Call for Paper - Upcoming Issues

Cloud Safe: A Survey of Encryption, Access Control, and Network Protection Strategies

International Journal of Electrical and Electronics Engineering
© 2024 by SSRG - IJEEE Journal
Volume 11 Issue 12
Year of Publication : 2024
Authors : A.G. Vishvanath, D. Ganesh
10.14445/23488379/IJEEE-V11I12P119
pdf
How to Cite?

A.G. Vishvanath, D. Ganesh, "Cloud Safe: A Survey of Encryption, Access Control, and Network Protection Strategies," SSRG International Journal of Electrical and Electronics Engineering, vol. 11,  no. 12, pp. 208-228, 2024. Crossref, https://doi.org/10.14445/23488379/IJEEE-V11I12P119

Abstract:

The rising dependence on cloud computing needs strong security measures to secure sensitive data and maintain service availability. Data breaches, illegal access, and data loss pose significant hazards to cloud security. Effective security techniques encompass numerous levels of protection. Firstly, encryption is critical for safeguarding data at rest and in transit, confirming that the information remains unreadable to unauthorized users even if intercepted. Secondly, network security methods, such as firewalls, intrusion detection and prevention systems, and secure communication protocols, are needed to defend against external threats and vulnerabilities. Lastly, access control technologies, including multi-factor authentication, role-based access control, and identity management systems, are vital for restricting who can access and modify data in the cloud. This multi-layered approach ensures comprehensive protection against a wide range of security risks. In conclusion, while cloud computing provides considerable scalability, flexibility, and cost-effectiveness benefits, it also poses new security issues. Organizations may ensure a safe cloud computing environment by establishing comprehensive security measures such as encryption, network security, and effective access restrictions for their data and systems. According to the research, compromised credentials cause 61% of data breaches, highlighting the significance of access control procedures. Additionally, there is potential for upgrading encryption systems, dynamic authorization, and anomaly detection through machine learning and deep learning approaches. This research further supports a multi-layered security approach to safeguard private cloud data from new attacks.

Keywords:

Cloud computing, Security, Data, Encryption, Access control, Network.

References:

[1] Sunita Swain, and Rajesh Kumar Tiwari, “Cloud Security Research - A Comprehensive Survey,” International Journal of Electronics Engineering and Applications, vol. 8, no. 2, pp. 29-39, 2020.
[CrossRef] [Google Scholar] [Publisher Link]
[2] PanJun Sun, “Security and Privacy Protection in Cloud Computing: Discussions and Challenges,” Journal of Network and Computer Applications, vol. 160, 2020.
[CrossRef] [Google Scholar] [Publisher Link]
[3] G.R. Tsochev, and R.I. Trifonov, “Cloud Computing Security Requirements: A Review,” IOP Conference Series: Materials Science and Engineering, vol. 1216, no. 1, 2022.
[CrossRef] [Google Scholar] [Publisher Link]
[4] Fatemeh Khoda Paras et al., “Cloud Computing Security: A Survey of Service-Based Models,” Computers & Security, vol. 114, 2022.
[CrossRef] [Google Scholar] [Publisher Link]
[5] Fursan Thabit et al., “A New Lightweight Cryptographic Algorithm for Enhancing Data Security in Cloud Computing,” Global Transitions Proceedings, vol. 2, no. 1, pp. 91-99, 2021.
[CrossRef] [Google Scholar] [Publisher Link]
[6] Er. Seema Rani, “Data Security Issues in Cloud Environment: A Survey,” Computer Science & Electronics Journals, vol. 10, no. 2, pp. 141-149, 2017.
[Google Scholar] [Publisher Link]
[7] Rashi Saxena, and E. Gayathri, “A Study on Vulnerable Risks in Security of Cloud Computing and Proposal of its Remedies,” Journal of Physics: Conference Series, vol. 2040, no. 1, 2021.
[CrossRef] [Google Scholar] [Publisher Link]
[8] Albert Jeo San, and Xiola John, “Cloud Security Using Supervised Machine Learning,” International Journal of Advanced Scientific Innovation, vol. 2, no. 4, 2021.
[CrossRef] [Google Scholar] [Publisher Link]
[9] Sajid Habib Gill et al., “Security and Privacy Aspects of Cloud Computing: A Smart Campus Case Study,” Intelligent Automation & Soft Computing, vol. 31, no. 1, pp. 117-128, 2022.
[CrossRef] [Google Scholar] [Publisher Link]
[10] Tanweer Alam, Cloud Computing and its Role in the Information Technology, IAIC Transactions on Sustainable Digital Innovation (ITSDI), 2nd ed., pp. 108-115, 2020.
[Google Scholar] [Publisher Link]
[11] Syed Amma Sheik, and Amutha Prabakar Muniyandi, “Secure Authentication Schemes in Cloud Computing with Glimpse of Artificial Neural Networks: A Review,” Cyber Security and Applications, vol. 1, 2023.
[CrossRef] [Google Scholar] [Publisher Link]
[12] Muhammad Manjurul Ahsan et al., “Applications and Evaluations of Bio-Inspired Approaches in Cloud Security: A Review,” IEEE Access, vol. 8, pp. 180799-180814, 2020.
[CrossRef] [Google Scholar] [Publisher Link]
[13] Sanaa Hammad Dhahi et al., “Using Support Vector Machine Regression to Reduce Cloud Security Risks in Developing Countries,” Indonesian Journal of Electrical Engineering and Computer Science, vol. 30, no. 2, pp. 1159-1166, 2023.
[CrossRef] [Google Scholar] [Publisher Link]
[14] Poonam Kumari, and Meeta Singh “A Review: Different Challenges in Energy-Efficient Cloud Security,” IOP Conference Series: Earth and Environmental Science, vol. 785, no. 1, 2021.
[CrossRef] [Google Scholar] [Publisher Link]
[15] Fursan Thabit et al., “Exploration of Security Challenges in Cloud Computing: Issues, Threats, and Attacks with their Alleviating Techniques,” Journal of Information and Computational Science, vol. 12, no. 10, 2020.
[Google Scholar] [Publisher Link]
[16] Wenjuan Li et al., “Blockchain-based Trust Management in Cloud Computing Systems: A Taxonomy, Review and Future Directions,” Journal of Cloud Computing, vol. 10, no. 1, 2021.
[CrossRef] [Google Scholar] [Publisher Link]
[17] Alabi Orobosade et al., “Cloud Application Security Using Hybrid Encryption,” Communications on Applied Electronics, vol. 7, no. 33, pp. 25-31, 2020.
[CrossRef] [Google Scholar] [Publisher Link]
[18] Sanjeev Kumar et al., “Cloud Security Using Hybrid Cryptography Algorithms,” 2021 2nd International Conference on Intelligent Engineering and Management (ICIEM), London, United Kingdom, pp. 599-604, 2021.
[CrossRef] [Google Scholar] [Publisher Link]
[19] Dhirendra K.R. Shukla, Vijay K.R. Dwivedi, and Munesh C. Trivedi, “Encryption Algorithm in Cloud Computing,” Materials Today: Proceedings, vol. 37, pp. 1869-1875, 2021.
[CrossRef] [Google Scholar] [Publisher Link]
[20] Hua Deng et al., “Identity-Based Encryption Transformation for Flexible Sharing of Encrypted Data in Public Cloud,” IEEE Transactions on Information Forensics and Security, vol. 15, pp. 3168-3180, 2020.
[CrossRef] [Google Scholar] [Publisher Link]
