{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,28]],"date-time":"2026-03-28T23:34:29Z","timestamp":1774740869685,"version":"3.50.1"},"reference-count":50,"publisher":"Springer Science and Business Media LLC","issue":"2","license":[{"start":{"date-parts":[[2020,7,7]],"date-time":"2020-07-07T00:00:00Z","timestamp":1594080000000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"},{"start":{"date-parts":[[2020,7,7]],"date-time":"2020-07-07T00:00:00Z","timestamp":1594080000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"}],"funder":[{"DOI":"10.13039\/501100000038","name":"Natural Sciences and Engineering Research Council of Canada","doi-asserted-by":"publisher","award":["RGPIN-2019-04651"],"award-info":[{"award-number":["RGPIN-2019-04651"]}],"id":[{"id":"10.13039\/501100000038","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100001804","name":"Canada Research Chairs","doi-asserted-by":"publisher","award":["231318"],"award-info":[{"award-number":["231318"]}],"id":[{"id":"10.13039\/501100001804","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Int. J. Inf. Secur."],"published-print":{"date-parts":[[2021,4]]},"DOI":"10.1007\/s10207-020-00511-w","type":"journal-article","created":{"date-parts":[[2020,7,7]],"date-time":"2020-07-07T19:03:15Z","timestamp":1594148595000},"page":"161-179","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":21,"title":["A secure architecture for TCP\/UDP-based cloud communications"],"prefix":"10.1007","volume":"20","author":[{"given":"Abu","family":"Faisal","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Mohammad","family":"Zulkernine","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2020,7,7]]},"reference":[{"key":"511_CR1","doi-asserted-by":"publisher","unstructured":"Abdallah, E.G., Zulkernine, M., Gu, Y.X., Liem, C.: Trust-cap: A trust model for cloud-based applications. In: 2017 IEEE 41st Annual Computer Software and Applications Conference (COMPSAC), vol.\u00a02, pp. 584\u2013589 (2017). https:\/\/doi.org\/10.1109\/COMPSAC.2017.256","DOI":"10.1109\/COMPSAC.2017.256"},{"key":"511_CR2","doi-asserted-by":"publisher","unstructured":"Adrian, D., Bhargavan, K., Durumeric, Z., Gaudry, P., Green, M., Halderman, J.A., Heninger, N., Springall, D., Thom\u00e9, E., Valenta, L., VanderSloot, B., Wustrow, E., Zanella-B\u00e9guelin, S., Zimmermann, P.: Imperfect forward secrecy: How Diffie-Hellman fails in practice. In: Proceedings of the 22Nd ACM SIGSAC Conference on Computer and Communications Security, CCS \u201915, pp. 5\u201317. ACM, New York, NY, USA (2015). https:\/\/doi.org\/10.1145\/2810103.2813707","DOI":"10.1145\/2810103.2813707"},{"key":"511_CR3","doi-asserted-by":"publisher","first-page":"78882","DOI":"10.1109\/ACCESS.2019.2923294","volume":"7","author":"A Al\u00f3s","year":"2019","unstructured":"Al\u00f3s, A., Mor\u00e1n, F., Carballeira, P., Berj\u00e1n, D., Garc\u00eda, N.: Congestion control for cloud gaming over udp based on round-trip video latency. IEEE Access 7, 78882\u201378897 (2019). https:\/\/doi.org\/10.1109\/ACCESS.2019.2923294","journal-title":"IEEE Access"},{"key":"511_CR4","doi-asserted-by":"publisher","unstructured":"Amara, N., Zhiqui, H., Ali, A.: Cloud computing security threats and attacks with their mitigation techniques. In: 2017 International Conference on Cyber-Enabled Distributed Computing and Knowledge Discovery (CyberC), pp. 244\u2013251 (2017). https:\/\/doi.org\/10.1109\/CyberC.2017.37","DOI":"10.1109\/CyberC.2017.37"},{"key":"511_CR5","unstructured":"Amazon