Ensuring Data Confidentiality and Authentication through Encryption at Application Layer

Cloud computing has emerged as a powerful and viable architecture to meet largescale and complex computational needs of the organizations. It extends the IT capability by providing on-demand access to computer resources for dedicated use. Data security and privacy are the major concerns over the cloud from user perspective. Consequently, the organizations which deal with cloud computing should amicably address the key data security risks. In this paper, a generic scheme of user authentication and data confidentiality has been introduced. We introduce a tool that encrypts/decrypts the user data at application layer using public key infrastructure. The information security experts of both the sides i.e. cloud users and service providers must comprehend and address the risk and security issues in detail before actually benefiting high-end computing power offered by the cloud computing paradigm.

[1]  Muhammed Naeem Ahmed Khan Performance analysis of Bayesian networks and neural networks in classification of file system activities , 2012, Comput. Secur..

[2]  Chris Chatwin,et al.  Extracting Evidence from Filesystem Activity using Bayesian Networks , 2007 .

[3]  Guiran Chang,et al.  Surveying and Analyzing Security, Privacy and Trust Issues in Cloud Computing Environments , 2011 .

[4]  Ashraf Zia,et al.  Identifying Key Challenges in Performance Issues in Cloud Computing , 2012 .

[5]  A. K. Dubey,et al.  Cloud-user security based on RSA and MD5 algorithm for resource attestation and sharing in java environment , 2012, 2012 CSI Sixth International Conference on Software Engineering (CONSEG).

[6]  Neal Leavitt,et al.  Is Cloud Computing Really Ready for Prime Time? , 2009, Computer.

[7]  Sami ul Haq,et al.  The Context of Global Software Development: Challenges, Best Practices and Benefits , 2011 .

[8]  Peter Mell,et al.  "The NIST Definition of Cloud Computing," Version 15 , 2009 .

[9]  Mahrukh Umar,et al.  Analyzing Non-Functional Requirements (NFRs) for software development , 2011, 2011 IEEE 2nd International Conference on Software Engineering and Service Science.

[10]  Ahmed Khan,et al.  Internet Content Regulation Framework , 2011 .

[11]  Shaheed Zulfikar,et al.  Security and Privacy Issues in Cloud Computing Environment: A Survey Paper , 2014 .

[12]  Prashant Pandey,et al.  Cloud computing , 2010, ICWET.

[13]  Adnan Khan,et al.  Quality Assurance Assessment in Global Software Development , 2013 .

[14]  Muhammad Khalid,et al.  Review of Requirements Management Issues in Software Development , 2013 .

[15]  Ahmed Khan,et al.  Protecting from Zero-Day Malware Attacks , 2013 .

[16]  Hong Zhao,et al.  Data Security and Privacy Protection Issues in Cloud Computing , 2012, 2012 International Conference on Computer Science and Electronics Engineering.

[17]  Shaheed Zulfikar,et al.  Defect Prevention and Process Improvement Methodology for Outsourced Software Projects , 2014 .

[18]  Shaheed Zulfikar,et al.  Service Composition in the Context of Service Oriented Architecture , 2013 .

[19]  Balachandra Reddy Kandukuri,et al.  Cloud Security Issues , 2009, 2009 IEEE International Conference on Services Computing.

[20]  Naveed Riaz,et al.  Gender Classification with Decision Trees , 2013 .

[21]  Roger Clarke,et al.  Privacy and consumer risks in cloud computing , 2010, Comput. Law Secur. Rev..

[22]  Shaheed Zulfikar,et al.  The Foremost Guidelines for Achieving Higher Ranking in Search Results through Search Engine Optimization , 2013 .

[23]  Michael Hall,et al.  Security and Control in the Cloud , 2010, Inf. Secur. J. A Glob. Perspect..

[24]  Ahmed Khan,et al.  Integrating Knowledge Management with Business Intelligence Processes for Enhanced Organizational Learning , 2013 .

[25]  Adnan Khan,et al.  An Appraisal of Agile Software Development Process , 2013 .

[26]  M. N. A. Khan,et al.  Exploring Query Optimization Techniques in Relational Databases , 2013 .

[27]  Mamoona Rafique,et al.  Exploring Static and Live Digital Forensics: Methods, Practices and Tools , 2013 .

[28]  Yanjiang Yang,et al.  A Generic Scheme for Secure Data Sharing in Cloud , 2011, 2011 40th International Conference on Parallel Processing Workshops.

[29]  Mushtaq Raza,et al.  Issues in Global Software Development: A Critical Review , 2011, J. Softw. Eng. Appl..

[30]  Muhammad Khalid,et al.  A Distinctive Suite of Performance Metrics for Software Design , 2013 .

[31]  Chris R. Chatwin,et al.  A framework for post-event timeline reconstruction using neural networks , 2007, Digit. Investig..

[32]  Rakesh R. Bhavsar,et al.  Data Security over Cloud , 2012 .

[33]  Muhammad Naeem Ahmed Khan,et al.  Contemporary Trends in Defect Prevention: A Survey Report , 2012 .

[34]  Zaigham Mahmood,et al.  Data Location and Security Issues in Cloud Computing , 2011, 2011 International Conference on Emerging Intelligent Data and Web Technologies.

[35]  Shaheed Zulfikar,et al.  Clustering Techniques in Bioinformatics , 2015, International Journal of Modern Education and Computer Science.

[36]  Sadiq Shahbaz Ali,et al.  ICT Infrastructure Framework for Microfinance Institutions and Banks in Pakistan: An Optimized Approach , 2013, Int. J. Online Mark..

[37]  P. Mell,et al.  The NIST Definition of Cloud Computing , 2011 .

[38]  Ashraf Zia,et al.  A Scheme to Reduce Response Time in Cloud Computing Environment , 2013 .

[39]  Muhammad Naeem Ahmed Khan,et al.  A Review of Fully Automated Techniques for Brain Tumor Detection From MR Images , 2013 .

[40]  Asima Akber Abbasi,et al.  A Critical Survey of Iris Based Recognition Systems , 2013 .

[41]  Shaheed Zulfikar,et al.  Triage in Live Digital Forensic Analysis , 2013 .

[42]  Deepak Singh Chouhan,et al.  Implementing Trust in Cloud Using Public Key Infrastructure , 2012 .

[43]  Gene Tsudik,et al.  Diffie-Hellman key distribution extended to group communication , 1996, CCS '96.

[44]  Muhammad Naeem Ahmed Khan,et al.  A Review of Trust Aspects in Cloud Computing Security , 2013, CloudCom 2013.

[45]  Wayne A. Jansen,et al.  Cloud Hooks: Security and Privacy Issues in Cloud Computing , 2011, 2011 44th Hawaii International Conference on System Sciences.

[46]  Denis Reilly,et al.  Cloud Computing: Pros and Cons for Computer Forensic Investigations , 2011 .

[47]  Deepak Singh Chouhan,et al.  Building Trust In Cloud Using Public Key Infrastructure - A step towards cloud trust , 2012 .