ISSN 2229-6964 (Online) ISSN 2347-7229 (Print)
Journal of Computer Technology & Applications (JoCTA) September–December 2016 SJIF: 4.131
STM JOURNALS Scientific
Technical
Medical
www.stmjournals.com
STM Journals STM Journals, a strong initiative by Consortium E-Learning Network Private Ltd. (established 2006), was launched in the year 2010 under the support and guidance by our esteemed Editorial and Advisory Board Members from renowned institutes. Objectives:
Promotion of Scientific, Technical and Medical research.
Publication of Original Research/Review, Short Articles and Case Studies through Peer Review process.
Publishing Special Issues on Conferences.
Preparing online platform for print journals.
Empowering the libraries with online and print Journals in Scientific, Technical and Medical domains.
Publishing and distribution of books on various subjects in the category of Nanotechnology, Scientific and Technical Writing, and Environment, Health and Safety.
Salient Features:
A bouquet of 100+ Journals that fall under Science, Technical and Medical domains.
Employs Open Journals System (OJS)—a journal management and publishing system.
The first and one of the fastest growing publication website in India as well as in abroad for its quality and coverage.
Rapid online submission and publication of papers, soon after their formal acceptance/finalization.
Facilitates linking with the other authors or professionals.
Worldwide circulation and visibility.
Journal of Computer Technology & Applications ISSN: 2229-6964(online), ISSN: 2347-7229(print)
Focus and Scope Covers
Computer Technology
Computer Engineering
Cryptology
Information Theory
Data Structures and Information Systems Applications
Software Engineering and Theory of Computation
Artificial Intelligence
Journal of Computer Technology & Applications is published (frequency: three times a year) in India by STM Journals (division of Consortium e-Learning Network Private Ltd.) The views expressed in the articles do not necessarily reflect of the Publisher. The publisher does not endorse the quality or value of the advertised/sponsored products described therein. Please consult full prescribing information before issuing a prescription for any products mentioned in this publication. No part of this publication may be reproduced, stored in retrieval system or transmitted in any from without written permission of the publisher. To cite any of the material contained in this Journal, in English or translation, please use the full English reference at the beginning of each article. To reuse any of the material, please contact STM Journals (info@stmjournals.com)
STM Journals (division of Consortium e-Learning Network Private Ltd. ) having its Marketing office located at Office No. 4, First Floor, CSC pocket E Market, Mayur Vihar Phase II, New Delhi-110091, India is the Publisher of Journal. Statements and opinions expressed in the Journal reflect the views of the author(s) and are not the opinion of STM Journals unless so stated. Subscription Information and Order: National Subscription: Print - Rs 3750/- per Journal ( includes 3 print issues), Single Issue copy purchase: Rs 1500. Online - Rs 3750/- per Journal inclusive Service Tax ( includes 3 online issues), Single Issue purchase: Rs 1500
inclusive Service Tax Print + Online - Rs 5000/- per Journal inclusive Service Tax ( includes 3 print & online issues). International Subscription: Online Only- $199, Print Only-$299 (includes 3 print issues) Online + Print-$399 (includes 3 print issues + online access of published back volumes )
To purchase print compilation of back issues please send your query at info@stmjournals.com Subscription must be prepaid. Rates outside of India includes delivery. Prices subject to change without notice. Mode of Payment: At par cheque, Demand draft, and RTGS (payment to be made in favor of Consortium E-Learning Network. Pvt. ltd., payable at Delhi/New Delhi. Online Access Policy A). For Authors: In order to provide maximum citation and wide publicity to the authors work, STM Journals also have Open Access Policy, authors who would like to get their work open access can opt for Optional Open Access publication at nominal cost as follows India, SARC and African Countries: INR 2500 or 100 USD including single hard copy of Author's Journal. Other Countries: USD 200 including single hard copy of Author's Journal. B). For Subscribers: Online access will be activated within 72 hours of receipt of the payment (working days), subject to receipt of
correct information on user details/Static IP address of the subscriber. The access will be blocked: If the user requests for the same and furnishes valid reasons for blocking. Due to technical issue. Misuse of the access rights as per the access policy.
Advertising and Commercial Reprint Inquiries: STM Journals with wide circulation and visibility offer an excellent media for showcasing/promotion of your products/services and the events-namely, Conferences, Symposia/Seminars etc. These journals have very high potential to deliver the message across the targeted audience regularly with each published issue. The advertisements on bulk subscriptions, gift subscriptions or reprint purchases for distribution etc. are also very welcome. Lost Issue Claims: Please note the following when applying for lost or missing issues: Claims for print copies lost will be honored only after 45 days of the dispatch date and before publication of the
next issue as per the frequency. Tracking id for the speed post will be provided to all our subscribers and the claims for the missing Journals will
be entertained only with the proofs which will be verified at both the ends. Claims filed due to insufficient (or no notice) of change of address will not be honored. Change of Address of Dispatch should be intimated to STM Journals at least 2 months prior to the dispatch
schedule as per the frequency by mentioning subscriber id and the subscription id. Refund requests will not be entertained.
Legal Disputes All the legal disputes are subjected to Delhi Jurisdiction only. If you have any questions, please contact the Publication Management Team: info@stmjournals.com; Tel : +91 0120-4781211.
PUBLICATION MANAGEMENT TEAM Chairman Mr. Puneet Mehrotra Director
Group Managing Editor Dr. Archana Mehrotra Managing Director CELNET, Delhi, India
Internal Members Gargi Asha Jha Manager (Publications)
Quaisher J Hossain Senior Editor Senior Associate Editors
Himani Pandey Isha Chandra
Meenakshi Tripathi Shivani Sharma
Associate Editors Shambhavi Mishra
Sugandha Mishra
External Members Bimlesh Lochab Assistant Professor Department of Chemistry School of Natural Sciences, Shiv Nadar University Gautam Buddha Nagar, Uttar Pradesh, India
Dr. Rajiv Prakash Professor and Coordinator School of Materials Science and Technology Indian Institute of Technology (BHU), Varanasi Uttar Pradesh, India
Prof. S. Ramaprabhu Alternative Energy and Nanotechnology Technology Laboratory, Department of Physics Indian Institute of Technology, Chennai Tamil Nadu, India
Dr. Khaiser Nikam Professor, Library and Information Science Department of Library and Information Science University of Mysore Mysore, India
Dr. Yog Raj Sood Dean (Planning and Development) Professor, Department of Electrical Engineering National Institute of Technology, Hamirpur Himachal Pradesh, India
Prof. Chris Cannings Professor, School of Mathematics and Statistics University of Sheffield, Sheffield United Kingdom
Dr. Rakesh Kumar Assistant Professor Department of Applied Chemistry BIT Mesra, Patna, Bihar, India
Dr. Durgadas Naik Associate Professor (Microbiology) Management and Science University, University Drive, Seksyen13 Selangor, Malaysia
Prof. José María Luna Ariza Department of Computer Sciences and Numerical Analysis Campus of Rabanales University of Córdoba, Spain
Dr. D. K. Vijaykumar MS, MCh (Surgical Oncology), Professor and Head Department of Surgical Oncology Amrita Institute of Medical Sciences and Research Centre Ponekkara, Cochin, Kerala, India
STM JOURNALS
ADVISORY BOARD Dr. Baldev Raj
Dr. Hardev Singh Virk
Director, National Institute of Advanced Studies Indian Institute of Science campus Bangalore Karnataka, India Former Director Indira Gandhi Centre for Atomic Research, Kalpakkam, Tamil Nadu, India
Visiting Professor, Department of Physics University of SGGS World University Fatehgarh Sahib, Punjab, India Former Director Research DAV Institute of Engineering and Technology Jallandhar, India
Dr. Bankim Chandra Ray Professor and Ex-Head of the Department Department of Metallurgical and Materials Engineering National Institute of Technology, Rourkela Odisha, India
Prof. D. N. Rao Professor and Head Department of Biochemistry All India Institute of Medical Sciences New Delhi, India
Dr. Pankaj Poddar
Dr. Nandini Chatterjee Singh
Senior Scientist Physical and Materials Chemistry Division, National Chemical Laboratory Pune, Maharastra India
Additional Professor National Brain Research Centre Manesar, Gurgaon Haryana, India
Prof. Priyavrat Thareja
Dr. Ashish Runthala
Director Principal Rayat Institute of Engineering and Information Technology Punjab, India
Lecturer, Biological Sciences Group Birla Institute of Technology and Science Pilani, Rajasthan, India
Dr. Shrikant Balkisan Dhoot
Prof. Yuwaraj Marotrao Ghugal
Senior Research Scientist, Reliance Industries Limited, Mumbai, India Former Head (Research and Development) Nurture Earth R&D Pvt Ltd., MIT Campus Beed Bypass Road, Aurangabad Maharashtra, India
Professor and Head Department of Applied Mechanics Government College of Engineering Vidyanagar, Karad Maharashtra, India
STM JOURNALS
ADVISORY BOARD Dr. Baskar Kaliyamoorthy
Dr. Shankargouda Patil
Associate Professor Department of Civil Engineering National Institute of Technology, Trichy Tiruchirappalli, Tamil Nadu, India
Assistant Professor Department of Oral Pathology KLE Society's Institute of Dental Sciences Bangalore, Karnataka, India
Prof. Subash Chandra Mishra
Prof. Sundara Ramaprabhu
Professor Department of Metallurgical and Materials Engineering National Institute of Technology, Rourkela Odisha, India
Professor Department of Physics Indian Institute of Technology Madras Chennai, Tamil Nadu India
Dr. Rakesh Kumar Assistant Professor Department of Applied Chemistry Birla Institute of Technology Patna, Bihar, India
Editorial Board
Dr. Divakar Singh Yadav Professor, Institute of Engineering and Technology, NGGO Colony Post, Coimbatore, India
Maj. Gen Anil kumar Jain Head of Department(IT), Amity University, Noida, India
Senthil Kumar A.V. Hindusthan College of Arts and Science, Coimbatore, India.
Dr. Gunamani Jena Professor and Head of CSE department BVC Engg College, Odalarevu, Amlapuram, EG, New Delhi
Yaduvir Singh Department of Electrical and Instrumentation Engineering, Thapar University, Patiala Punjab, India.
Dr. Mark Burgin Dept. of Mathematics, UCLA, Los Angeles, CA 90095, USA, United States.
Dr. B.L. Shivakumar
Dr. Adesh Kumar Sharma
Assoc. Prof., Dept. of Computer Applications, Sri Ramakrishna Engineering College, NGGO Colony Post, Coimbatore, India.
National Dairy Research Institute (Deemed University), Indian Council of Agriculture, Haryana, India.
Dr. Ashis Kumar Mahapatra
Dr. Jainendra K Navlakha
Scientist & Head, Department of Electronics & Information Technology, National Informatics Centre (NIC), Bhubaneswar, Orissa,India.
Professor, School of Computing and Information Sciences, Florida International University Miami, Florida.
Dr. Munir Ahamed Rabbani
Mr. N. Rakesh
Scientist & Head, Department of Electronics & Information Technology, National Informatics Centre (NIC), Bhubaneswar, Orissa, India.
Assistant Professor (Sr.Grade),Dept. of CSE, Amrita Vishwa VidyaPeetham (University),Bengaluru, India
Director's Desk
STM JOURNALS
It is my privilege to present the print version of the [Volume 7 Issue 3] of our Journal of Computer Technology & Applications, 2016. The intension of JoCTA is to create an atmosphere that stimulates vision, research and growth in the area of Computer Technology & Applications. Timely publication, honest communication, comprehensive editing and trust with authors and readers have been the hallmark of our journals. STM Journals provide a platform for scholarly research articles to be published in journals of international standards. STM journals strive to publish quality paper in record time, making it a leader in service and business offerings. The aim and scope of STM Journals is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high level learning, teaching and research in all the Science, Technology and Medical domains. Finally, I express my sincere gratitude to our Editorial/ Reviewer board, Authors and publication team for their continued support and invaluable contributions and suggestions in the form of authoring writeups/reviewing and providing constructive comments for the advancement of the journals. With regards to their due continuous support and co-operation, we have been able to publish quality Research/Reviews findings for our customers base. I hope you will enjoy reading this issue and we welcome your feedback on any aspect of the Journal.
