A New Approach in Cloud Computing User Authentication

A New Approach in Cloud Computing User Authentication

Alaa Hussein Al-Hamami (Amman Arab University, Jordan) and Rafal A. Al-Khashab (Amman Arab University, Jordan)
DOI: 10.4018/978-1-4666-6583-5.ch017
OnDemand PDF Download:
No Current Special Offers


Cloud computing provides the full scalability, reliability, high performance and relatively low cost feasible solution as compared to dedicated infrastructure. These features make cloud computing more attractive to users and intruders. It needs more and complex security measures to protect user privacy and data centers. The main concern in this chapter is security, privacy and trust. This chapter will give a discussion and a suggestion for using cloud computing to preserve security and privacy. The malicious hacker and other threats are considering the major cause of leaking security of the personal cloud due to centralized location and remote accesses to the cloud. According to attacks, a centralized location can be easier target rather than several goals and remote access is insecure technologies which offer a boundary of options for attackers to infiltrate enterprises. The biggest concern is attackers that will use the remote connection as a jumping point to get deeper into an organization.
Chapter Preview


The concept of cloud computing is based on a collection of many old and few new concepts in several research fields like Service-Oriented Architectures (SOA), distributed and grid computing as well as virtualization. Cloud computing concept is not a new thing, and it is a combination of several concepts from virtualization, distributed application design, grid computing, utility computing and clustering. The cloud computing is a set of multiple resources (hardware and software) available via the Internet and managed by the provider. The customer gets all or some of these resources according to usage system, the main concepts of cloud computing declared in Figure 1.

Figure 1.

Main concepts of cloud computing


The organization pay for access to cloud computing services then these services are present to customer according to the client usage, the storage space, processing capabilities, number of the clients allowed them to work and other factors. The main idea of the cloud is how the customers satisfied their requirements and pay only for the actual used without needing any details about process. Cloud computing is a way to increase the capacity of a network without investing in new infrastructure, training new personnel, or licensing new software (Kumar & et al, 2012).

It can be the ability to rent a server or a thousand servers and run a geophysical modeling application on the most powerful system available anywhere. It can store and secure amounts of data that accessed only by authorized applications and users. It is the ability to use applications on the Internet that store and protect data while providing a service and it can be the ability to use a handful of web services to integrate photos, maps, and Global Positioning System navigation system (GPS) information to create a mash up in customer’s web browsers (Sun, 2009).

Other interest of cloud computing, most of the organizations which do not use the cloud computing, need to have data available at all the times. To achieve this target, without increase cost, determine centralized server or any additional requirements, the organization should have copies of their data at many servers throughout their offices. To avoid this duplication of data by using the cloud computing, when the organization used public, private, community or even the hybrid cloud service of their own, this means all the data exist in the cloud and everyone would be able to access the data easily (Chowdhury & et al, 2013).

Cloud computing allows providers to develop, deploy and run applications that can easily grow in capacity, work rapidly, and never fail, without any concerns on the properties and the locations of the underlying infrastructures (Dwivedi & et al, 2013). Cloud vendors effectively sell computation and storage resources as commodities, some cloud vendors and third parties sell higher-level resources, such as the Google Application platform, relational DBMSs or the Sales Force application. The customer controls the virtual machine’s capacity (computational and storage) by sending the cloud vendor a service request to add or subtract resources as needed. The time to gain or release capacity (for small fractions of the provider’s inventory) is typically measured in minutes, not months (Mohana & et al, 2013).

Key Terms in this Chapter

Service Models: These services divided into three categories: Software as a service (SaaS), Platform as a service (PaaS) and Infrastructure as a service (IaaS).

Data Centre: Is a facility used to house computer systems and associated components, such as telecommunications and storage systems.

Authentication: It refers to any mechanisms by which a system allows or denials the access to the data and keep them stored at cloud sites that accessible only by users who own the data.

Virtualization: It refers to creation of a virtual (rather than actual) version of something, including but not limited to a virtual computer hardware platform, operating system (OS), storage device, or computer network resources.

Privacy: It is the right to be free from secret surveillance and to determine whether, when, how, and to whom, one's personal or organizational information is to be revealed.

Cloud Security: Cloud needs more and complex security measures to protect user privacy and data centers.

Cloud Computing: It involves the movement of Information Technology services – applications, infrastructure and platform – via the Internet, deployment models and managed by provider.

Complete Chapter List

Search this Book: