Skip to main content
Springer Nature Link
Log in

Security and management framework for an organization operating in cloud environment

  • Published:
Annals of Telecommunications Aims and scope Submit manuscript

Abstract

Cloud computing has attained tremendous popularity recently, leading to its fast and rapid deployment. However, privacy and security concerns have also increased in the same ratio. The adoption of cloud model has revealed new dimensions of attack, demanding major reconsideration and reevaluation of traditional security mechanisms. If an organization is operating in cloud environment without adopting essential security measures, it may face catastrophic consequences including loss of valuable data, financial damages, or reputation loss etc. Any organization in cloud architecture faces severe security threats and challenges for which a comprehensive security framework is needed. Certain frameworks exist in literature which focus deeply on specific cloud security issues; however, there is a dire need of comprehensive framework encompassing both security-related and management-related issues. This paper initially reviews security challenges and threats to data/applications in cloud environment. Furthermore, a comprehensive security and management framework is proposed for an organization operating in cloud environment. Proposed framework has been implemented in virtualized cloud environment to validate the efficacy of certain features of the model. The data center has been setup in virtualized environment through virtual machines on VMware ESXi-6 hypervisor layer. VMware vCloud-6 has been installed on top of it for provision of services to the users. The proposed framework is a set of guidelines that will adequately secure the organization’s data and applications. The framework incorporates a layered security architecture to achieve utmost level of security for nullifying the impact of threats.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6

Similar content being viewed by others

References

  1. Zhifeng Xiao and Yang Xiao, Senior Member, IEEE. Security and Privacy in Cloud Computing. (2013) IEEE Commun Surv Tutor 15(2):843. Second Quarter

  2. Boyang Wang, Baochun Li, Hui Li. Privacy-preserving public auditing for shared data in the cloud. 2012 I.E. 5th International Conference on Cloud Computing, pp 295–302

  3. Daniel WK, TSE (2014) Challenges on privacy and reliability in cloud computing security. 2014 International Conference on Information Science, Electronics and Electrical Engineering (ISEEE 2014), April 2014, pp 1181–1187

  4. Wei L, Zhu H, Cao Z, Dong X, Jia W, Chen Y, Vasilakos A (2014) Security and privacy for storage and computation in cloud computation. Elsevier Inf Sci 258:371–386

    Article  Google Scholar 

  5. Coutinho EF, Sousa FRC, Rego PAL, Gomes DG, de Souza JN (2015) Elasticity in cloud computing: a survey. Ann Telecommun 70(7):289–309

    Article  Google Scholar 

  6. Ryabn MD (2013) Cloud computing security: the scientific challenge and survey of solutions. Elsevier J Syst Softw 86(9):2263–2268

    Article  Google Scholar 

  7. Sara Hamouda. (2012) Security and privacy in cloud computing. 2012 International Conference on Cloud Computing Technologies. Appl Manag:41–245

  8. Rong C, Nguyen ST, Jaatun MG (2013) Beyond lightning: a survey on security challenges in cloud computing. Elsevier Comput Electr Eng 39(2013):47–54

  9. Zissis D, Lekkas D (2012) Addressing cloud computing security issues. Elsevier Futur Gener Comput Syst 28(3):583–592

    Article  Google Scholar 

  10. Mingqi Zhou, Rong Zhang, Wei Xei, Weining Qian, Aoying Zhou. (2010) Security and privacy in cloud computing: a survey. IEEE 2010 Sixth International Conference on Semantics, Knowledge and Grids, pp 105–112

  11. Maurice Gagnaire, Pascale Vicat-Blanc Primet, Dimitra Simeonidou. Towards market-oriented cloud. Ann Telecommun, December 2010, Vol. 65, Issue 11, pp 647–651.

