Enhanced Security For Protecting Data in Cloud Using Layered Approach
Enhanced Security For Protecting Data in Cloud Using Layered Approach
Volume 8, Issue 8, August – 2023 International Journal of Innovative Science and Research Technology
ISSN No:-2456-2165
Enhanced Security for Protecting Data in Cloud using
Layered Approach
Nwankwo, U. C1(OCID 0000-0002-9536-6472), Ugochukwu, E.C2, Nwaeze, A.S3, Ugwu, E. C4, Abundance, M. A5, Eze, H.O6,
Ozuomba U.C7, Amadi, E.G8, Ngene, N.J 9
1 ,3,4,5
Guide, Lecturer, Department of Computer Science, Caritas University, Amorji, Nike Enugu, Enugu State, Nigeria
2
Student, School of Computer Science and Technology, University of Bedfordshire, UK
6
Lecturer, Department of Urban and Regional planning, Caritas University, Amorji Nike Enugu, Enugu State, Nigeria
7
Lecturer, Department of Architecture, Caritas University, Amorji Nike Enugu, Enugu State, Nigeria
8,9
Lecturer, Department of Computer Science, Enugu State University of Science and Technology, Enugu State, Nigeria
Abstract:- The major concerns that keep most Cloud computing's progress is now linked to the
organizations away from cloud computing are Security growing popularity of big data, which leads to new trends
and information authenticity. People are wary about such as industry 4.0 big data analysis. In reality, cloud
providing confidential information to unauthorized computing offers the processing, storage, software, and
parties. Individuals or hackers may intercept and modify networking required to handle big data applications [3][4]
electronic documents. Using a password to encrypt data Cloud computing's progress is now linked to the growing
is risky because hackers can gain access to it and exploit popularity of big data, which leads to new trends such as
it to steal data. As a result, this research provides a industry 4.0 big data analysis.
solution by building a model for protecting data in the
cloud via a layered approach. To implement these The cloud is defined as "a model for enabling
concepts, a web system developed with PHP and MySQL ubiquitous, convenient, on-demand network access to a
was employed. The OODM technique was used for shared pool of configurable resources that can be rapidly
components in the system modules, allowing for easy provisioned and released with minimal management effort
coupling, decoupling, modification, encapsulation, and or interaction from service providers." Citing the National
reuse, as well as easy maintainability. When compared to Institute of Standards and Technology (NIST) [1], the
the previous system, which depended simply on strategic implementation of digital health solutions can bring
passwords for authentication, the new technique about transformative benefits. These solutions, including
developed produces a high level of data security. electronic health records, monitoring equipment, telehealth,
electronic communications, data analysis, and cloud-based
Keywords: Data protection, Cloud computing, layered tools, have the potential to diminish health inequalities and
approach. enhance user well-being by revolutionizing the delivery of
care and health services to patients [5].
I. INTRODUCTION
II. CHARACTERISTICS OF CLOUD
Transferring data manually or semi-automatically COMPUTING
leaves it open to tampering. The electoral body is wary of
publishing online election results for fear that hackers will According to the National Institute of Standards and
attempt to modify the tally. Recent events in developing Technology (NIST), cloud computing has five important
economies suggest that storing data in the cloud is a secure qualities.
option for sharing data electronically.
Self-Service on Demand:
The term "cloud" refers to a network of distant servers Cloud computing enables customers to deploy
that are hosted on the Internet and used to store, manage, computer resources such as servers, storage, and
and process data. Cloud computing allows users to access applications automatically and on demand, without the need
and use computer resources such as servers, storage, and for human interaction from a service provider.
apps through the Internet without the need for local
infrastructure or hardware. Cloud computing resources are available via the
network and may be accessed by a variety of devices,
What cloud computing has done for the IT industry is including PCs, laptops, tablets, and mobile phones.Cloud
revolutionary. This information technology can greatly computing resources are pooled and shared among several
reduce the time and resources required to bring a product to users, allowing for more effective
market. With cloud computing, several users can share
resources like storage space and computations. It's best to Resource utilization and cost reduction as needed,
construct and oversee one's infrastructure. resources can be dynamically assigned and de-allocated.