[21] Mohan Naik Ramachandra et al., “An Efficient and Secure Big Data Storage in Cloud Environment by Using Triple Data Encryption Standard,” Big Data and Cognitive Computing, vol. 6, no. 4, 2022.
[CrossRef] [Google Scholar] [Publisher Link]
[22] Shihab A. Shawkat, Bilal A. Tuama, and Israa Al_Barazanchi, “Proposed System for Data Security in Distributed Computing using Triple Data Encryption Standard and Rivest-Shamir-Adleman,” International Journal of Electrical and Computer Engineering, vol. 12, no. 6, pp. 6496-6505, 2022.
[CrossRef] [Google Scholar] [Publisher Link]
[23] Lin Teng et al., “A Modified Advanced Encryption Standard for Data Security,” International Journal of Network Security, vol. 22, no. 1, pp. 112-117, 2020.
[Google Scholar] [Publisher Link]
[24] J. Stanly Jayaprakash et al., “Cloud Data Encryption and Authentication Based on Enhanced Merkle Hash Tree Method,” Computers, Materials & Continua, vol. 72, no. 1, pp. 519-534, 2022.
[CrossRef] [Google Scholar] [Publisher Link]
[25] P. Chinnasamy et al., “Ciphertext-Policy Attribute-Based Encryption for Cloud Storage: Toward Data Privacy and Authentication in AI-Enabled IoT System,” Mathematics, vol. 10, no. 1, 2021.
[CrossRef] [Google Scholar] [Publisher Link]
[26] Mani Goyal, and Avinash Sharma, “A Hybrid Encryption Model to Lower the Complexity of Securing the Data in Cloud,” Journal of Computational and Theoretical Nanoscience, vol. 17, no. 6, pp. 2664-2668, 2020.
[CrossRef] [Google Scholar] [Publisher Link]
[27] Hossein Abroshan, “A Hybrid Encryption Solution to Improve Cloud Computing Security Using Symmetric and Asymmetric Cryptography Algorithms,” International Journal of Advanced Computer Science and Applications, vol. 12, no. 6, 2021.
[CrossRef] [Google Scholar] [Publisher Link]
[28] R. Senthilkumar, and B.G. Geetha, “Asymmetric Key Blum-Goldwasser Cryptography for Cloud Services Communication Security,” Journal of Internet Technology, vol. 21, no. 4, pp. 929-939, 2020.
[Google Scholar] [Publisher Link]
[29] P. Chinnasamy et al., “Efficient Data Security Using Hybrid Cryptography on Cloud Computing,” Inventive Communication and Computational Technologies: Proceedings of ICICCT 2020, Singapore, pp. 537-547, 2021.
[CrossRef] [Google Scholar] [Publisher Link]
[30] Ali Kadhim Bermani, Tariq A.K. Murshedi, and Zaid A. Abod, “A Hybrid Cryptography Technique for Data Storage on Cloud Computing,” Journal of Discrete Mathematical Sciences and Cryptography, vol. 24, no. 6, pp. 1613-1624, 2021.
[CrossRef] [Google Scholar] [Publisher Link]
[31] Baris Celiktas, Ibrahim Celikbilek, and Enver Ozdemir, “A Higher-Level Security Scheme for Key Access on Cloud Computing,” IEEE Access, vol. 9, pp. 107347-107359, 2021.
[CrossRef] [Google Scholar] [Publisher Link]
[32] Sudakshina Mandal, Danish Ali Khan, and Sarika Jain, “Cloud-Based Zero Trust Access Control Policy: An Approach to Support Work-From-Home Driven by COVID-19 Pandemic,” New Generation Computing, vol. 39, no. 3, pp. 599-622, 2021.
[CrossRef] [Google Scholar] [Publisher Link]
[33] Arif Mohammad Abdul et al., “Enhancing Security of Mobile Cloud Computing by Trust-and Role-Based Access Control,” Scientific Programming, vol. 2022, pp. 1-10, 2022.
[CrossRef] [Google Scholar] [Publisher Link]
[34] Smriti Bhatt et al., “Attribute-Based Access Control for AWS Internet of Things and Secure Industries of the Future,” IEEE Access, vol. 9, pp. 107200-107223, 2021.
[CrossRef] [Google Scholar] [Publisher Link]
[35] N.N. Thilakarathne, and Dilani Wickramaaarachchi, “Improved Hierarchical Role-Based Access Control Model for Cloud Computing,” arXiv, 2020.
[CrossRef] [Google Scholar] [Publisher Link]
[36] Shilpi Harnal, and R.K. Chauhan, “Efficient and Flexible Role-Based Access Control (EFRBAC) Mechanism for Cloud,” EAI Endorsed Transactions on Scalable Information Systems, vol. 7, no. 26, 2020.
[CrossRef] [Google Scholar] [Publisher Link]
[37] Idowu Mayowa Opakunle et al., “Semantic Time-Based Access Control: A Model for Patients’ Data Security in a Cloud Environment,” International Journal of Scientific Engineering and Science, vol. 7, no. 1, pp. 24-33, 2023.
[Google Scholar] [Publisher Link]
[38] Mahesh B. Gunjal, and Vijay R. Sonawane, “Multi Authority Access Control Mechanism for Role-Based Access Control for Data Security in the Cloud Environment,” International Journal of Intelligent Systems and Applications in Engineering, vol. 11, no. 2s, pp. 250-264, 2023.
[Google Scholar] [Publisher Link]
[39] Balasubramanian Prabhu Kavin et al., “An Enhanced Security Framework for Secured Data Storage and Communications in Cloud Using ECC, Access Control and LDSA,” Wireless Personal Communications, vol. 115, pp. 1107-1135, 2020.
