ISSUE 104

04 Mar 2020

Article of the Month   Around the World


Cloud Computing

Cloud computing could be a general term for all the world that involves delivering hosted services over the web. These services are generally divided into 3 categories: Infrastructure-as-a-Service (IaaS), Platform-as-a-Service (PaaS) and Software-as-a-Service (SaaS). The name cloud computing was inspired by the cloud symbol that's usually wont to represent the web in flowcharts and diagrams. A cloud service has 3 distinct characteristics that differentiate it from traditional web hosting. it's sold-out on demand, usually by the minute or the hour; it's elastic -- a user will have as much or as very little of a service as they require at any given time; and the service is absolutely managed by the supplier (the consumer wants nothing however a private laptop and web access). Significant innovations in virtualization and distributed computing, as well as improved access to the high-speed web, have accelerated interest in cloud computing.

Security remains a primary concern for businesses considering cloud adoption -- especially public cloud adoption. Public cloud service suppliers share their underlying hardware infrastructure between numerous customers, because the public cloud may be a multi-tenant environment. This environment demands copious isolation between logical compute resources. At the identical time, access to public cloud storage and compute resources is guarded by account login credentials. Several organizations sure by advanced regulatory obligations and governance standards are still hesitant to put data or workloads within the public cloud for fear of outages, loss or theft. However, this resistance is weakening, as logical isolation has proven reliable, and therefore the addition of data encryption and various identity and access management tools has improved security among the general public cloud.

Cloud Computing Middleware Architecture

The general orientation of the cloud computing platform is that the user can make use of rich resources and the strong hardware in support to deal with larger-scaled computing problems at any time and any place. But, cloud computing not only can integrate resources effectively but can plan and manage this hardware resource uniformly. The middleware is the service-oriented the system architecture of the cloud computing platform. At the same time, the partial application has left resources waste and the unused. That is to distribute resources equitably based on costumers needs. The hardware configuration such as the computer has been promoted which increases the cost. As the Information Age goes faster, users’ needs and the needed efficiency are increasing day by day. Therefore, the middleware is a necessary part of the platform.

Protecting user data in cloud computing

These researchers planned Silver line, that identifies data that the application will properly process in encrypted form.11 such data can remain encrypted and hence maintain its confidentiality to the cloud supplier. (In different words, sensitive data should remain encrypted while in the cloud.) However, such a requirement will limit the usability of (encrypted) data when a cloud application processes it. For instance, whether or not the application data is encrypted, the access patterns exhibited by the corresponding applications will reveal sensitive information about the nature of the first data, weakening the data’s confidentiality. Fortunately, researchers at the University of California, Santa Barbara, observed that a lot of cloud applications will process encrypted data without touching the correctness of the data execution. User knowledge is another vital cloud citizen. to safeguard user knowledge within the cloud, a key challenge is to ensure the confidentiality of privacysensitive knowledge whereas its hold on and processed within the cloud. The cloud user can perform knowledge coding domestically once the encrypted data is came from the cloud as application output. As a result, the cloud supplier shouldn't be able to see unencrypted or decrypted sensitive data throughout the data's residence in the cloud. This is often a significant step toward the final word deployment of ORAM-enabled machines for sensitive data processing in the cloud. hence a challenge is to achieve confidentiality of data access patterns within the cloud and problem known as oblivious RAM (ORAM).Recently, researchers reported a breakthrough in achieving both practical and in theory sound ORAM.12 the answer, called Path ORAM, is elegant by design and efficient in practice. 12 In fact, Path ORAM has been implemented as a part of a processor model called Phantom, 13 that achieves realistic performance for realworld applications. In-cloud data confidentiality poses even bigger challenges. This problem assumes a somewhat totally different trust model, within which the cloud isn't totally trustworthy due to operator errors or software vulnerabilities.

