022;10(1).
Bnasod N. Implementing Data Storage Security in Cloud Computing. IOSR Journal of Engineering. 2019;9(5):68–71.
Khalil A, Mostafa, Sauber, Amr M, El-Kafrawy, Passent M, et al. A New Secure Model for Data Protection over Cloud Computing. 2021. Available from: https://doi.org/10.1155/2021/8113253
Sanjay, Jafri, Syed, Nigam N, Gupta N, Gupta G, et al. A New User Identity Based Authentication, Using Security and Distributed for Cloud Computing. IOP Conference Series: Materials Science and Engineering. 748. 012026. 2020;748. Available from: https://doi:10.1088/1757-899X/748/1/012026
Alhenaki L, Alwatban A, Alamri B, Alarifi N. A Survey on the Security of Cloud Computing. 2nd International Conference on Computer Applications & Information Security (ICCAIS). 2019. Available from: https://doi:10.1109/CAIS.2019.8769497
Almutairi MS. Cloud Computing: Securing without Losing Control. Journal of Advances in Mathematics and Computer Science. 2019;p. 1–9. Available from: https://doi.org/10.9734/jamcs/2019/v31i230106
Kashukeev I, Denchev S, Garvanov I. Data security model in cloud computing. Data security model in cloud computing. 2020;5(2):55–58. Available from: https://stumejournals.com/journals/i4/2020/2/55
Dashti W, Qureshi A, Jahangeer A, Zafar A. Security Challenges over Cloud Environment from Service Provider Prospective. Cloud Comput. Data Sci. 2020;1(1):12–20. Available from: https://doi.org/10.37256/ccds.112020318
The Most Taken Actions by Businesses in Order of Preventing or Minimizing Cyber Security Risks, 2019 . 2019. Available from: https://www.digitalmarketingcommunity.com/indicators/preventing-minimizing-cyber-security-2019/
Netwrix Cloud Data Security Report, 2019 . 2019. Available from: https://www.netwrix.com/2019cloudsecurityreport.html
Progoulakis I, Nikitakos N, Rohmeyer P, Bunin B, Dalaklis D, Karamperidis S. Perspectives on Cyber Security for Offshore Oil and Gas Assets. Journal of Marine Science and Engineering. 2021;9(2):112. Available from: https://doi.org/10.3390/jmse9020112
OASIS, “eXtensible Access Control Mark-up Language(XACML)” . Available from: http://docs.oasis-open.org/xacml/3.0/xacml-3.0-core-spec-os-en.html
OASIS, “Key Management Interoperability Protocol (KMIP)” . Available from: http://docs.oasis-open.org/kmip/spec/v1.2/os/kmip-spec-v1.2R-os.html
OASIS, “Service Provisioning Mark-up Language(SPML)” . Available from: https://www.oasis-open.org/standard/spml/
Role Based Access Control (BRAC) Available from: https://docs.microsoft.com/en-us/azure/role-based-access-control/overview

Copyright

© 2022 Agha et al. This is an open-access article distributed under the terms of the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original author and source are credited. Published By Indian Society for Education and Environment (iSee)