Dr. Archana Mehrotra Managing Director STM Journals
Journal of Computer Technology & Applications
Contents
1. SQL Database Salomi S. Thomas, Samuel K. Thomas
1
2. Authentication Scheme using Matrix Vishal Chahar, Vishal Bharti, Amar Saraswat, Chain Singh
6
3. Enabling Location Based Services with Route APIs for Efficient and Responsive Query Processing Raju Dara, Kiran Kumar Chennugani
11
4. A Shareable Secure and Privacy Preserving Auditing Scheme for Cloud Storage Security Raju Dara, Doddikousari Kumari
18
5. Data Security using Cloud Computing Adaption Framework Safeeda, Savitha C.K., Prajna M.R., Ujwal U.J.
25
Journal of Computer Technology & Application
ISSN: 2229-6964(online), ISSN: 2347-7229(print) Volume 7, Issue 3 www.stmjournals.com
SQL Database Salomi S. Thomas*, Samuel K. Thomas Department of Computer Science Engineering, Dronacharya College of Engineering, Gurgaon, Haryana, India Department of Information Technology, Noida Institute of Engineering and Technology, Noida, Uttar Pradesh, India Abstract
SQL stands for Structured Query Language, which is designed for the storing, retrieval and management of data in relational database. SQL includes database creation, deletion, updation, insertion, execution, fetching rows and modifying rows, etc. SQL is an ANSI (American National Standards Institute) standard. Keywords: SQL, database, DDL (data definition language), DML (data manipulation language)
WHAT IS SQL?
SQL is a database computer language for storing, manipulating and retrieving data stored in relational database. SQL can access and manipulates databases. SQL is used in the website to store the database. Oracle, MYSQL and Microsoft access are the platforms are used for the database.
SQL PROCESS
When we execute the SQL command the system carries the request and SQL engine interprets the task. There are various components that are included in the SQL process. These components are Query Dispatcher, Optimization Engines, Classic Query Engine and SQL Query Engine, etc [1, 2] (Figure 1).
History
Year Description 1970 Dr. Edgar F. "Ted" Code of IBM is known as the father of relational databases. He described a relational model for databases. 1974 Structured Query Language appeared. 1978 IBM worked to develop Codd's ideas and released a product named System/R. 1986 IBM developed the first prototype of relational database and standardized by ANSI. The first relational database was released by Relational Software and its later becoming Oracle. 1994 Development of MySQL by Michael Widenius and David Axmark beginning in 1994. 1995 First internal release on 23 May 1995. 1998 Windows version was released on 8 January 1998 for Windows 95 and NT. 2000 Version 3.23: beta from June 2000, production release January 2001. 2002 Version 4.0: beta from August 2002, production release March 2003 (unions). 2003 Version 4.01: beta from August 2003, Jyoti adopts MySQL for database tracking. 2004 Version 4.1: beta from June 2004, production release October 2004. 2005 Version 5.0: beta from March 2005, production release October 2005. 2008 Sun Microsystems acquired MySQL AB on 26 February 2008. 2008 Version 5.1: production release 27 November 2008.
Fig. 1: A Simple Diagram Showing SQL Architecture.
SQL COMMANDS
The SQL commands are used to interact with relational databases by CREATE, SELECT, INSERT, UPDATE, DELETE and DROP commands. These commands can be classified into groups based on their nature.