IJISRT23AUG1031 www.ijisrt.com 2442
Volume 8, Issue 8, August – 2023 International Journal of Innovative Science and Research Technology
ISSN No:-2456-2165
Rapid Elasticity: customers are charged based on their actual resource
Cloud computing resources may be swiftly scaled up utilization rather than a flat price. This enables cost
or down to meet changing Demand, allows customers to reductions and is more Effective. Resource deployment [2]:
alter their computer resources quickly and simply as needed. Fig. 1 briefly demonstrates the essential characteristics of
Cloud computing resources are monitored and assessed, and cloud computing.
Fig 1 The Essential Characteristics of Cloud Computing
III. CLOUD COMPUTER DEPLOYMENT storage demand. Examples of recognized private cloud
MODELS instances include Amazon Elastic Cloud Compute, Google
App Engine, Blue Cloud from IBM, and Azure Services
Choosing the appropriate form of Cloud Computing to Platform with Windows [9]. In summary, private clouds are
be implemented by an institution is the first and most crucial renowned for providing services to the general public or
stage since it guarantees a successful Cloud Computing The larger institutions through a third-party provider via the
successful implementation of Cloud Computing in an Internet. It is important to note that client data is not
institution is contingent upon understanding that different publicly exposed, as public cloud providers always ensure
types of Cloud Computing require distinct skills and authorized and authenticated access control for their clients.
resources. Numerous institutions have experienced project Private clouds offer a cost-effective and flexible solution
failures due to selecting the wrong Cloud computing model. [9]. According to Parsi & Laharika [10], the public cloud
To prevent implementation failures, it is crucial for has four fundamental characteristics, which are as follows:
institutions to thoroughly assess their data before
determining the most suitable form of Cloud Computing to A Versatile and Scalable Environment:
adopt. Previous research in Cloud Computing has The public cloud, exemplified by platforms like
categorized deployment models into four distinct types Google App Engine and Amazon Elastic Cloud Computing,
based on their distribution and physical location [1]. provides users with a highly adaptable cloud environment.
Private Cloud: Self-Service Empowerment:
The concept of a private cloud involves the delivery of The public cloud encourages users to create their own
cloud services through an organization's infrastructure, cloud infrastructure without the need for external assistance.
which can be located either on-premises or off-premises. This is known as pre-configured clouds, readily accessible
The crucial aspect is that the infrastructure is dedicated on the Internet.
solely to the organization. Setting up a private cloud is
considered relatively simple as it eliminates the challenges Pay-per-use Model:
associated with equipment, application, or transfer speed This distinctive feature makes cloud technology more
charges. The organization only incurs costs for the services accessible to organizations, enabling them to operate in a
and resources it has actually used. On the other hand, for coordinated manner. As businesses embrace cloud services,
public cloud services, customers typically pay a monthly their future prospects improve. However, users are charged
fee. Private clouds do not require any additional hardware based on the fundamental cloud services they utilize.
since they operate on the fundamental principle of scalable
IJISRT23AUG1031 www.ijisrt.com 2443
Volume 8, Issue 8, August – 2023 International Journal of Innovative Science and Research Technology
ISSN No:-2456-2165
Accessibility and Reliability: Risk Transfer:
One of the notable advantages of the public cloud is its Organizations retain and operate their server (the hub
availability to all users, prioritizing agility. Users have the of their data) and private cloud. The public cloud service
flexibility to manage their tasks from any location across the provider must ensure that their service is always available.
globe at any time. This not only allows for the execution of The risk of underestimating workloads is transferred from
essential business operations but also enhances customer the service operator to the cloud seller when using a hybrid
engagement on a global scale. cloud. The vast majority of cloud providers have SLAs that
promise an uptime of more than 99.9% continuously, for
Public Cloud: example, or downtime of no more than nine (9) hours per
The public cloud follows a paradigm where third-party year.
providers offer cloud services through the internet. These
services are available to anyone who wishes to use them, Availability:
and the resources are shared among multiple users. The Extreme accessibility of the company server (the heart
public cloud model offers numerous advantages as it of their data) is both inconvenient and costly, as it needs
provides applications, data storage, and various other data redundancy, backup, reinforcements, and geographical
services to consumers through service providers. This is dispersal. Particularly in organizations where information
made possible by the characteristics of the pay-as-you-go technology is not the primary focus, the talent pool is fairly
model. Designed to offer unlimited storage capacity and limited. If the organization’s server (the center of their data)
improved data transfer over the internet, this cloud is unavailable due to certain faults or Distributed Denial of
architecture is hosted, owned, and operated by a third-party Service (DDoS) attacks, the public cloud may scale up or
service provider. It caters to the requirements of businesses entirely overrun operations in a hybrid cloud.
of all sizes, ranging from small to medium to large
enterprises. Community Cloud:
A community cloud concept entails organizations with
Hybrid Cloud: similar interests or needs sharing cloud services. This could
The hybrid cloud model combines public and private be useful for businesses that need to collaborate on projects
cloud services, allowing businesses to leverage the benefits or share resources while still maintaining some control over
of both. This may involve transferring data and applications their data and apps. As a result, either the linked institutions
across the two clouds or dynamically moving workloads as or the cloud that delivers the services can manage this cloud
needed. [6]. Community clouds are examples of academic clouds.
The cloud computing deployment models are graphically
By distributing costs among organizations, this model depicted in Fig. 2.
helps minimize spending on infrastructure establishment.
While government agencies within a single region may
share resources, non-government agencies typically do not
have the same level of resource sharing [10].
Yet, enterprises can keep their costs and security at a
reasonable level; yet, there are some difficulties related to
cloud standardization and interoperability that should be
considered. Sujay [11] identifies the following hybrid cloud
characteristics:
Optimal use:
The usual data centers in the server resources are used
from 5% to 20%. The reason for this is the crest loads,
which are ten (10) times more than the normal weight. As a
result, servers are often idle, incurring unnecessary costs. By
extending out to open assets to take care of hosts, the hybrid
cloud could extend server use.
Data Center Consolidation:
Rather than providing the ability to adapt to the most
speculative situations, a private cloud just requires resources
in normal cases. The alternative option is to impact our grant
server union and therefore achieve a reduction in operating
expenditures. This includes hardware, electricity, cooling, Fig 2 The Cloud Computing Deployment Models [6]
maintenance, and service costs.
IJISRT23AUG1031 www.ijisrt.com 2444
Volume 8, Issue 8, August – 2023 International Journal of Innovative Science and Research Technology
ISSN No:-2456-2165
The Delivery Models in Cloud are [1]: Common examples of Platform as a Service (PaaS) include
SQL databases and Microsoft's Azure.
Software-as-a-Service (SaaS):
A client can use a browser to access software and data Infrastructure-as-a-Service (IaaS):
stored in the cloud. The user is not in charge of the cloud Clients can order resources on demand and install and
infrastructure, network, or servers [6]. It is distinct from run any program, operating system, or application. The user
traditional hardware, which SaaS does not provide. SaaS is in charge of resources like the operating system, storage,
software is purchased and installed on a personal computer, and programs. Data sharing between enterprises is one of
similar to a distribution model in which vendors and service the advantages of cloud computing. The aforementioned
providers can access programs and data that is made benefit, however, introduces a potential data risk. In the
available to end users through a standard platform, most Infrastructure as a Service (IaaS) model, the provider offers
commonly the internet. It is suitable for a gradually essential processing, network storage, and additional
dominating distribution model since it highlighted the computing resources, while clients have the freedom to
technology that carries service-oriented architecture (SOA) create and operate various types of software, including
and web services as advanced and creative developing operating systems and applications. Although customers are
approaches begin to gain popularity. Software as a Service not responsible for administering or maintaining the
(SaaS) is sometimes coupled with a licensing structure, such underlying cloud computing system, they have full control
as a pay-as-you-go subscription. Furthermore, service over its operation, such as managing storage space,
broadband has become more accessible to end customers, installing applications, and potentially selecting limited
allowing them to access more locations throughout the networking components based on regulatory requirements.
world. According to the aforementioned remark, Google This model provides users with a platform in the form of a
Docs is the best example. computer environment or infrastructure, encompassing both
hardware and software.
Platform-as-a-Service (PaaS):
Users or clients can utilize applications provided by the Figure 3 Illustrates the Hierarchical view of Cloud
cloud service provider, which operate on a cloud Computing Service Models.
infrastructure and can be accessed through user devices via According to this data, consumers have complete
interfaces like web browsers [7]. This approach allows users control over the infrastructure cloud provider in any of these
to develop their own software libraries or tools and manage service models. Of these three (3) service models, IaaS is
software and service deployments. By adopting the Platform the one with the most control over the infrastructure
as a Service (PaaS) model, businesses can significantly providers. In comparison to IaaS, PaaS has the least amount
reduce costs since they are relieved of the burden of of control over the infrastructure suppliers. Finally, SaaS is
managing both the software and hardware required for an infrastructure that is distributed to clients through a
application development. This model simplifies application network and includes all of the services provided in IaaS.
deployment by eliminating the complexities and expenses Customers of this service have only a sliver of control over
associated with procuring and maintaining both hardware the infrastructure. A portion of the providers' responsibility
and software, as well as provisioning hosting capabilities. is to manage and control the essential infrastructure and
platform.
Fig 3 Cloud Computing Service Models can be Depicted in a Hierarchical view [8].
IJISRT23AUG1031 www.ijisrt.com 2445
Volume 8, Issue 8, August – 2023 International Journal of Innovative Science and Research Technology
ISSN No:-2456-2165
IV. LAYERED APPROACH Network Security Layer: Implementing network
security mechanisms such as firewalls, intrusion detection
In a cloud context, a layered approach refers to a and prevention systems (IDPS), and virtual private networks
security strategy that entails establishing numerous layers of (VPNs) to safeguard the network infrastructure on which the
security controls to protect the cloud infrastructure, cloud runs.
applications, and data from various security threats and
dangers. Identity and Access Management Layer: This layer
controls access to cloud resources by implementing security
Cloud computing offers numerous benefits, methods such as multi-factor authentication, identity
encompassing scalability, flexibility, and cost-effectiveness. federation, and role-based access control (RBAC).
Nonetheless, it also introduces a set of distinct security
challenges, including shared responsibility, data protection, Platform and Application Security Layer: To protect
and compliance. the cloud platform and apps from assaults, this layer
implements security measures such as secure software
A layered approach addresses these issues by development processes, vulnerability assessments, and
providing a defense-in-depth strategy that protects against penetration testing.
several sorts of cloud-specific assaults, such as data
breaches, insider threats, and denial-of-service (DOS) Data Security Layer: Implementing security measures
attacks. In a cloud environment, a typical tiered approach such as encryption, access controls, and data loss prevention
contains the following layers: (DLP) tools to protect sensitive data stored in the cloud is
part of this layer.
Physical Security Layer: Implementing physical
security measures such as access controls, surveillance Compliance and Governance Layer: Implementing
cameras, and biometric authentication systems to protect the security measures to meet regulatory requirements and
physical infrastructure where cloud servers are housed is industry standards such as ISO 27001, HIPAA, and PCI
part of this layer. DSS is part of this layer.
Fig 4 Threat Classification According to Cloud Layers
V. CLOUD-SPECIFIC THREATS THAT CAN BE Data Breach:
MITIGATED USING A LAYERED APPROACH When unauthorized individuals gain access to sensitive
data stored in the cloud, a data breach occurs. By adopting
A Layered Approach to Cloud Security can Assist data security measures like encryption, access controls, and
Defend against a Variety of Cloud-Specific Attacks, such data loss prevention (DLP) tools, a layered approach can
as: help avoid data breaches.
DDoS Attack: Insider Threats:
DDoS assaults are a common danger to cloud Insider threats occur when authorized individuals cause
infrastructures. DDoS attacks flood cloud resources with harm to the cloud environment, either purposefully or
traffic from many sources, rendering them inoperable for accidentally. By adopting identity and access management
consumers. By deploying network security controls such as policies like multi-factor authentication, identity federation,
firewalls, intrusion detection and prevention systems and role-based access control (RBAC), a layered approach
(IDPS), and load balancers, a layered approach can assist can help mitigate insider threats.
avoid DDoS attacks.
IJISRT23AUG1031 www.ijisrt.com 2446
Volume 8, Issue 8, August – 2023 International Journal of Innovative Science and Research Technology
ISSN No:-2456-2165
Malware and Ransomware: outlining the incident response process, and testing the
Malware and ransomware are common cloud dangers. incident response strategy through tabletop exercises.
Malware attacks cloud resources with malicious software,
whereas ransomware encrypts cloud resources and demands VII. CONCLUSION
payment for access to be restored. Endpoint security
measures like antivirus software, endpoint detection and Although cloud computing is a new growing
response (EDR), and host-based firewalls can assist prevent technology that provides numerous benefits to users, it faces
malware and ransomware. numerous security challenges. The Cloud-Based system
faces a lot of security concerns and this scares organizations
API Attacks: away from hosting their database in the cloud environment.
API attacks are a prevalent danger to cloud Most security concerns center on the privacy and validity of
environments that rely on APIs to interface with other cloud their data. This calls for a more secure authentication system
apps and services. API attacks take advantage of API flaws for cloud computing. Any authentication system’s core
to obtain unwanted access to cloud resources. By strength depends upon the probability of success of breaking
incorporating platform and application security measures that system for accessing the services provided by the cloud
such as safe software development practices, vulnerability service providers. In this research authentication scheme, the
assessments, and penetration testing, a layered approach can core strength is first-tier, second-tier, and third-tier
help prevent API attacks. authentication user credentials. For getting access to the
requested service, the attacker has to break all the
VI. MEASURING THE CHANCE OF authentication layers. At the first tier, the username and
OCCURRENCE OF MULTILAYER THREATS password of the user are verified. Security analysis says that
IN THE CLOUD increases as the number of authentication tiers in the system,
the probability of success in breaking the multi-tier
Measuring the chance of occurrence of multilayer authentication system reaches near zero. Hence, looking at
threats in the cloud may be a complex and difficult the security model used in this research, one can say that
undertaking due to the numerous aspects to consider, such there is very a less probability of breaking the multi-tier
as the type of cloud infrastructure, security mechanisms in authentication system. Also, the layered approach by
place, and threat landscape. Here are some actions you may Organizations can install many levels of security measures
take to assess the likelihood of multilayer threats in the to develop a defense-in-depth approach that protects against
cloud: various sorts of cloud-specific assaults, such as data
breaches, insider threats, and denial-of-service (DOS)
Threat Assessment: attacks. This technique can help to lower the chance of a
Conduct a thorough threat assessment to detect successful attack and improve the organization's overall
potential cloud threats and risks. This can include evaluating security posture in the cloud. With the above security
security logs and audit trails, as well as assessing threat measures, data security in the cloud is guaranteed and it will
intelligence reports and conducting vulnerability encourage people to use cloud-based systems security data
assessments and penetration testing. is guaranteed. Organizations can establish a defense-in-
depth approach that protects against various types of cloud-
Risk Assessment: specific attacks by deploying many layers of security
Conduct a risk assessment to assess the likelihood and controls. This technique can help to lower the chance of a
potential impact of each identified danger. Assigning a risk successful attack and improve the organization's overall
score based on the likelihood of the threat occurring and the security posture in the cloud.
potential impact on the cloud environment can be part of
this. REFERENCES
Vulnerability Scanning: [1]. Smitha Nisha Mendonca s “Data Security in Cloud
Use vulnerability scanning technologies to uncover Computing using AES”, International Journal of
potential cloud vulnerabilities. This can aid in identifying Engineering Research & Technology (IJERT) ISSN:
regions where a layered danger is more likely. 2278-0181 Vol. 7 Issue 01, January-2018.
