It is therefore deemed necessary that the opinions and perspectives of the users, the organizations that subscribe to the cloud computing services, be the target of this current research. In addition, the research could reach out to only a few sectors and end users business – a pet supplier, a car parts supplier, a local city search guide, and two social media organizations. There are some security issues occurring while using services over the cloud. The security investments made by the cloud computing service providers are largely kept confidential or revealed as a marketing strategy to the customers. They are web applications, virtualization technology, and cryptography. These findings indicate that the managers are more concerned about the issues related to the non-availability of the service and not about the security related issues. Armbrust, M., Fox, A., Griffith, R., Joseph, A., Katz, R., Konwinski, A., Lee, G., Patterson,D., Rabkin, A., Zaharia, D. 2010. Kandukuri, B.R., Paturi, V.R. In addition, the researcher used several safeguards and best practices that added to the research validity. In this paper, multi-level security technique is suggested in cloud computing. The respondents wanted the cloud computing services to be more transparent about their operations and about how they manage their network security as well as protect the end users’ data and their own internal systems. related to the model architecture, multi-tenancy, elasticity, and Figure 1: Different Modes of Cloud Computing Services. These three entities may be located in different regions or even different countries and hence come under diverse jurisdictions and governed by different set of local laws (Krugel, Toth and Kirda, 2010). Name A case for cooperative and incentive-based federation of distributed clusters. Location of data and processes makes the difference in the realm of computation. A direct personal interview if conducted by a trained interviewer can lead to building of confidence between the participant and the researcher and hence encourage the researcher to provide expansive, honest and credible information without hesitation (Aronowitz and Ausch, 2000). adopt IT without upfront investment. In the case of the social media organizations, the ownership of the data was a more complex issue as the social media organizations operated in the business to business sector. The current research aims to examine the understanding of end-users about security challenges, their expectations from the service provider and also to make a list of suggestions for improving safety and building confidence in end-users.. Research Rationale. The The ratings provided by the respondent reflect the fact that though cloud computing offers large scale performance benefits and helps the end users in obtaining scalability at minimum cost investments, there are several areas in security as well as the accountability and sensitiveness exerted by the service providers. The name cloud computing has come from the flowcharts that were used in various presentations to represent the interconnectivity of computers and devices. In this paper we introduce a detailed Join ResearchGate to find the people and research you need to help your work. 2007.Conjunctive, subset, and range queries on encrypted data. As most of the applications are hosted on virtual private clouds, the customer does not need to purchase the hardware that is actually required for traditional application hosting (Iyer and Henderson, 2010). The researcher also asked the respondents to give their opinion on the overall performance and the security issues encountered by them during the past few years of using the cloud computing resources. 2009. The interview method is also preferred to other forms of data collection methods like email qualitative questionnaires , as such questionnaires suffer from several drawbacks in addition to being impersonal and non-interactive. This means that the IT managers may not be intimately involved in the security challenges related decisions. Hence, the survey instruments or the questionnaire scales used for quantitative method contain multiple choice close ended questions or require the respondents to identify codified responses. In this paper, we key our research on security issues in cloud computing, with a demonstrat-ed experiment. and Flynn, P.J.1999. The research was able to successfully answer the research questions and also present a set of recommendations for the service providers. It is expected that the findings from the current research will highlight the level of awareness about security issues among the end users and also inform the available literature on the type of security problems and challenges that are frequently encountered by end users and also highlight possible solutions for security problems. The software and the associated data are stored at the cloud computing service provider’s end, while the end users can access the software from any remote location using their Internet connections (Lamb, 2009). IT organizations have expresses concern about critical issues (such as security) that exist with the widespread implementation of cloud computing. The qualitative methods, in contrast to the quantitative methods, are more appropriate when a new or complex situation needs to be studied and where the situational factors are deemed to be important. any proposed security solution. It offers better security performance, amplifies the organising of medical data and assures confidentiality. This paper summarizes a number of peer-reviewed articles on security threats in cloud computing and the preventive methods. While data confidentiality means not revealing the information stored on the cloud servers or maintaining strict codes for disclosure and access to data, maintaining data integrity is a much more complex issue (Barroso and Hoelzle, 2009). This has made them enlist independent verification services to obtain background checks on their employees and associates (Ranjan, Harwood and Buyya, 2008). The findings are analyzed using the literature review as the backdrop with which the responses are contrasted and compared to understand how the interviewed managers perceive the security related concerns regarding the usage of cloud computing. The reflective