Solution to Cloud Computing

In addition, the credit union cloud infrastructure doesn't would like additional cooling systems, which saves the extra fifteenth of the data center's value on cooling. as an example, forty-five of the data the center value goes to the acquisition of servers, twenty-five goes to specialized infrastructure for fault tolerance, redundant power, cooling systems, and backup batteries, while electrical value consumed by the machines accounts for the fifteenth of the amortized total cost. It will help an organization or business owner save to forty-five of the value of a data center by eliminating the direct purchase for the cloud servers, which might rather be necessary. setting up the data center for cloud is expensive and running the infrastructure wants expertise still like lots of resources like high power for cooling, redundant power for assured availability, etc. In general, our credit union cloud management system provides a possible on-premise the answer to Cloud Computing for establishments and organizations that extremely care about value and security. The key characteristic in CUCM is that the "no data center" approach to provisioning Cloud Computing services for an establishment, organization, or community. Cloud services (mainly IaaS) designed based on the CUCM are typically referred to as credit union Clouds (CU clouds for short). Among several other benefits of cu clouds, affordability (which suggests that almost no further value for acquiring and running an onpremise cloud infrastructure) is particularly appealing. However, the requirement for large upfront investment to line up the data center for the personal cloud infrastructure is prohibitively expensive. The present Cloud Computing services are supported the data center approach, wherever many thousands of dedicated servers are set up to convey the services. This argument had motivated an alternate Cloud Computing provision model, named Credit Union Cloud Model (or CUCM for short). With this public clouds, which are better-called vendor clouds as they're all provided by vendors based on dedicated data centers, the priority for security/safety and loss-of-control is that the primary obstacle to keeping traditional IT from moving to clouds. Additionally to the huge number of servers used in data centers, there are billions of private Computers (PCs) owned by people and organizations worldwide. We had argued that we shall treat the untapped central processing unit cycles and disk areas of a great several underutilized PCs as precious assets, like monetary assets, to consolidate and reuse them for the great of the society and of the people just like the way that a credit union works. On-premise personal cloud is believably an answer to mitigating this concern. It's understood that if the data of a business is extremely confidential, the business owner is of course to a fault concerned about placing the data within the hands of another party. Researches show that desktop computers owned by organizations are idle up to ninety-seven of the time.

In this paper we are talking about cloud computing.so this a very good technology and it's very useful for all communities.in this review paper, we are discuss about the middleware architecture, challengers, security and privacy, requirements, solutions and we have good knowledge about that.so we have get good decisions to improve this cloud computing system and get more knowledge about cloud computing. and last we have so much idea to improve cloud computing and get it to upper level.
















  Key Defense Supplier Hit by Ransomware


"A supplier to a number of major defense companies including Lockheed Martin, Boeing, General Dynamics, and SpaceX is the target of a ransomware attack. Documents purportedly stolen from Denver-based Visser Precision Manufacturing are already showing up online, according to Emsisoft, the cybersecurity company that made the attack public..........."


500 Chrome Extensions Caught Stealing Private Data of 1.7 Million Users


"Google removed 500 malicious Chrome extensions from its Web Store after they found to inject malicious ads and siphon off user browsing data to servers under the control of attackers. These extensions were part of a malvertising and ad-fraud campaign that's been operating at least since January 2019, although evidence points out the possibility that the actor behind the scheme may have been active since 2017..........."


Ransomware Wreaks Havoc Across Europe


'Security experts have this week warned Italian and Swiss businesses to be on their guard as ongoing ransomware campaigns continue to target vulnerable systems. In Switzerland, the Reporting and Analysis Centre for Information Assurance (Melani) issued an alert for local firms, claiming that it has already been forced to deal with a dozen cases where SMEs and large organizations have had their systems encrypted.........'

Month in Brief
Facebook Incidents Reported to Sri Lanka CERT|CC in February 2020


  Statistics - Sri Lanka CERT|CC

AdSense Extortionists Threaten to Trigger Google Fraud Alarms

'Security experts are warning of a new extortion email campaign threatening to bombard websites using AdSense with fake traffic, thereby triggering Google's anti-fraud systems. A website owner wrote to journalist and researcher Brian Krebs claiming to have received just such a threat. The extortionists demanded $5000 in Bitcoin, or else they would bombard the site with bot-driven traffic........'

Over Half of Organizations Were Successfully Phished in 2019

"The 2020 "State of the Phish" report, by cybersecurity and compliance firm Proofpoint, was produced using data from nearly 50 million simulated phishing attacks sent by Proofpoint to end users over a one-year period. In addition, researchers combed through third-party survey responses from more than 600 information security professionals and analyzed the fundamental cybersecurity knowledge of more than 3,500 working adults in the US, Australia, France, Germany, Japan, Spain, and the UK.........."

Cyber security experts sound the alarm on 5G

"5G is here to stay, and it's set to shake up a lot of different industries. It brings a host of benefits, including super-fast speeds, reliability, efficiency and support for many more devices. However, these innovations will change the way we approach security, as 5G opens up many new opportunities for hackers. ........"
Notice Board

Training and Awareness Programs - Mar   2020

Date Event Venue

Brought to you by: