Handbook of Research on Security Considerations in Cloud Computing Kashif Munir King Fahd University of Petroleum & Minerals, Saudi Arabia Mubarak S. Al-Mutairi King Fahd University of Petroleum & Minerals, Saudi Arabia Lawan A. Mohammed King Fahd University of Petroleum & Minerals, Saudi Arabia A volume in the Advances in Information Security, Privacy, and Ethics (AISPE) Book Series Managing Director: Lindsay Johnston Managing Editor: Austin DeMarco Director of Intellectual Property & Contracts: Jan Travers Acquisitions Editor: Kayla Wolfe Production Editor: Christina Henning Development Editor: Caitlyn Martin Cover Design: Jason Mull Published in the United States of America by Information Science Reference (an imprint of IGI Global) 701 E. Chocolate Avenue Hershey PA, USA 17033 Tel: 717-533-8845 Fax: 717-533-8661 E-mail: [email protected] Web site: http://www.igi-global.com Copyright © 2015 by IGI Global. All rights reserved. No part of this publication may be reproduced, stored or distributed in any form or by any means, electronic or mechanical, including photocopying, without written permission from the publisher. Product or company names used in this set are for identification purposes only. Inclusion of the names of the products or companies does not indicate a claim of ownership by IGI Global of the trademark or registered trademark. Library of Congress Cataloging-in-Publication Data Handbook of research on security considerations in cloud computing / Kashif Munir, Mubarak S. Al-Mutairi, and Lawan A. Mohammed, editors. pages cm Includes bibliographical references and index. ISBN 978-1-4666-8387-7 (hardcover) -- ISBN 978-1-4666-8388-4 (ebook) 1. Cloud computing--Security measures-- Handbooks, manuals, etc. I. Munir, Kashif, 1976- editor. QA76.585.H3646 2015 004.67’82--dc23 2015008172 This book is published in the IGI Global book series Advances in Information Security, Privacy, and Ethics (AISPE) (ISSN: 1948-9730; eISSN: 1948-9749) British Cataloguing in Publication Data A Cataloguing in Publication record for this book is available from the British Library. All work contributed to this book is new, previously-unpublished material. The views expressed in this book are those of the authors, but not necessarily of the publisher. For electronic access to this publication, please contact: [email protected]. Advances in Information Security, Privacy, and Ethics (AISPE) Book Series ISSN: 1948-9730 EISSN: 1948-9749 Mission As digital technologies become more pervasive in everyday life and the Internet is utilized in ever in- creasing ways by both private and public entities, concern over digital threats becomes more prevalent. The Advances in Information Security, Privacy, & Ethics (AISPE) Book Series provides cutting- edge research on the protection and misuse of information and technology across various industries and settings. Comprised of scholarly research on topics such as identity management, cryptography, system security, authentication, and data protection, this book series is ideal for reference by IT professionals, academicians, and upper-level students. Coverage IGI Global is currently accepting manuscripts • Risk Management for publication within this series. To submit a pro- • Device Fingerprinting posal for a volume in this series, please contact our • Global Privacy Concerns Acquisition Editors at [email protected] or visit: http://www.igi-global.com/publish/. • Cyberethics • Information Security Standards • Technoethics • Electronic Mail Security • Privacy Issues of Social Networking • Security Classifications • Access Control The Advances in Information Security, Privacy, and Ethics (AISPE) Book Series (ISSN 1948-9730) is published by IGI Global, 701 E. Chocolate Avenue, Hershey, PA 17033-1240, USA, www.igi-global.com. This series is composed of titles available for purchase individually; each title is edited to be contextually exclusive from any other title within the series. For pricing and ordering information please visit http:// www.igi-global.com/book-series/advances-information-security-privacy-ethics/37157. Postmaster: Send all address changes to above address. Copyright © 2015 IGI Global. All rights, including translation in other languages reserved by the publisher. No part of this series may be reproduced or used in any form or by any means – graphics, electronic, or mechanical, including photocopying, recording, taping, or informa- tion and retrieval systems – without written permission from the publisher, except for non commercial, educational use, including classroom teaching purposes. The views expressed in this series are those of the authors, but not necessarily of IGI Global. Titles in this Series For a list of additional titles in this series, please visit: www.igi-global.com Handbook of Research on Emerging Developments in Data Privacy Manish Gupta (State University of New York at Buffalo, USA) Information Science Reference • copyright 2015 • 507pp • H/C (ISBN: 9781466673816) • US $325.00 (our price) Handbook of Research on Securing Cloud-Based Databases with Biometric Applications Ganesh Chandra Deka (Ministry of Labour and Employment, India) and Sambit Bakshi (National Institute of Technology Rourkela, India) Information Science Reference • copyright 2015 • 434pp • H/C (ISBN: 9781466665590) • US $335.00 (our price) Handbook of Research on Threat Detection and Countermeasures in Network Security Alaa Hussein Al-Hamami (Amman Arab University, Jordan) and Ghossoon M. Waleed al-Saadoon (Applied Sci- ences University, Bahrain) Information Science Reference • copyright 2015 • 450pp • H/C (ISBN: 9781466665835) • US $325.00 (our price) Information Security in Diverse Computing Environments Anne Kayem (Department of Computer Science, University of Cape Town, South Africa) and Christoph Meinel (Hasso-Plattner-Institute for IT Systems Engineering, University of Potsdam, Potsdam, Germany) Information Science Reference • copyright 2014 • 354pp • H/C (ISBN: 9781466661585) • US $245.00 (our price) Network Topology in Command and Control Organization, Operation, and Evolution T. J. Grant (R-BAR, The Netherlands) R. H. P. Janssen (Netherlands Defence Academy, The Netherlands) and H. Monsuur (Netherlands Defence Academy, The Netherlands) Information Science Reference • copyright 2014 • 320pp • H/C (ISBN: 9781466660588) • US $215.00 (our price) Cases on Research and Knowledge Discovery Homeland Security Centers of Excellence Cecelia Wright Brown (University of Baltimore, USA) Kevin A. Peters (Morgan State University, USA) and Kofi Adofo Nyarko (Morgan State University, USA) Information Science Reference • copyright 2014 • 357pp • H/C (ISBN: 9781466659469) • US $215.00 (our price) Multidisciplinary Perspectives in Cryptology and Information Security Sattar B. Sadkhan Al Maliky (University of Babylon, Iraq) and Nidaa A. Abbas (University of Babylon, Iraq) Information Science Reference • copyright 2014 • 443pp • H/C (ISBN: 9781466658080) • US $245.00 (our price) Analyzing Security, Trust, and Crime in the Digital World Hamid R. Nemati (The University of North Carolina at Greensboro, USA) Information Science Reference • copyright 2014 • 281pp • H/C (ISBN: 9781466648562) • US $195.00 (our price) 701 E. Chocolate Ave., Hershey, PA 17033 Order online at www.igi-global.com or call 717-533-8845 x100 To place a standing order for titles released in this series, contact: [email protected] Mon-Fri 8:00 am - 5:00 pm (est) or fax 24 hours a day 717-533-8661 Editorial Advisory Board AbhikChaudhuri,Associate Consultant, Tata Consultancy Services, India AbhishekMajumder,Tripura University, India AliImamAbidi,Indian Institute of Technology (BHU), Varanasi, India AndreaAtzeni,Politecnico di Torino, Italy AndreaSiringo,Politecnico di Torino, Italy AyoubAitLahcen,LGS, (ENSA), Ibn Tofail University, Morocco ChinaYiChai,College of Automations, Chongqing, China DeepanwitaDatta,Indian Institute of Technology (BHU), Varanasi, India Fatima-ZahraBenjelloun,(ENSA), Ibn Tofail University, Morocco GauravSingh,Bhopal, India GebeyehuBelayGebremeskel,College of Automations, Chongqing, China JoeWoodside,Stetson University, USA KashifMunir,King Fahd University of Petroleum and Minerals, Saudi Arabia KirtiRajBhatele,Bhopal, India LawanAhmadMohammad,King Fahd University of Petroleum and Minerals, Saudi Arabia MahendraKumarAhirwar,Bhopal, India MarwanOmar,Nawroz University, Iraq AyoubAitLahcen,Mohammed V, LRIT, University Agdal, Morocco MubarakA-Mutairi,King Fahd University of Petroleum and Minerals, Saudi Arabia PaoloSmiraglia,Politecnico di Torino, Italy PiyushKumarShukla,Bhopal, India QurbanAMemon,UAE University, Al-Ain, UAE R.S.Singh,Indian Institute of Technology (BHU), Varanasi, India RajanpreetKaurChahal,Panjab University, India SanjayKumarSingh,Indian Institute of Technology (BHU), Varanasi, India SantoshKumar,Indian Institute of Technology (BHU), Varanasi, India SarbjeetSingh,Panjab University, India SatarupaBiswas,Tripura University, India SellapanPalaniappan,Malaysia University of Science and Technology, Malaysia SubhashChandraPatel,Indian Institute of Technology (BHU), Varanasi, India SudiptaRoy,Assam University, India WasimAhmadBhat,University of Kashmir ZhongshiHe,College of Computer Science, Chongqing, China  List of Contributors Abidi, Ali Imam/Indian Institute of Technology, India.....................................................................39 Ahirwar, Mahendra Kumar/University Institute of Technology-RGPV, India..............................232 Atzeni, Andrea /Politecnico di Torino, Italy.....................................................................................258 Benjelloun, Fatima-Zahra /Ibn Tofail University, Morocco............................................................301 Bhat, Wasim Ahmad/University of Kashmir, India........................................................................345 Bhatele, Kirti Raj/University Institute of Technology RGPV, India................................................184 Biswas, Satarupa /Tripura University, India....................................................................................212 Chahal, Rajanpreet Kaur/Panjab University, India.......................................................................127 Chaudhuri, Abhik /Tata Consultancy Services, India.......................................................................80 Dixit, Madhuvan /Millennium Institute of Technology, India..........................................................326 Jaiswal, Sumit /Indian Institute of Technology (BHU), India..............................................................1 Kumar, Santosh /Indian Institute of Technology, India.....................................................................39 Lahcen, Ayoub Ait/Ibn Tofail University, Morocco........................................................................301 Majumder, Abhishek /Tripura University, India.............................................................................212 Memon, Qurban A/UAE University, UAE......................................................................................102 Mohammed, Lawan A./King Fahd University of Petroleum and Minerals, Saudi Arabia......285,314 Munir, Kashif /Malaysia University of Science and Technology, Malaysia........................65,285,314 Omar, Marwan /Nawroz University, Iraq..........................................................................................30 Palaniappan, Sellapan /Malaysia University of Science and Technology, Malaysia.........................65 Patel, Subhash Chandra/Indian Institute of Technology (BHU), India..............................................1 Roy, Sudipta /Assam University, India.............................................................................................212 Shukla, Piyush Kumar/University Institute of Technology RGPV, India..................184,232,326,358 Singh, Gaurav /Motilal Nehru National Institute of Technology, India...........................................358 Singh, R.S. /Indian Institute of Technology (BHU), India....................................................................1 Singh, Sanjay Kumar/Indian Institute of Technology, India............................................................39 Singh, Sarbjeet /Panjab University, India........................................................................................127 Siringo, Andrea /Former Student at Politecnico di Torino, Italy.....................................................258 Smiraglia, Paolo /Politecnico di Torino, Italy..................................................................................258 Woodside, Joseph M./Stetson University, USA...............................................................................173   Table of Contents Foreword..............................................................................................................................................xv Preface.................................................................................................................................................xvi Acknowledgment..............................................................................................................................xxiii Chapter 1 SecurityIssuesinCloudComputing......................................................................................................1 Subhash Chandra Patel, Indian Institute of Technology (BHU), India R.S. Singh, Indian Institute of Technology (BHU), India Sumit Jaiswal, Indian Institute of Technology (BHU), India Chapter 2 CloudComputingSecurity:AbuseandNefariousUseofCloudComputing......................................30 Marwan Omar, Nawroz University, Iraq Chapter 3 CloudSecurityUsingEarBiometrics...................................................................................................39 Santosh Kumar, Indian Institute of Technology, India Ali Imam Abidi, Indian Institute of Technology, India Sanjay Kumar Singh, Indian Institute of Technology, India Chapter 4 SecureArchitectureforCloudEnvironment.........................................................................................65 Kashif Munir, Malaysia University of Science and Technology, Malaysia Sellapan Palaniappan, Malaysia University of Science and Technology, Malaysia Chapter 5 GovernanceandRiskManagementintheCloudwithCloudControlsMatrixV3andISO/IEC 38500:2008...........................................................................................................................................80 Abhik Chaudhuri, Tata Consultancy Services, India Chapter 6 AuthenticationandErrorResilienceinImagesTransmittedthroughOpenEnvironment.................102 Qurban A Memon, UAE University, UAE   Chapter 7 TrustCalculationUsingFuzzyLogicinCloudComputing...............................................................127 Rajanpreet Kaur Chahal, Panjab University, India Sarbjeet Singh, Panjab University, India Chapter 8 AdvancesinInformation,Security,Privacy&Ethics:UseofCloudComputingForEducation......173 Joseph M. Woodside, Stetson University, USA Chapter 9 NetworkedMultimediaCommunicationSystems..............................................................................184 Piyush Kumar Shukla, University Institute of Technology RGPV, India Kirti Raj Bhatele, University Institute of Technology RGPV, India Chapter 10 DataSecurityIssuesandSolutionsinCloudComputing...................................................................212 Abhishek Majumder, Tripura University, India Sudipta Roy, Assam University, India Satarupa Biswas, Tripura University, India Chapter 11 ImprovingPrivacyandSecurityinMulticloudArchitectures............................................................232 Piyush Kumar Shukla, University Institute of Technology RGPV, India Mahendra Kumar Ahirwar, University Institute of Technology-RGPV, India Chapter 12 HardCluesinSoftEnvironments:TheCloud’sInfluenceonDigitalForensics................................258 Andrea Atzeni, Politecnico di Torino, Italy Paolo Smiraglia, Politecnico di Torino, Italy Andrea Siringo, Former Student at Politecnico di Torino, Italy Chapter 13 SecurityChallengesforCloudComputingDevelopmentFrameworkinSaudiArabia.....................285 Lawan A. Mohammed, King Fahd University of Petroleum and Minerals, Saudi Arabia Kashif Munir, King Fahd University of Petroleum and Minerals, Saudi Arabia Chapter 14 BigDataSecurity:Challenges,RecommendationsandSolutions.....................................................301 Fatima-Zahra Benjelloun, Ibn Tofail University, Morocco Ayoub Ait Lahcen, Ibn Tofail University, Morocco Chapter 15 AccessControlFrameworkforCloudComputing..............................................................................314 Kashif Munir, King Fahd University of Petroleum and Minerals, Saudi Arabia Lawan A. Mohammed, King Fahd University of Petroleum and Minerals, Saudi Arabia  Chapter 16 BigData:AnEmergingFieldofDataEngineering............................................................................326 Piyush Kumar Shukla, University Institute of Technology RGPV, India Madhuvan Dixit, Millennium Institute of Technology, India Chapter 17 AchievingEfficientPurginginTransparentper-fileSecureWipingExtensions................................345 Wasim Ahmad Bhat, University of Kashmir, India Chapter 18 Reliability,FaultTolerance,andQuality-of-ServiceinCloudComputing:Analysing Characteristics.....................................................................................................................................358 Piyush Kumar Shukla, University Institute of Technology RGPV, India Gaurav Singh, Motilal Nehru National Institute of Technology, India Compilation of References...............................................................................................................371 About the Contributors....................................................................................................................400 Index...................................................................................................................................................406