Table of Contents

Introduction…………………………………………………………………………………………………………………………………………………………………………………………… 3

Purpose, Aims and Target Deliverables………………………………………………………………………………………………………………………………………………….. 3

Purpose……………………………………………………………………………………………………………………………………………………………………………………………… 3

Aims…………………………………………………………………………………………………………………………………………………………………………………………………… 3

Target Deliverables……………………………………………………………………………………………………………………………………………………………………………. 4

Research Question…………………………………………………………………………………………………………………………………………………………………………………. 4

Significance of the project……………………………………………………………………………………………………………………………………………………………………… 4

Project Methodology……………………………………………………………………………………………………………………………………………………………………………… 5

• Literature Review………………………………………………………………………………………………………………………………………………………………………… 5
• Selection of the sources……………………………………………………………………………………………………………………………………………………………… 5
• Data collection…………………………………………………………………………………………………………………………………………………………………………….. 5

2.0. The ASIF Encryption Algorithm……………………………………………………………………………………………………………………………………………………. 5

Project approach……………………………………………………………………………………………………………………………………………………………………………………. 5

• Project Plan Overview…………………………………………………………………………………………………………………………………………………………………….. 5
• Sprint 1……………………………………………………………………………………………………………………………………………………………………………………….. 6
• Sprint 2……………………………………………………………………………………………………………………………………………………………………………………….. 6
• Sprint 3……………………………………………………………………………………………………………………………………………………………………………………….. 6

Prioritization of project activities………………………………………………………………………………………………………………………………………………………. 6

Gantt chart…………………………………………………………………………………………………………………………………………………………………………………………. 7

Communication Plan………………………………………………………………………………………………………………………………………………………………………….. 7

Risks and mitigation strategies…………………………………………………………………………………………………………………………………………………………… 8

Bibliography…………………………………………………………………………………………………………………………………………………………………………………………… 9

Reflections of Key learnings…………………………………………………………………………………………………………………………………………………………………. 10

 

 

Introduction

Cloud computing has become a popular technology due to its ability to offer efficient and fast on-demand services for software, hardware, storage and network through the internet (Bhatia, Prabhakar & Manchanda, 2015). The cloud computing paradigm offers IT-based resources and solutions to companies, enterprises and the public a low cost. Although cloud computing is not a new concept since it has long been used in the military, research laboratories and universities, its use in the consumer end is recent (Patwal & Mittal, 2014). Cloud computing is increasingly being offered through the internet due to advancements in web technology. The technology is now popular in the storage of sensitive data, either due to the simplicity of sharing or cost saving.

There are three models through which cloud computing is offered including infrastructure as a service (IaaS), Platform as a service (PaaS) and software as a service (SaaS). Examples of IaaS include Amazon S3, Amazon EC2 and IBM Blue cloud. Examples of SaaS include salesforce and Microsoft Dynamics online. Examples of PaaS include Google App Engine and Yahoo Pig.

Cloud computing provides effective and efficient solutions by centralizing processing, bandwidth, memory and storage (Patwal & Mittal, 2014). As a result, users can benefit from rapid scaling, lower costs, service availability and easier maintenance. One of the key barriers to the adoption of cloud computing is privacy and security due to the fact the service provider and the data owner do not exist in the same domain. Security and privacy issues are becoming increasingly common in the higher PaaS to the lower IaaS (Biswas, 2014). The layers exist in deployment models such as community, public, hybrid and private clouds (Patwal & Mittal, 2014). Users are reluctant to migrate their data to the cloud due to the security and privacy loopholes that make the cloud platform insecure. With the increase in on-demand cloud applications, cybercrime has also increased to launch active and passive attacks. There is a need to provide effective techniques that can be used to protect cloud users from attackers.