Web Services: Amazon Web Services: Overview of Security Processes. https:\/\/d1.awsstatic.com\/whitepapers\/Security\/AWS_Security_Whitepaper.pdf (2017). Accessed 25 July 2019"},{"key":"511_CR6","unstructured":"Amazon Web Services: Network Load Balancer Now Supports UDP Protocol. https:\/\/aws.amazon.com\/about-aws\/whats-new\/2019\/06\/network-load-balancer-now-supports-udp-protocol\/ (2019). Accessed 25 July 2019"},{"key":"511_CR7","unstructured":"ARM: AMBA AXI and ACE Protocol Specification. https:\/\/static.docs.arm.com\/ihi0022\/g\/IHI0022G_amba_axi_protocol_spec.pdf#I19.5.4947910 (2019). Accessed 22 Feb 2020"},{"key":"511_CR8","unstructured":"Aviram, N., Schinzel, S., Somorovsky, J., Heninger, N., Dankel, M., Steube, J., Valenta, L., Adrian, D., Halderman, J.A., Dukhovni, V., K\u00e4sper, E., Cohney, S., Engels, S., Paar, C., Shavitt, Y.: Drown: Breaking tls using sslv2. In: USENIX Security Symposium, pp. 689\u2013706 (2016)"},{"key":"511_CR9","unstructured":"Barker, E.B., Dang, Q.H.: SP 800-57 Pt3 R1. Recommendation for Key Management, Part 3: Application-Specific Key Management Guidance. https:\/\/nvlpubs.nist.gov\/nistpubs\/SpecialPublications\/NIST.SP.800-57Pt3r1.pdf (2015). Accessed 25 July 2019"},{"key":"511_CR10","unstructured":"Barker, E.B., Roginsky, A.L.: SP 800-131A R1. Transitions: Recommendation for Transitioning the Use of Cryptographic Algorithms and Key Lengths. http:\/\/nvlpubs.nist.gov\/nistpubs\/SpecialPublications\/NIST.SP.800-131Ar1.pdf (2015). Accessed 25 July 2019"},{"key":"511_CR11","unstructured":"BLAKE2\u2014fast secure hashing. https:\/\/blake2.net\/ (2017). Accessed 25 July 2019"},{"key":"511_CR12","unstructured":"B\u00f6ck, H., Somorovsky, J., Young, C.: Return of bleichenbacher\u2019s oracle threat (robot). In: Proceedings of the 27th USENIX Conference on Security Symposium, SEC\u201918, pp. 817\u2013832. USENIX Association, Berkeley, CA, USA (2018). http:\/\/dl.acm.org\/citation.cfm?id=3277203.3277265. Accessed 25 July 2019"},{"key":"511_CR13","doi-asserted-by":"publisher","unstructured":"Chandu, Y., Kumar, K.S.R., Prabhukhanolkar, N.V., Anish, A.N., Rawal, S.: Design and implementation of hybrid encryption for security of iot data. In: 2017 International Conference On Smart Technologies For Smart Nation (SmartTechCon), pp. 1228\u20131231 (2017). https:\/\/doi.org\/10.1109\/SmartTechCon.2017.8358562","DOI":"10.1109\/SmartTechCon.2017.8358562"},{"key":"511_CR14","unstructured":"Cloud Security Alliance: The Treacherous 12\u2014Top Threats to Cloud Computing + Industry Insights. https:\/\/cloudsecurityalliance.org\/download\/artifacts\/top-threats-cloud-computing-plus-industry-insights\/ (2017). Accessed 25 July 2019"},{"issue":"1","key":"511_CR15","doi-asserted-by":"publisher","first-page":"167","DOI":"10.1137\/S0097539702403773","volume":"33","author":"R Cramer","year":"2004","unstructured":"Cramer, R., Shoup, V.: Design and analysis of practical public-key encryption schemes secure against adaptive chosen ciphertext attack. SIAM J. Comput. 33(1), 167\u2013226 (2004). https:\/\/doi.org\/10.1137\/S0097539702403773","journal-title":"SIAM J. Comput."