{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,2]],"date-time":"2026-02-02T11:57:26Z","timestamp":1770033446139,"version":"3.49.0"},"reference-count":25,"publisher":"SAGE Publications","issue":"1","content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["IFS"],"published-print":{"date-parts":[[2021,8,11]]},"abstract":"<jats:p>Cloud computing on-demand dynamicity in nature of end-user that leads towards a hybrid cloud model deployment is called a multi-cloud. Multi-cloud is a multi-tenant and multi-vendor heterogeneous cloud platform in terms of services and security under a defined SLA (service level agreement). The diverse deployment of the multi-cloud model leads to rise in security risks. In this paper, we define a multi-cloud model with hybridization of vendor and security to increase the end-user experience. The proposed model has a heterogeneous cloud paradigm with a combination of firewall tracts to overcome rising security issues. The proposed work consists of three steps, firstly, all incoming traffic from the consumer end into five major groups called ambient. Secondly, design a next-generation firewall (NGFW) topology with a mixture of tree-based and demilitarized zone (DMZ) implications. Test implementation of designed topology performed by using a simple DMZ technique in case of vendor-specific model and NGFW on hybrid vendor based multi-cloud model. Furthermore, it also defines some advantages of NGFW to overcome these concerns. The proposed work is helpful for the new consumer to define their dynamic secure cloud services under a single SLA before adopting a multi-cloud platform. Finally, results are compared in terms of throughput and CPU utilization in both cases.<\/jats:p>","DOI":"10.3233\/jifs-200835","type":"journal-article","created":{"date-parts":[[2021,5,14]],"date-time":"2021-05-14T12:08:12Z","timestamp":1620994092000},"page":"125-136","source":"Crossref","is-referenced-by-count":1,"title":["An archetype for mitigating the security threats in multi-cloud environment by implementing tree-based next-generation firewalls"],"prefix":"10.1177","volume":"41","author":[{"given":"Muhammad Iftikhar","family":"Hussain","sequence":"first","affiliation":[{"name":"Faculty of Information Technology, Beijing University of Technology, Beijing, China"}]},{"given":"Jingsha","family":"He","sequence":"additional","affiliation":[{"name":"Faculty of Information Technology, Beijing University of Technology, Beijing, China"}]},{"given":"Nafei","family":"Zhu","sequence":"additional","affiliation":[{"name":"Faculty of Information Technology, Beijing University of Technology, Beijing, China"}]},{"given":"Zulfiqar","family":"Ali Zardari","sequence":"additional","affiliation":[{"name":"Department of Information & Communication Technologies, Begum Nusrat Bhutto Women University, Sukkur, Pakistan"}]},{"given":"Fahad","family":"Razque","sequence":"additional","affiliation":[{"name":"Faculty of Information Technology, Beijing University of Technology, Beijing, China"}]},{"given":"Saqib","family":"Hussain","sequence":"additional","affiliation":[{"name":"Faculty of Information Technology, Beijing University of Technology, Beijing, China"}]},{"given":"Muhammad Salman","family":"Pathan","sequence":"additional","affiliation":[{"name":"Faculty of Information Technology, Beijing University of Technology, Beijing, China"}]}],"member":"179","reference":[{"key":"10.3233\/JIFS-200835_ref1","doi-asserted-by":"crossref","first-page":"100581","DOI":"10.1016\/j.jocs.2016.11.011","article-title":"Towards understanding uncertainty in cloud computing with risks of confidentiality, integrity, and availability","volume":"36","author":"Tchernykh","year":"2019","journal-title":"Journal of Computational Science"},{"key":"10.3233\/JIFS-200835_ref2","doi-asserted-by":"crossref","first-page":"27","DOI":"10.1016\/j.future.2019.04.001","article-title":"Defining and guaranteeing dynamic service levels in