Cloud Computing has continuously tremendous importance in the IT research field. As it is completely rely on sharing both physical and logical resources among numerous users, the concept of security must be considered, and deploying renewable security models must be taken into account. To obtain the highest level of security, some procedures must be implemented within a security model such as access control, authentication, authorization, data encryption, fast recovery, privacy, confidentiality, and attacks defending. This paper presents a proposed data security model for cloud computing. Some common attacks such as brute force attack and SQL injection are opposed. As data encryption plays the main role of data security, several modern encryption techniques are implemented and evaluated to deduce the most suitable technique to be used on cloud environment. The encryption techniques namely: AES, DES, 3DES, RC2, RC4, and Blowfish are evaluated based on randomness using NIST statistical testing. Also time consumed by each algorithm to decrypt the same amount of data is considered. Our model is deployed on Amazon Elastic Beanstalk cloud computing web server, and tests are run on two different environments; desktop environment and Amazon EC2 cloud computing environment. Our model is implemented using JSP language (Java Standard Edition), and NIST statistical tests are implemented using C# language.
Ali I. Siam, Heba A. El-khobby, Hatem S. Abd Elkader, Mustafa M. AbdelNaby
Cloud Computing, Security, Cryptography, NIST Tests, Google OAuth
- S. Kamara and K. Lauter, Cryptographic cloud storage, in Financial Cryptography and Data Security2010, Springer. p. 136-149.
- N.S. Kumar, G.R. Lakshmi, and B. Balamurugan, Enhanced Attribute Based Encryption for Cloud Computing. Procedia Computer Science, 2015. 46: p. 689-696.
- M. Christodorescu, R. Sailer, D.L. Schales, D. Sgandurra, and D. Zamboni, Cloud security is not (just) virtualization security: a short paper. in Proceedings of the 2009 ACM workshop on Cloud computing security. 2009. ACM.
- M. Mell and T. Grance, The NIST definition of cloud computing. 2011.
- F. Liu, J. Ting, J. Mao, R. Bohn, J. Messina, L. Badger, and D. Leaf, NIST cloud computing reference architecture. NIST special publication, 2011. 500: p. 292.
- ISO and IEC Publish Cloud Computing Standards. Information Standards Quarterly, 2014. 26(4): p. 24-24.
- L.a. Tawalbeh, N.S. Darwazeh, R.S. Al-Qassas, and F. AlDosari, A Secure Cloud Computing Model based on Data Classification. Procedia Computer Science, 2015. 52: p. 1153-1158.
- E.M. Mohamed, H.S. Abdelkader, and S. El-Etriby, Data Security Model for Cloud Computing. Journal of Communication and Computer, 2013. 10: p. 1047-1062.
- W.B. Dai Yuefa, G. Yaqiang, Z. Quan, and T. Chaojing, Data security model for cloud computing. in Proceedings of the 2009 International Workshop on Information Security and Application (IWISA 2009) Qingdao, China. 2009.
- E.B. Fernandez, R. Monge, and K. Hashizume, Building a security reference architecture for cloud systems. Requirements Engineering, 2015: p. 1-25.
- R. Jain, S. Madan, and B. Garg, Implementation and Comparison of RSA and Triple DES Algorithm For Encryption and Decryption In Cloud Environment. International Journal of Applied Engineering Research, 2015. 10(5).
- J.-M. Kim, H.-Y. Jeong, I. Cho, S.M. Kang, and J.H. Park, A secure smart-work service model based OpenStack for Cloud computing. Cluster Computing, 2014. 17(3): p. 691-702.
- G. Zhao, C. Rong, M.G. Jaatun, and F.E. Sandnes, Reference deployment models for eliminating user concerns on cloud security. The Journal of Supercomputing, 2012. 61(2): p. 337-352.
- A. Lee, Authentication scheme for smart learning system in the cloud computing environment. Journal of Computer Virology and Hacking Techniques, 2014: p. 1-7.
- Using OAuth 2.0 to Access Google APIs Available from: https://developers.google.com/identity/protocols/OAuth2.
- AWS Documentation, Getting Started with AWS,. Available from: http://docs.aws.amazon.com/gettingstarted/latest/wah/getting-started-applicationserver.html#create-security-group.
|Published in :
||Volume 1 | Issue 4 | July-August - 2015
|Date of Publication
Cite This Article
Ali I. Siam, Heba A. El-khobby, Hatem S. Abd Elkader, Mustafa M. AbdelNaby, "Enhanced Data Security Model for Cloud Computing Platform ", International Journal of Scientific Research in Science, Engineering and Technology(IJSRSET), Print ISSN : 2395-1990, Online ISSN : 2394-4099, Volume 1, Issue 4, pp.450-460, July-August-2015.
URL : http://ijsrset.com/IJSRSET151485.php