Work place: Department of Mathematics/ICT, Bagabaga College of Education, Tamale, +233, Ghana
E-mail: sumar.sayibu2@gmail.com
Website:
Research Interests: Computer systems and computational processes, Autonomic Computing, Computer Architecture and Organization, Computer Networks, Information Systems
Biography
Umar Sayibu, born in 1973 and a Tutor at Bagabaga College of Education Tamale -Ghana. He holds an M.Sc. degree In Information Technology from Kwame Nkrumah University of Science and Technology, Kumasi – Ghana in June 2018. He received his BA degree in Information Studies in 2010 from University of Ghana Accra -Ghana. His research area of interest is Cloud Computing, Information Systems and Computer Networks.
By Umar Sayibu Frimpong Twum Issah Baako
DOI: https://doi.org/10.5815/ijcnis.2019.11.06, Pub. Date: 8 Nov. 2019
The decision to use either Cloud Computing (CC) applications or Traditional Information Technology Outsourcing (Traditional ITO) environments is a function of the security evaluations of these two options. Hackers are constantly nosing around websites and other computer networks for compromised computers that have some vulnerabilities to exploit them. Vulnerabilities in cloud computing and Traditional ITO environments are leading causes of recent data breaches. These breaches provide opportunities to hackers to attack and gain access to customer information such as credit cards and contact information, passwords, sending of malicious codes to website users or making users computer potential candidates of botnets and to hijack the sessions of authentic users to make unapproved purchases on their behalf. In this paper, security penetration tools have been employed to evaluate the security vulnerabilities of cloud-based solutions and Traditional ITO to discover possible vulnerabilities, their causes and mitigation strategies to securing web applications from the discovered vulnerabilities. Some web applications and a Traditional ITO network were ethically hacked to discover vulnerabilities in them. Analyses of the results obtained through the ZAP scan flagged Remote File Inclusion (RFI) alert were high priority alert. In all, RFI constitutes the most serious potential threat and it needs the fullest attention of CC service providers. Nmap disclosed opened ports in Traditional ITO Virtual Private Network which can make the server of the provider accessible to hackers leading to a considerable disclosure of information to unauthorized users.
[...] Read more.Subscribe to receive issue release notifications and newsletters from MECS Press journals