JoCTA (2016) 1-5 Š STM Journals 2016. All Rights Reserved
Page 1
Journal of Computer Technology & Application
ISSN: 2229-6964(online), ISSN: 2347-7229(print) Volume 7, Issue 3 www.stmjournals.com
Authentication Scheme using Matrix Vishal Chahar, Vishal Bharti, Amar Saraswat, Chain Singh
Department of Computer Science, Dronacharya College of Engineering Gurgaon, Haryana, India
Abstract
These days, textual passwords are mostly used for authentication. But, these are not much secure because of the problems like brute force attacks, eves dropping, shoulder surfing and guessing. So, there are another authentication schemes to remove these problems, based on session passwords for authentication, and are called color and image authentication schemes. Matrix authentication scheme is based on the session password but with the help of matrix pattern. User makes a unique pattern using cells of the matrix and can use it to enter the password in different ways. Keywords: Shoulder surfing, eves dropping, dictionary attacks, authentication, brute force attacks
guessing, matrix
INTRODUCTION
The same procedure is followed for every other letter i.e., every letter of the password has its own individual pattern. A single cell can be used for two or more values being part of different patterns but it recognizes the pattern according to the position of letter in the password.
Graphical passwords overcome the problems of textual passwords, but they are also vulnerable to shoulder surfing attacks. The more number of sites we have, the more passwords we need to remember. To solve and overcome these problems, a new technique called session password is introduced, which is the combination of text and images.
It is an eye-catching interface to the user, totally based on the new content. Matrix authentication is easy to remember for the user because it is based on the graphical view and is much more secure for the security point of view. It can be used as file/folder locker in PDA’s.
Authentication scheme using matrix is based on the session passwords, but it is slightly different from textual and graphical passwords. At the time of authentication to any account, we have an image displayed on the screen, which carries the matrices view, and every cell in that matrix view carries a value. The matrix cell behaves like a button; it takes the value on clicking. The users give a pattern (for every individual letter) to the matrix, which can be remembered. The user assigns the same value to every button of the pattern so that if, at the next time of authentication, he/she clicks on a single button, which is part of the pattern, computer can recognize the whole pattern on its own. The second person does not get to know the pattern.
LITERATURE SURVEY
The first step in information security is authentication. The users have to memorize their password and remember at login time. These days, textual passwords are the most traditional schemes but these are vulnerable to dictionary attacks, shoulder surfing.
Passfaces [1] This scheme carries a grid with nine faces and the users have to select an image (given in the grid). Any four images (same or different) of human faces are chosen by the users, as password. At the time of verification, the grid with nine faces is provided to the users, and users have to identify the faces and click on them, to authenticate as genuine user. But this scheme was very easy to guess and attack (Figure 1).
JoCTA (2016) 6-10 Š STM Journals 2016. All Rights Reserved
Page 6
Journal of Computer Technology & Application
ISSN: 2229-6964(online), ISSN: 2347-7229(print) Volume 7, Issue 3 www.stmjournals.com
Enabling Location Based Services with Route APIs for Efficient and Responsive Query Processing Raju Dara, Kiran Kumar Chennugani* Department of Computer Science Engineering, Krishna Murthy Institute of Technology and Engineering, Jawaharlal Nehru Technological University, Hyderabad, Telangana, India Abstract
Location based services (LBS) play a vital role in the real world. It is true in the world now as there are technology innovations and the need for providing services to public. In case of LBS applications, the users are supposed to provide their location information, which is sensitive for many reasons. In addition to this with respect to transport LBS, there might be number of queries. Providing accurate results is essential. In this paper, we explore the LBS with accuracy of query results. We implement a novel approach, which makes use of route APIs that can leverage responsiveness and efficient query processing. We built a prototype application to demonstrate the proof of concept. Our empirical results were showing better performance. Keywords: Data mining, query processing, LBS, spatial data
INTRODUCTION
Location based services (LBS) play a vital role in the real world. It is true in the world now as there are technology innovations and the need for providing services to public. Location based services became popular in the real world. One such network is road network where location based services are very useful. There should be different approach at different times. There are times when responsiveness is important. It is possible when there is information on location-based services accurately besides having accurate assessment of traffic. The current traffic information and its analysis was the main research in the Google Maps [1]. As caching can help in improving performance of data mining operations, caching of shortest paths is studied [2] besides using online API. In this paper, we proposed a method for improving performance and responsiveness in location based services using route APIs. In this paper, we focused on using route APIs and also the history information for traffic patterns besides the live traffic details in order to have better approach in making decisions. The proposed approach can take advantage of current traffic trends and also history so as to make optimal decisions.
RELATED WORKS
Location based services became popular in the real world. One such network is road network where location based services are very useful. The research on indexing of road networks is made in the various studies [3–7]. Their research focused on finding shortest parts in order to have better support and improve responsiveness in the location based road service. The range queries with KNN are explored [6] to reflect points of interest. As there are shortest paths saved and indexed, it became easier to obtain service paths and provide better services to customers. In this scenario, the problem is to have life traffic information as well so as to ensure that the chosen path can give optimum results. Towards this end some works was explored [8, 9] that focused on time-varying functions with historical traffic pattern analysis. Data mining approaches can help in finding patterns from historical data. There should be different approach at different times. There are times when responsiveness is important. It is possible when there is information on location-based services accurately besides having accurate assessment
JoCTA (2016) 11-17 Š STM Journals 2016. All Rights Reserved
Page 11
Journal of Computer Technology & Application
ISSN: 2229-6964(online), ISSN: 2347-7229(print) Volume 7, Issue 3 www.stmjournals.com
A Shareable Secure and Privacy Preserving Auditing Scheme for Cloud Storage Security Raju Dara1,*, Doddikousari Kumari2
Computer Science Engineering, Krishna Murthy Institute of Technology and Engineering, Jawaharlal Nehru Technological University, Hyderabad, Telangana, India
Abstract
Cloud data security has been a concern as the cloud is considered untrusted environment. People across the globe can have cloud storage services in pay per use fashion. In this environment, enterprises store their valuable data in cloud. However, due to security concerns most of the cloud data owners are concerned about the integrity of data that has been outsourced. Many schemes came into existence in order to have integrity of data. Some schemes focused on cryptographic primitives while other schemes focused on provable data possession schemes. In this paper, we proposed and implemented a shareable secure and privacy preserving auditing scheme for cloud storage security. It makes use of mechanisms to recover data if data is corrupted or subjected to illegal tampering. We built a prototype application that shows the proof of concept. The empirical results suggest that the proposed approach is able to protect outsourced data to cloud. Keywords: Cloud computing, auditing, data integrity, privacy preservation
INTRODUCTION
Cloud computing became an established technology and people of all walks of life are using cloud in one way or other. The cloud computing technology has different services that cater to the needs of platforms, infrastructure and software. The cloud computing services are widely used in pay per use fashion. In this paper, the focus is on integrity of outsourced data to cloud. Organizations are using cloud services in order to have efficient data storage and retrieval. In the process, there are many security issues. In this paper, we implemented a mechanism that ensures data integrity besides recovery of data when data is damaged for any reason. Our contributions in this paper include proposal of a scheme for data integrity verification, building a prototype application to demonstrate the proof of concept and evaluation.
RELATED WORKS
Checking data integrity of the data, which is stored remotely, was explored [1, 2]. Afterwards provable data possession (PDP) approaches came into existence [3, 4] for ensuring data integrity. The PDP mechanisms
were later enhanced by the work done in [5] using a scheme based on MAC that supports block level verifications. At the same time, a formal framework for PDP was proposed [6] for better support of data dynamics and security with RSA based trees. Later on further improvement of PDP was made [7] by using Merkle hash tree. In the study [3], public auditing was presented so as to release burden of verification on the online users. It was very useful as the auditing is performed for all users rather than specific user with privacy guarantee. A blind technique was focused [8, 9] to address the problem of previous schemes using BLS signature that is associated with auditing schemes. Another method was proposed for privacy preserves and efficient data integrity in cloud computing [10]. It is simple and avoids computational overhead besides using secure communications. A public PDP scheme was presented which combines cryptography and bilinear property [11]. Random mask concept is utilized for error-correcting data besides preserving privacy [12]. Interactive PDP scheme was proposed [13] with zero-knowledge IPDP in
JoCTA (2016) 18-24 Š STM Journals 2016. All Rights Reserved
Page 18
Journal of Computer Technology & Application
ISSN: 2229-6964(online), ISSN: 2347-7229(print) Volume 7, Issue 3 www.stmjournals.com
Data Security using Cloud Computing Adaption Framework Safeeda*, Savitha C.K., Prajna M.R., Ujwal U.J. Department of Computer Science, K.V.G. College of Engineering, Sullia, Karnataka, India Abstract
It is important to provide real-time data security for huge amount of data in cloud computing. A recent survey on cloud security stated that security of users’ data has the highest priority as well as concern. This can be able to achieve with an approach, which is systematic, adoptable and well structured. Therefore, here a framework called as Cloud Computing Adoption Framework (CCAF) has been developed which has been customized for securing cloud data. This paper presents the overview, components in the CCAF, which enables data security. CCAF is designed to provide multi-layered security. Since the Data Centre has 10 petabytes of data, there is a huge challenge to provide real-time protection and quarantine. In order to simulate how data in use, here we make use of Business Process Modelling Notation (BPMN). The use of BPMN simulation will allow evaluating the chosen security performances before actual implementation. Results show that the time taken for controlling security breach is between 50 and 125 hours. This means that additional security is required to ensure that all data are well protected in the crucial 125 hours. This paper has also demonstrated that CCAF multi-layered security is able to protect data in real-time and it has three layers of security: (1) firewall and access control; (2) identity management and intrusion prevention and (3) convergent encryption. To validate CCAF, this paper has considered ethical-hacking experiments involved with penetration testing with 10,000 Trojans and viruses. The CCAF multi-layered security is going to block 9,919 viruses and Trojans, which can be destroyed in seconds, and it quarantines or isolates the remaining viruses and Trojans. Although there is a decrease in percentage of blocking for continuous injection of viruses and Trojans, 97.43 percent of them can be quarantined can be shown by the experiment. Our CCAF multi-layered security gives an average of 20 percent better performance compared to the single-layered approach, which could only block 7,438 viruses and Trojans. When CCAF is combined with BPMN simulation it can be more effective in order to evaluate security process and penetrating testing results. Keywords: Cloud computing adoption framework (CCAF), Business Process Modelling Notation (BPMN), Penetration test, multi-layered security protection
INTRODUCTION
Cloud computing and its adoption has been a topic of discussion in the past few years. It has been adopted by many organizations due to benefits in cost savings, improvement in work efficiencies, business agility and quality of services [1, 2]. Due to the rapid rise in cloud computing, software as a service (SaaS) is particularly in demand, since it offers services, which suit users’ need. For example, health informatics can help medical researchers to diagnose challenging diseases and cancers [3]. Financial analytics can ensure accurate and fast simulations to be available for investors [4]. Education as a service improves the quality of education and delivery [5]. Mobile applications allow users to play online games and easy-to-use applications to interact with
their peers. Since cloud services are used by many people and organizations security and privacy become important to ensure that all the data they use and share are well protected. Some researchers suggest that security should be implemented before the use of any cloud services in place [6–8]. This is challenging task for organizations since security should be enforced and implemented in parallel with any services. Although organizations, which adopt cloud computing acknowledge benefits offered by cloud services, security and privacy remains as a challenge for organizational adoption. In order to provide security, the software engineering and development process should always design, implement and test security features.
JoCTA (2016) 25-32 © STM Journals 2016. All Rights Reserved
Page 25
ISSN 2229-6964 (Online) ISSN 2347-7229 (Print)
Journal of Computer Technology & Applications (JoCTA) September–December 2016 SJIF: 4.131
STM JOURNALS Scientific
Technical
Medical
www.stmjournals.com