clouds","volume":"99","author":"Uriarte","year":"2019","journal-title":"Future Generation Computer Systems"},{"key":"10.3233\/JIFS-200835_ref3","doi-asserted-by":"crossref","first-page":"206","DOI":"10.1016\/j.future.2016.10.008","article-title":"Towards a security-enhanced PaaS platform for multi-cloud applications","volume":"67","author":"Kritikos","year":"2017","journal-title":"Future Generation Computer Systems"},{"key":"10.3233\/JIFS-200835_ref4","doi-asserted-by":"crossref","first-page":"344","DOI":"10.1016\/j.ins.2018.04.081","article-title":"Security-by-design in multi-cloud applications: An optimization approach","volume":"454","author":"Casola","year":"2018","journal-title":"Information Sciences"},{"key":"10.3233\/JIFS-200835_ref5","doi-asserted-by":"crossref","first-page":"45","DOI":"10.1016\/j.comnet.2019.06.004","article-title":"Secure Multi-Cloud Network Virtualization","volume":"161","author":"Alaluna","year":"2019","journal-title":"Computer Networks"},{"issue":"1","key":"10.3233\/JIFS-200835_ref6","doi-asserted-by":"crossref","first-page":"83","DOI":"10.14232\/actacyb.24.1.2019.7","article-title":"Multi-cloud management strategies for simulating iot applications","volume":"24","author":"M\u00e1rkus","year":"2019","journal-title":"Acta Cybernetica"},{"key":"10.3233\/JIFS-200835_ref7","doi-asserted-by":"crossref","first-page":"50","DOI":"10.1016\/j.future.2018.12.063","article-title":"Container-based fog computing architecture and energy-balancing scheduling algorithm for energy IoT","volume":"97","author":"Luo","year":"2019","journal-title":"Future Generation Computer Systems"},{"key":"10.3233\/JIFS-200835_ref8","doi-asserted-by":"crossref","first-page":"105649","DOI":"10.1016\/j.asoc.2019.105649","article-title":"Secure and economical multi-cloud storage policy with NSGA-II-C","volume":"83","author":"Yang","year":"2019","journal-title":"Applied Soft Computing"},{"key":"10.3233\/JIFS-200835_ref10","doi-asserted-by":"crossref","first-page":"78","DOI":"10.1016\/j.jnca.2017.12.006","article-title":"Model driven design and evaluation of security level in orchestrated cloud services","volume":"106","author":"Amato","year":"2018","journal-title":"Journal of Network and Computer Applications"},{"issue":"1","key":"10.3233\/JIFS-200835_ref12","doi-asserted-by":"crossref","first-page":"1471974","DOI":"10.1080\/23311916.2018.1471974","article-title":"Performance evaluation of multi-cloud compared to the single-cloud under varying firewall conditions","volume":"5","author":"Yeasmin","year":"2018","journal-title":"Cogent Engineering"},{"key":"10.3233\/JIFS-200835_ref13","first-page":"266","article-title":"An optimized deployment approach for intercloud and hybrid cloud","volume":"9","author":"Dhull","year":"2017","journal-title":"Int J Adv Trends Comput Sci Eng"},{"key":"10.3233\/JIFS-200835_ref14","doi-asserted-by":"crossref","first-page":"347","DOI":"10.1016\/j.future.2018.01.057","article-title":"Energy-efficient virtual content distribution network provisioning in cloud-based data centers","volume":"83","author":"Liao","year":"2018","journal-title":"Future Generation Computer Systems"},{"key":"10.3233\/JIFS-200835_ref15","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1016\/j.comcom.2017.02.011","article-title":"Optimal virtual network function placement in multi-cloud service function chaining architecture","volume":"102","author":"Bhamare","year":"2017","journal-title":"Computer Communications"},{"key":"10.3233\/JIFS-200835_ref16","doi-asserted-by":"crossref","first-page":"28","DOI":"10.1016\/j.compeleceng.2018.06.006","article-title":"Recent security challenges in cloud computing","volume":"71","author":"Subramanian","year":"2018","journal-title":"Computers & Electrical Engineering"},{"key":"10.3233\/JIFS-200835_ref17","doi-asserted-by":"crossref","first-page":"402","DOI":"10.1016\/j.cose.2019.05.016","article-title":"Designing an efficient security framework for detecting intrusions in virtual network of cloud computing","volume":"85","author":"Patil","year":"2019","journal-title":"Computers & Security"},{"key":"10.3233\/JIFS-200835_ref21","doi-asserted-by":"crossref","first-page":"125","DOI":"10.1016\/j.comcom.2018.07.031","article-title":"Hierarchical load balancing as a service for federated cloud networks","volume":"129","author":"Levin","year":"2018","journal-title":"Computer Communications"},{"key":"10.3233\/JIFS-200835_ref22","doi-asserted-by":"crossref","first-page":"340","DOI":"10.1016\/j.cose.2017.08.016","article-title":"A cybersecurity framework to identify malicious edge device in fog computing and cloud-of-things environments","volume":"74","author":"Sohal","year":"2018","journal-title":"Computers & Security"},{"key":"10.3233\/JIFS-200835_ref23","doi-asserted-by":"crossref","first-page":"819","DOI":"10.1016\/j.procs.2019.11.005","article-title":"Implementing Hy-IDS, Mobiles Agents and Virtual Firewall to Enhance the Security in IaaS Cloud","volume":"160","author":"Toumi","year":"2019","journal-title":"Procedia Computer Science"},{"key":"10.3233\/JIFS-200835_ref24","doi-asserted-by":"crossref","first-page":"111203","DOI":"10.1016\/j.rse.2019.05.022","article-title":"Multi-sensor cloud and cloud shadow segmentation with a convolutional neural network","volume":"230","author":"Wieland","year":"2019","journal-title":"Remote Sensing of Environment"},{"key":"10.3233\/JIFS-200835_ref27","doi-asserted-by":"crossref","first-page":"181","DOI":"10.1016\/j.jocs.2017.09.003","article-title":"FARE: FDD-based firewall anomalies resolution tool","volume":"23","author":"Sa\u00e2daoui","year":"2017","journal-title":"Journal of Computational Science"},{"issue":"15","key":"10.3233\/JIFS-200835_ref28","doi-asserted-by":"crossref","first-page":"e3773","DOI":"10.1002\/dac.3773","article-title":"On optimizing firewall performance in dynamic networks by invoking a novel swapping window\u2013based paradigm","volume":"31","author":"Mohan","year":"2018","journal-title":"International Journal of Communication Systems"},{"issue":"6","key":"10.3233\/JIFS-200835_ref29","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1145\/3130876","article-title":"Systematic literature review on usability of firewall configuration","volume":"50","author":"Voronkov","year":"2017","journal-title":"ACM Computing Surveys"},{"key":"10.3233\/JIFS-200835_ref32","first-page":"8887","article-title":"Firewall Rule Anomaly Detection and Resolution using Particle Swarm Optimization Algorithm","volume":"975","author":"Arthur","journal-title":"International Journal of Computer Applications"},{"key":"10.3233\/JIFS-200835_ref34","doi-asserted-by":"crossref","first-page":"116","DOI":"10.1016\/j.future.2013.06.024","article-title":"Improving cloud network security using the Tree-Rule firewall","volume":"30","author":"He","year":"2014","journal-title":"Future Generation Computer Systems"},{"key":"10.3233\/JIFS-200835_ref35","doi-asserted-by":"crossref","first-page":"480","DOI":"10.1016\/j.comnet.2015.10.008","article-title":"Verification of firewall reconfiguration for virtual machines migrations in the cloud","volume":"93","author":"Jarraya","year":"2015","journal-title":"Computer Networks"}],"container-title":["Journal of Intelligent &amp; Fuzzy Systems"],"original-title":[],"link":[{"URL":"https:\/\/content.iospress.com\/download?id=10.3233\/JIFS-200835","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2026,2,2]],"date-time":"2026-02-02T01:20:46Z","timestamp":1769995246000},"score":1,"resource":{"primary":{"URL":"https:\/\/journals.sagepub.com\/doi\/full\/10.3233\/JIFS-200835"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2021,8,11]]},"references-count":25,"journal-issue":{"issue":"1"},"URL":"https:\/\/doi.org\/10.3233\/jifs-200835","relation":{},"ISSN":["1064-1246","1875-8967"],"issn-type":[{"value":"1064-1246","type":"print"},{"value":"1875-8967","type":"electronic"}],"subject":[],"published":{"date-parts":[[2021,8,11]]}}}