Abstract: Different types of organizations based on requirements commonly and widely used cloud-computing frameworks. Many companies are sharing very important data on daily basis over the different cloud server. Hence it is required to have efficient data confidentiality and security method to protect against different security threats like insider attacks. The recent works proposed on cloud computing security has mainly worked either on cloud computing platform protection from malicious users or cloud client’s protection from each other’s unwanted activities. However, the issues of cloud client’s protection from the other malicious cloud client’s attacks (this attack is called insider attacks are still remaining research problem. In this project, a novel approach is presenting in order to ensure the client data confidentiality and integrity during computation over the cloud platform. The goal of proposed approach is to ensure that cloud user private data not be exposed to other internal cloud users like other cloud clients and administrator. The proposed designed method makes use of remote attestation and late launch based method called Flicker in order to verify the integrity of the cloud platform. This is a practical approach designing for securing the confidentiality and integrity of client data and computation from cloud clients and from the Infrastructure-as-a-Service (IaaS) based cloud system administrator himself. For data security, we are using newly designed hybrid cryptography method to deliver the best efficiency performance.
Keywords: Cloud Computing, Cloud Security, Security threats, Risk analysis, Data Protection, Privacy.