The world has seen a quick transition from hard devices for local storage to massive virtual data centers, all possible because of cloud storage technology. Businesses have grown to be scalable, meeting consumer demands on every turn. Cloud computing has transforming the way we do business making IT more efficient and cost effective that leads to new types of cybercrimes. Securing the data in cloud is a challenging task. Cloud security is a mixture of art and science. Art is to create your own technique and technologies in such a way that the user should be authenticated. Science is because you have to come up with ways of securing your application. Data security refers to a broad set of policies, technologies and controls deployed to protect data application and the associated infrastructure of cloud computing. It ensures that the data has not been accessed by any unauthorized person. Cloud storage systems are considered to be a network of distributed data centers which typically uses cloud computing technologies like virtualization and offers some kind of interface for storing data. Virtualization is the process of grouping the physical storage from multiple network storage devices so that it looks like a single storage device.Storing the important data in the cloud has become an essential argument in the computer territory. The cloud enables the user to store the data efficiently and access the data securely. It avoids the basic expenditure on hardware, software and maintenance. Protecting the cloud data has become one of the burdensome tasks in today’s environment. Our proposed scheme "Certificateless Compressed Data Sharing in Cloud through Partial Decryption" (CCDSPD) makes use of Shared Secret Session (3S) key for encryption and double decryption process to secure the information in the cloud. CC does not use pairing concept to solve the key escrow problem. Our scheme provides an efficient secure way of sharing data to the cloud and reduces the time consumption nearly by 50 percent as compared to the existing mCL-PKE scheme in encryption and decryption process.Distributed Cloud Environment (DCE) has the ability to store the da-ta and share it with others. One of the main issues arises during this is, how safe the data in the cloud while storing and sharing. Therefore, the communication media should be safe from any intruders residing between the two entities. What if the key generator compromises with intruders and shares the keys used for both communication and data? Therefore, the proposed system makes use of the Station-to-Station (STS) protocol to make the channel safer. The concept of encrypting the secret key confuses the intruders. Duplicate File Detector (DFD) checks for any existence of the same file before uploading. The scheduler as-signs the work of generating keys to the key manager who has less task to complete or free of any task. By these techniques, the proposed system makes time-efficient, cost-efficient, and resource efficient compared to the existing system. The performance is analysed in terms of time, cost and resources. It is necessary to safeguard the communication channel between the entities before sharing the data. In this process of sharing, what if the key manager’s compromises with intruders and reveal the information of the user’s key that is used for encryption. The process of securing the key by using the user’s phrase is the key concept used in the proposed system "Secure Storing and Sharing of Data in Cloud Environment using User Phrase" (S3DCE). It does not rely on any key managers to generate the key instead the user himself generates the key. In order to provide double security, the encryption key is also encrypted by the public key derived from the user’s phrase. S3DCE guarantees privacy, confidentiality and integrity of the user data while storing and sharing. The proposed method S3DCE is more efficient in terms of time, cost and resource utilization compared to the existing algorithm DaSCE (Data Security for Cloud Environment with Semi Trusted Third Party) and DACESM (Data Security for Cloud Environment with Scheduled Key Managers).For a cloud to be secure, all of the participating entities must be secure. The security of the assets does not solely depend on an individual s security measures. The neighbouring entities may provide an opportunity to an attacker to bypass the user s defences. The data may compromise due to attacks by other users and nodes within the cloud. Therefore, high security measures are required to protect data within the cloud. Cloudsim allows to create a network that contains a set of Intelligent Sense Point (ISP) spread across an area. Each ISPs will have its own unique position and will be different from other ISPs. Cloud is a cost-efficient solution for the distribution of data but has the challenge of a data breach. The data can be compromised of attacks of ISPs. Therefore, in OSNQSC (Optimized Selection of Nodes for Enhanced in Cloud Environment), an optimized method is proposed to find the best ISPs to place the data fragments that considers the channel quality, distance and the remaining energy of the ISPs. The fragments are encrypted before storing. OSNQSC is more efficient in terms of total upload time, total download time, throughput, storage and memory consumption of the node with the existing Betweenness centrality, Eccentricity and Closeness centrality methods of DROPS (Division and Replication of Data in the Cloud for Optimal Performance and Security).

