• International Journal of Computer Science & Network Security
• /
• v.21 no.2
• /
• pp.1-8
• /
• 2021

Cloud computing has proven its efficiency, especially after the increasing number of cloud services offered by a wide range of cloud providers, from different domains. Despite, these cloud services are mostly heterogeneous. Consequently, and due to the rising interest of cloud consumers to adhere to a multi-cloud environment instead of being locked-in to one cloud provider, the need for semantically interconnecting different cloud services from different cloud providers is a crucial and important task to ensure. In addition, considerable research efforts proposed interoperability solutions leading to different representation models of cloud services. In this work, we present our solution to overcome this limitation, precisely in the IAAS service model. This solution is a framework permitting the semantic interoperability of different IAAS resources in a multi-cloud environment, in order to assist cloud consumers to retrieve the cloud resource that meets specific requirements.

• International Journal of Computer Science & Network Security
• /
• v.24 no.3
• /
• pp.23-28
• /
• 2024

The multi-tenancy and high scalability of the cloud have inspired businesses and organizations across various sectors to adopt and deploy cloud computing. Cloud computing provides cost-effective, reliable, and convenient access to pooled resources, including storage, servers, and networking. Cloud service models, SaaS, PaaS, and IaaS, enable organizations, developers, and end users to access resources, develop and deploy applications, and provide access to pooled computing infrastructure. Despite the benefits, cloud service models are vulnerable to multiple security and privacy attacks and threats. The SaaS layer is on top of the PaaS, and the IaaS is the bottom layer of the model. The software is hosted by a platform offered as a service through an infrastructure provided by a cloud computing provider. The Hypertext Transfer Protocol (HTTP) delivers cloud-based apps through a web browser. The stateless nature of HTTP facilitates session hijacking and related attacks. The Open Web Applications Security Project identifies web apps' most critical security risks as SQL injections, cross-site scripting, sensitive data leakage, lack of functional access control, and broken authentication. The systematic literature review reveals that data security, application-level security, and authentication are the primary security threats in the SaaS model. The recommended solutions to enhance security in SaaS include Elliptic-curve cryptography and Identity-based encryption. Integration and security challenges in PaaS and IaaS can be effectively addressed using well-defined APIs, implementing Service Level Agreements (SLAs), and standard syntax for cloud provisioning.