Your All-in-One AI-Powered Toolkit for Academic Success.

+13062052269

info@desklib.com

Available 24*7 on WhatsApp / Email

Company

Tools

Support

Case Study: Cloud Security and Privacy in the DAS Department

Verified

Added on 2022/10/11

AI Summary

This case study analyzes the cloud security and privacy challenges faced by the Department of Administrative Services (DAS) in an Australian State Government transitioning to a "Shared Services" approach and adopting a "Cloud first" policy. The assignment identifies existing and new security and privacy threats to employee data, including DoS attacks, SQL injection, phishing, malware, and risks associated with SaaS like self-servicing by unauthorized users, data deletion, reduction of data controls, account hijacking, and API management issues. The study assesses the severity of these risks and outlines preventive actions and contingency plans. It also addresses privacy threats like data leaks, database protocol threats, lack of authentication, insufficient data disposal, and exposure of data backups. The case study provides a comprehensive risk assessment, emphasizing mitigation strategies and the importance of data protection in a cloud environment. The assessment covers various threats and suggests preventive measures and contingency plans, making it a valuable resource for understanding cloud security and privacy concerns.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.

Running head: CLOUD SECURITY AND PRIVACY
Cloud Security and Privacy
Name of the Student
Name of the University
Author’s Note:

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

1
CLOUD SECURITY AND PRIVACY
Table of Contents
1. Introduction............................................................................................................................2
2. Security of Employee Data....................................................................................................2
3. Privacy of Employee Data...................................................................................................10
4. Digital Identity Issue............................................................................................................19
5. Conclusion............................................................................................................................20
References................................................................................................................................22

2
CLOUD SECURITY AND PRIVACY
1. Introduction
Cloud computing technology eventually is helpful for the on demand accessibility as
well as availability of all kinds of computer based resources. The accessibility is being
initiated with absolutely zero involvement of the direct users’ management. The respective
clouds majorly comprise of some of the most distinctive and important functionalities that are
being dispersed to different locations from the centralized users (Baron et al., 2019). Thee
clouds are also not restricted to any one organization or company and they are available to
numerous organizations. Digital identity is the type of information about any particular
person, enterprise as well as electronic devices that help in remaining online. These are
identifiers, which could be referred to as responsible to detect each and every device and
person involved.
The sensitive information is being needed to be kept safe and digital identity has the
capability of easily providing security to such information without any type of complexities
or issues (Singh & Chatterjee, 2017). DAS can easily provide several services and products to
the various different departments of the respective government. The main services of this
organization are payroll management, contractor, procurement management, HR
management and several others. Recently, the organizational management has taken the
decision of shifting to the approach of Shared Services so that they would be able to secure
their confidential information easily. The report will be describing about the privacy as well
as security issues that could be often faced within the company of DAS. Various mitigation
strategies would also be described for these threats.
2. Security of Employee Data
2.1 Existing security threats to Employee data

3
CLOUD SECURITY AND PRIVACY
There are some of the major threats and risks that are related to security of employee
data that are provided in the following paragraphs:
S.
No
Security
Threat/Risk
Description
Likelihood
Impact
Priority
Preventive Actions Contingency
Plans
1. DoS Attacks. It
takes place
when data is
being hacked
by attackers by
making system
inaccessible
(Hashizume et
al., 2013).
Very
high
Very
high
Very
high
1. Development of
response plan.
2. Securing the
network
infrastructure
completely.
1. Ensuring a
complete BCP for
checking the
impact.
2. Prevention of
bots at any cost.
2. SQL Injection
Attack. It is
helpful for
execution of
malicious SQL
statements.
High High Very
high
1. Using the
prepared statement
for proper
parameterized
queries (Tirthani &
Ganesan, 2014).
2. Validating every
stored process to
prevent this issue.
1. Ensuring
security of the
users’ credentials
in relational
databases.
2. Successful
utilization of
stored procedure.
3. Legalized Mediu High Medium 1. Keeping a track of 1. Proper

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

4
CLOUD SECURITY AND PRIVACY
Privilege
Abuse. This
takes place
when customers
are provided
permission for
access privilege
of a database.
m all permission
change.
2. Improvement of
the total system
architecture.
identification of
privileged users
(Khalil, Khreishah
& Azeem, 2014).
2. Responding to
any type of
unwanted change.
4. Phishing. It
occurs when
the attacker
poses as a legal
user via emails.
Mediu
m
Medium Medium 1. There are certain
software for
detecting phishing
activities in the
system.
2. Avoiding the
public networks is
the next effective
action.
1. Verifying each
and every SSL
credential is a
contingency plan.
2. Investing in the
appropriate
technologies is the
next plan of
contingency.
5. Malware. It
occurs when a
virus intends to
damage the
networks (Popa
et al., 2013).
Low Low Low 1. Installing
antivirus software.
2. Up gradation of
system periodically.
1. Communication
for entry
methodology.
2. Blocking
unwanted access
completely.
Likelihood - VL, L, M, H, VH

5
CLOUD SECURITY AND PRIVACY
Impact- - VL, L, M, H, VH
Priority- - VL, L, M, H, VH
A detailed description of these threats is provided in the following paragraphs:
a) DoS Attacks: It causes subsequent destruction by allowing the hacker to get into
the machine and eventually access the databases.
b) Legalized Privilege Abuses: The customers get the opportunity of exploiting
numerous kinds of privileges for malicious purposes (Chang, Kuo & Ramachandran, 2016).
c) SQL Injection Attack: Code injections take place within the databases through text
message or email.
d) Phishing: A hacker gets himself as the legal user through text message or email.
e) Malware: This risk can cause subsequent destructions in the systems, servers or
even networks.
2.2 New Security Threat to Employee data (after moving to SaaS)
Few identified security risks related data privacy of DAS are provided below:
S. No New Security
Threat/Risk of
employee data
Description
(after moving
to Saas)
Likelihood
Impact
Priority
Preventive Actions Contingency
Plans
1. Self-Servicing
Inducement of
Medium Low Medium 1. An important
preventive strategy for
1. One of the major
contingency

6
CLOUD SECURITY AND PRIVACY
the
Unauthorized
Users (Modi et
al., 2013). This
particular issue
takes place for
the core purpose
of inducement of
any kind of
unauthorized
users; thus
enabling the
company’s
personnel in
enabling
services to
successful
implement SaaS.
this issue is successful
inclusion of the all
types of planning and
strategy within the
respective business. It
is absolutely possible
by proper establishing
the security incidence
and response teams.
2. The second
strategy is using a two
factor authentication
to reduce the issue
(Khansa & Zobel,
2014).
planning would be
conducting
periodical audit to
check for the
unutilized
accounts.
2. The second
effective
contingency
planning would be
properly following
every policy
related to
termination of
staff.
2. Deletion of
Data. This issue
takes place when
any specific
client gains
major
permission to
Very
low
Low Low 1. An important
preventive strategy for
this issue is
continuous updating
applications for data
storage to be sure that
data does not gets
1. One of the
major contingency
planning would be
successful
inclusion of the
encryption
technique in the

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

7
CLOUD SECURITY AND PRIVACY
reduce their
visibility and
control.
deleted.
2. The second
strategy is successful
deployment of the
brand new software in
their present system to
prevent this kind of
issue.
subsequent system
and data to reduce
the total effect for
deletion of data
(Nepal & Pathan,
2014).
2. The second
effective
contingency
planning would be
creating all types
of archive files
within the
respective system
to protect the
confidential data.
3. Reduction of the
Data Controls. It
mainly takes
place as soon as
the operations
and assets are
being
transitioned to
the public cloud;
High Very
high
Very
high
1. An important
preventive strategy for
this issue is
duplication of data to
ensure effective
analysis (Donald, Oli
& Arockiam, 2013).
2. The second
strategy is efficient
1. One of the
major contingency
planning would be
subsequent loss
prevention and
hence data
elimination is
restricted.
2. The second

8
CLOUD SECURITY AND PRIVACY
hence existing a
higher chance
for losing
visibility or
control of data.
diversification of the
data.
effective
contingency
planning would be
avoidance of risks.
4. Hijacking of the
accounts. It
majorly takes
place as soon as
the cloud
account is being
hacked to
exploit data.
Very
high
Very
high
Very
high
1. An important
preventive strategy for
this issue is regular
password updates
(Booth, Soknacki &
Somayaji, 2013).
2. The second
strategy is checking of
every on demand
resource.
1. One of the
major contingency
planning would be
conducting the
malicious and
unauthenticated
activities.
2. The second
effective
contingency
planning would be
successful removal
of data leakage and
falsification.
5. Negotiating the
total
management of
application
programming
interface. It
Very
high
High High 1. An important
preventive strategy for
this issue is proper
usage of the hash
functions so that it
becomes much easier
1. One of the
major contingency
planning would be
periodical
validation and
even verification

9
CLOUD SECURITY AND PRIVACY
mainly takes
place as soon as
the interfaces
gets exposed to
the respective
clouds so that
the attackers get
major
opportunity for
hacking the data.
to access the Internet
connectivity of these
interfaces.
2. The second
strategy is not
exposing the
confidential data or
information on the
URL of the website
under any
circumstance.
of each input
parameter.
2. The second
effective
contingency
planning would be
using the functions
of HTTPS in DAS
(Kshetri, 2013).
Likelihood - VL, L, M, H, VH
Impact- - VL, L, M, H, VH
Priority- - VL, L, M, H, VH
A detailed description of these threats is provided in the following paragraphs:
a) Self Servicing Inducement of the Unauthorized Users: The respective
unauthorized users get the chance of self-servicing and the authenticated users cannot help it.
b) Negotiating the total management of application programming interface: The
API’s internet access management is being negotiated by the hackers.
c) Hijacking of the accounts: The respective accounts of the confidential users are
being hijacked completely by the attackers (Sun et al., 2014).

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

10
CLOUD SECURITY AND PRIVACY
d) Reduction of the Data Controls: The data control is being reduced and the
authorized users face issue due to this.
e) Deletion of Data: The confidential data often gets completed deleted and there
exists no method of gaining it back.
2.3 Severity of risk and threat to security employee data
A severity matrix of risk for data security within DAS is provided in the following
paragraph:
Probability
Very High - - -
Negotiating
the total
management
of
application
programmin
g interface
Hijacking of the
accounts, DoS
attack
High - - -
SQL
Injection
Attacks
Reduction of
Controls
Medium -
Self
Servicing
Inducement
of the
Unauthorize
d Users Phishing
Legalized
Privilege
Abuse -
Low Malware - - -
Very Low -
Deletion of
Data - - -
Severity Very Low Low Medium High Very High
3. Privacy of Employee Data
3.1 Existing privacy threats and risks to the privacy of employee data

11
CLOUD SECURITY AND PRIVACY
There are some of the major threats and risks that are related to privacy of employee
data that are provided in the following paragraphs:
S.
No
Privacy
Threat/Risk
Description
(Employee
data)
Likelihood
(Probability)
Impact
(Severity)
Priority
Preventive
Actions
Contingency
Plans
1. Leaking of
Private Data.
This takes
place when the
confidential
data is being
leaked or
hacked (Zhou
et al., 2017).
High Medium Medium 1. An
important
preventive
strategy for
this issue is
regular
password
updates.
2. The
second
strategy is
endpoint
privacy in
network.
1. One of the
major contingency
planning would be
involvement of
multi-step
solutions.
2. The second
effective
contingency
planning would be
successful
application of
policies.
2. Database
Protocol
Threats. This
takes place
Very
high
Very
high
High 1. An
important
preventive
strategy for
1. One of the
major contingency
planning would be
involvement of a

12
CLOUD SECURITY AND PRIVACY
during
knowing about
every level of
database threat.
this issue
would be
incorporating
measures for
database
security at
any cost
(Singh et al.,
2015).
2. DAS
should
involve a
proper plan
for disaster
recovery to
prevent such
problems.
plan for backup
continuity in DAS.
2. The second
effective
contingency
planning would be
providing effective
training programs
to each and every
staff.
3. Lack of
Authorization
and
Authentication.
This occurs
when data
authentication
is not being
Medium High High 1. An
important
preventive
strategy for
this issue
would be
access right
control.
1. One of the
major contingency
planning would be
providing
awareness training
related to cyber
threat.
2. The second

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

13
CLOUD SECURITY AND PRIVACY
completed. 2. The second
strategy is
restricting
utilization of
devices and
systems.
effective
contingency
planning would be
establishing
BYOD policies
within the
company.
4. Insufficient
Disposal of
Personal Data
(Krishna et al.,
2016). This
occurs while
there is a
failure in
successful
removal of
personal data.
Very low Medium Medium 1. An
important
preventive
strategy for
this issue
would be
successful
installation of
cyber
security
protection in
all networks.
2. The
second
strategy is
ensuring
confidential
data from
1. One of the
major contingency
planning would be
utilizing strategies
regarding defence.
2. The second
effective
contingency
planning would be
successful
installation of IPS
and IDS system.

14
CLOUD SECURITY AND PRIVACY
systems.
5. Exposure of
Data Backups.
This occurs
when data gets
exposed to
cloud.
Low Very low Very low 1. An
important
preventive
strategy for
this issue
would be
monitoring
the access.
2. The
second
strategy is
utilizing
encryption
technique.
1. One of the
major contingency
planning would be
locking networks
(Narula & Jain,
2015).
2. The second
effective
contingency
planning would be
identifying critical
data regularly.
Likelihood - VL, L, M, H, VH
Impact- - VL, L, M, H, VH
Priority- - VL, L, M, H, VH
A detailed description of these threats is provided in the following paragraphs:
a) Leaking of Private Data: For this threat, the private data is being leaked
eventually.
b) Database Protocol Threats: There are numerous threats related to database
protocol and it enhances data loss chances.

15
CLOUD SECURITY AND PRIVACY
c) Lack of Authorization and Authentication: Data authorization and authentication
is often being lost without any prior notification.
d) Insufficient Disposal of Personal Data: A major disposal of the data falsification
is present and it eventually enhances inadequacy in data operation (Padmapriya & Subhasri,
2013).
e) Exposure of Data Backups: Each and every confidential datum gets completely
exposed to cloud, hence it might get lost.
3.2 New Security Threat to Employee data (after moving to SaaS)
Few identified security risks related data privacy of DAS are provided below:
S.
No
New Privacy
Threat/Risk
of employee
data
Description
(after
moving to
Saas)
Likelihood
Impact
Priority
Preventive Actions Contingency Plans
1. Stolen or
hacked
credentials.
This type of
issue arises
only when
the
Very
high
High Very
high
1. Periodically
updating the
passwords so that
they are not hacked is
the first action.
2. The next
preventive action
1. One of the major
contingency planning
would be providing
minimum training to
each and every
employee in DAS.

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

16
CLOUD SECURITY AND PRIVACY
confidential
credentials
get hacked or
stolen.
would be successful
deployment of the
firewall for
enhancement of
security (Zhang et
al., 2014).
2. The second
effective contingency
planning for hacked
credentials is
involvement of
legalized standards
within the
organization.
2. Lack of the
Breach
Response.
This issue
takes place
during
providing a
quicker
response to
every present
threat
Medium Medium Medium 1. The first
preventive action is
the successful
deployment of an
incident response
team.
2. DAS should
involve BCP or
business continuity
plan within their
business
1. One of the major
contingency planning
would be ensuring
that the best controls
of security are
present in the
company.
2. The second
effective contingency
planning would be
major presence of the
proper transparency
within every privacy
policy.
3. Insider’s
Attack. This
threat takes
High High High 1. The first
preventive action is
the successful
1. One of the major
contingency planning
would be frequent

17
CLOUD SECURITY AND PRIVACY
place when
any employee
or staff
violates rules
and hacks
data.
implementation of a
security response
plan within the
business (Pansotra &
Singh, 2015).
2. DAS should
involve encryption
technique in their
system for securing
data.
and periodical
system or device
auditing.
2. The second
effective contingency
planning would be
issuance of the
policies of BYOD for
each and every
employee.
4. Incrementing
Complexity
for the
Company’s
Staff. This
issue takes
place as soon
as
confidential
data is
eventually
shifted to the
software as a
service
Very
Low
Very
Low
Very
Low
1. The first
preventive action is
to follow all the steps
and phases during
data movement to the
cloud model of SaaS.
2. DAS should
involve periodical
integration of
systems.
1. One of the major
contingency planning
would be
involvement of the
plan for backup
continuity regarding
confidential data.
2. The second
effective contingency
planning would be
ensuring that there
are effective policies
for data privacy.
5. Inadequate Medium Low Low 1. The first 1. One of the major

18
CLOUD SECURITY AND PRIVACY
Due
Diligences.
This issue
takes place
while data is
being
migrated to
the cloud
model of
software as a
service.
preventive action is
to regular check or
inspect the devices
and systems.
2. DAS should
involve successful
deployment of
antivirus software
(Ab Rahman &
Choo, 2015).
contingency planning
would be deployment
of the various
policies that are
related to proper
protection of the
software.
2. The second
effective contingency
planning would be
providing effective
training to every
staff.
Likelihood - VL, L, M, H, VH
Impact- - VL, L, M, H, VH
Priority- - VL, L, M, H, VH
A detailed description of these threats is provided in the following paragraphs:
a) Stolen or hacked credentials: In this threat, the various credentials like passwords
are being stolen and hacked by hacker.
b) Lack of the Breach Response: The respective breach responses could easily
recognize the issues; hence lacking such responses can eventually bring out subsequent
issues.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

19
CLOUD SECURITY AND PRIVACY
c) Insider’s Attack: When any employee hacks the data either unintentionally or
intentionally.
d) Incrementing Complexity for the Company’s Staff: There are some of the most
distinctive complexities related to the organizational employees’ data, which might get
incremented when data is being migrated to the cloud model of software as a service
(Padmapriya & Subhasri, 2013).
e) Inadequate Due Diligences: The inadequate due diligences can eventually bring
out some of the most significant problems within DAS.
3.3 Severity of risk and threat to privacy of employee data
A severity matrix of risk for data privacy within DAS is provided in the following
paragraph:
Probability
Very High - - -
Stolen or
hacked
credentials -
High - -
Leaking of
Private Data
Insider’s
Attack
Database
Protocol Threats
Medium -
Inadequat
e Due
Diligence
s
Lack of the
Breach
Response
Lack of
Authorization
and
Authenticatio
n -
Low
Exposure of
Data Backup - - - -
Very Low
Incrementin
g
Complexity
for the
Company’s
Staff -
Insufficient
Disposal of
Personal
Data - -
Severity Very Low Low Medium High Very High

20
CLOUD SECURITY AND PRIVACY
4. Digital Identity Issue
The two types of cloud, which are hybrid cloud and public cloud are extremely
helpful for any organization regarding reduction or minimization of costs related to
infrastructure. Since, clouds provide various methods of reducing the overall complexity for
excess costs, it is often being undertaken by several popular organizations within their
business. Cloud is also effective foe enabling the organization in getting applications to make
them run effortlessly by improved maintenance as well as management (Kshetri, 2013). A
digital identity is a type of information or entity, which can be easily utilized with the help of
computerized systems for efficiently representing the external agents. Such agents can also
comprise of the major capability of allowing excellent accessibility towards any kind of
service and therefore making these few services completely automatic.
A digital identity is even responsible for allowing to shift the sensitive information to
the technology of cloud. In spite of the fact that there exists several distinctive and popular
benefits of a digital identities, some of the major threats or vulnerabilities are present, which
could easily cause major destruction to the data or any system. The most significant threats
that are solely associated to the subsequent security of a digital identity within the
organization of DAS and even sensitive data are provided in the following paragraphs:
a) Lacking any type of Verification or Validation: This is the first as well as the most
important and significant problem that is quite common for a digital identity (Khansa &
Zobel, 2014). It is referred to as extremely important for successfully maintenance of any
specific digital identity and the respective threat can also be termed as quite responsible to
bring out numerous noteworthy and distinct problems that are completely related to such
identities.

21
CLOUD SECURITY AND PRIVACY
b) Poorer Authorization as well as Authentication: This is the next significant and
vital problem that is being associated to a digital identity. When any particular digital identity
will not be obtaining subsequent authentication, there exists an extremely high chance to lose
CIA or confidentiality, integrity and finally availability of the confidential data. All the
attackers or perpetrators could easily enter or seek into the machine for hacking the data;
therefore all sorts of access, which are both unauthenticated as well as unauthorized could not
be ceased effectively (Tirthani & Ganesan, 2014). These distinct and popular problems that
are associated to the authorization as well as authentication are required to be analysed or
minimized under every scenario so that it becomes quite easier to maintain the security and
privacy of data effectively.
5. Conclusion
Hence, conclusion could be drawn that cloud mainly is dependent on the resource
sharing so that it is able to achieve subsequent coherence within the respective business. For
the high accessibility of the storage devices and networks, the various providers of cloud
services enable the total adaptation to SOA and virtualization of hardware. The numerous
services of cloud mainly include PaaS, SaaS as well as IaaS. Three distinct characteristics of
the cloud computing are present that could be referred to as extremely helpful during
differentiation of the newer services from traditional ones. Numerous innovations are also
present for the technology that provides improved accessibility to higher speed Internet
connectivity.
Security of the cloud technology is termed as one of the major needs for an
organization as it is capable of enabling numerous users for gaining advantages from all types
of technologies without even needing to be an expert in the respective field. The technology
of cloud computing even takes an attempt in addressing total quality of service or QoS about
the issues related to scalability as well as reliability. The major and the most vital features of

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

22
CLOUD SECURITY AND PRIVACY
this particular technology include computing of main frame, models of client server and fog
computing. This technology also helps in reduction of the various complexities to higher
level about data transferring security or issues associated to user authentication. The report
has provided a detailed description of the case scenario of DAS organization. Numerous
threats and risks are being identified in the work for cloud security as well as digital identity,
with their relevant strategies to mitigate them efficiently.

23
CLOUD SECURITY AND PRIVACY
References
Ab Rahman, N. H., & Choo, K. K. R. (2015). A survey of information security incident
handling in the cloud. computers & security, 49, 45-69.
Baron, H., Heide, S., Mahmud, S., & Yeoh, J. (2019). Cloud Security Complexity:
Challenges in Managing Security in Hybrid and Multi-Cloud Environments.
Booth, G., Soknacki, A., & Somayaji, A. (2013, June). Cloud security: attacks and current
defenses. In 8th Annual symposium on information Assurance (ASIA’13) (pp. 56-62).
NYSCSC.
Chang, V., Kuo, Y. H., & Ramachandran, M. (2016). Cloud computing adoption framework:
A security framework for business clouds. Future Generation Computer Systems, 57,
24-41.
Donald, A. C., Oli, S. A., & Arockiam, L. (2013). Mobile cloud security issues and
challenges: A perspective. International Journal of Engineering and Innovative
Technology, 3(1), 401.
Hashizume, K., Rosado, D. G., Fernández-Medina, E., & Fernandez, E. B. (2013). An
analysis of security issues for cloud computing. Journal of internet services and
applications, 4(1), 5.
Khalil, I., Khreishah, A., & Azeem, M. (2014). Cloud computing security: A
survey. Computers, 3(1), 1-35.
Khansa, L., & Zobel, C. W. (2014). Assessing innovations in cloud security. Journal of
Computer Information Systems, 54(3), 45-56.
Krishna, B. H., Kiran, S., Murali, G., & Reddy, R. P. K. (2016). Security issues in service
model of cloud computing environment. Procedia Computer Science, 87, 246-251.

24
CLOUD SECURITY AND PRIVACY
Kshetri, N. (2013). Privacy and security issues in cloud computing: The role of institutions
and institutional evolution. Telecommunications Policy, 37(4-5), 372-386.
Modi, C., Patel, D., Borisaniya, B., Patel, A., & Rajarajan, M. (2013). A survey on security
issues and solutions at different layers of Cloud computing. The journal of
supercomputing, 63(2), 561-592.
Narula, S., & Jain, A. (2015, February). Cloud computing security: Amazon web service.
In 2015 Fifth International Conference on Advanced Computing & Communication
Technologies (pp. 501-505). IEEE.
Nepal, S., & Pathan, M. (Eds.). (2014). Security, privacy and trust in cloud systems. Springer
Berlin Heidelberg.
Padmapriya, A., & Subhasri, P. (2013). Cloud computing: security challenges and encryption
practices. International Journal of Advanced Research in Computer Science and
Software Engineering, 3(3).
Pansotra, E. A., & Singh, E. S. P. (2015). Cloud security algorithms. International Journal of
Security and Its Applications, 9(10), 353-360.
Popa, D., Cremene, M., Borda, M., & Boudaoud, K. (2013, January). A security framework
for mobile cloud applications. In 2013 11th RoEduNet International Conference (pp.
1-4). IEEE.
Singh, A., & Chatterjee, K. (2017). Cloud security issues and challenges: A survey. Journal
of Network and Computer Applications, 79, 88-115.
Singh, J., Pasquier, T., Bacon, J., Ko, H., & Eyers, D. (2015). Twenty security considerations
for cloud-supported Internet of Things. IEEE Internet of things Journal, 3(3), 269-
284.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

25
CLOUD SECURITY AND PRIVACY
Sun, Y., Zhang, J., Xiong, Y., & Zhu, G. (2014). Data security and privacy in cloud
computing. International Journal of Distributed Sensor Networks, 10(7), 190903.
Tirthani, N., & Ganesan, R. (2014). Data Security in Cloud Architecture Based on Diffie
Hellman and Elliptical Curve Cryptography. IACR Cryptology ePrint Archive, 2014,
49.
Zhang, L., Luo, Y., Tao, F., Li, B. H., Ren, L., Zhang, X., ... & Liu, Y. (2014). Cloud
manufacturing: a new manufacturing paradigm. Enterprise Information Systems, 8(2),
167-187.
Zhou, J., Cao, Z., Dong, X., & Vasilakos, A. V. (2017). Security and privacy for cloud-based
IoT: Challenges. IEEE Communications Magazine, 55(1), 26-33.