Blockchain based Internet of Things (Debashis De, Siddhartha Bhattacharyya etc.)

150

M. Bakro et al.

Table 2 Cloud service delivery models according to security issues [22]

Service delivery model

Elements of key security

Threats of possible

Software-as-a-service

(SaaS)

• Security of web application

• Control of access

• Security of software

• Services availability

• Conﬁdentiality of data

• Integrity of data

• Privacy of data

• Backup of data and

application

• Authorization and

authentication

• Data violations

• Breaches of privacy

• Hijacking of session

• Impersonation

• Cross-site scripting (XSS)

• Violation of access control

• Attacks of SQL injection

• Deletion of data

• Analysis of trafﬁc ﬂow

• Attacks of cross-VM

• Attacks of DoS

Platform-as-a-service

(PaaS)

• Control of access

• Security of application

• Application data security

• Availability

• Impersonation

• Data violations

• Modiﬁcation of application

• Interruption of application

• Attacks of cross-VM

• Attacks of DoS

Infrastructure-as-a-service

(IaaS)

• Physical security

• Availability of services

• Data conﬁdentiality in the

storage

• Data integrity in storage

• Protection of virtual cloud

• Security of network

• Data violations during

transmission through a

network

• Physical damage to

infrastructure

• Attacks of DoS

• Attacks of DNS server

• Attacks of IP-based

• Attack on DHCP server

• Analysis of trafﬁc ﬂow

Agency (NSA) is spying between Google and Yahoo data centers around the world,

and therefore more than 54% of German companies are ﬁnding that using the cloud

is a concern according to a poll published in 2013 by Price Waterhouse Coopers

(PWC). Therefore, a reliable cloud provider must be used in addition to maintaining

data conﬁdentiality through encryption and maintaining its availability as well [31].

We concluded that most of the security problems related to data are concentrated in

the SaaS and IaaS layers where our work will be concentrated in this research, noting

that most of these threats can be solved by segmenting and encrypting information to

maintainitsconﬁdentiality,andthisiswhatwillleadustotalkaboutcryptographyand

hashing, also by data authentication and the use of hashing algorithms to maintain

data integrity, ﬁnally distributing data to more than one server to maintain their

availability, and this is what the blockchain technology will provide.