Abstract
Security proved to be a major concern when organizations outsource their data storage and processing. Encryption schemes do not provide solutions as they disable data processing in the cloud. Researchers have used constraint-based data fragmentation to increase security while maintaining availability. We build on this approach by applying fragmentation to the application logic in addition to the data in the database and propose a model for security risk assessment in a multi-cloud environment. By applying a multi-objective optimization algorithm to the proposed model, we determine pareto-optimal distributions of application and data fragments to the available cloud providers.
This research is co-sponsored by the European Union from the European Regional Development Fund through a research grant KK.01.2.1.01.0109 Cloud Computing Security During the Use of Mobile Applications. We acknowledge the support of the Ministry of Regional Development and European Union Funds of the Republic of Croatia as well as our research partners OROUNDO Mobile GmbH Austria and OROUNDO Mobile GmbH Subsidiary Croatia.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
AlZain, M.A., Pardede, E., Soh, B., Thom, J.: Cloud computing security: from single to multi-clouds (2012)
Buyya, R., et al.: A manifesto for future generation cloud computing: research directions for the next decade. ACM Comput. Surv. (CSUR) 51, 1–38 (2019)
Ciriani, V., di Vimercati, S.D.C., Foresti, S., Jajodia, S., Paraboschi, S., Samarati, P.: Combining fragmentation and encryption to protect privacy in data storage. ACM Trans. Inf. Syst. Secur. (TISSEC) 13, 1–33 (2010)
di Vimercati, S.D.C., Foresti, S., Jajodia, S., Livraga, G., Paraboschi, S., Samarati, P.: Fragmentation in presence of data dependencies. IEEE Trans. Dependable Secure Comput. 11, 510–523 (2014)
Deb, K., Jain, H.: An evolutionary many-objective optimization algorithm using reference-point-based nondominated sorting approach, part I: solving problems with box constraints. IEEE Trans. Evol. Comput. 18, 577–601 (2013)
Deb, K., Pratap, A., Agarwal, S., Meyarivan, T.: A fast and elitist multiobjective genetic algorithm: NSGA-II. IEEE Trans. Evol. Comput. 6, 182–197 (2002)
Hajjat, M., et al.: Cloudward bound: planning for beneficial migration of enterprise applications to the cloud. ACM SIGCOMM Comput. Commun. Rev. 40, 243–254 (2010)
Hashizume, K., Rosado, D.G., Fernández-Medina, E., Fernández, E.B.: An analysis of security issues for cloud computing. J. Internet Serv. Appl. 4, 5 (2013)
Hong, T., Mei, S., Wang, Z., Ren, J.: A novel vertical fragmentation method for privacy protection based on entropy minimization in a relational database. Symmetry 10, 637 (2018)
Hudic, A., Islam, S., Kieseberg, P., Rennert, S., Weippl, E.: Data confidentiality using fragmentation in cloud computing. Int. J. Commun. Netw. Distrib. Syst. 1, 1 (2012)
Kelbert, F., et al.: Securecloud: secure big data processing in untrusted clouds (2017)
Modi, C., Patel, D., Borisaniya, B., Patel, A., Rajarajan, M.: A survey on security issues and solutions at different layers of cloud computing. J. Supercomput. 63, 561–592 (2013)
Subashini, S., Kavitha, V.: A survey on security issues in service delivery models of cloud computing. J. Netw. Comput. Appl. 34, 1–11 (2011)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Switzerland AG
About this paper
Cite this paper
Lovrenčić, R., Jakobović, D., Škvorc, D., Groš, S. (2020). Security Risk Optimization for Multi-cloud Applications. In: Castillo, P.A., Jiménez Laredo, J.L., Fernández de Vega, F. (eds) Applications of Evolutionary Computation. EvoApplications 2020. Lecture Notes in Computer Science(), vol 12104. Springer, Cham. https://doi.org/10.1007/978-3-030-43722-0_42
Download citation
DOI: https://doi.org/10.1007/978-3-030-43722-0_42
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-43721-3
Online ISBN: 978-3-030-43722-0
eBook Packages: Computer ScienceComputer Science (R0)