1
Faculty of computers and Informatics, Zagazig University, Zagazig, 44519, Egypt
(mahsabe@zu.edu.eg)
2
Faculty of computers and Informatics, Zagazig University, Zagazig, 44519, Egypt
(Naif.ElRashidy@gmail.com)
3
Faculty of computers and Informatics, Zagazig University, Zagazig, 44519, Egypt
(NMoustafa2@zu.edu.eg)
Abstract :
The rise in mobile Internet usage and increased reliance on cloud computing have led to increased fear of cloud database security. Mobile cloud computing has emerged as the only promising way of providing solutions for the mobile computing environment, including computation offloading and data binding. This paper discusses the overview of mobile cloud computing features and its prone computing security issues and how to walk over them with the most promising solutions. More specifically, it explores in detail a wide range of threats that may attack the mobile cloud-computing platform and the various devices and applications that work extremely well in supporting and mitigating the wide range of problems related to security issues in mobile applications. Moreover, this paper studies some of the ways to make mobile cloud computing more secure and productive no matter the intensity of the required computation. This study takes into consideration, the most common threats that affect the security issues of the mobile cloud database and its solutions. It is deemed necessary to note that, the duty of various cloud service providers is to keep all mobile cloud data safe. Consequently, they must come up with solutions to the problems affecting the day-to-day mobile-cloud database security.
Keywords :
Cloud computing; Mobile cloud; Database; Internet; Security; offloading
References :
[1] K.-Y. Chung, J. Yoo, and K. J. Kim, “Recent trends on mobile computing and future networks.” Springer, 2014. https://doi.org/10.1007/s00779-013-0682-y
[2] L. Zhong, B. Wang, and H. Wei, “Cloud computing applied in the mobile internet,” in 2012 7th International Conference on Computer Science & Education (ICCSE), 2012, pp. 218–221. doi: 10.1109/ICCSE.2012.6295061
[3] E. Hossain and M. Hasan, “5G cellular: key enabling technologies and research challenges,” IEEE Instrum. Meas. Mag., vol. 18, no. 3, pp. 11–21, 2015. doi: 10.1109/MIM.2015.7108393
[4] T. Olokunde, S. Misra, and A. Adewumi, “Quality model for evaluating platform as a service in cloud computing,” in International Conference on Information and Software Technologies, 2017, pp. 280–291.
[5] S. Bhardwaj, L. Jain, and S. Jain, “An approach for investigating perspective of cloud Software-as-a-Service (SaaS),” Int. J. Comput. Appl., vol. 10, no. 2, pp. 40–43, 2010. https://doi.org/10.1007/978-3-319-67642-5_23
[6] S. Satyanarayana, “Cloud computing: SAAS,” Comput. Sci. Telecommun., no. 4, pp. 76–79, 2012.
[7] Ahmed Alzahrani, Nasser Alalwan, and Mohamed Sarrab. 2014. Mobile cloud computing: advantage, disadvantage and open challenge. In Proceedings of the 7th Euro American Conference on Telematics and Information Systems (EATIS '14). Association for Computing Machinery, New York, NY, USA, Article 21, 1–4. DOI:https://doi.org/10.1145/2590651.2590670
[8] M. Gopichand, “A survey on service models in mobile cloud computing,” International Journal of Computer Sciences and Engineering, vol. 7 (5), pp. 1666-1671, 2019.DOI: https://doi.org/10.26438/ijcse/v7i5.16661671
[9] S. S. Manvi and G. K. Shyam, “Resource management for Infrastructure as a Service (IaaS) in cloud
computing: A survey,” J. Netw. Comput. Appl., vol. 41, pp. 424–440, 2014.
https://doi.org/10.1016/j.jnca.2013.10.004
[10] P. Hornyack, S. Han, J. Jung, S. Schechter, and D. Wetherall, “These aren’t the droids you’re looking for:
retrofitting android to protect data from imperious applications,” in Proceedings of the 18th ACM conference on
Computer and communications security, 2011, pp. 639– 652. https://doi.org/10.1145/2046707.2046780
[11] T. Verbelen, P. Simoens, F. De Turck, and B. Dhoedt, “Cloudlets: Bringing the cloud to the mobile user,” in Proceedings of the third ACM workshop on Mobile cloud computing and services, 2012, pp. 29–36.
[12] C. Gentry and D. Boneh, A fully homomorphic encryption scheme, vol. 20, no. 9. Stanford university Stanford, 2009.
[13] H. Liu, “A new form of DOS attack in a cloud and its avoidance mechanism,” in Proceedings of the 2010 ACM workshop on Cloud computing security workshop, 2010, pp. 65–76.
[14] S. He, L. Guo, and Y. Guo, “Elastic application container,” in 2011 IEEE/ACM 12th International Conference on Grid Computing, 2011, pp. 216–217.
[15] B. Taubmann and H. P. Reiser, “Bringing Memory Forensics and Virtual Machine Introspection to Production Environments,” 2018.
[16] K. Rosenfeld and R. Karri, “Attacks and Defenses for JTAG,” IEEE Des. Test Comput., vol. 27, no. 1, pp. 36–47, 2010.
[17] A. Portnoy, “Pwn2Own wrap up and analysis,” Netw. Secur., vol. 2010, no. 4, pp. 4–5, 2010.
[18] F. Zou, S. Zhang, T. Wan, and L. Pan, “A survey of android mobile platform security,” 2014.
[19] X. Zhang, J. Schiffman, S. Gibbs, A. Kunjithapatham, and S. Jeong, “Securing elastic applications on mobile devices for cloud computing,” in Proceedings of the 2009 ACM workshop on Cloud computing security, 2009, pp. 127–134.https://doi.org/10.1145/1655008.1655026
[20] R. N. Akram, K. Markantonakis, and K. Mayes, “An introduction to the trusted platform module and mobile trusted module,” in Secure Smart Embedded Devices, Platforms and Applications, Springer, 2014, pp. 71–93.
[21] W. J. Buchanan, S. Chiale, and R. Macfarlane, “A methodology for the security evaluation within third-party Android Marketplaces,” Digit. Investig., vol. 23, pp. 88–98, 2017.
[22] Y. Liao, Y. He, F. Li, and S. Zhou, “Analysis of a mobile payment protocol with outsourced verification in cloud server and the improvement,” Comput. Stand. Interfaces, vol. 56, pp. 101–106, 2018. https://doi.org/10.1016/j.csi.2017.09.008
[23] V. Moorthy, R. Venkataraman, and T. R. Rao, “Security and privacy attacks during data communication in Software Defined Mobile Clouds,” Comput. Commun., vol. 153, pp. 515–526, 2020. https://doi.org/10.1016/j.comcom.2020.02.030
[24] A. Druffel and K. Heid, “DaVinci: Android App Analysis Beyond Frida via Dynamic System Call Instrumentation,” in International Conference on Applied Cryptography and Network Security, 2020, pp. 473–489. https://doi.org/10.1007/978-3-030-61638-0_26
[25] J. Abawajy, S. Huda, S. Sharmeen, M. M. Hassan, and A. Almogren, “Identifying cyber threats to mobile-IoT applications in edge computing paradigm,” Futur. Gener. Comput. Syst., vol. 89, pp. 525–538, 2018.https://doi.org/10.1016/j.future.2018.06.053
[26] J. Zhang, B. Wang, F. Xhafa, X. A. Wang, and C. Li, “Energy-efficient secure outsourcing decryption of attribute based encryption for mobile device in cloud computation,” J. Ambient Intell. Humaniz. Comput., vol. 10, no. 2, pp. 429–438, 2019. https://doi.org/10.1007/s12652-017-0658-2
[27] P. Kulkarni, R. Khanai, and G. Bindagi, “Security frameworks for mobile cloud computing: A survey,” in 2016 international conference on electrical, electronics, and optimization techniques (ICEEOT), 2016, pp. 2507–2511.
[28] T. McGill and N. Thompson, “Old risks, new challenges: exploring differences in security between home computer and mobile device use,” Behav. Inf. Technol., vol. 36, no. 11, pp. 1111–1124, 2017.
[29] L. Bordoni, M. Conti, and R. Spolaor, “Mirage: Toward a stealthier and modular malware analysis sandbox for android,” in European Symposium on Research in Computer Security, 2017, pp. 278–296.
