اسم الباحث :
Mohammed Qiad AL_shamiry Ibrahim Ahmed Al-Baltah
Abstract Cloud computing is a new technology, that provides the customer with many different services. The main challenge that stands on the way of adapting this technology widely is the security aspect. Consequently, it needs a lot of effort and research to improve the security in the cloud. In this study we compared between the best three symmetric algorithms (AES, Blowfish, and 3DES) in terms of security, run time, and energy consumption. According to this comparison, we found that AES is better than other algorithms in run time and energy consumption, but the security isn't very high. Therefore, we propose a Secure Advance Encryption Algorithm (SAES) to improve the security in cloud computing. Keywords: SAES; Cloud computing, Symmetric algorithms, AES, Blowfish, 3DES Cloud computing is a technology that delivers computing resources including applications, servers, networks, storage, and services as services for the clients, at a certain cost. It consists of set of individual computing nodes with corresponding networking and storage subsystems [1][2]. The concept of cloud computing has evolved from cluster, grid, and utility computing. Cluster and grid computing leverage the use of many computers in parallel to solve problems of any size. Whereas, cloud computing leverages dynamic resources to deliver large numbers of services to end users. The cloud computing model enables users to share access to resources from anywhere at any time through their connected devices easily [1]. There are three types of cloud computing, namely, public cloud, private cloud, and hybrid cloud [2]. The public cloud is built over the Internet and can be accessed by any user who has paid for the service. Public clouds are owned by service providers and are accessible through a subscription. Many public clouds are available, including Google App Engine (GAE), Amazon Web Services (AWS), Microsoft Azure, IBM Blue Cloud, and Salesforce, and Force. The providers of the aforementioned clouds are commercial providers that offer publicly accessible remote interface for creating and managing virtual machine (VM) instances within their proprietary infrastructure. A public cloud delivers a selected set of business processes. The application and infrastructure services are offered on a flexible price-per-use basis [4][2]. Nevertheless, private cloud is built within the domain of an intranet owned by a single organization. Therefore, it is client owned and managed, and its access is limited to the owning clients and their partners. Its deployment was not meant to sell capacity over the Internet through publicly accessible interfaces. Private clouds give local users a flexible and agile private infrastructure to run service workloads within their administrative domains. A private cloud is supposed to deliver more efficient and convenient cloud services. It may impact the cloud standardization, while retaining greater customization and organizational control [2]. On the other hand, hybrid cloud is built with both public and private clouds. Private clouds attempt to achieve customization and offer higher efficiency, resiliency, security, and privacy. A hybrid cloud provides access to clients, the partner network, and third parties. Public clouds promote standardization, preserve capital investment, and offer application flexibility. Hybrid clouds operate in the middle, with many compromises in terms of resource sharing [2][4]. However, there are many concerns about the use of clouds and the transfer of business from within the organization to a public cloud. The biggest concerns are security issues. However, cloud computing environment is exposed to many attacks, such as web security attack, cloud malware injection attack, browser security attack, and flooding attack [3]. Maintaining data confidentiality, data integrity, and availability, is a very sensitive issue in cloud computing, which need to be done carefully. As a matter of fact, cloud computing uses different security algorithms for data encryption, which are divided into two categories symmetric algorithms, and asymmetric algorithms. Symmetric algorithms use the idea of generating only one key for data encryption and decryption. At the same time, this secret key should be known to the sender and receiver. The main advantage of using this type of algorithms is their fast process. This type of algorithms includes, AES, DES, 3DES, RC6, BLOWFISH [5]. In contrary, asymmetric algorithms relies on generating two different keys for data encryption, which are a private key and a public key. The uses of these keys are different, in which the public key for encryption, while the private key for decryption. The type of algorithms includes, ECC, Diffie-Hellman and RSA. However, this type of algorithms is slower than symmetric algorithm. In this study, we compared between the most important symmetric algorithms, namely AES, Blowfish, and 3DES. The used criteria of this comparison are security, run time, and energy consumption. Also we proposed a mode called SAES to improve the security in AES. The reminder of this paper is organized as follow. Section 2 presents the reviewed work related to the context of this study. Section 3 demonstrates an overview of symmetrical algorithms in the field of cloud computing. Section 4 presents the comparison of the chosen symmetrical algorithms. The proposed model is introduced in section 5. Finally, section 6 concludes this work and highlights some future works.
سنة النشر :
2017
ملخص البحث :