Various techniques have been developed to maintain privacy and security in the cloud platform. These techniques include stringent access, data encryption, data backup and recovery and limited service access (Kaur & Verma, 2014). Security and privacy goals of the cloud include availability, integrity and confidentiality, but the present paper focuses on the confidentiality of user data (Patwal & Mittal, 2014). Data encryption techniques are the most widely used approaches to ensuring the confidentiality of users. Data encryption involves shuffling data content such as images, text and video to make them unreadable, invincible and meaningless during storage and transmission (Kumari & Nath, 2014). The main goal of encryption is to ensure that data is secure from hackers (Soofi, Khan & Amin, 2014). It is important to demonstrate to users the ways through which data encryption techniques can ensure their confidentiality. This research aims to review the literature relating to data encryption techniques that can be used to ensure confidentiality in the cloud platform. One encryption technique will be identified from the literature and its methodology will be replicated to obtain results. These results will be compared with the results obtained by other techniques from the literature. The goal of the research is to create awareness regarding confidentiality through encryption so that more enterprises and companies can migrate to the cloud.

 

 

 

Purpose, Aims and Target Deliverables

Purpose

 

The security, in particular confidentiality, of cloud-based applications is a key issue that is preventing the adoption of the cloud platform. The purpose of the present research is to review various data encryption techniques that can be used to ensure the confidentiality of users in the cloud. The review will focus on the efficacy of the existing data encryption techniques as well as their reliability in the cloud platform. As such, the strengths and weaknesses of each encryption technique will be examined with the aim of identifying way through which they can be utilized in the cloud. The ultimate goal is to provide guidelines about the best techniques to cloud users and cloud service providers.

Aims

 

The main aims of the research include:

 

• To review the existing data encryption techniques that are applicable to cloud

 

• To compare the strengths and weaknesses of the existing data encryption techniques as well as their efficacy in the cloud platform.
• To provide guidelines regarding to cloud users and cloud service providers regarding the best ways of utilizing data encryption techniques in ensuring the confidentiality of cloud

 

 

Target Deliverables

The proposed research aim to produce two deliverables. The first outcome will be delivered after two weeks while the second outcome will be delivered at the end of the month. The details of the outcomes are provided below.

Encryption technique cloud confidentiality:

 

The results of the ASIF encryption Algorithm will be compared with the results of other studies to identify the best encryption technique for ensuring the confidentiality of the cloud users.

Preliminary Report

 

This report will contain the outcome of the literature review including the efficacy of the data encryption techniques as well as their strengths and weaknesses. An updated preliminary report will be presented after the synthesis of the literature to identify key encryption techniques as well as the results of their implementation.

Dissertation

 

The outcomes of project phases will be merged in a thesis that will be submitted at the end of the course.

 

 

Research Question

The main research question for the proposed study is: To what extinct can the data encryption techniques be used to ensure the confidentiality of cloud users?

The sub-questions are:

 

• What are the main data encryption techniques that can be used to ensure the confidentiality of cloud users?
• What are the strengths and weaknesses of the cloud data encryption techniques?
• What is the most effective data encryption technique in relation to cloud computing?

By answering these questions, guidelines regarding the most effective data encryption techniques will be provided. The guidelines will be important for cloud service providers and users.

 

 

 

Significance of the project

The fact that the data owners transfer the security and privacy roles to the cloud service providers is a major concern for users (Kumari & Nath, 2014). In light of this concern, various studies have explored ways of ensuring the privacy and security of users of the cloud platform. From the studies, data encryption techniques have emerged as the most popular approaches. Although this techniques have proved to be effective in ensuring the security and privacy of users, the rate of the adoption of cloud computing is low due to the same security and privacy concerns.

Various studies have examined the data encryption techniques as well as other security and privacy techniques in cloud computing (Kaur & Verma, 2014). Other studies have also examined the strengths and weaknesses of the techniques in relation to the cloud

platform (Khatri & Kumar, 2015; Shabir, Iqbal, Mahmood & Ghafoor, 2016). However, none of the studies has compared the efficacy of the techniques to provide guidelines for cloud service providers and users. As such, the proposed research will fill this gap by comparing the efficacy of the data encryption techniques in cloud computing to provide standard guidelines that can be used by the service providers and users. The proposed study is vital in creating awareness regarding security and privacy in

 

cloud computing. The ultimate goal is to draw more people into the cloud platform due to its perceived benefits such as low costs, rapid scaling and on-demand services.

