Open Access Open Access  Restricted Access Subscription Access

SECURITY IN CLOUD COMPUTING IN INDIAN GOVERNMENT

Nitin Vishnu Choudhari, Dr. Ashish B Sasankar

Abstract


Abstract Today Security issue is the topmost problem in the cloud computing environment. It leads to serious discomfort to the Governance and end-users. Numerous security solutions and policies are available however practically ineffective in use. Most of the security solutions are centered towards cloud technology and cloud service providers only and no consideration has been given to the Network, accessing, and device securities at the end-user level. The discomfort at the end-user level was left untreated. The security of the various public, private networks, variety of devices used by end-users, accessibility, and capacity of end-users is left untreated. This leads towards the strong need for the possible modification of the security architecture for data security at all levels and secured service delivery. This leads towards the strong need for the possible adaption of modified security measures and provisions, which shall provide secured hosting and service delivery at all levels and reduce the security gap between the cloud service providers and end-users. This paper investigates the study and analyze the security architecture in the Cloud environment of Govt. of India and suggest the modifications in the security architecture as per the changing scenario and to fulfill the future needs for the secured service delivery from central up to the end-user level.

Keywords: Cloud Security, Security in GI Cloud, Cloud Security measures, Security Assessment in GI Cloud, Proposed Security for GI cloud

Full Text:

PDF

References


accountabilityindia.in. 2021. Sustainability and accountability issues of common ser- vice centres. https://accountabilityindia.in/blog/sustainability-and-accountability-issues- of-common-service-centres/.

Ardagna, C. Sept 2015. From security to assurance in the cloud: A survey. vol. 48, No.50.

Attrapadung, N., Herranz, J., Laguillaumie, F., Libert, B., de Panafieu, E., and Ra`fols, C. Mar 2012. Attribute-based encryption schemes with constant-size ciphertexts. Theor. Comput. Sci. vol. 422, pp.1538.

Banyal, R., Jain, P., and Jain, V. K. 2013. Multi-factor authentication framework for cloud computing. In 5th Intl. Conf. on Computational Intelligence, Modelling, and Simulation. pp.105110.

Barakat, O. 2013. Malware analysis performance enhancement using cloud computing. J. Comput. Virol. Hacking Tech. vol. 10, No.1, pp.110.

Boutaba, R., Zhang, Q., and Zhani, M. F. 2014. Virtual machine migration in cloud com- puting environments. Communication Infrastructures for Cloud Computing, IGI Global , pp.383408.

Buyya, R., Vecchiola, C., and Selvi, S. T. 2013. Mastering cloud computing: foundations and applications programming. Morgan Kaufmann.

Chonka, A., Xiang, Y., Zhou, W., and Bonti, A. 2013. Cloud security defense to pro- tect cloud computing against http-dos and xml-dos attacks. J. Netw. Comput. Appl. vol. 34, No.4, pp.10971107.

Cloud-Security-Alliance. 2017. Security guidance for critical areas of focus in cloud comput- ing v4.0. PP24-25, https://downloads.cloudsecurityalliance.org/assets/research/security- guidance/security-guidance-v4-FINAL.pdf.

Cloud-Security-Alliance. 8 June 2019. Top threats to cloud computing: Egre- gious eleven. https://cloudsecurityalliance.org/artifacts/top-threats-to-cloud-computing- egregious-eleven/.

Cloud.Report. 2017. State of the cloud report. Right Scale, ). https://www.rightscale.com/lp/state-of-the-cloud.

Cowan, C. Jan. 1998. Stackguard: Automatic adaptive detection and prevention of buffer- overflow attacks. 7th USENIX Security Symp., San Antonio, Texas.

C.P.Pfleeger and S.L.Pfleeger. 2006. Security in computing. Prentice Hall.

CSC. 2021. Common service centre scheme. https://www.csc.gov.in/.

CSCC. December 2017. Security for cloud computing. ten steps to ensure success version

0. Cloud Standards Customer Council, https://www.omg.org/cloud/deliverables/CSCC- Security-for-Cloud-Computing-10-Steps-to-Ensure-Success.pdf.

Cyber.Education. 9 Aug. 2018. What is cloud security? Forcepoint, https://www.forcepoint.com/cyber-edu/cloud-security.

DEF. 10 Nov 2012. National digital literacy mission. Digital Empowerment Foundation, DEF, https://www.defindia.org/national-digital-literacy-mission/.

Despotovic-Zrakic, M., Milutinovic, V., and Belic, A. Mar 2014. Handbook of research on high performance and cloud computing in scientific research and education. In IGI- Global.

DigitalNIC. 2021. Nic webvpn , digitalnic dashboard. https://saccess.nic.in/DigitalNIC/.

Dorban, B. 2 August 2018. What is cloud security and what are the benefits ? https://phoenixnap.com/blog/what-is-cloud-security.

Duncan, A., Creese, S., and Goldsmith, M. 2012. Insider attacks in cloud computing. In 11th IEEE Intl. Conf. on Trust, Security, and Privacy in Computing and Communications, TrustCom. pp.857862.

Durcevic, S. 10 Jan. 2019. Cloud computing risks, challenges problems businesses are facing.

Datapine, https://www.datapine.com/blog/cloud-computing-risks-and-challenges/.

FACTLY. 25 Aug 2020. Governments digital literacy targets not met because of paucity of funds. FACTLY, https://factly.in/review-governments-digital-literacy-targets-not-met- because-of-paucity-of-funds/.

GI-Cloud. 2021a. Cloud brochure. cloud services from national informatics centre. https://cloud.gov.in/about.php.

GI-Cloud. 2021b. On boarding procedure. https://cloud.gov.in/about.php.

GI-Cloud. 2021c. Terms and conditions, national cloud of india. https://cloud.gov.in/termsandconditions.php.

Halfond, W., Viegas, J., and Orso, A. March 2006. A classification of sql injection attacks and countermeasures,. In Intl. Symp. on Secure Software Engineering. pp.857862.

HARIHARAN, M. Nov 2017. Website security guidelines. NIC- Computer Emergency Response Team (CERT), NIC, Govt. of India, https://nic-cert.nic.in.

IBM-Cloud.Education. 3 October 2019. What is cloud security? IBM, https://https://www.ibm.com/cloud/learn/cloud-security.

Jamil, D. and Zaki, H. 2011. Security issues in cloud computing and countermeasures. Intl.

J. Eng. Sci. Technol. vol. 3, No.4, pp.26722676.

Jones, E. 25 March 2021. A comprehensive guide to cloud security in 2021. Kinsta https://kinsta.com/blog/cloud-security/.

Krutz, R. and Vines, R. 2010. Cloud security: a comprehensive guide to secure cloud com- puting. Wiley.

Kumar, A. 2018. How does cloud-based security work? https://jktech.com/insight/blogs/how- does-cloud-based-security-work/.

Lee, I., Jeong, S., Yeo, S., and Moon, J. Jan 2012. A novel method for sql injection attack detection based on removing sql query attribute values. Math. Comput. Model vol. 55, No.2, pp.5868.

MeitY. 2 July 2013a. It act 2000. https://www.meity.gov.in/content/information-technology- act-2000.

MeitY. 2 July 2013b. National cyber security policy 2013. , https://www.meity.gov.in/content/national-cyber-security-policy-2013-1.

MeitY. 2021. Gi cloud (meghraj) national cloud of india. National Cloud of India, Ministry of Electronics and Information Technology, Govt. of India, https://www.meity.gov.in/content/gi-cloud-meghraj.

Mitrokotsa, A. and Douligeris, C. 2005. Detecting denial of service attacks using emer- gent self-organizing maps. In 5th IEEE Intl. Sym. on Signal Processing and Information Technology. pp.375380.

Morabito, V. 2013. Big data in trends and challenges in digital business innovation. In Springer Intl. Publishing. pp.321.

Naccache, u. 2011. Buffer overflow attacks, encyclopedia of cryptography and security. Boston, MA: Springer US , pp.174177.

NCIPC. 15 Mar 2021. Common vulnerabilities and exposures(cve) report. National Critical Information Infrastructure Protection Centre, https://nciipc.gov.in.

NIC-AarogyaSetu. 2021. Dashboard. NIC WEB VPN, https://saccess.nic.in/.

NIC-CERT. November 2017. Information security incident management policy. NIC- Computer Emergency Response Team (CERT),NIC, Govt. of India, https://nic- cert.nic.in/pdf/Information Security Incident Management Policy.pdf.

NIC-Servicedesk. 2021. Help desk for nic services. National Informatics Centre,Government of India https://servicedesk.nic.in/.

Nvshq.Org. 22 Apr.2021. What is csc. https://nvshq.org/scheme/common-service-centre-apna- csc/.

Ramey, J. and Rao, P. 2011. The systematic literature review as a research genre. In IEEE Intl. Professional Comm. Conf. pp.17.

Rocha, F., Abreu, S., and Correia, M. 2011. The final frontier: Confidentiality and privacy in the cloud. IEEE Computer vol. 44, No.9, pp.4450.

Solanki, P. 24 Apr. 2020. 10 major cloud computing challenges to face in 2021. MindInventory, https://www.mindinventory.com/blog/cloud-computing-challenges/.

Stackpath. 2021. What is edge computing? https://www.stackpath.com/edge-academy/what- is-edge-computing.

Thales. 2020. Digital transformation and data privacy. https://www6.thalesgroup.com/wp- digital-transformation-data-privacy.pdf.

TRAI. 2017. Recommendations on cloud services. 38-40 https://trai.gov.in/.

Utley, G. 12 April 2018. 6 most common cloud computing security issues. , https://www.coursehero.com/file/62232851/6-Most-Common-Cloud-Computing-Security- Issues-CWPSpdf/.

Varanasi, P. 8th July 2020. 5 must-have cloud computing features. Cloudcodes https://www.cloudcodes.com/blog/5-cloud-computing-security-features.html.

Wood K, P. E. 2010. An investigation into cloud configuration and security. In International Conference for Internet Technology and Secured Transactions. pp.16.




DOI: http://dx.doi.org/10.47164/ijngc.v12i3.808