[CrossRef] [Google Scholar] [Publisher Link]
[40] Aakib Jawed Khan, and Shabana Mehfuz, “Fuzzy User Access Trust Model for Cloud Access Control,” Computer Systems Science & Engineering, vol. 44, no. 1, pp. 113-128, 2023.
[CrossRef] [Google Scholar] [Publisher Link]
[41] D. Karthik, and A. Vinayagam, “Strategy Attribute Based Access Control with Improved Key Generation Method for Cloud Computing,” International Journal of Computational Intelligence in Control, vol. 13, no. 2, 2021.
[Google Scholar] [Publisher Link]
[42] Khaled Riad, “Token-Revocation Access Control to Cloud-Hosted Energy Optimization Utility for Environmental Sustainability,” Applied Sciences, vol. 13, no. 5, 2023.
[CrossRef] [Google Scholar] [Publisher Link]
[43] Hanaa Attou et al., “Cloud-Based Intrusion Detection Approach using Machine Learning Techniques,” Big Data Mining and Analytics, vol. 6, no. 3, pp. 311-320, 2023.
[CrossRef] [Google Scholar] [Publisher Link]
[44] Himanshu Setia et al., “Securing the Road Ahead: Machine Learning-driven DDoS Attack Detection in VANET Cloud Environments,” Cyber Security and Applications, vol. 2, 2024.
[CrossRef] [Google Scholar] [Publisher Link]
[45] Ramakrishnan Ramamoorthy, Ramesh Kumar Ranganathan, and Sivakumar Ramu, “Scalable Network Intrusion Detection in Cloud Environments through Parallelized Swarm-Optimized Neural Networks,” Yanbu Journal of Engineering and Science, vol. 20, no. 2, pp. 62-70, 2024.
[CrossRef] [Google Scholar] [Publisher Link]
[46] Nishika Gulia et al., “Intrusion Detection System Using the G-ABC with Deep Neural Network in Cloud Environment,” Scientific Programming, vol. 2023, pp. 1-15, 2023.
[CrossRef] [Google Scholar] [Publisher Link]
[47] Muder Almiani et al., “Resilient Back Propagation Neural Network Security Model for Containerized Cloud Computing,” Simulation Modelling Practice and Theory, vol. 118, 2022.
[CrossRef] [Google Scholar] [Publisher Link]
[48] Balajee R.M., and Jayanthi Kannan M.K., “Intrusion Detection on AWS Cloud through Hybrid Deep Learning Algorithm,” Electronics, vol. 12, no. 6, 2023.
[CrossRef] [Google Scholar] [Publisher Link]
[49] Hasanien Ali Talib, Raya Basil Alothman, and Mazin S. Mohammed, “Malicious Attacks Modelling: A Prevention Approach for Ad Hoc Network Security,” Indonesian Journal of Electrical Engineering and Computer Science, vol. 30, no. 3, pp. 1856-1865, 2023.
[CrossRef] [Google Scholar] [Publisher Link]
[50] Prabhakar Krishnan et al., “OpenStackDP: A Scalable Network Security Framework for SDN-based OpenStack Cloud Infrastructure,” Journal of Cloud Computing, vol. 12, no. 1, 2023.
[CrossRef] [Google Scholar] [Publisher Link]
[51] Chunling Dong, Yu Feng, and Wenqian Shang, “A New Method of Dynamic Network Security Analysis based on Dynamic Uncertain Causality Graph,” Journal of Cloud Computing, vol. 13, no. 1, 2024.
[CrossRef] [Google Scholar] [Publisher Link]
[52] Abdulaziz Fatani et al., “Enhancing Intrusion Detection Systems for IoT and Cloud Environments Using a Growth Optimizer Algorithm and Conventional Neural Networks,” Sensors, vol. 23, no. 9, 2023.
[CrossRef] [Google Scholar] [Publisher Link]
[53] Doddi Srilatha, and N. Thillaiarasu, “Implementation of Intrusion Detection and Prevention with Deep Learning in Cloud Computing,” Journal of Information Technology Management, vol. 15, pp. 1-18, 2023.
[CrossRef] [Google Scholar] [Publisher Link]
[54] J. Jeya Praise, R. Joshua Samuel Raj, and J.V. Bibal Benifa, “Development of Reinforcement Learning and Pattern Matching (RLPM) based Firewall for Secured Cloud Infrastructure,” Wireless Personal Communications, vol. 115, no. 2, pp. 993-1018, 2020.
[CrossRef] [Google Scholar] [Publisher Link]
[55] Himanshu Sharma, “Zero Trust in the Cloud: Implementing Zero Trust Architecture for Enhanced Cloud Security,” ESP Journal of Engineering & Technology Advancements (ESP-JETA), vol. 2, no. 2, pp. 78-91, 2022.
[Google Scholar] [Publisher Link]
[56] Md Jakir Hossain et al., “ASMCC+: A Secure Authentication Scheme for Mobile Cloud Computing Environment Based on Zero Trust Architecture,” IEEE Transactions on Consumer Electronics, vol. 70, no. 3, pp. 6236-6249, 2024.
[CrossRef] [Google Scholar] [Publisher Link]
[57] Rafah Kareem Mahmood et al., “Optimizing Network Security with Machine Learning and Multi-Factor Authentication for Enhanced Intrusion Detection,” Journal of Robotics and Control (JRC), vol. 5, no. 5, pp. 1502-1524, 2024.
[Google Scholar] [Publisher Link]