Open Access Open Access  Restricted Access Subscription Access

Grid and Cloud Computing Security:A Comparative Survey


Affiliations
1 Networks and Systems Laboratory, Badji Mokhtar University, Annaba, Algeria
 

The major purpose of this article is to know the security requirements and their solutions in grid and cloud computing environments. We first focused generally on the security issue in grids as in cloud computing where we examined all the articles proposed in the literature. Then, we classify them according to the treated security issue (authentication, access control, integrity, confidentiality or multiple security issues). A comparative study was carried out between the different techniques presented in each class of each environment. The same classification is done with research articles concerning security issues in cloud computing environment. The study was followed by a comparison between the different proposed techniques for each class in grid computing with those proposed within the same class in cloud. As a result we found that the access control issue is the most considered research area in both grid and cloud computing environments.


Keywords

Grid Security, Cloud Security, Security Issues, Access Control, Authentication, Integrity, Confidentiality.
User
Notifications
Font Size

  • Daniel Minoli, a networking approach to grid computing, published by John Wiley & Sons, Inc., Hoboken, New Jersey (2005).
  • Peter Mell and Tim Grance , The NIST Definition of Cloud Computing, Computer Security Division Information Technology Laboratory National Institute of Standards and Technology Gaithersburg, MD 20899-8930 (2011).
  • Harmeet Kaur ,comparison of data security in grid and cloud computing, ijret: International Journal of Research in Engineering and Technology eISSN: 2319-1163 | pISSN: 2321-7308 (2013).
  • David Villegas, Ivan Rodero, Liana Fong, Norman Bobroff, Yanbin Liu, Manish Parashar and S. Masoud Sadjadi ,The Role of Grid Computing Technologies in Cloud Computing, Handbook of Cloud Computing pp 183-218 (2010).
  • David Munoz Sanchez , Comparison between security solutions in Cloud and Grid Computing, Aalto University, T-110.5290 Seminar on Network Security (2010).
  • Firesmith D., Specifying Reusable Security Requirements, ETH Zurich, Chair of Software Engineering, Vol. 3, No. 1, January-February–(2004).
  • Weizhong Qiang and Aleksandr Konstantinov; The design and implementation of standards-based Grid single sign-on using federated identity, 2010 12th IEEE International Conference on High Performance Computing and Communications, (2010).
  • Ming Chen ; Kaigui Wu ; Changze Wu and Zhongfu Wu , Certificateless-Signature-Based Authenticated Key Agreement Protocol for Grid, 2010 Fifth Annual ChinaGrid Conference, DOI: 10.1109/ChinaGrid.2010.52 (2010).
  • Hedayati M., Kamali S.H. and Shakerian R.,. Using Identity-Based Secret Public Keys Cryptography for Heuristic Security Analyses in Grid Computing, 2010 5th International Symposium on Telecommunication (IST'2010), DOI: 10.1109/ISTEL.2010.5734028
  • Avijit Bhowmick , Chandan Koner , C T Bhunia “A Novel Time based Authentication Technique for Enhancing Grid Computing Security ”; National Conference on Communication Technologies & its impact on Next Generation Computing CTNGC (2012).
  • A. Kazemi ; “Review of Grid Computing Security and Present a New Authentication Method for Improving Security ” , International Journal of Advance Foundation and Research in Computer (IJAFRC) Volume 1, Issue 4 ISSN2348 – 4853 (2014).
  • V. Nandakumar , A novel shared key for security in grid computing, 2014 International Conference on Smart Structures and Systems (ICSSS), DOI: 10.1109/ICSSS.2014.7006190, (2014).
  • Ivan Stojmenovic, Access Control in Distributed Systems, 2011 International Joint Conference of IEEE TrustCom-11/IEEE ICESS-11/FCST-11, (2011).
  • Xiao-jun Zhu; Shi-qin Lv; Xue-li Yu and Guang-Ping Zuo, Dynamic Authorization of Grid Based on Trust Mechanism, 2010 International Symposium on Intelligence Information Processing and Trusted Computing, DOI: 10.1109/IPTC.2010.113 (2010).
  • Mustafa Kaiiali; Rajeev Wankar; C. R. Rao and Arun Agarwal, New Efficient Tree-Building Algorithms for Creating HCM Decision Tree in a Grid Authorization System, 2010 Second International Conference on Network Applications, Protocols and Services, DOI: 10.1109/NETAPPS.2010.8, (2010).
  • Kaiiali, M., Wankara, R., Rao, C.R., Agarwal, A., & Buyya R. Grid Authorization Graph. Future Generation Computer Systems 29 1909–1918,(2013).
  • Tiezhu Zhao and Shoubin Dong, A Trust Aware Grid Access Control Architecture Based on ABAC, 2010 IEEE Fifth International Conference on Networking, Architecture, and Storage, DOI: 10.1109/NAS.2010.18, (2010).
  • Bhavna Gupta; Harmeet Kaur; Namita and Punam Bedi, Trust Based Access Control for Grid Resources, 2011 International Conference on Communication Systems and Network Technologies, DOI: 10.1109/CSNT.2011.146, (2011)
  • Tu M., Li P., Yen I.L,. Secure Data Objects Replication in Data Grid; IEEE transactions on dependable and secure computing, vol. 7, no. 1, january-march (2010).
  • E. Cebuc; A. Suciu; K. Marton; S. Dolha and L. Muresan , Implementation of cryptographic algorithms on a Grid infrastructure, 2010 IEEE International Conference on Automation, Quality and Testing, Robotics (AQTR) Year: 2010, Volume: 2 Pages: 1 - 6, DOI: 10.1109/AQTR.2010.5520814, (2010).
  • T Sudalai Muthu; R. Vadivel; A. Ramesh and G. Vasanth , A novel protocol for secure data storage in Data Grid environment, Trendz in Information Sciences & Computing(TISC2010) Year: 2010 Pages: 125 - 130, DOI: 10.1109/TISC.2010.5714622. (2010).
  • Razieh Mokhtarnameh; Ho Sin Ban and Nithiapidary Muthuvelu , An empirical study on secure communication for grid information service, 2010 International Conference on Computer Applications and Industrial Electronics Year: 2010, DOI: 10.1109/ICCAIE.2010.5771166.(2010).
  • Rajesh Ingle and G. Sivakumar , EGSI: TGKA Based Security Architecture for Group Communication in Grid, 2010 10th IEEE/ACM International Conference on Cluster, Cloud and Grid Computing, DOI: 10.1109/CCGRID.2010.28. .(2010).
  • Ashrafijoo B., Navin A.H., Nia M.M., Abedini S., Azari N., Trust Management in Grid Computing Systems Based on Probability Theory, 201O 2nd International Conforence on Education Technology and Computer (ICETC) (2010).
  • Khider H.; Osman T. and Sherkat N., Attribute-Based Authorization for Grid Computing, 2010 International Conference on Intelligent Systems, Modelling and Simulation, DOI: 10.1109/ISMS.2010.24 (2010).
  • G. Jaspher Willsie Kathrine; Benson Edwin Raj and E. Kirubakaran , A novel security framework for computational grid, 2011 3rd International Conference on Electronics Computer Technology Year: 2011, Volume: 1 Pages: 103 - 107, DOI: 10.1109/ICECTECH.2011.5941569. (2011).
  • Anitha Kumari K, Sudha Sadasivam G , Senthil Prabha R, Saranya G, Grid Based Security Framework for Online Trading, 2011 International Conference on Process Automation, Control and Computing (2011)
  • H. A. Dinesha and V. K. Agrawal , Multi-level authentication technique for accessing cloud services, 2012 International Conference on Computing, Communication and Applications, DOI: 10.1109/ICCCA.2012.6179130, (2012).
  • Velciu M.A., Patrascu A. and Patriciu V.V.,. Bio-cryptographic authentication in cloud storage sharing; 9th IEEE International Symposium on Applied Computational Intelligence and Informatics • May 15-17, 2014 Timişoara, Romania (2014).
  • Chandra Sekhar Vorugunti , M. Giri and Mrudula Sarvabhatla (2014), a robust ticket-based mutual authentication scheme for data security in cloud computing, 2014 International Conference on Data Science & Engineering (ICDSE), DOI: 10.1109/ICDSE.2014.6974613, (2014)
  • Ashish Singh and Kakali Chatterjee, A secure multi-tier authentication scheme in cloud computing environment, 2015 International Conference on Circuits, Power and Computing Technologies [ICCPCT-2015], DOI: 10.1109/ICCPCT.2015.7159276 (2015).
  • Mansour A., Sadik M. and Essaid Sabir; Multi-factor Authentication based on Multimodal Biometrics (MFA-MB) for Cloud Computing; 2015 IEEE/ACS 12th International Conference of Computer Systems and Applications (AICCSA) (2015).
  • Al-Attab B.S.; Fadewar H.S., Authentication Scheme for Insecure Networks in Cloud Computing, 2016 International Conference on Global Trends in Signal Processing, Information Computing and Communication (2016).
  • Hamid Roomi Talkhaby and Reza Parsamehr , Cloud computing authentication using biometric-Kerberos scheme based on strong Diffi-Hellman-DSA key exchange, 2016 International Conference on Control, Instrumentation, Communication and Computational Technologies (ICCICCT), DOI: 10.1109/ICCICCT.2016.7987926, (2016).
  • Sun L., Wang R., Yong J. and Wu G. (2012), Semantic access control for cloud computing based on e-Healthcare, Proceedings of the 2012 IEEE 16th International Conference on Computer Supported Cooperative Work in Design.
  • Chunlei W., Zhongwei L. and Xuerong C. (2012), An Access Control Method of Cloud Computing Resources Based on Quantified-Role, 14th International Conference on Communication Technology, IEEE.
  • Yue-qin F. ET Yong-sheng Z. (2012), Trusted Access Control Model Based on Role and Task in Cloud Computing, 7th International Conference on Information Technology in Medicine and Education .
  • Dos Santos D. , Westphall C. Et Westphall C. (2013), Risk-based Dynamic Access Control for a Highly Scalable Cloud Federation, SECURWARE 2013: The Seventh International Conference on Emerging Security Information, Systems and Technologies.
  • Rajani Kanth Aluvalu and Lakshmi Muddana , A dynamic attribute-based risk aware access control model (DA- RAAC) for cloud computing, 2016 IEEE International Conference on Computational Intelligence and Computing Research (ICCIC), DOI: 10.1109/ICCIC.2016.7919618, (2016).
  • Chen A., Xing H. , She K. and Duan G., A Dynamic Risk-based Access Control Model for Cloud Computing, IEEE International Conferences on Big Data and Cloud Computing (BDCloud), Social Computing and Networking (SocialCom), Sustainable Computing and Communications (SustainCom) (2016).
  • Khan F., Li H. and Zhang L. (2016), Owner Specified Excessive Access Control for Attribute Based Encryption, DOI 10.1109/ACCESS.2016.2632132, IEEE Access.
  • Mon E. and Naing T., The privacy-aware access control system using attribute-and role-based access control in private cloud, proceedings of IEEE IC-BNMT (2011).
  • Vijayaraghavan Varadharajan, Alon Amid, Sudhanshu Rai, Policy Based Role Centric Attribute Based Access Control Model; 2015 Intl. Conference on Computing and Network Communications (CoCoNet'15), Dec. 16-19, 2015, Trivandrum, India (2015).
  • Meryeme Ayache, Mohammed Erradi and Bernd Freisleben, Access Control Policies Enforcement in a Cloud Environment: Openstack; 2015 11th International Conference on Information Assurance and Security (IAS) (2015).
  • Auxilia M and K. Raja , Dynamic Access Control Model for Cloud Computing, 2014 Sixth International Conference on Advanced Computing (ICoAC), DOI: 10.1109/ICoAC.2014.7229744. (2014).
  • Dinesh C, (2018). Data Integrity and Dynamic Storage Way in Cloud Computing, https://arxiv.org/abs/1111.2418 (Consulté en 2018)
  • Munwar Ali Zardari, Low Tang Jung, Nordin Zakaria, K-NN Classifier for Data Confidentiality in Cloud Computing , 2014 International Conference on Computer and Information Sciences (ICCOINS) (2014).
