Ensuring user authentication and data integrity in multi-cloud environment
Tóm tắt
The necessity to improve security in a multi-cloud environment has become very urgent in recent years. Although in this topic, many methods using the message authentication code had been realized but, the results of these methods are unsatisfactory and heavy to apply, which, is why the security problem remains unresolved in this environment. This article proposes a new model that provides authentication and data integrity in a distributed and interoperable environment. For that in this paper, the authors first analyze some security models used in a large and distributed environment, and then, we introduce a new model to solve security issues in this environment. Our approach consists of three steps, the first step, was to propose a private virtual network to secure the data in transit. Secondly, we used an authentication method based on data encryption, to protect the identity of the user and his data, and finally, we realize an algorithm to know the integrity of data distributed on the various clouds of the system. The model achieves both identity authentication and the ability to inter-operate between processes running on different cloud’s provider. A data integrity algorithm will be demonstrated. The results of this proposed model can efficiently and safely construct a reliable and stable system in the cross-cloud environment.
Tài liệu tham khảo
Mell P, Grance T (2011) The NIST definition of cloud computing. National Institute of Standards and Technology, Special Publication, Gaithersburg, p 800
Jignesh S (2017) The 6 multi cloud architecture designer for an effective cloud. https://simform.com/multi-cloud-architecture. Accessed 15 Apr 2018.
Cloudenables C (2017) Managing multi-cloud security. https://www.corestack.io/blog/managing-multi-cloud-security. Accessed 22 Feb 2018
Robert P, Johnston E (2016) Worldwide cloud 2017 predictions. https://www.idc.com/getdoc.jsp? containerId = US41863916. Accessed 21 Oct 2018
Nicole H (2017) Security threats can come from anywhere: the multi-cloud world. http://itprotoday.com/hybrid-cloud/what-it-pros-need-know-about-multi-cloud-security. Accessed 10 Nov 2018
Travis W (2017) Five principles for running securely in a multi-cloud environment. https://threatstack.com/blog/5-principles-for-running-securely-in-a-multi-cloud-environment. Accessed 12 Nov 2018
Tweaks C (2013) Importance of cloud computing interoperabilitiy. https://cloudtweaks.com/2013/10/importance-of-interoperability-providerlockin. Accessed 15 Nov 2018
Bastiao Silva LA, Costa C, Oliveira JL (2013) A common API for delivering services over multi-vendor cloud resources. J Syst Softw 86(9):2309–2317
Data integrity service in multi-cloud and distributed cloud storage environment. In: The 5th international conference on advanced computing and communication technologies. IEEE, India, p 490–494
Brauer K (2011) Authentication and security aspects in: an international multi-cloud, https://theseus.fi/bitstream/handle/…/Karsten_Brauer.pdf. Accessed 12 Dec 2018
Abusitta A, Bellaiche M, Dagenais M, Halabi T (2019) A deep learning approach for proactive multi cloud cooperative intrusion detection system. Future Gen Comput Syst 98:308–318
Belbergui C, Elkamoun N, Rachid H (2017) Authentication mechanisms in cloud computing environments. Int J Inform Technol Secur 9(3):63–84
Zkik Ornahou, Elhajji S (2017) Secure mobile multi cloud architecture for authentication and data storage. Int J Cloud Appl Comput 7(2):213–230
Indu I, Rubesh APM, Vidhyacharan B (2017) Encrypted token based authentication with adapted SAML technology for cloud web services. J Netw Comput Appl 99(1):131–145
Munivel E, Kannammal A (2019) New authentication scheme to secure against the phishing attack in the mobile cloud computing. Secur Commun Netw 45:1–11
Obinna E, Faraz FM, Philipp W, Ramin Y (2017) A JSON token-based authentication and access management schema for cloud SaaS applications. In: The 5th IEEE international conference on future internet of things and cloud (FiCloud)
Lee Y, Rathore S, Park JH et al (2020) A blockchain-based smart home gateway architecture for preventing data forgery. Hum. Cent Comput Inf Sci. 10:9. https://doi.org/10.1186/s13673-020-0214-5
Ramotsoela DT, Hancke GP (2019) Abu-Mahfouz AM (2019) Attack detection in water distribution systems using machine learning. Hum Cent Comput Inf. Sci 9:13. https://doi.org/10.1186/s13673-019-0175-8
Shailendra R, Vincenzo L, Park JH (2017) SpamSpotter: an efficient spammer detection framework based on intelligent decision support system on facebook. J Appl Soft Comput 67:920–932
Shailendra R, Sharma PK, Park JH (2017) XSSClassifier: an efficient XSS attack detection approach based on machine learning classifier on SNSs. J Inform Process Syst 13(4):1014–1028
Shailendra R, Park JH (2017) Semi-supervised learning based distributed attack detection framework for IoT. J Appl Soft Comput 72:79–89
Siddeeq Y, Shayma W (2014) Firewall and VPN investigation on cloud computing performance. Int J Comput Sci Eng Survey 5(2):1–10
Ljubomir MV, Milan DS, Aleksandar S, Zoran DP (2019) Influence of encryption algorithms on power consumption in energy harvesting systems. J Sens 10:15–20
Arki O, Zitouni A, Dib AT (2018) A multi-agent security framework for cloud data storage. J Multiagent Grid Syst 14(4):357–382
Megouache L, Zitouni A, Djoudi M (2018) A new framework of authentication over cloud computing. In: Silhavy R, Silhavy P, Prokopova Z (eds) Cybernetics approaches in intelligent systems. CoMeSySo 2017. Advances in intelligent systems and computing, vol 661. Springer, Cham, pp 262–270
Yu H, Powell N, Stembridge D, Yuan X (2012) Cloud computing and security challenges. In: proceeding ACM-SE of the 50th annual southeast regional conference, India, pp 298–300
Qamar N, Ana S, Eran E (2018) Securing DICOM images based on adaptive pixel thresholding approach, computer-based medical systems (CBMS). In: IEEE 31st international symposium pp 280–285
Ricardo M, Tiago O, Vinicius C, Nuno N, Alysson B (2019) CHARON: a secure cloud-of-clouds system for storing and sharing big data, In: IEEE transactions on cloud computing p 19–39
Thandeeswaran R, Subhashini S, Jeyanthi N, Saleem Durai MA (2012) Secured multi-cloud virtual infrastructure with improved performance. J Cybern Inf Technol 12(2):11–22
Gawannavar M, Mandulkar P, Thandeeswaran R, Jeyanthi N (2015) Office in cloud: approach to authentication and authorization. In: recent advances in communications and networking technology, Bentham sciences 4(1): 49–55
Venkat RK, Avala AR (2013) Data integrity in multi-cloud storage international. J Sci Eng Adv Technol 1(7):219–223
Gu K, Yang L, Yin B (2018) Location data record privacy protection based on differential privacy mechanism. Inf Technol Control 47(4):639–654
Xie K, Ning X, Wang X, He S, Ning Z, Liu X, Qin Z (2017) An efficient privacy-preserving compressive data gathering scheme in WSNs. Inf Sci 390:82–94
Long M, Peng F, Li HY (2018) Separable reversible data hiding and encryption for HEVC video. J Real-Time Image Process 14(1):171–182
Subhash CP, Sumit J, Ravi S, Jyoti C (2018) Access control framework using multi-factor authentication in cloud computing. Int J Green Comput 121:1–15
Vengie B (2018) Privacy, security and Encryption. https://www.webopedia.com/TERM/V/VPN.html. Accessed 22 Sep 2018
Radford CJ (2017) Security in the multi cloud Era. In: Conference of the ComputerWeekly’s coverage. https://linkedin.com/pulse/security-multi-cloud-era-cj-radford-laura-fernandez-dela-torre. Accessed 31 Oct 2018
Avi K (2018) Public key cryptography and the Rsa algorithm, lecture note on computer and network security. http://engineerining.purdue.edu/kak/compsec/NewLectures/Lecture12.pdf. Accessed 22 Oct 2018
Dave K (2019) Micro- segmentation: securing complex cloud environments. Netw Secur 3:6–10
Latha K (2019) Sheela T (2019) Block based data security and data distribution on multi cloud environment. J Ambient Intell Hum Comput. https://doi.org/10.1007/s12652-019-01395-y
Chris C (2006) Introduction to the RSA and to authentication, MAT/CSC. https://nku.edu/christensen/section%2026%20RSA.pdf
Basappa B, Kodada BB, Prasad G, Pais AR (2012) Protection against DDoS and data modification attack in computational grid cluster environment. Int J Comput Netw Inf Secur 2074(9090):12–18
Max A, Eric V, Nuno N, Fernando MV (2019) Secure multi-cloud network virtualization. Comput Netw 661:45–60
Jon CC, Jennifer MS (2006) Prior family business exposure as inter-generational influence and entrepreneurial intent: a Theory of Planned Behavior approach. J Business Res Elsevier 60:1090–1098
Pritee P, Mayuri S, Prakash K, Sakshi S (2014) Public auditing: cloud data storage. In: The 5th international conference-confluence, the next generation information technology summit. IEEE Explore, pp 169–173
Fernandez L, Serrano A, Lastra MG (2014) Nuevas fronteras en la investigación en emprendimiento y en la docencia del emprendimiento. In:Workshop de la Sección de Función Empresarial y Creación de Empresas de ACEDE pp 223–241
Schaarschmid M (2012) Firms in open source software development: managing innovation beyond firm boundaries. Springer Books 1007:15–48
Shailendra R, Arun KS, Park JH (2018) A novel framework for internet of knowledge protection in social networking services. J Comput Sci 26:55–65