[2]. Tinankoria Diaby, Babak Bashari Rad,"Cloud
Assessment of Security Controls: Computing: A review of the Concepts and
Determine the effectiveness of the security controls in Deployment Models", International Journal of
place to mitigate the identified threats. This can include Information Technology and Computer Science
auditing rules, procedures, and technical controls to ensure (IJITCS), Vol.9, No.6, pp.50-58, 2017. DOI:
they are correctly established and applied. 10.5815/ijitcs.2017.06.0
Planning an Incident Response:
Create an incident response plan outlining how to
handle a security event in the cloud. This can include
defining the incident response team's roles and duties,
IJISRT23AUG1031 www.ijisrt.com 2447
Volume 8, Issue 8, August – 2023 International Journal of Innovative Science and Research Technology
ISSN No:-2456-2165
[3]. Mohamed Elhoseny, Ahmed Abdelaziz, Ahmed S.
Salama, A.M. Riad, Khan Muhammad, Arun Kumar
Sangaiah,”A hybrid model of Internet of Things and
cloud computing to manage big data in health
services applications”, Future Generation Computer
Systems, Volume 86,2018,Pages 1383-1394,ISSN
0167-739X.
[4]. Mohamed Elhoseny, Ahmed Abdelaziz, Ahmed S.
Salama, A.M. Riad, Khan Muhammad, Arun Kumar
Sangaiah,”A hybrid model of Internet of Things and
cloud computing to manage big data in health
services applications”, Future Generation Computer
Systems, Volume 86,2018,Pages 1383-1394,ISSN
0167-739X.
[5]. Nicola Raimo, Ivano De Turi, Francesco Albergo,
Filippo Vitolla, The drivers of the digital
transformation in the healthcare industry: An
empirical analysis in Italian hospitals, Technovation,
Volume 121, 2023,102558,ISSN
01664972,https://doi.org/10.1016/j.technovation.202
2.102558.
[6]. Thakur, N., D. Bisen, V. Rohit, and N. Gupta,
Review on Cloud Computing: Issues, Services and
Models. International Journal of Computer
Applications, 2014. 91(9).
[7]. Khorana, S. and A.G. Verma, Comparison of Cloud
Computing Service Models: SaaS, PaaS, IaaS.
International Journal of Electronics &
Communication Technology IJECT, 2013. 4.
[8]. Tehran, S.R. and F. Shirazi. Factors influencing the
adoption of cloud computing by small and medium
size enterprises (SMEs). in International Conference
on Human Interface and the Management of
Information. 2014. Springer.
[9]. Kim, W., Cloud Computing: Today and Tomorrow.
Journal of object technology,2009. 8(1): p. 65-72
[10]. According to Parsi & Laharika [23] public cloud
provides four (4) basic characteristics, which are the
following:
[11]. Professional, 2009. 11(2): p. 23-27. [25] Sujay, R.,
Hybrid cloud: A new era. International Journal of
Computer Science and Technology (IJCST), 2011.
2(2): p. 323-326.
[12]. Ezeh Kingsley Ikechukwu, Prof. Ejiofor Virginia
Ebere, Frank Ekene Ozioko, Asogwa T.C, Nzeogu
Neheta Chinyere, Nwankwo Ugochukwu
Cornelius,Anomaly Based Malware Detection
System on Smartphone – A Systematic Review:
International Journal of Advances in Engineering and
Management (IJAEM) Volume 4, Issue 10 Oct.
2022, pp: 686-696.