[30] S. Roy, A. K. Das, S. Chatterjee, N. Kumar, S. Chattopadhyay, and J. J. P. C. Rodrigues, “Provably secure fine-grained data access control over multiple cloud servers in mobile cloud computing based healthcare applications,” IEEE Trans. Ind. Informatics, vol. 15, no. 1, pp. 457–468, 2018.doi: 10.1109/TII.2018.2824815
[31] M. Satyanarayanan, “Mobile computing,” ACM Trans. Comput. Syst., vol. 10, p. 1, 1992.
[32] S. Kumar, M. Tyagi, A. Khanna, and V. Fore, “A survey of mobile computation offloading: applications, approaches and challenges,” in 2018 International Conference on Advances in Computing and Communication Engineering (ICACCE), 2018, pp. 51–58.
[33] V. Odelu, A. K. Das, S. Kumari, X. Huang, and M. Wazid, “Provably secure authenticated key agreement scheme for distributed mobile cloud computing services,” Futur. Gener. Comput. Syst., vol. 68, pp. 74–88, 2017. https://doi.org/10.1016/j.future.2016.09.009
[34] W. Magonga, “A Secure end to end verifiable e-voting system using cryptography: a case of Independent Electoral and Boundaries Commission of Kenya.” Strathmore University, 2019.
[35] L. Wang, X. Shen, J. Li, J. Shao, and Y. Yang, “Cryptographic primitives in blockchains,” J. Netw. Comput. Appl., vol. 127, pp. 43–58, 2019.
[36] S. M. N. Islam and M. M. Rahman, “Securing virtual machine images of cloud by encryption through Kerberos,” in 2017 2nd International Conference for Convergence in Technology (I2CT), 2017, pp. 1074–1079.
[37] D. Xu, C. Fu, G. Li, D. Zou, H. Zhang, and X.-Y. Liu, “Virtualization of the encryption card for trust access in cloud computing,” IEEE Access, vol. 5, pp. 20652–20667, 2017.
[38] M. S. Rahman, I. Khalil, A. Alabdulatif, and X. Yi, “Privacy preserving service selection using fully homomorphic encryption scheme on untrusted cloud service platform,” Knowledge-Based Syst., vol. 180, pp. 104–115, 2019.
[39] R. Spolaor, “Security and Privacy Threats on Mobile Devices through Side-Channels Analysis,” 2018.
[40] A. J. Ferrer, J. M. Marquès, and J. Jorba, “Towards the decentralised cloud: Survey on approaches and challenges for mobile, ad hoc, and edge computing,” ACM Comput. Surv., vol. 51, no. 6, pp. 1–36, 2019. https://doi.org/10.1145/3243929
[41] T. H. Noor, S. Zeadally, A. Alfazi, and Q. Z. Sheng, “Mobile cloud computing: Challenges and future research directions,” J. Netw. Comput. Appl., vol. 115, pp. 70–85, 2018.
[42] S. Narain and G. Noubir, “Mitigating location privacy attacks on mobile devices using dynamic app sandboxing,” Proc. Priv. Enhancing Technol., vol. 2019, no. 2, pp. 66–87, 2019.
[43] S. Kausar et al., “Secure and efficient data transfer using spreading and assimilation in MANET,” Softw. Pract. Exp., vol. 50, no. 11, pp. 2095–2109, 2020.https://doi.org/10.1002/spe.2782
[44] A. Al-Omary, “A Secure Framework for Mobile Cloud Computing,” in 2019 International Conference on Innovation and Intelligence for Informatics, Computing, and Technologies (3ICT), 2019, pp. 1–6.
[45] A. M. Desai and R. H. Jhaveri, “Secure routing in mobile ad hoc networks: a predictive approach,” Int. J. Inf. Technol., vol. 11, no. 2, pp. 345–356, 2019. https://doi.org/10.1007/s41870-018-0188-y
[46] S. Al_Janabi and N. Y. Hussein, “The reality and future of the secure mobile cloud computing (SMCC): survey,” in International Conference on big data and networks technologies, 2019, pp. 231–261.
[47] R. Neware, K. Ulabhaje, G. Karemore, H. Lokhande, and V. Dandige, “Survey on Security Issues in Mobile Cloud Computing and Preventive Measures,” in Smart Computing Paradigms: New Progresses and Challenges, Springer, 2020, pp. 89–100.