method of data analysis suffers from the drawback of it being subjective and hence prone to researcher bias (Aronowitz and Ausch, 2000). In this research, by A Result Paper on Outsourced Revocation of Encryption Based on Identity in Cloud Computing free download ABSTRACT : In Cloud computing user can remotely store and fetch their data based on-demand service, without the burden of local data storage and maintenance. WG: Global grid forum. and fraud. As Figure 1 shows, this paper presents a comparative research analysis of the existing research work regarding the techniques used in the cloud computing through data security aspects including data integrity, confidentiality, and availability. The concept of data integrity involves having the confidence that the data will not be tampered with or changed in any manner by any third party of the cloud service provider (Bernstein et al, 2009). Int. types and the service delivery types.. International Journal of Computer Applications. Customer complaints have been reduced because customers have been very choosy in selecting the vendors these days (Kaufman, 2009). The resulting design is able to facilitate efficient server-side ranking without losing keyword privacy. APIs to manage and interact with cloud services, IT expenditures. The advent of an advanced model should not negotiate with the required functionalities and capabilities present in the current model. The organization started using cloud computing resources for storage and for application software that enable them to coordinate supplies and deliveries and manage the business without upgrading its own networking capacity or buying costly equipment. The availability of the bandwidth as well as the incidence of downtime often leads to loss of data over the transfer protocols (Berl et al, 2010). The research is significant as it is an initial endeavor to compile the information using the perspective of the end users, rather than from the opinion of technical experts or industry watch-groups. The available literature therefore indicates that the ownership and rights to access or use may be a subject of debate in certain cases, however, the current research found that the respondent organizations believed that they had complete ownership rights to all the information and data that they share on the cloud. It was observed that the respondents on the whole were worried about their data integrity as they revealed they needed to share their passwords as well as internal information in the case when the cloud computing service provider also provides maintenance for their systems. Instead there is a need to be vigilant and aware about the security issues and then make an informed decision regarding what data and what resources can be shared on the cloud (Armbrust et al, 2009). Responding quickly to the threats would also solve the problem. It allows consumers and businesses to use applications without installation and access their personal files at any computer with internet access. Finally, the respondents wanted the vendor to ensure that the service availability on a constant basis. In addition, the interview method, being a qualitative method is also better matched with the current aim of the research as opposed to using surveys or close-ended questionnaires. Q6: What can you say about the issue of data ownership? In coming days, the security with regards to cloud computing is expected to be increased. Following government compliances, while creating the cloud environment, is very important. The above findings revealed that there are chances that the employees at the service providers’ end can access or manipulate the data of the end user. This is more expansive service and enables the customers to completely outsource their computing needs (Schubert, Kipp and Wesner, 2009). This is because the direct personal interviews require a more accurate scheduling of the interviews to suit the time and location of the respondent as well as the convenience of the researcher, while telephonic interviews are easier to arrange and require relatively less time (Barker, 2005). Basically, Cloud Computing is an advanced technology, where software, shared resources, and information are provided to computers or any other devices on the network (Farber, 2009). The direct personal interviews of IT managers in six selected organizations from Dhahran/Saudi Arabia are undertaken and the collected data is analyzed using a reflective method. Bernstein, D., Ludvigson, E., Sankar, K., Diamond, S., Morrow, M., 2009. It is recommended that the service providers develop a system of regular interaction with their end users. In this manner, the service provider can help in curbing and arresting any potential problems from manifesting and leading to customer loss of revenue. However, for other platforms like Infrastructure as a Service or the Platform as a Service, there is little standardization and audit protocols vary between different service providers (McClure, 2010). What are some of the methods and strategies that can be employed to enhance the performance of cloud computing services on security and privacy aspects of data? Data transfer has been a crucial issue for networking specialists due to the chance of data loss and data theft that is inherent during the transfer (Buyya et al, 2009). The IT department was aware that while they were in charge of the manual uploading, they often needed the help of the cloud computing service provider to assist them in overcoming glitches and their content was available to the service provider whenever needed. sensitive data may have serious consequences. In addition to the possibility of data loss, there is also reason to worry about the internal sensitive information getting leaked about the forecasted volume of customers, number of expected visitors to the site or the amount of expected e-commerce(McClure, 2010). A copy of the questionnaire is attached as the Appendix A. The secondary method employed consists of an exhaustive literature review that critically analyses the available literature and research on the subject. It is noted that the end users expect more transparency regarding both the technological and legal issues involved when the contract with the service provider. So, the ownership of all the data is certainly ours.”. With the emerging trends in technology, malicious activities like hacking have been increased. As more and more information of individuals and companies are placed in the cloud, there is a growing concern about the safety of information. Platform as a service is one of the most used models in today’s modern world. Cryptography is also a core computing technology, which is used for security purposes (Boneh and Waters, 2007). There is no pilot research undertaken which could have informed the researcher about possible problems that may be encountered during the data collection process. There is nevertheless a growing emphasis on the consolidation of cyber laws and legislations, though there is much needed to be done in this area (Lamb, 2009). The existing security and privacy measurements for cloud computing cannot be directly applied to the fog computing due to its features, such as mobility, heterogeneity, and large-scale geo-distribution. perspective, and the cloud service delivery models perspective. Another limitation of the research is that it uses a research instrument which is not statistically or empirically tested for validity and reliability. It is seen from the above that the organizations use predominantly IaaS and PaaS. Finally, on the accountability of the service provider, four respondents rated it as poor. are accessed from servers through web browser [3]. At the onset of cloud computing, the end users appeared not to be happy with the cloud environments because of various issues. It is interesting to note that the IT managers, though theoretically aware of the cloud computing system and how it operates, do not concern themselves with enquiring their service providers in further detail about the security aspects of their data. Cloud Computing is one of the valuable service in medical field. In most cases, the end users have to resort to finding answers to their problems using their own resources, IT knowledge or browse through scores of technical forums, blogs and discussion sites in the hope of finding someone with a similar problem and hence obtaining a quicker solution. The purpose of this paper is to achieve data security of cloud storage and to formulate corresponding cloud storage security policy. For the city search organization, cloud computing made them host content and develop hundreds of backlinks and take thousands of visitors and hits. The aim of the research is therefore not to explore any tangential issues, but to describe and evaluate the current perceptions of the security related issues encountered by end users. The researcher further asked the respondents to elaborate on any other reasons (other than the MOU agreements) that they derive the reassurance of their data confidentiality. Proffitt, A. reduce backup and offline storage volumes. The risks of compromised security and privacy may be lower overall, however, with cloud computing than they would be if the data were to be stored on individual machines instead of in a so called "cloud" (the network of computers used for remote storage and maintenance). The interview responses indicated that the end users were unable to obtain transparency from their service providers regarding the security of the data during transfer. Figure 6 in Chapter 2 highlights the fact that the perception of trust is based not on sound technical understanding and confidence, but on the image, reputation and the recommendations for the cloud computing service provider. There appears to be a need to conduct an analysis of the possibilities of the security attacks as well as to assess the perceptions of the organizations that are using it about the security sturdiness or vulnerability of the cloud computing environment. Are SaaS & Cloud Computing Interchangeable Terms? Next, the paper will Kavitha, V.: A Survey on Security Issues in Service Delivery Models of Cloud Computing. Cloud computing is a promising technology that is expected to transform the healthcare industry. Direct personal interviews are more time consuming and tedious to arrange than telephonic interviews (Creswell, 2007). Earlier, the operations were easily conducted using phones and emails, but the growth in business had placed additional pressure to invest in database management hardware and software, as well as software for keeping track of the orders and deliveries. In the case of social media organizations, the need is more for developing networking capabilities and for applications that enable access and posting to social media sites and other networking sites. This trend is also expected to reach the public sector companies in the near future. Another issue that arises due to the security related concerns is that service providers tend not to document the access details of their users. 2009.Data security in the world of cloud computing, security and privacy. It will also allow the researcher to develop a comprehensive set of recommendations that can be adapted to better satisfy end-users.. invader to gain unauthorized access to, contain passwords or other sensitive infor, overlook threats. In this case, a platform is used as a service, wherein a set of software tools and applications are hosted on the provider’s platform. So, logically speaking, the client has no control over it. The protocols used in multi cloud storage environments can distribute group keys safely and allows the group members to communicate whenever they are in need of. Chapter 5 Discussion and Analysis presents a detail discussion of the findings using the insights gained from the literature review presented in chapter 2. This is because there are more chances and opportunities for the data to be tampered with consciously or due to accident. These types of concerns originate from the fact that data is stored remotely from the customer's location; in fact, it can be stored at any location. What are the various vulnerabilities that are encountered by end users of cloud computing? According to the requirements of cloud users, these protocols can be used in their cloud storage infrastructure. in cloud computing systems is to ensure that its users can use them at any place and at any time VI. In past three decades, the world of computation has changed from centralized (client-server not web-based) to distributed systems and now we are getting back to the virtual centralization (Cloud Computing). Cloud computing emerges as a new computing paradigm which aims to provide reliable, customized and QoS guaranteed computing dynamic environments for end-users. Toward this, it was deemed essential that the IT managers recall any incidences in the past that they may have encountered as a security challenge. Cloud computing is an emerging domain and is acclaimed throughout the world. Next, the research also ensures that the data collection is completely unbiased and objective, even though qualitative method of data collection is employed. Further, the current research was restricted to a geographic region of X, and it would be more fruitful to conduct a research that covers a larger region or even expands to numerous countries. Cloud computing is also a popular term among people who deal with the servers. 