},{"key":"511_CR16","unstructured":"CRIME. https:\/\/en.wikipedia.org\/wiki\/CRIME (2018). Accessed 25 July 2019"},{"key":"511_CR17","unstructured":"Diffie-Hellman, Weak: and the Logjam Attack. https:\/\/weakdh.org\/ (2017). Accessed 25 July 2019"},{"key":"511_CR18","volume-title":"Here come the xor ninjas","author":"T Duong","year":"2011","unstructured":"Duong, T., Rizzo, J.: Here come the xor ninjas. White paper, Netifera (2011)"},{"key":"511_CR19","doi-asserted-by":"publisher","unstructured":"Durumeric, Z., Li, F., Kasten, J., Amann, J., Beekman, J., Payer, M., Weaver, N., Adrian, D., Paxson, V., Bailey, M., Halderman, J.A.: The matter of heartbleed. In: Proceedings of the 2014 Conference on Internet Measurement Conference, IMC \u201914, pp. 475\u2013488. ACM, New York, NY, USA (2014). https:\/\/doi.org\/10.1145\/2663716.2663755","DOI":"10.1145\/2663716.2663755"},{"key":"511_CR20","doi-asserted-by":"crossref","unstructured":"Faisal, A., Zulkernine, M.: Graphene: A Secure Cloud Communication Architecture. In: Proceedings of the International Workshop on Cloud Security and Privacy (CLOUD S&P\u201919). LNCS (2019)","DOI":"10.1007\/978-3-030-29729-9_3"},{"key":"511_CR21","doi-asserted-by":"publisher","unstructured":"Fardan, N.J.A., Paterson, K.G.: Lucky thirteen: Breaking the TLS and DTLS record protocols. In: 2013 IEEE Symposium on Security and Privacy, pp. 526\u2013540 (2013). https:\/\/doi.org\/10.1109\/SP.2013.42","DOI":"10.1109\/SP.2013.42"},{"key":"511_CR22","unstructured":"Ghali, C., Stubblefield, A., Knapp, E., Li J., Schmidt, B., Boeuf, J.: Application Layer Transport Security. https:\/\/cloud.google.com\/security\/encryption-in-transit\/application-layer-transport-security\/resources\/alts-whitepaper.pdf (2017). Accessed 22 Feb 2020"},{"key":"511_CR23","unstructured":"Google: Encryption at Rest in Google Cloud Platform. https:\/\/cloud.google.com\/security\/encryption-at-rest\/default-encryption\/resources\/encryption-whitepaper.pdf (2016). Accessed 25 July 2019"},{"key":"511_CR24","unstructured":"Google: Encryption in Transit in Google Cloud. https:\/\/cloud.google.com\/security\/encryption-in-transit\/resources\/encryption-in-transit-whitepaper.pdf (2017). Accessed 25 July 2019"},{"key":"511_CR25","unstructured":"Google: Google Infrastructure Security Design Overview. https:\/\/cloud.google.com\/security\/infrastructure\/design\/resources\/google_infrastructure_whitepaper_fa.pdf (2017). Accessed 25 July (2019)"},{"key":"511_CR26","unstructured":"Google: Internal TCP\/UDP Load Balancing Concepts. https:\/\/cloud.google.com\/load-balancing\/docs\/internal\/ (2019). Accessed 25 July 2019"},{"key":"511_CR27","doi-asserted-by":"publisher","unstructured":"Hardt, D.: The OAuth 2.0 Authorization Framework. RFC 6749 (2012). https:\/\/doi.org\/10.17487\/RFC6749. https:\/\/rfc-editor.org\/rfc\/rfc6749.txt","DOI":"10.17487\/RFC6749"},{"key":"511_CR28","doi-asserted-by":"publisher","unstructured":"Honda, O., Ohsaki, H., Imase, M., Ishizuka, M., Murayama, J.: Understanding TCP over TCP: effects of TCP tunneling on end-to-end throughput and latency. In: SPIE Optics East, vol. 6011 (2005). https:\/\/doi.org\/10.1117\/12.630496","DOI":"10.1117\/12.630496"},{"key":"511_CR29","unstructured":"Hybrid CryptoSystem. https:\/\/en.wikipedia.org\/wiki\/Hybrid_cryptosystem (2017). Accessed 25 July 2019"},{"key":"511_CR30","doi-asserted-by":"crossref","unstructured":"Iyengar, J., Thomson, M.: QUIC: A UDP-Based Multiplexed and Secure Transport. Internet-Draft draft-ietf-quic-transport-27, Internet Engineering Task Force (2020). https:\/\/datatracker.ietf.org\/doc\/html\/draft-ietf-quic-transport-27. Work in Progress","DOI":"10.17487\/RFC9000"},{"key":"511_CR31","unstructured":"Java Secure Socket Extension (JSSE) Reference Guide. https:\/\/docs.oracle.com\/en\/java\/javase\/11\/security\/java-secure-socket-extension-jsse-reference-guide.html (2018). Accessed 25 July 2019"},{"key":"511_CR32","unstructured":"Java Secure Socket Extension (JSSE) Reference Guide. https:\/\/docs.oracle.com\/javase\/9\/security\/java-secure-socket-extension-jsse-reference-guide.htm (2018). Accessed 25 July 2019"},{"key":"511_CR33","doi-asserted-by":"crossref","unstructured":"Kaaniche, N., Laurent, M., Barbori, M.E.: Cloudasec: a novel public-key based framework to handle data sharing security in clouds. In: 2014 11th International Conference on Security and Cryptography (SECRYPT), pp. 1\u201314 (2014)","DOI":"10.5220\/0005010600050018"},{"key":"511_CR34","doi-asserted-by":"publisher","unstructured":"Khanezaei, N., Hanapi, Z.M.: A framework based on rsa and aes encryption algorithms for cloud computing services. In: 2014 IEEE Conference on Systems, Process and Control (ICSPC 2014), pp. 58\u201362 (2014). https:\/\/doi.org\/10.1109\/SPC.2014.7086230","DOI":"10.1109\/SPC.2014.7086230"},{"key":"511_CR35","doi-asserted-by":"crossref","unstructured":"Kivinen, T., Kojo, M.: More modular exponential (modp) diffie-hellman groups for internet key exchange (ike). https:\/\/tools.ietf.org\/html\/rfc3526 (2003). Accessed 25 July (2019)","DOI":"10.17487\/rfc3526"},{"key":"511_CR36","doi-asserted-by":"publisher","unstructured":"Liang, C., Ye, N., Malekian, R., Wang, R.: The hybrid encryption algorithm of lightweight data in cloud storage. In: 2016 2nd International Symposium on Agent, Multi-agent Systems and Robotics (ISAMSR), pp. 160\u2013166 (2016). https:\/\/doi.org\/10.1109\/ISAMSR.2016.7810021","DOI":"10.1109\/ISAMSR.2016.7810021"},{"key":"511_CR37","doi-asserted-by":"crossref","unstructured":"Mell, P.M., Grance, T.: SP 800-145. The NIST Definition of Cloud Computing. http:\/\/nvlpubs.nist.gov\/nistpubs\/Legacy\/SP\/nistspecialpublication800-145.pdf (2011). Accessed 25 July 2019","DOI":"10.6028\/NIST.SP.800-145"},{"key":"511_CR38","unstructured":"Microsoft: Trusted Cloud: Microsoft Azure Security, Privacy and Compliance. http:\/\/download.microsoft.com\/download\/1\/6\/0\/160216AA-8445-480B-B60F-5C8EC8067FCA\/WindowsAzure-SecurityPrivacyCompliance.pdf (2015). Accessed 25 July 2019"},{"key":"511_CR39","unstructured":"M\u00f6ller, B., Duong, T., Kotowicz, K.: This poodle bites: exploiting the ssl 3.0 fallback, 2014. Security Advisory (2014). Accessed 25 July 2019"},{"key":"511_CR40","doi-asserted-by":"publisher","unstructured":"Neuman, D.C., Hartman, S., Raeburn, K., Yu, T.: The Kerberos Network Authentication Service (V5). RFC 4120 (2005). https:\/\/doi.org\/10.17487\/RFC4120. https:\/\/rfc-editor.org\/rfc\/rfc4120.txt","DOI":"10.17487\/RFC4120"},{"key":"511_CR41","unstructured":"Perttula, D., Warner, B., Wilcox-O\u2019Hearn, Z.: Attacks on Convergent Encryption. https:\/\/tahoe-lafs.org\/hacktahoelafs\/drew_perttula.html (2008). Accessed 25 July 2019"},{"key":"511_CR42","doi-asserted-by":"publisher","unstructured":"Rescorla, E., Dierks, T.: The Transport Layer Security (TLS) Protocol Version 1.2. RFC 5246 (2008). https:\/\/doi.org\/10.17487\/RFC5246. https:\/\/rfc-editor.org\/rfc\/rfc5246.txt","DOI":"10.17487\/RFC5246"},{"key":"511_CR43","doi-asserted-by":"publisher","unstructured":"Rescorla, E., Modadugu, N.: Datagram Transport Layer Security Version 1.2. RFC 6347 (2012). https:\/\/doi.org\/10.17487\/RFC6347.https:\/\/rfc-editor.org\/rfc\/rfc6347.txt","DOI":"10.17487\/RFC6347."},{"key":"511_CR44","unstructured":"Rescorla, E., Tschofenig, H., Modadugu, N.: The Datagram Transport Layer Security (DTLS) Protocol Version 1.3. Internet-Draft draft-ietf-tls-dtls13-32, Internet Engineering Task Force (2019). https:\/\/datatracker.ietf.org\/doc\/html\/draft-ietf-tls-dtls13-32 (Work in Progress)"},{"key":"511_CR45","doi-asserted-by":"publisher","unstructured":"Rescorla, E.: The Transport Layer Security (TLS) Protocol Version 1.3. RFC 8446 (2018). https:\/\/doi.org\/10.17487\/RFC8446.https:\/\/rfc-editor.org\/rfc\/rfc8446.txt","DOI":"10.17487\/RFC8446."},{"key":"511_CR46","doi-asserted-by":"publisher","unstructured":"Ronen, E., Gillham, R., Genkin, D., Shamir, A., Wong, D., Yarom, Y.: The 9 Lives of Bleichenbacher\u2019s CAT: New Cache ATtacks on TLS Implementations. In: 2019 IEEE Symposium on Security and Privacy (SP), pp. 435\u2013452. IEEE (2019). https:\/\/doi.org\/10.1109\/SP.2019.00062","DOI":"10.1109\/SP.2019.00062"},{"key":"511_CR47","unstructured":"Smotrakov, A.: DTLSOverDatagram.java. http:\/\/cr.openjdk.java.net\/~asmotrak\/8159416\/webrev.08\/test\/javax\/net\/ssl\/DTLS\/DTLSOverDatagram.java.html (2016). Accessed 25 July 2019"},{"key":"511_CR48","doi-asserted-by":"publisher","unstructured":"Soyjaudah, K.M.S., Catherine, P.C., Coonjah, I.: Evaluation of udp tunnel for data replication in data centers and cloud environment. In: 2016 International Conference on Computing, Communication and Automation (ICCCA), pp. 1217\u20131221 (2016). https:\/\/doi.org\/10.1109\/CCAA.2016.7813927","DOI":"10.1109\/CCAA.2016.7813927"},{"key":"511_CR49","unstructured":"Transport Layer Security: Attacks against TLS\/SSL. https:\/\/en.wikipedia.org\/wiki\/Transport_Layer_Security#Attacks_against_TLS\/SSL (2018). Accessed 25 July 2019"},{"key":"511_CR50","doi-asserted-by":"publisher","unstructured":"Wang, C., Qin, Z., Peng, J., Wang, J.: A novel encryption scheme for data deduplication system. In: 2010 International Conference on Communications, Circuits and Systems (ICCCAS), pp. 265\u2013269 (2010). https:\/\/doi.org\/10.1109\/ICCCAS.2010.5581996","DOI":"10.1109\/ICCCAS.2010.5581996"}],"container-title":["International Journal of Information Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s10207-020-00511-w.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/article\/10.1007\/s10207-020-00511-w\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s10207-020-00511-w.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,11,1]],"date-time":"2022-11-01T17:02:24Z","timestamp":1667322144000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/s10207-020-00511-w"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2020,7,7]]},"references-count":50,"journal-issue":{"issue":"2","published-print":{"date-parts":[[2021,4]]}},"alternative-id":["511"],"URL":"https:\/\/doi.org\/10.1007\/s10207-020-00511-w","relation":{},"ISSN":["1615-5262","1615-5270"],"issn-type":[{"value":"1615-5262","type":"print"},{"value":"1615-5270","type":"electronic"}],"subject":[],"published":{"date-parts":[[2020,7,7]]},"assertion":[{"value":"7 July 2020","order":1,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}},{"order":1,"name":"Ethics","group":{"name":"EthicsHeading","label":"Compliance with Ethical Standards"}},{"value":"The authors declare that they have no conflict of interest.","order":2,"name":"Ethics","group":{"name":"EthicsHeading","label":"Conflict of Interest"}},{"value":"This article does not contain any studies with human participants or animals performed by any of the authors.","order":3,"name":"Ethics","group":{"name":"EthicsHeading","label":"Ethical Approval"}}]}}