 

 

Project Methodology

 

 

• Literature Review

The proposed study will utilize a systematic literature review methodology. A systematic literature review enables a researcher to critically evaluate and understand existing knowledge related to a given phenomenon. The literature review model developed by Brereton, Kitchenham, Budgen, Turner & Khalil (2007) will be utilized in the proposed research. The review process is composed of three stages including plan review (specify the research question, develop the review protocol and validate the review protocol), conduct the review (identify relevant studies, select primary studies, assess the quality of the study, extract data and synthesize data) and document review (write review report and validate report). Although some researchers have used the same approach in the domain of data encryption techniques, none of the studies have identified the best techniques for cloud computing.

1.2   Selection of the sources

The studies that will be considered in the review are those that are published between 2010 and 2016. Only studies containing an implementation of the encryption techniques will be considered.

1.3   Data collection

Various databases will be utilized in the research including Science Direct, Google Scholar, IEEE Xplore, Scopus and ACM portal digital library. In the data collection phase, various study information will be sought including the full reference and source of the study, classification of the study, the authors of the study, research questions and quality evaluation. The studies will then be tabulated based on their relation to the research questions. The results of the study will be analyzed and compared with the existing literature. The proposed research protocol is summarized in the table below.

 

 

Year of publication	Source databases	Search keywords
2010 to 2016	Science Direct, Google Scholar, IEEE Xplore, Scopus and ACM portal digital library	Cloud computing, cloud privacy and security, cloud data confidentiality, data encryption techniques, cloud data encryption techniques

Table 1: Research Protocol

 

 

2.0 The ASIF Encryption Algorithm

The ASIF Encryption Algorithm, as proposed by Mushtaque, Dhiman and Hussain (2014), will be implemented and the results of the model will be compared with those obtained from the literature review. The core aim of implementing the model is to determine the most effective encryption technique that can enhance the confidentiality of users. According to an experiment done by Mushtaque et al. (2014), the hybrid model is more effective in ensuring the confidentiality of users as compared to Blowfish, TDES and AES. In the present study, a wide range of encryption techniques will be compared.

 

 

3.1  Project approach :

 

• Plan Overview

 

The scrum project management approach will be used in the proposed study. The proposed review will be conducted over a six week period. The duration will be split into three sprints each having two weeks. The activities that will be carried out in the sprints are described below.

 

3.3  Sprint 1

The first sprint will mainly cover two events including identification of the cloud data encryption techniques and analysis of the strengths and weaknesses of the techniques. Various sources that fit the inclusion criteria will be examined to identify the major techniques that are used in cloud data encryption. The strengths and weaknesses of the techniques will also be identified from the literature review. The outcome of the first sprint will be compiled and submitted as a preliminary report.

3.4  Sprint 2

The second sprint will also include two events including comparing the cloud data encryption techniques and sorting the techniques to identify the best ones. The comparison will be based on the strengths and weaknesses of the techniques as identified from the literature. The techniques will then be ranked based on their promise to promote the confidentiality of user information. The outcome of the second sprint will be submitted as an update to the preliminary report.

3.5  Sprint 3

The third sprint will involve a single event. The ASIF encryption Algorithm will be implemented and the outcome will be compared with the results obtained from the literature.

 

 

Prioritization of project activities

 

In order to prioritize the events of the project, the MoSCoW prioritization method is used. The method highlights the key activities that must be accomplished to ensure successful completion if the project. Those activities labelled as must have are critical and they cannot be omitted. On the other hand, those labelled as must have are important but they can be omitted. Finally, those labelled as could have are not necessary but they can enhance the success of the project if they are used. The delivery plan of the project is provided below.

