A REVIEW ON SECURED CLOUD COMPUTING ENVIRONMENT

Nowadays, the scientific problem becomes very complex; therefore, it requires more computing power and storage space. These requirements are very common in an organization while dealing with current technological data and requirements. Based on these basic requirements, need of higher computational resources is an important issue when dealing with current technological methodology. Hence, cloud computing has become the most important computing paradigm of recent world. The cloud computing is an open source and using Internet as network model. Rapid growth in the field of “cloud computing” also increases severe security concerns, because security has a constant issue. This study reviews security models of cloud computing.


INTRODUCTION
Cloud computing is a kind of high performance computing (HPC). HPC includes distributed computing, grid computing and cloud computing. The past technologies such as distributed computing and parallel computing are not highly suitable for the recent advancements because, the modern computer industry is operating very large amounts of data which is geographically, distributed. Distributed computing is a paradigm which focuses on wide range of users with a distributed access to scalable, virtualized hardware and software infrastructure.
Grid computing is a paradigm of resource sharing which offers wide and collective distributed computing. The emergence of cloud computing from distributed and grid computing will provide promise to save money by making it imperative for organizations. Software as a Service (SaaS) is a cloud service which focus on providing users with business-specific capabilities such as email, or customers management, for example, Google Apps, Sales force.com and Zoho.com. Infrastructure as a Service (IaaS) is another type of cloud capability which provides mainly for on demand computational infrastructure available over the internet, such as storage space. Some of the IaaS are, Amazon Elastic Compute Cloud (EC2), Amazon Simple Storage Solution (S3), Go-Grid, IBM Computing on Demand (COD), Microsoft live mesh and Rack space cloud.
The third cloud computing capability is termed as Platform as a Service (PaaS), in which application development platform are rented as a resource to the users to leverage the resources of established organizations. Some of the PaaS are, Akamai Edge platform, Force.com, Google App Engine, Microsoft Azure service platform and Yahoo! open Strategy (Y!oS) (Chandramohan and Baskaran, 2010;.
The basic attributes of cloud computing are listed below: • Availability-Users have the ability to access their resources at any time through a standard internet connection • Collaboration-Users begin to see the cloud as a way to work simultaneously on common data and information

AJAS
• Elasticity-Provides transparently manages a user's resources utilization based on dynamically changing needs • Lower infrastructure-The pay per usage model allows an organization to only pay for resources they need with a basically no investment in the physical resources available in cloud • Mobility-Users have the ability to access data and applications from the globe • Risk Reduction-Organizations can use the cloud to test ideas and concepts before making investments in technology • Scalability-Users have access to a larger amount of resources their scale based on their demand • Virtualization-Each user's has a single view of the available resources, independently of how they are arranged in terms of physical device • Computational risk to implement cloud computing-Some key organizational concerns can act as barriers to the adoption of cloud computing. This concerns are interoperability, latency, platform or language constraints, regulations, reliability, resource control and security This study further reviews recent research in cloud computing in the past few years Abrishami et al. (2012) analysed the processing speed, computational power and other resources in distributed and parallel computing environments. So, in the past few years, the grid computing has been proposed as an effective resource management in order to meet the organizational requirements. Mateescu et al. (2011) proposed HPC architecture for grid and cloud computing environments. They considered the predictable execution of scientific applications and scales from a single resource to multiple resources, with different ownership, policy and geographic locations for architectural design patterns. They identified three paradigms namely, (1) ownercentric HPC (traditional), (2) grid computing and (3) cloud computing. They studied three architectures which include grid, cloud and HPC. Their nature in terms of capacity, capability, resource sharing is shown in Table  1. This HPC architecture is applicable where the grid and cloud computing system is integrated.

Review on HPC
Today's hybrid computing ecosystem, given by Keqin (2005), represents the intersection of three broad paradigms for computing infrastructure and use: • Owner-centric (traditional) HPC • Grid computing (resource sharing) • Cloud computing (on-demand resource/service provisioning) Each paradigm is characterized by a set of attributes of the resources, making up the infrastructure and executing the applications on that infrastructure. These attributes include: • Resource ownership: Either locally owned resources or externally owned resources • Resource accessibility: Either private (only by the owner of the resource) or public (available to entities other than the owner) • Resource sizing: Either quasi-static (resources grow when purchasing new hardware) or dynamic (resources can grow dynamically by using external, public, resources) • Resource allocation policy: Either exclusive (perorganization, or per-group, or per-project, or peruser) or shared among organizations, groups, projects, or users • Application portability: Either tied to a specific platform (e.g., hardware, operating system) or platform-agnostic (easily portable) In terms of these attributes, the following three paradigms combine to support hybrid computing. In Owner-centric HPC, presented by Singh et al. (2008), resources are locally owned, with private access (for members of the owner organization and its partners); resources have quasi-static size that changes by purchasing new resources. In cloud computing, resources can be either externally owned (public cloud), or internally owned (private cloud), the former being offered by cloud providers. Public clouds offer access to external users who are typically billed on a pay-as-you-use basis.
QoS-oriented is also an important aspect in cloud computing. The availability of cloud computing resources is analysed from QoS of a single cloud resource node. Dong et al. (2013) proposed QoS Oriented monitoring model, in which, a monitoring model of cloud computing, dynamic process of the cloud computing service, described by common attribution and special attribution to QoS of some cloud resources.

Review on Cloud Computing
For the past few years, the cloud computing is one among top 10 growing technology, which proves a significant impact on IT in the future. However, there are lacks of security models, frameworks and certificates in cloud computing. ISO 27000 and NIST-FISMA provides cloud certificate in the recent days. These cloud security certificates help cloud providers to improve the consumers trust. Even though, these standards are still lacking from covering the full complexity of the cloud computing model. Zhang and Zhang (2009) analyzed the security issues in the cloud computing, briefed about the Open Cloud Computing Federation (OCCF). Zhang and Zhang (2009) proposed Mobile Agent Based Open Cloud Computing Federation (MABOCCF) mechanism. MABOCCF combines the mobile agent and cloud computing to provide a realization for the open cloud computing federation. MABOCCF offrs multiple heterogeneous cloud computing platforms and realizes portability and interoperability.
Defining a framework is an initial process of the security model of cloud computing. A cloud security management framework is proposed by Almorsy et al. (2011). This framework is based on aligning the FISMA standard to fit with the cloud computing model. This framework is based on improving collaboration between cloud providers and service providers, which defined on top of a number of security standards.

Review on Security in Cloud Computing
In the world of cloud computing, there are lacks of compliance to standards, reporting, monitoring, service level agreements and legal acts. The providers have datacenters worldwide and customer can dynamically allocate their data among various data centers. Hence, this creates the customers anxiety because they may not know where their data is at any given time. Service providers and most governments have the ability to track and manage records. Most of these data will flow in and out of their environments. Here the major concern is the level of trust and transparency of the customer which should be well known to the customers through proper documents and policies, also the customers can test and identify their trust level at any point of time.
The biggest benefit of cloud computing is the centralization of data. Organizations have an issue with asset protection, in no small part because of data being stored in numerous places, like laptops and the desktop. Thick clients are apt to download files and maintain them on the hard drive and there are plenty of laptops out there with non-encrypted files. Using thin clients creates a better chance for centralized data storage. As such, there's less chance for data leakage. Centralization also provides the opportunity for better monitoring. That data is in one place makes it easier to check in on user data and verify that access.
The same security issues that the organization deals with are the sorts of issues that SaaS providers will faces the securing network, hardware issues, applications and data. But compliance adds another level of headache. Regulations like Sarbanes-Oxley (SOX), Gramm-Leach-Bliley (GLBA) and industry standards like the Payment Card Industry Data Security Standard (PCI DSS) make things particularly challenging. Prior to SaaS, compliance could be managed by a few tasks: • Identify users and access privileges • Identify sensitive data • Identify where it's located • Identify how it is encrypted • Document this for auditors and regulators

AJAS
The security aspects in cloud computing is listed in detail below: The development of secured cloud involves identifying specific threats and the risks they represent, followed by design and implementation of specific controls to counter those threats and assist in managing the risks they pose to the organization and/or its customers. This must provide consistency, repeatability and conformance. The SDLC of secured cloud consists of six phases, which are: • Phase 1. Investigation:-Define project processes and goals and document them in the program security policy • Phase 2. Analysis:-Analyze existing security policies and programs, analyze current threats and controls, examine legal issues and perform risk analysis • Phase 3. Logical design:-Develop a security blueprint, plan incident response actions, plan business responses to disaster and determine the feasibility of continuing and/or outsourcing the project Public-key encryption schemes are secure only if the authenticity of the public key is assured. A publickey certificate scheme provides the necessary security (Stallings, 2005). A simple public-key algorithm is Diffie-Hellman key exchange. This protocol enables two users to establish a secret key using a public-key scheme based on discrete logarithms. The protocol is secure only if the authenticity of the two participants can be established.

RESULTS
Implementation of cloud become more rapid in the recent years, such as Wu andHuang (2011), Mehdi et al. (2011), Kumar and Balasubramanie (2012) and Ponnuramu and Tamilselvan (2012). Wu and Huang (2011) implemented quasi-experimental method was applied to the study of 110 fifth grade students of Tunglo Elementary School, Taiwan. Mehdi et al. (2011) proposes Impatient Task Mapping in Elastic Cloud using Genetic Algorithm. This algorithm finds a fast mapping using genetic algorithms. The genetic algorithm with "exist if satisfy" condition is speeding up the mapping process. The genetic algorithm is implemented using Cloudsim.
Infrastructure as a Service (IaaS) is one among the cloud services that provides a computing resourses for demand in various applications like Parallel Data processing. The computer resources offered in the cloud are extremely dynamic and probably heterogeneous. Nephele is the data processing framework used to exploit the dynamic resource allocation offered by IaaS clouds for task scheduling.

DISCUSSION
The quasi-experiment results showed that cloud computing was better than traditional IT system of educational environment. Cloudsim simulator is a cloud benchmark which is used to test algorithms in Science Publications AJAS cloud computing. Mapping time and makespan are the performance metrics in the cloud based mapping algorithms. Tasks scheduling and processing in cloud offers automatically instantiated and terminated job execution. The present methodologies increases the efficacy of the scheduling algorithm for the real time Cloud Computing services. These Algorithms utilizes the Turnaround time which also assigns high priority for task of early completion and less priority for abortions /deadlines issues of real time tasks. Wu and Huang (2011) recommended the cloud computing infrastructure to education in real world. The results of genetic algorithm in the cloud environment shows an improvement than MCT algorithm which also improves the throughput, hence can be used to map more jobs to cloud resources. The scheduling algorithms in cloud implemented on both preemptive and Nonpremptive methods. It outperfoms than the existing utility based scheduling algorithms on preemptive and Non-preemptive scheduling methods. Hence, a novel Turnaround time utility scheduling approach with high priority and low priority tasks.

CONCLUSION
The experimental results of secured system shows better results, however there are still critical and performance improvement need to be achieved.