Adaptive Security Model for Cloud Platforms Based on Information Security and Cryptographic Protocols
DOI:
https://doi.org/10.47941/ijce.2591Keywords:
Cloud Security, Cryptographic Protocols, Information Security, Data Encryption, Cybersecurity ComplianceAbstract
Purpose: This paper proposes an adaptive security model designed for cloud platforms, integrating information security principles and cryptographic protocols to address evolving cybersecurity threats. The model ensures dynamic security control adjustments based on real-time risk assessments to protect enterprise applications and business operations.
Methodology: The proposed model employs continuous monitoring, intelligent threat detection, and automated responses to proactively mitigate risks. It integrates cryptographic techniques such as AES, RSA, and elliptic-curve cryptography to secure data transmission, storage, and access control. Additionally, machine learning-driven anomaly detection and behavioral analytics dynamically refine security policies.
Findings: The model enhances cloud security resilience against data breaches, unauthorized access, and service disruptions. By leveraging automated security orchestration, it ensures scalability, resilience, and operational efficiency while minimizing system overhead. The experimental implementation confirms its effectiveness in mitigating threats while maintaining high system performance and availability.
Unique Contribution to Theory, Practice, and Policy (Recommendations): This research contributes to cloud security advancements by presenting a comprehensive, adaptable security framework that addresses both known and emerging attack vectors. It ensures compliance with industry regulations such as GDPR, HIPAA, and SOC 2, providing organizations with a structured approach to meeting evolving cybersecurity mandates. Future research should explore enhanced AI-driven security orchestration, quantum-resistant cryptographic protocols, and cross-cloud security interoperability to further fortify cloud infrastructures.
Downloads
References
Keshattiwar, P., Lokulwar, P., & Saraf, P. (2024, June). Data Defender’s Shield in Safeguarding Information through Advanced Encryption and Access Management in Cloud-Based Applications. In 2024 International Conference on Innovations and Challenges in Emerging Technologies (ICICET) (pp. 1-6). IEEE.
Mulder, J. (2023). Multi-Cloud Strategy for Cloud Architects: Learn how to adopt and manage public clouds by leveraging BaseOps, FinOps, and DevSecOps. Packt Publishing Ltd.
Ali, T., Al-Khalidi, M., & Al-Zaidi, R. (2024). Information security risk assessment methods in cloud computing: Comprehensive review. Journal of Computer Information Systems, 1-28.
Adee, R., & Mouratidis, H. (2022). A dynamic four-step data security model for data in cloud computing based on cryptography and steganography. Sensors, 22(3), 1109.
Chadwick, D. W., Fan, W., Costantino, G., De Lemos, R., Di Cerbo, F., Herwono, I., ... & Wang, X. S. (2020). A cloud-edge based data security architecture for sharing and analysing cyber threat information. Future generation computer systems, 102, 710-722.
Sabbarwal, E., & Pandey, D. S. (2023, June). IoT based Data Protection Technique for Security and Privacy Preserving in Cloud ERP. In 2023 International Conference on IoT, Communication and Automation Technology (ICICAT) (pp. 1-5). IEEE.
Sundar, K., Sasikumar, S., & Jayakumar, C. (2022). Enhanced cloud security model using QKDP (ECSM-QKDP) for advanced data security over cloud. Quantum Information Processing, 21(3), 115.
Thabit, F., Can, O., Wani, R. U. Z., Qasem, M. A., Thorat, S. B., & Alkhzaimi, H. A. (2023). Data security techniques in cloud computing based on machine learning algorithms and cryptographic algorithms: Lightweight algorithms and genetics algorithms. Concurrency and Computation: Practice and Experience, 35(21), e7691.
Dholakia, S. (2024). Modern Cryptography: The Practical Guide. Germany: Rheinwerk Publishing. https://books.google.com/books?id=cwa-0AEACAAJ.
Agarwal, P., & Gupta, A. (2024, May). Cybersecurity strategies for safe erp/crm implementation. In 2024 3rd International Conference on Artificial Intelligence For Internet of Things (AIIoT) (pp. 1-6). IEEE.
Alwaheidi, M. K., & Islam, S. (2022). Data-driven threat analysis for ensuring security in cloud enabled systems. Sensors, 22(15), 5726.
Möller, D. P. (2023). Cybersecurity in digital transformation. In Guide to Cybersecurity in Digital Transformation: Trends, Methods, Technologies, Applications and Best Practices (pp. 1-70). Cham: Springer Nature Switzerland.
Seetharamarao, R. Y. (2023, December). A Unified Approach Towards Security Audit and Compliance in Cloud Computing Environment. In 2023 16th International Conference on Developments in eSystems Engineering (DeSE) (pp. 623-629). IEEE.
Shakor, M. Y., Khaleel, M. I., Safran, M., Alfarhood, S., & Zhu, M. (2024). Dynamic AES encryption and blockchain key management: a novel solution for cloud data security. IEEE Access, 12, 26334-26343.
Hemker, T. (2020). Cyber Security…… by Design or by Counterplay?—Enabling and Accelerating Digital Transformation Through Managing Information Security Technology, Risk and Compliance at the Right Place. Redesigning Organizations: Concepts for the Connected Society, 315-325.
Downloads
Published
How to Cite
Issue
Section
License
Copyright (c) 2025 Harish Narne , Sandip Dholakia
This work is licensed under a Creative Commons Attribution 4.0 International License.
Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution (CC-BY) 4.0 License that allows others to share the work with an acknowledgment of the work's authorship and initial publication in this journal.