 

	Category	Priority	Activity	Duration
Sprint 1	Literature Review	Must have	Identification of cloud data encryption techniques	One week
Sprint 1	Literature Review	Must have	Analysis of the strengths and weaknesses of cloud data encryption techniques	Two week
Sprint 2	Analysis	Must have	Comparison of data encryption techniques	One week
Sprint 2	Analysis	Should have	Ranking of the data encryption techniques	One week
Sprint 3	ASIF Encryption Algorithm	Must have	Compare the output of the ASIF Encryption technique with the output of other encryption techniques as identified from the literature	Two weeks

Table 2: Project Delivery Plan

 

Gantt chart

 

 

 

 

 

Communication Plan

 

 

Item	Description	Frequency	Audience	Medium	Deliverables
Project Planning	Provide a short introduction of the project and outline the aims and objectives of the research	Once	Project supervisor and candidate	Face to face	Approval of the project
Kick-off meeting	Introduction to the key activities and sprints	Once	Project supervisor and candidate	Face to face	Approval of the planned Activities.
Project Progress meeting	Presentation of progress report	As many as necessary	Project supervisor and candidate	Face to face	Progress report
Results Presentatin	Presentation of the results	Once	Project supervisor, project coordinator, other staff	Face to face	Project outcomes
Project Closure Meeting	Presentation of the deliverables and reflection on the research process	Once	Project supervisor, project coordinator and candidate	Face to face	Research thesis

Table 3: Communication Plan

 

Risks and mitigation strategies

 

 

Risk	Details	Severity	Mitigation Plan
Lack of access to key articles	Some of the key articles may not be available in the local library.	High	– Arrange to subscribe to the journals that have the articles before commencing the review.
Determine articles	Articles will not meet the expectation	Medium	–  collection data about the addresses to be sure you are in the right way . –  discuss the articles that picked up with the supervisor .
lack of recourses or tools	Find articles that addressed the problem exactly .	High	– Ensure that resources are existed in earlier .

 

 

References :

• Biswas, (2014). Ensuring Data Security in Cloud Computing Using encryption. International Journal of Computer (IJC), 8(1).

 

• Bhatia, , Prabhakar, N., & Manchanda, S. (2015). Addressing Cloud Computing Security Concerns. Advances in Computer Science and Information Technology (ACSIT), 2(3), 196-200.
• Brereton, , Kitchenham, B. A., Budgen, D., Turner, M., & Khalil, M. (2007). Lessons from applying the systematic literature review process within the software engineering domain. Journal of systems and software, 80(4), 571-583.
• Kaur & Verma, (2014). Review on Encryption Techniques to Secure a International Journal of Science and Research (IJSR), 3(7), 1398-1401.
• Khatri, P., & Kumar, A. P. S. (2015). A Review on Various Techniques for Encrypting Cloud Data. International Journal of Advancements in Research & Technology, 2(4), 130-134.
• Kumari, , & Nath, R. (2014). Encryption Techniques in Cloud Computing. Advances in Computer Science and Information Technology (ACSIT), 276.
• Patwal, M., & Mittal, T. (2014). A Survey of Cryptographic based Security Algorithms for Cloud Computing. HCTL Open International Journal of Technology Innovations and Research, 8, 2321-1814.
• Shabir, Y., Iqbal, A., Mahmood, Z., & Ghafoor, A. (2016). Analysis of classical encryption techniques in cloud computing. Tsinghua Science and Technology, 21(1), 102-113.

 

Appendix

 

Comment	Response
Concept need more development	Expanded the introduction section to clarify the aim of the project
Deliverables : you need to point your deliverables	Clearly identified the deliverables.
Significance: what are the significance of your work?	Streamlined the significance section to make it clear.
Appendix : you must write the appendix	Added an appendix section
Reflection of key learning : you must write the reflection	Added a reflection section
Methodology	Modified      the     methodology      to     meet      the requirements.

 

Reflections of Key learnings:

 

This project has enabled me to understand how to draw a Gantt chart using Microsoft Project. This knowledge is important because the business world is characterized by numerous projects and hence project management knowledge is essential. I have also learned the steps required to carry out a comprehensive systematic review. This knowledge is vital in identifying gaps in the literature.