[48] M. B. Mollah, M. A. K. Azad, and A. Vasilakos, “Security and privacy challenges in mobile cloud computing: Survey and way ahead,” J. Netw. Comput. Appl., vol. 84, pp. 38–54, 2017.
[49] N. Mahakalkar and V. Sahare, “Implementation of re-encryption based security mechanism to authenticate shared access in cloud computing,” in 2017 International Conference on Trends in Electronics and Informatics (ICEI), 2017, pp. 547–550. doi: 10.1109/ICOEI.2017.8300719
[50] A. S. V. Koe and Y. Lin, “Offline privacy preserving proxy re-encryption in mobile cloud computing,” Pervasive Mob. Comput., vol. 59, p. 101081, 2019.
[51] K. Habak, C. Shi, E. W. Zegura, K. A. Harras, and M. Ammar, “Elastic mobile device clouds: Leveraging mobile devices to provide cloud computing services at the edge,” Fog 5G IoT, p. 159, 2017.
[52] H.-Y. Lee and N.-J. Wang, “Cloud-based enterprise resource planning with elastic model–view–controller architecture for Internet realization,” Comput. Stand. Interfaces, vol. 64, pp. 11–23, 2019. https://doi.org/10.1016/j.csi.2018.11.005
[53] J. Tan, R. Gandhi, and P. Narasimhan, “STOVE: Strict, Observable, Verifiable Data and Execution Models for Untrusted Applications,” in 2014 IEEE 6th International Conference on Cloud Computing Technology and Science, 2014, pp. 644–649.
[54] O. M. Alofe and K. Fatema, “Trustworthy Cloud Computing,” in Data Privacy and Trust in Cloud Computing, Springer, 2020, pp. 129–145. https://doi.org/10.1007/978-3-030-54660-1_7
[55] S. Al-Janabi, I. Al-Shourbaji, M. Shojafar, and M. Abdelhag, “Mobile cloud computing: challenges and future research directions,” in 2017 10th international conference on developments in esystems engineering (DeSE), 2017, pp. 62–67.
[56] K. Habak, E. W. Zegura, M. Ammar, and K. A. Harras, “Workload management for dynamic mobile device clusters in edge femtoclouds,” in Proceedings of the second ACM/IEEE symposium on edge computing, 2017, pp. 1–14.https://doi.org/10.1145/3132211.3134455
| Style | # |
|---|---|
| MLA | Mahmoud Ismail, Naif El-Rashidy, Nabil M. Abdel-aziz. "Mobile Cloud Database Security: Problems and Solutions." Fusion: Practice and Applications, Vol. 7, No. 1, 2022 ,PP. 15-29 (Doi : https://doi.org/10.54216/FPA.070102) |
| APA | Mahmoud Ismail, Naif El-Rashidy, Nabil M. Abdel-aziz. (2022). Mobile Cloud Database Security: Problems and Solutions. Journal of Fusion: Practice and Applications, 7 ( 1 ), 15-29 (Doi : https://doi.org/10.54216/FPA.070102) |
| Chicago | Mahmoud Ismail, Naif El-Rashidy, Nabil M. Abdel-aziz. "Mobile Cloud Database Security: Problems and Solutions." Journal of Fusion: Practice and Applications, 7 no. 1 (2022): 15-29 (Doi : https://doi.org/10.54216/FPA.070102) |
| Harvard | Mahmoud Ismail, Naif El-Rashidy, Nabil M. Abdel-aziz. (2022). Mobile Cloud Database Security: Problems and Solutions. Journal of Fusion: Practice and Applications, 7 ( 1 ), 15-29 (Doi : https://doi.org/10.54216/FPA.070102) |
| Vancouver | Mahmoud Ismail, Naif El-Rashidy, Nabil M. Abdel-aziz. Mobile Cloud Database Security: Problems and Solutions. Journal of Fusion: Practice and Applications, (2022); 7 ( 1 ): 15-29 (Doi : https://doi.org/10.54216/FPA.070102) |
| IEEE | Mahmoud Ismail, Naif El-Rashidy, Nabil M. Abdel-aziz, Mobile Cloud Database Security: Problems and Solutions, Journal of Fusion: Practice and Applications, Vol. 7 , No. 1 , (2022) : 15-29 (Doi : https://doi.org/10.54216/FPA.070102) |