Cloud security solutions commonly use HTTP intermediaries which include reverse proxies, load balancers, and intrusion prevention systems. Which acts as the TLS server connection ends and access HTTP/TLS plaintext to perform their functions. This method chooses its configuration randomly without considering the vulnerability to attacks and outside threats. Further, it has various other shortcomings such as inefficient presentation languages, message flow vulnerabilities and the circumvention of HHTP streaming. Fueled by cloud adoption by large enterprises increasing exponentially, the need for improvement and cunning edge security arises. One of the potential solutions that addresses these issues is the Trusted Cloud Transfer Protocol, which applies entity body encryption that can overcome these vulnerabilities. The key concept of TCTP is HTTP application layer encryption channels which integrate TLS functionality into the HTTP application layer. In this project, we will delve deeper into TCTP and other potential methods in relation to cloud security.
[1] M. Slawik, "The Trusted Cloud Transfer Protocol," 2013 IEEE 5th International Conference on Cloud Computing Technology and Science, Bristol, UK, 2013, pp. 203-208, doi: 10.1109/CloudCom.2013.126. [Accessed: 26-Feb-2023]
[2] S. Müller, D. Bermbach, S. Tai and F. Pallas, "Benchmarking the Performance Impact of Transport Layer Security in Cloud Database Systems," 2014 IEEE International Conference on Cloud Engineering, Boston, MA, USA, 2014, pp. 27-36, doi: 10.1109/IC2E.2014.48. [Accessed: 26-Feb-2023]
[3] M. Msahli, M. T. Hammi and A. Serhrouchni, "Safe box cloud authentication using TLS extesion," 2015 International Conference on Cyber Security of Smart Cities, Industrial Control System and Communications (SSIC), Shanghai, China, 2015, pp. 1-6, doi: 10.1109/SSIC.2015.7245679. [Accessed: 26- Feb-2023]
[4] Jabir, Raja & Khanji, Salam & Ahmad, Liza & Alfandi, Omar & Said, Huwida. (2016). Analysis of cloud computing attacks and countermeasures. 1-1. 10.1109/ICACT.2016.7423295. [Accessed: 26-Feb-2023]
[5] Singh, I. D. (2013, December). Data Security in cloud oriented application using SSL/TLS protocol - IJAIEM. Data Security in Cloud Oriented Application Using SSL/TLS Protocol. Retrieved February 27, 2023, from https://ijaiem.org/volume2issue12/IJAIEM-2013-12-10-022.pdf [Accessed: 26-Feb-2023]