  12. Abdullah Abuhussein, Harkeerat Bedi, Sajjan Shiva. (2012) Evaluating security and privacy in cloud computing services: a stakeholder’s perspective. 2012, The 7th International conference for Internet Technology and Secured Transactions (ICTIST-2012), pp 388–392

  13. Chen D, Zhao H (2012) Data security and privacy protection issues in cloud computing. 2012 Int Conf Comput Sci Electron Eng IEEE 1:647–651

  14. Farzad Sabahi. (2011) Cloud computing security threats and responses. 2011 I.E. 3rd International Conference on Communication Software and Networks (ICCSN), pp 245–249

  15. Yunchuan Sun, Junsheng Zhang, Yongping Xiong, Guangyu Zhu. (2012). Data security and privacy in cloud computing. Int J Distribut Sens Network Hindawi Pub Corp 2014: Article ID 190903

  16. Song D, Shi E, Fischer I (2012) Cloud data protection for the masses. IEEE Comput Soc 45(1):39–45

    Article  Google Scholar 

  17. Srivastava H, Kumar SA (2015) Control framework for secure cloud computing. J Inf Secur 6:12–23

    Google Scholar 

  18. Ukil A, Jana D, De Sarkar A (2013) A security framework in cloud computing infrastructure. Int J Netw Secur Appl 5(5):11–24

    Google Scholar 

  19. D. Sangeetha, V. Vaidehi (2016) A secure cloud based personal health record framework for a multi owner environment. Ann Telecommun 1–10

  20. Sun T, Wang X (2013) Research of data security model in cloud computing platform for SME. Int Int J Secur Appl 7(6):97–108

  21. Zhen Mo, Qingjun Xiao, Yian Zhou, Shigang Zhang (2014) On deletion of outsourced data in cloud computing. IEEE 7th International Conference on Cloud Computing, June 2014, pp 344–351

  22. Mazhar Ali, Revathi Dhamotharan, Eraj, Samee, Athanasios, Albert. SeDaSC: secure data sharing in clouds. IEEE Syst J (99):1–10

  23. Gaur T, Kharb N (2015) Security of data storage in cloud computing. Int J Comput Appl 110(10):15–18

    Google Scholar 

  24. Shaikh R, Sasikumar M (2015) Data classification for achieving security in cloud computing. Elsevier 45:493–498

    Google Scholar 

  25. Florian Pfarr, Thomas Buckel, Anxel Winkelmann. (2014) Cloud computing data protection—a literature review and analysis. 2014 47th Hawaii International Conference on System Science, pp 5018–5027

  26. Osama Harfoushi, Bader Alfawwaz, Nazeeh, Ruba, Mua’ad, Hossam. (2014) Data security issues and challenges in cloud computing: a conceptual analysis and review. Commun Netw 6(1):15–21

  27. R.V. Gandhi, M Seshaiah, A. Srinivas, C. Reddi Neelima. (2015) Data back-up and recovery techniques for cloud server using seed block algorithm. Int J Eng Res Appl 5(2(Part 3)):89–93. ISSN: 2248–9622

  28. Valentina Casola, Alessandra A, Massimiliano Rak. (2015) On the adoption of security SLAs in the cloud. Accountability and security in cloud, Springer April 2015, Vol. 8937 of series lecture notes in computer science pp 45–62

  29. Keiko Hashizume, David G Rosado, Eduardo, Eduardo B. (2013) An analysis for security issues for cloud computing. Springer Open Journal, J Int Serv 4:5

  30. Ahmed E. Youssef, Manal Alageel. (2012) A framework for secure cloud computing. IJCSI Int J Comput Sci Iss 9(4, No. 3):14–18

Download references

Acknowledgements

We acknowledge our faculty for the guidance and support that helped us to conduct this research work.

Author information

Authors and Affiliations

  1. National University of Sciences and Technology, Islamabad, Pakistan

    Nasir Raza, Imran Rashid & Fazeel Ali Awan

Authors
  1. Nasir Raza
    View author publications

    You can also search for this author inPubMed Google Scholar

  2. Imran Rashid
    View author publications

    You can also search for this author inPubMed Google Scholar

  3. Fazeel Ali Awan
    View author publications

    You can also search for this author inPubMed Google Scholar

Corresponding author

Correspondence to Nasir Raza.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Raza, N., Rashid, I. & Awan, F.A. Security and management framework for an organization operating in cloud environment. Ann. Telecommun. 72, 325–333 (2017). https://doi.org/10.1007/s12243-017-0567-6

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s12243-017-0567-6

Keywords