Cloud 20/20 Version 3.

Technical Paper Contest 2011

SeCloud- A secured Cloud Model

Saba Wasim
Department Of computer Science Jamia Hamdard ,New Delhi Samwasim2002@gmail.com

Abstract Could Computing is emerging as a enticing field in IT sector because of its numerous
benefits ranging from its efficiency to scalability . It changes the total scenario of today's IT infrastructure because of its flexibility and computational performance and have major advantages by providing low manpower load on software updates and maintenance. Since cloud computing share resources via the network. This arises security problems to protect cloud computing application. The tag "access anywhere" gives the security concern a boost. This paper propose a secure cloud model known as SeCloud which covers the cloud security details like its loopholes, its vulnerabilities , effective exploits ,possible backdoor may used in it and the effective way to prevent all of the above using SeCloud. Keywords-cloud computing; trusted computing; cloud security

Introduction
Cloud Computing represents one of the most important shifts in information technology. Cloud gives the power to the consumer to access related data anywhere with much more computational power without any extra hardware cost. Cloud computing is a increased level of Virtualization, grid computing and SOA. The reason of why cloud computing is a hot topic in IT is its flexibility and amazing computational power. But still cloud computing implementation in an enterprise is low because of security reason. Security is the main fact of the low implementation of clouds in an enterprise. Almost 70% of consumers before adoption show there concerns on cloud's security. Some of the reasons are:y Confidentiality:- The biggest problem people sought is the data stored in a third party may give rise to data leakage or data breach. y Access control and identity management:- as clouds are highly virtualized the need of access control is much important to secure data flow. y Data segregation: cloud is typically in a shared environment, so it is mandatory to encrypt the data. On the client side the costumer planning to have a cloud of there business have complications which are:y Data location: Costumer dont have a knowledge of there data whereabouts. In fact, they even dont know which country it will be stored in. y Recovery: He should know that what will happen to his data and service in case of a disaster. Thus a secure cloud have all the above mentioned solution. Although there are various Cloud Model which provide security, but each of them have its own pro/cons. SaaS (Software As a service):- these are used to manage applications in the clouds. The advantages are : High Adoption and Upgrades and maintenances are managed by clouds service provider where as it have

Unisys Confidential

Page 1

Cloud 20/20 Version 3.0

Technical Paper Contest 2011

its counterpart which is: Risk of data loss while accessing software and Dependence on high speed internet.

For full paper submission Do contact UNISYS UNISYS CORPORATION ("UNISYS") RESERVES THE RIGHT TO CHANGE THESE TERMS AT ANY TIME, WITHOUT NOTICE TO YOU. ACCORDINGLY, YOU ARE ADVISED TO VISIT THIS PAGE TO REVIEW THE MOST CURRENT VERSION. http://www.unisys.com/unisys/

I.

REFERENCES

1. Z. Wenjun, "Integrated Security Framework for Secure Web Services," in IITSI 2010, pp. 178-183. 2. B. Wang, Huang He, Yuan, Liu Xiao, Xi, Xu Jing, Min, "Open Identity Management Framework for SaaS Ecosystem," in ICEBE '09. pp. 512517. 3. F. Elizabeth, , Vadim, Okun, "Web Application Scanners: Definitions and Functions," in HICSS 2007, pp. 280b-280b. 4. Lenin Singaravelu, Calton Pu, Hermann Hrtig, Christian Helmuth, "Reducing TCB complexity for security-sensitive applications: three case studies," SIGOPS Oper. Syst. Rev., vol. 40, pp. 161-174, 2006. 5. Takahiro Shinagawa, Hideki Eiraku, Kouichi Tanimoto, et al, "BitVisor: a thin hypervisor for enforcing i/o device security," presented at the Proceedings of the 2009 ACM SIGPLAN/SIGOPS international conference on Virtual execution environments, Washington, DC, USA, 2009. 6. Udo Steinberg, Bernhard Kauer, "NOVA: a microhypervisorbased secure virtualization architecture," in Proceedings of the 5th European conference. 7. Security Guidance for Critical Areas of Focus in Cloud Computing, Cloud Computing Architectural Framework, Cloud Security Alliance, p.15, April 2009. 8. Ragib Hasan Johns Hopkins University en.600.412 Spring 2010. 9. Unisys Cloud Reference Architecture 2011 Unisys Corporation. 10. Making Virtual Machines Cloud-Ready A Trend Micro White Paper | May 2010

Unisys Confidential

Page 2