Cloud communication is an intrinsic aspect of cloud architecture. It is an internet-based communication that enables access to millions of cloud services. These services are provided using TCP/UDP-based communications and protected by traditional security protocols (e.g., SSL/ TLS/DTLS). However, security threats in cloud communications become the most serious issue nowadays. To address some of the shortcomings of traditional security protocols, we propose a secure cloud communication architecture (Graphene) for both TCP- and UDP-based communications. Graphene can provide security for data-in-transit and authenticity of cloud users and cloud service providers. It protects the communication channel against most common attacks such as man-in-the-middle (including eavesdropping, sniffing, identity spoofing, and data tampering), sensitive information disclosure, replay, compromised-key, repudiation, and session hijacking attacks. This work also involves the designing of a novel high-performance cloud-focused security protocol that works for both TCP and UDP communications. Especially for UDP, it uses an asynchronous re-transmission mechanism to ensure datagram delivery. This protocol efficiently utilizes the strength and speed of symmetric block encryption with Galois/Counter mode, cryptographic hash, public key cryptography, and ephemeral key-exchange. It provides faster reconnection facility for supporting frequent connectivity and dealing with connection trade-offs. The security analysis of Graphene shows promising protection against the above discussed attacks. Graphene also outperforms TLSv1.3 (the latest stable version among the SSL successors) and DTLSv1.2 (the latest stable version of datagram TLS) in performance and bandwidth consumption significantly and shows reasonable memory usage at the server side.

云通信是云体系结构的固有方面。它是一种基于Internet的通信，可以访问数百万个云服务。这些服务是使用基于TCP / UDP的通信提供的，并受到传统安全协议（例如SSL / TLS / DTLS）的保护。但是，云通信中的安全威胁成为当今最严重的问题。为了解决传统安全协议的一些缺点，我们提出了一种安全的云通信体系结构（Graphene），用于基于TCP和UDP的通信。石墨烯可以为云用户和云服务提供商的数据传输和真实性提供安全性。它可以保护通信通道免受最常见的攻击，例如中间人（包括窃听，嗅探，身份欺骗和数据篡改），敏感信息泄露，重播，密钥泄露，抵赖和会话劫持攻击。这项工作还涉及设计一种适用于TCP和UDP通信的新型高性能，注重云的安全协议。特别是对于UDP，它使用异步重传机制来确保数据报的传递。该协议有效地利用了Galois / Counter模式，加密散列，公共密钥密码和临时密钥交换的对称块加密的强度和速度。它提供了更快的重新连接功能，以支持频繁的连接并处理连接权衡。石墨烯的安全性分析显示了针对上述攻击的有希望的保护。Graphene还胜过TLSv1.3（SSL继任者中最新的稳定版本）和DTLSv1。