Cloud computing allows us to access available systems and pay for what we require whenever needed. When there is access to the internet, it uses some techniques like Service-Oriented Architecture (SOA), virtualization, distributed computing, etc. Cloud computing has transformed the way people utilize and handle computer services. It enables sharing, pooling, and accessing resources on the Internet. It offers tremendous advantages that enhance the cost-effectiveness and efficiency of organizations, which is marked by security challenges or threats that can compromise data, service safety and privacy. This paper gives an overview of cloud computing and explores the threats and vulnerabilities related to cloud computing with its countermeasures. It also explores the recent advancement in cloud computing threats and countermeasures. Further, this paper highlights the case studies on recent attacks and vulnerabilities which are compromised. Finally, this paper concludes that cloud computing is efficiently used to mitigate the threats and vulnerabilities with its countermeasures.

Container-based virtualization has gained momentum over the past few years thanks to its lightweight nature and support for agility. However, its appealing features come at the price of a reduced isolation level compared to the traditional host-based virtualization techniques, exposing workloads to various faults, such as co-residency attacks like container escape. In this work, we propose to leverage the automated management capabilities of containerized environments to derive a Fault and Intrusion Tolerance (FIT) framework based on error detection-recovery and fault treatment. Namely, we aim at deriving a specification-based error detection mechanism at the host level to systematically and formally capture security state errors indicating breaches potentially caused by malicious containers. Although the paper focuses on security side use cases, results are logically extendable to accidental faults. Our aim is to immunize the target environments against accidental and malicious faults and preserve their core dependability and security properties.

The innovation introduced by connectivity brings about significant changes in the industrial environment leading to the fourth industrial revolution, known as Industry 4.0. However, the integration and connectivity between industrial systems have significantly increased the risks and cyberattack surfaces. Nowadays, Virtualization is added to the security field to provide maximum protection against toxic attacks at minimum costs. Combining paradigms such as Software Defined Networking (SDN), and Network Function Virtualization (NFV) can improve virtualization performance through Openness (unified control of heterogeneous hardware and software resources), Flexibility (remote management and rapid response to changing demands), and Scalability (a faster cycle of innovative services deployment). The present paper proposes a Virtualized Security for Industry 4.0 (ViSI4.0), based on both SDN and Network Security Function Virtualisation (NSFV), to prevent attacks on Cyber-Physical System (CPS). Since industrial devices are limited in memory and processing, vNSFs are deployed as Docker containers. We conducted experiments to evaluate the performances of IIoT applications when using virtualized security services. Results showed that many real-time IIoT applications are still within their latency tolerance range. However, the additional delays introduced by virtualization have an impact on IIoT applications with very strict delays.

Container-based virtualization has gained momentum over the past few years thanks to its lightweight nature and support for agility. However, its appealing features come at the price of a reduced isolation level compared to the traditional host-based virtualization techniques, exposing workloads to various faults, such as co-residency attacks like container escape. In this work, we propose to leverage the automated management capabilities of containerized environments to derive a Fault and Intrusion Tolerance (FIT) framework based on error detection-recovery and fault treatment. Namely, we aim at deriving a specification-based error detection mechanism at the host level to systematically and formally capture security state errors indicating breaches potentially caused by malicious containers. Although the paper focuses on security side use cases, results are logically extendable to accidental faults. Our aim is to immunize the target environments against accidental and malicious faults and preserve their core dependability and security properties.

One of the important characteristics envisioned for 6G is security function virtualization (SFV). Similar to network function virtualization (NFV) in 5G networks, SFV provides new opportunities for improving security while reducing the security overhead. In particular, it provides an attractive way of solving compatibility issues related to security. Malware in Internet of Things (IoT) systems is gaining popularity among cyber-criminals because of the expected number of IoT devices in 5G and 6G networks. To solve this issue, this article proposes a security framework that exploits softwarization of security functions via SFV to improve trust in IoT systems and contain the propagation of malware. IoT devices are categorized into trusted, vulnerable, and compromised levels using remote attestation. To isolate the devices in the three distinct categories, NFV is used to create separate networks for each category, and a distributed ledger is used to store the state of each device. Virtualized remote attestation routines are employed to avoid any compatibility issues among heterogeneous IoT devices and effectively contain malware propagation. The results show that the proposed framework can reduce the number of infected devices by 66 percent in only 10 seconds.

One of the important characteristics envisioned for 6G is security function virtualization (SFV). Similar to network function virtualization (NFV) in 5G networks, SFV provides new opportunities for improving security while reducing the security overhead. In particular, it provides an attractive way of solving compatibility issues related to security. Malware in Internet of Things (IoT) systems is gaining popularity among cyber-criminals because of the expected number of IoT devices in 5G and 6G networks. To solve this issue, this article proposes a security framework that exploits softwarization of security functions via SFV to improve trust in IoT systems and contain the propagation of malware. IoT devices are categorized into trusted, vulnerable, and compromised levels using remote attestation. To isolate the devices in the three distinct categories, NFV is used to create separate networks for each category, and a distributed ledger is used to store the state of each device. Virtualized remote attestation routines are employed to avoid any compatibility issues among heterogeneous IoT devices and effectively contain malware propagation. The results show that the proposed framework can reduce the number of infected devices by 66 percent in only 10 seconds.

With the development of information networks, cloud computing, big data, and virtualization technologies promote the emergence of various new network applications to meet the needs of various Internet services. A security protection system for virtual host in cloud computing center is proposed in the article. The system takes "security as a service" as the starting point, takes virtual machines as the core, and takes virtual machine clusters as the unit to provide unified security protection against the borderless characteristics of virtualized computing. The thesis builds a network security protection system for APT attacks; uses the system dynamics method to establish a system capability model, and conducts simulation analysis. The simulation results prove the validity and rationality of the network communication security system framework and modeling analysis method proposed in the thesis. Compared with traditional methods, this method has more comprehensive modeling and analysis elements, and the deduced results are more instructive.

A huge number of cloud users and cloud providers are threatened of security issues by cloud computing adoption. Cloud computing is a hub of virtualization that provides virtualization-based infrastructure over physically connected systems. With the rapid advancement of cloud computing technology, data protection is becoming increasingly necessary. It s important to weigh the advantages and disadvantages of moving to cloud computing when deciding whether to do so. As a result of security and other problems in the cloud, cloud clients need more time to consider transitioning to cloud environments. Cloud computing, like any other technology, faces numerous challenges, especially in terms of cloud security. Many future customers are wary of cloud adoption because of this. Virtualization Technologies facilitates the sharing of recourses among multiple users. Cloud services are protected using various models such as type-I and type-II hypervisors, OS-level, and unikernel virtualization but also offer a variety of security issues. Unfortunately, several attacks have been built in recent years to compromise the hypervisor and take control of all virtual machines running above it. It is extremely difficult to reduce the size of a hypervisor due to the functions it offers. It is not acceptable for a safe device design to include a large hypervisor in the Trusted Computing Base (TCB). Virtualization is used by cloud computing service providers to provide services. However, using these methods entails handing over complete ownership of data to a third party. This paper covers a variety of topics related to virtualization protection, including a summary of various solutions and risk mitigation in VMM (virtual machine monitor). In this paper, we will discuss issues possible with a malicious virtual machine. We will also discuss security precautions that are required to handle malicious behaviors. We notice the issues of investigating malicious behaviors in cloud computing, give the scientific categorization and demonstrate the future headings. We ve identified: i) security specifications for virtualization in Cloud computing, which can be used as a starting point for securing Cloud virtual infrastructure, ii) attacks that can be conducted against Cloud virtual infrastructure, and iii) security solutions to protect the virtualization environment from DDOS attacks.

Virtualization is essential in assisting businesses in lowering operational costs while still ensuring increased productivity, better hardware utilization, and flexibility. According to Patrick Lin, Senior Director of Product Management for VMware, "virtualization is both an opportunity and a threat." This survey gives a review of the literature on major virtualization technology security concerns. Our study primarily focuses on several open security flaws that virtualization introduces into the environment. Virtual machines (VMs) are overtaking physical machine infrastructures due to their capacity to simulate hardware environments, share hardware resources, and make use of a range of operating systems (OS). By offering a higher level of hardware abstraction and isolation, efficient external monitoring and recording, and on-demand access, VMs offer more effective security architecture than traditional machines. It concentrates on virtual machine-specific security concerns. The security risks mentioned in this proposal apply to all of the virtualization technologies now on the market; they are not unique to any one particular virtualization technology. In addition to some security advantages that come along with virtualization, the survey first gives a brief review of the various virtualization technologies that are now on the market. It conclude by going into great depth on a number of security gaps in the virtualized environment.

The world has seen a quick transition from hard devices for local storage to massive virtual data centers, all possible because of cloud storage technology. Businesses have grown to be scalable, meeting consumer demands on every turn. Cloud computing has transforming the way we do business making IT more efficient and cost effective that leads to new types of cybercrimes. Securing the data in cloud is a challenging task. Cloud security is a mixture of art and science. Art is to create your own technique and technologies in such a way that the user should be authenticated. Science is because you have to come up with ways of securing your application. Data security refers to a broad set of policies, technologies and controls deployed to protect data application and the associated infrastructure of cloud computing. It ensures that the data has not been accessed by any unauthorized person. Cloud storage systems are considered to be a network of distributed data centers which typically uses cloud computing technologies like virtualization and offers some kind of interface for storing data. Virtualization is the process of grouping the physical storage from multiple network storage devices so that it looks like a single storage device.

Cloud computing has since been turned into the most transcendental growth. This creative invention provides forms of technology and software assistance to companies. Cloud computing is a crucial concept for the distribution of information on the internet. Virtualization is a focal point for supporting cloud resources sharing. The secrecy of data management is the essential warning for the assurance of computer security such that cloud processing will not have effective privacy safety. All subtleties of information relocation to cloud stay escaped the clients. In this review, the effective mobility techniques for privacy and secured cloud computing have been studied to support the infrastructure as service.

From financial transactions to digital voting systems, identity management, and asset monitoring, blockchain technology is increasingly being developed for use in a wide range of applications. The problem of security and privacy in the blockchain ecosystem, which is now a hot topic in the blockchain community, is discussed in this study. The survey’s goal was to investigate this issue by considering several sorts of assaults on the blockchain network in relation to the algorithms offered. Following a preliminary literature assessment, it appears that some attention has been paid to the first use case; however the second use case, to the best of my knowledge, deserves more attention when blockchain is used to investigate it. However, due to the subsequent government mandated secrecy around the implementation of DES, and the distrust of the academic community because of this, a movement was spawned that put a premium on individual privacy and decentralized control. This movement brought together the top minds in encryption and spawned the technology we know of as blockchain today. This survey paper also explores the genesis of encryption, its early adoption, and the government meddling which eventually spawned a movement which gave birth to the ideas behind blockchain. It also closes with a demonstration of blockchain technology used in a novel way to refactor the traditional design paradigms of databases.

The 5G technology ensures reliable and affordable broadband access worldwide, increases user mobility, and assures reliable and affordable connectivity of a wide range of electronic devices such as the Internet of Things (IoT).SDN (Software Defined Networking), NFV ( Network Function Virtualization), and cloud computing are three technologies that every technology provider or technology enabler tries to incorporate into their products to capitalize on the useability of the 5th generation.The emergence of 5G networks and services expands the range of security threats and leads to many challenges in terms of user privacy and security. The purpose of this research paper is to define the security challenges and threats associated with implementing this technology, particularly those affecting user privacy. This research paper will discuss some solutions related to the challenges that occur when implementing 5G, and also will provide some guidance for further development and implementation of a secure 5G system.

The digital transformation brought on by 5G is redefining current models of end-to-end (E2E) connectivity and service reliability to include security-by-design principles necessary to enable 5G to achieve its promise. 5G trustworthiness highlights the importance of embedding security capabilities from the very beginning while the 5G architecture is being defined and standardized. Security requirements need to overlay and permeate through the different layers of 5G systems (physical, network, and application) as well as different parts of an E2E 5G architecture within a risk-management framework that takes into account the evolving security-threats landscape. 5G presents a typical use-case of wireless communication and computer networking convergence, where 5G fundamental building blocks include components such as Software Defined Networks (SDN), Network Functions Virtualization (NFV) and the edge cloud. This convergence extends many of the security challenges and opportunities applicable to SDN/NFV and cloud to 5G networks. Thus, 5G security needs to consider additional security requirements (compared to previous generations) such as SDN controller security, hypervisor security, orchestrator security, cloud security, edge security, etc. At the same time, 5G networks offer security improvement opportunities that should be considered. Here, 5G architectural flexibility, programmability and complexity can be harnessed to improve resilience and reliability. The working group scope fundamentally addresses the following: •5G security considerations need to overlay and permeate through h the different layers of the 5G systems (physical, network, and application) as well as different parts of an E2E 5G architecture including a risk management framework that takes into account the evolving security threats landscape. •5G exemplifies a use-case of heterogeneous access and computer networking convergence, which extends a unique set of security challenges and opportunities (e.g., related to SDN/NFV and edge cloud, etc.) to 5G networks. Similarly, 5G networks by design offer potential security benefits and opportunities through harnessing the architecture flexibility, programmability and complexity to improve its resilience and reliability. •The IEEE FNI security WG s roadmap framework follows a taxonomic structure, differentiating the 5G functional pillars and corresponding cybersecurity risks. As part of cross collaboration, the security working group will also look into the security issues associated with other roadmap working groups within the IEEE Future Network Initiative.

In this fast growing technology and tight integration of physical devices in conventional networks, the resource management and adaptive scalability is a problematic undertaking particularly when it comes to network security measures. Current work focuses on software defined network (SDN) and network function virtualization (NFV) based security solution to address problems in network and security management. However, deployment, configuration and implementation of SDN/NFVbased security solution remains a real challenge. To overcome this research challenge, this paper presents the implementation of SDN-NFVs based network security solution. The proposed methodology is based on using open network operating system (ONOS) SDN Controller with Zodiac FX Openflow switches and virtual network functions (VNF). VNF comprises of virtual security functions (VSF) which includes firewall, intrusion prevention system (IPS) and intrusion detection system (IDS). One of the main contributions of this research is the implementation of security solution of an enterprise, utilizing SDN-NFV platform and commodity hardware. We demonstrate the successful implementation, configuration and deployment of the proposed NFVbased network security solution for an enterprise.

Virtualization is essential in assisting businesses in lowering operational costs while still ensuring increased productivity, better hardware utilization, and flexibility. According to Patrick Lin, Senior Director of Product Management for VMware, "virtualization is both an opportunity and a threat." This survey gives a review of the literature on major virtualization technology security concerns. Our study primarily focuses on several open security flaws that virtualization introduces into the environment. Virtual machines (VMs) are overtaking physical machine infrastructures due to their capacity to simulate hardware environments, share hardware resources, and make use of a range of operating systems (OS). By offering a higher level of hardware abstraction and isolation, efficient external monitoring and recording, and on-demand access, VMs offer more effective security architecture than traditional machines. It concentrates on virtual machine-specific security concerns. The security risks mentioned in this proposal apply to all of the virtualization technologies now on the market; they are not unique to any one particular virtualization technology. In addition to some security advantages that come along with virtualization, the survey first gives a brief review of the various virtualization technologies that are now on the market. It conclude by going into great depth on a number of security gaps in the virtualized environment.

5G core network introduces service based architecture, software defined network, network function virtualization and other new technologies, showing the characteristics of IT and Internet. The new architecture and new technologies not only bring convenience to 5G but also introduce new security threats, especially the unknown security threats caused by unknown vulnerabilities or backdoors. This paper mainly introduces the security threats after the application of software defined network, network function virtualization and other technologies to 5G, summarizes the security solutions proposed by standardization organizations and academia, and puts forward a new idea of building a high-level secure 5G core network based on the endogenous safety and security.

By analyzing the design requirements of a secure desktop virtualization information system, this paper proposes the security virtualization technology of "whitelist" security mechanism, the virtualization layer security technology of optimized design, and the virtual machine security technology of resource and network layer isolation. On this basis, this paper constructs the overall architecture of the secure desktop virtualization information system. This paper studies the desktop virtualization technology research based on VMware using VMware server virtualization solution to transform and upgrade the traditional intelligent desktop virtualization system, improve server resource utilization rate, and reduce operation and maintenance costs.

This paper is an in-depth analysis of Virtualization Software, specifically – Oracle VM VirtualBox. Here, we analyze the existing system and determine the first two phases of the Secure Software Development Process. Here we go over the requirements elicitation, the architecture, and design phases of the secure software development lifecycle. We selected SQUARE methodology to identify the security requirements. Also, we used the Microsoft Threat Modeler tool for threat modeling. Finally, we identified major secure design patterns.

The experimental results demonstrated that, With the development of cloud computing, more and more people use cloud computing to do all kinds of things. However, for cloud computing, the most important thing is to ensure the stability of user data and improve security at the same time. From an analysis of the experimental results, it can be found that Cloud computing makes extensive use of technical means such as computing virtualization, storage system virtualization and network system virtualization, abstracts the underlying physical facilities into external unified interfaces, maps several virtual networks with different topologies to the underlying infrastructure, and provides differentiated services for external users. By comparing and analyzing the experimental results, it is clear that virtualization technology will be the main way to solve cloud computing security. Virtualization technology introduces a virtual layer between software and hardware, provides an independent running environment for applications, shields the dynamics, distribution and differences of hardware platforms, supports the sharing and reuse of hardware resources, provides each user with an independent and isolated computer environment, and facilitates the efficient and dynamic management and maintenance of software and hardware resources of the whole system. Applying virtualization technology to cloud security reduces the hardware cost and management cost of "cloud security" enterprises to a certain extent, and improves the security of "cloud security" technology to a certain extent. This paper will outline the basic cloud computing security methods, and focus on the analysis of virtualization cloud security technology.

To improve the quality of network security service, the physical device service mode in traditional security service is improved, and the NFV network security service system is constructed by combining software defined networking (SDN) and network function virtualization technology (NFV). Where, network service is provided in the form of security service chain, and Web security scan service is taken as the task, finally the implementation and verification of the system are carried out. The test result shows that the security service system based on NFV can balance the load between the security network service devices in the Web security scan, which proves that the network security system based on software defined security and NFV technology can meet certain service requirements, and lays the research foundation for the improvement of the subsequent user network security service.

Cloud computing is a cutting-edge innovation that will improve the design of applications in terms of elasticity, functionality, and collaborative execution. It is a computer system that mainly depends on the Internet. The most important feature of cloud computing is virtualization, which enables on-site dynamic allocation of academic computing resources or industrial resources. Virtualization can be defined as "forming a virtual version of something, such as a server, desktop, storage device, operating system, or network resource," according to Wikipedia. The goal of this study is to demonstrate how virtualization can contribute to the improvement of cloud computing services. This study also takes a deeper look at source virtualization strategies, as well as emerging security challenges and future research goals.

In this paper, the reader s attention is directed to the problem of inefficiency of the add-on information security tools, that are installed in operating systems, including virtualization systems. The paper shows the disadvantages, that significantly affect the maintenance of an adequate level of security in the operating system. The results allowing to control all areas hierarchical of protection of the specialized operating system are presented.

Science of Security 2022 - In this paper, the reader s attention is directed to the problem of inefficiency of the add-on information security tools, that are installed in operating systems, including virtualization systems. The paper shows the disadvantages, that significantly affect the maintenance of an adequate level of security in the operating system. The results allowing to control all areas hierarchical of protection of the specialized operating system are presented.