  • Luo W. and Bai G., (2011). Ensuring The Data Integrity In Cloud Data Storage, 2011 IEEE International Conference on Cloud Computing and Intelligence Systems (2011).
  • Sonam Chugh, Sateesh Kumar Peddoju, Access Control Based Data Security in Cloud Computing, International Journal of Engineering Research and Applications (IJERA) ISSN: 2248-9622 www.ijera.com Vol. 2, Issue 3, May-Jun 2012, pp.2589-2593 (2012).
  • Nelson Mimura Gonzalez, Marco Antônio Torrez Rojas and Marcos Vinícius Maciel da Silva, A framework for authentication and authorization credentials in cloud computing, 2013 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (2013).
  • Lili Sun, Hua Wang and Elisa Betino, Role based access control to outsourced data in cloud computing; Proceedings of the Twenty-Fourth Australasian Database Conference (ADC 2013), Adelaide, Australia (2013).
  • Xuejiao Liu, Yingjie Xia, Shasha Jiang, Fubiao Xia and Yanbo Wang, Hierarchical Attribute-based Access Control with Authentication for Outsourced Data in Cloud Computing, 2013 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (2013).
  • Salah H. Abbdal, Hai Jin, Deqing Zou, Ali. A. Yassen, Secure Third Party Auditor for Ensuring Data Integrity in Cloud Storage; IEEE International Conference on Ubiquitous Intelligence and Computing/International Conference on Autonomic and Trusted Computing/International Conference on Scalable Computing and Communications and Its Associated Workshops (2014).
  • Khedkar S.V. and Gawande A.D.,.Data Partitioning Technique to Improve Cloud Data Storage Security, Swapnil V.Khedkar et al, / (IJCSIT) International Journal of Computer Science and Information Technologies, Vol. 5 (3) , 2014, 3347-3350 (2014).
  • M Sulochana ,Ojaswani Dubey, Preserving Data Confidentiality using Multi-Cloud Architecture, 2nd International Symposium on Big Data and Cloud Computing (ISBCC’15) (2015).
  • Nikhitha K. Nair and Navin K. S , An efficient group authentication mechanism supporting key confidentiality, key freshness and key authentication in cloud computing, 2015 International Conference on Computation of Power, Energy, Information and Communication (ICCPEIC), DOI: 10.1109/ICCPEIC.2015.7259477. (2015).
  • Prativesh Pawar and Rashid Sheikh, Implementation of Secure Authentication Scheme and Access Control in Cloud Computing; 2016 International Conference on ICT in Business Industry & Government (ICTBIG) (2016).

Abstract Views: 357

PDF Views: 2




  • Grid and Cloud Computing Security:A Comparative Survey

Abstract Views: 357  |  PDF Views: 2

Authors

Sarra Namane
Networks and Systems Laboratory, Badji Mokhtar University, Annaba, Algeria
Nacira Ghoualmi
Networks and Systems Laboratory, Badji Mokhtar University, Annaba, Algeria

Abstract


The major purpose of this article is to know the security requirements and their solutions in grid and cloud computing environments. We first focused generally on the security issue in grids as in cloud computing where we examined all the articles proposed in the literature. Then, we classify them according to the treated security issue (authentication, access control, integrity, confidentiality or multiple security issues). A comparative study was carried out between the different techniques presented in each class of each environment. The same classification is done with research articles concerning security issues in cloud computing environment. The study was followed by a comparison between the different proposed techniques for each class in grid computing with those proposed within the same class in cloud. As a result we found that the access control issue is the most considered research area in both grid and cloud computing environments.


Keywords


Grid Security, Cloud Security, Security Issues, Access Control, Authentication, Integrity, Confidentiality.

References