A Cloud Computing Security Framework Based on Cloud Security Trusted Authority

Cloud computing is a promising technology that provides dynamic resource allocation, power saving, and low running cost. On the other hand, security risks of cloud computing represent a major concern that slows down its market growth. There are many frameworks for handling security risks of cloud computing, most of them trust the cloud service provider and do not focus on the new types of security risks that might face the cloud. Hence, they cannot detect attacks that might come from cloud service provider's side or due to vulnerabilities or attacks at the cloud service provider system. Therefore, a new security framework for cloud computing is introduced in this paper that tries to tackle these problems. Additionally, it is assumed that the introduced framework does not trust the cloud service provider. The introduced framework keeps the sensitive data encrypted at a cloud trusted authority and, hence, the sensitive data are kept away from attacks occurred at the cloud service provider.