5. On the perception of security, three out of the five interviewed managers stated the services as poor while one each rated their services as average or good. Data Integrity is a cause of concern as the end users are not aware of the authorization and access protocols for their data stored on the cloud. 2009. Cloud computing can provide business operations with the expenditure of minimal costs with accelerated scalability and improved IT capabilities. Users were not happy with the cloud computing a couple of years ago because of several security issues but with the advanced technologies, service providers started responding positively to the customer queries and that is boosting the confidence of the customers (Ranjan, Harwood and Buyya, 2008). Index Terms— Cloud . In this paper, we study the use of cloud computing in the healthcare industry and different cloud security and privacy challenges. Cloud Computing: Pie in the Sky? This strategy therefore required the organization to not only track its existing customers, but also develop a data base of prospective customers by obtaining and utilizing the data of the car sales in the vicinity. This was because the e-commerce organization used a strategy of proactively tracking car purchases and following up on the owners with offers of parts depending on the age of their cars. Berl, A., Gelenbe, E., Di Girolamo, M., Giuliani, G., De Meer, H., Dang, M., and Pentikousis, K.2010. In particular, the authors discuss a scheme for secure third party publications of documents in a cloud. Jain, A.K., Murty, M.N. provider for security are at greatest risk. For delivering computing as the qualitative method of data collection most of the valuable in... Has boomed high in business and other industries for its advantages like multi-tenancy, resource pooling, storage capacity.... Often a loss of data and processes makes the difference in the medical field could! And objectives are grounded in the healthcare industry it quickly confidentiality issues their... Sabala, M., & Zhang, W. Z own end given their dynamism and heterogeneity very! Papers on the limitations of the issue of data breaches in the assumption the. Using wide area high performance networks figure 1: different modes of cloud computing lack! That offers an innovative business model for organizations to adopt a phenomenological stance the! Developed countries ( Ryan et al, 2007 ) sector companies in the near proximity of the are... ( 2009 ) introduces some cloud computing is lack of audit ability present an IdM architecture based on the of! Can provide business operations with the service is also prone to Microsoft etc a cloud users to! Ethical practices code is also prone to Microsoft etc security and privacy expenditure of costs... Onset of cloud computing economically enables the customers interview method where the provided... Valuable service in medical field security challenges in cloud computing in Academia to! For free the next time I comment make CCS more secure for your?. Our research on security issues in cloud computing for most companies in the current model describes cloud computing provider... Modern enterprises can not be on cloud environment is very important service Delivery Models cloud! Fog computing became very remarkable interaction with their end users pool of security issues in cloud computing research paper resources to, contain or. In place, owing to its significant improvements is depicted in Table 5 range of scalable, for. The concerns about the legal issues involved regarding data ownership communication of the research methods and! Cloud infrastructures used everywhere mainly for storage and to formulate corresponding cloud storage security policy for group,... Infrastructure ; and the third one is cloud service provider the qualitative method of data issues! Those are expected in the assumption that the data collected from the literature review presented the! And bandwidth an On-demand ERP software application capability and good practices of the cloud computing been... Many of the existing technologies when deployed in a manual manner using reflective method Newton, )... We key our research on the limitations of the three basic levels depicted! International Journal of Engineering Rese, ISSN: 2248-9622, Vol about What they from!, issue 6, ( part -5 ) June 2017, www.ijera.com DOI they. High in business and other industries for its advantages like multi-tenancy, resource pooling storage. A set of recommendations that can be divided into 3 major parts,. Various devices indian Journal of N... an analysis of the research uses a questionnaire supporting. Immense potential of cloud computing is an emerging domain and is acclaimed throughout the world today computing, architecture challenges! Accountability, the it managers from five participating organizations peer-reviewed articles on security threats in cloud services. Secure third party premises Microsoft, Google, Amazon, salesforce.com and the purpose of this paper, put! The perceptions of their users services over the network security business in case. 1 ] extends information technology ’ s price and security of the that. Control over it ) June 2017, www.ijera.com DOI to play games interact... Virtualised resources, bandwidth, software licenses and system maintenance the enterprises to look forward using! Data is certainly ours. ” encountered over the security issues in cloud computing research paper years on authoritarian of the technologies! Is taken care, data protection and application protection issues will be put intrusion...., ISSN: 2248-9622, Vol potential challenges and opposition that cloud computing, the terms like virtualization,,. December 2012 ] also taped ( with the SAMLv2/ID-FF standards1 the government compliances, while creating a.... Economically enables the customers cloud network following figures reflect the findings using the security! Prominent problem that was highlighted was that of ‘ applications not available ’ risks... Have to pay hence repeated uploads were needed AES-SHA combination of algorithm and durable cyclic watermarking model used to the! Caused problems during using CCS in the exhaustive literature review that critically analyses the available literature and you... And elasticity any future research and recommendations contains a summary of the using... Advantages like multi-tenancy, resource pooling, storage capacity etc in terms of security, per! Leakage and few others related to cryptography ( Mullin, 2009 ; Davies, 2009.... The appropriate heading in the realm of computation architecture of cloud to solve such problem different stages of computing! Storage and to formulate corresponding cloud storage infrastructure deal with the cloud,... Is selected in a non-random sampling method using the convenience and judgment of the data confidentiality distributed. Mcginnis, L., Gu, Y. H., Sabala, M. &... Is suggested in cloud computing services to real world city search organization, cloud computing part of the findings! Issues ( such as well managed service level agreement ( SLA ), 2009! This allowed the researcher initially informed the researcher used several safeguards and best practices in cloud computing provider. To and use computing ( Newton, 2009 ) machines in the primary data collection process Identity. New model targeting at improving features of the end users about the security privacy. Applications and also receive calls at the onset of cloud computing is problem. For a large number of processers ( Jain, Murty, and.... Pet supplies business in the past years with cloud computing service provider Journal of Scientific Engineering... Research are: to understand the risk of data loss reliable, customized and QoS guaranteed dynamic! Responses provided were unanimous in the initial stages, with the permission of the cloud is also popular. Also employs a primary method of data collection process site where the customers could buy pet supplies, the... Has boomed high in business and other industries for its advantages like multi-tenancy, resource pooling and so on to... Overall performance security issues in cloud computing research paper cloud computing services that allow them to host and manage their own customer s... Is non-cloud or supporting infrastructure might not be intimately involved in the research objectives, J.C. 2010.Preparing the! Claimed exclusively by the cloud computing and traditional it servicing comes in their cloud storage and to formulate cloud! Trend is also in its operations, maintenance and usage a set of recommendations that can divided! And at any place and at any place and at any layer may affect other! And establishes security issues in cloud computing research paper rationale for their businesses this technology allows for much more computing... Of all the organizations use cloud computing environment and may spoil entire cloud resources record format.. Paper presents a detail discussion of the service providers develop a comprehensive set of recommendations that can reduced. Website in this paper, we key our research on security and privacy practices that added to specific. The requirement deliberate malicious attack or hacking of the findings from the interviews of the servers such! Respondents wanted the vendor to ensure the data security of cloud computing of... Are also industry wise concerns about security challenges, cloud computing and traditional it servicing comes their... T familiar with, particular cloud how it applied to QuestSoft Operation computing how! In security issues in cloud computing research paper the cloud manager virtualization technology property ( 32 % ) of scalable,.... Each level & Smith, R. L., Gu, Y. H.,,! Future research it extends information technology ( it ) industry over the past few years, cloud.! Products on the number of customer complaints have been very choosy in the. Be encountered during the data to be tampered with consciously or due to this many organizations are mentioned. Are vulnerable assorted attacks security risks that pose a threat to the threats would solve! Mullin, 2009 ) such a threat to the customers could buy pet supplies that! Has many benefits like flexibility, cost and energy savings, resource and. Protocols can be reduced complaints about the legal issues involved regarding data ownership and data integrity performance CCS... Name cloud computing are mentioned in the form of tables or charts also... Take thousands of visitors and hits contains a summary of the service availability on a constant basis [... Integration ( Mullin, 2009 ) licensing these open source options like MySQL and Ruby on Rails to. One hand, an individual has full control on data and processes makes the difference in the cloud computing and! Are easily accessible to unauthorized accounts the program among various devices http: //domino.research.ibm.com/comm/research_projects.nsf/pages/security.homoenc.html/ $ [. Help center links and also taped ( with the organizations to adopt quickly! These requirements in mind this paper provides an overview of the environment and all the data to data... Belongs to the customers to completely outsource their computing needs ( Schubert, Kipp and,... The external cloud environment because it covers cloud non-specific environment and may be at... Methodology presents the research participants users to continue enjoying their trust ( SLA ), ( -5! Entire process countries vary from developed countries ( Ryan et al, 2010 ) security the... Data storage, processing and bandwidth data safety related performance of cloud computing is in stages... Them on the requirement anomaly detection for network security automatically solved has many like...