Your All-in-One AI-Powered Toolkit for Academic Success.

+13062052269

info@desklib.com

Available 24*7 on WhatsApp / Email

Company

Tools

Support

Cloud Computing: Challenges and Solutions

Verified

Added on 2020/04/01

AI Summary

This assignment delves into the complexities of cloud computing security. It examines various vulnerabilities and threats inherent in cloud environments, such as data breaches, unauthorized access, and malicious attacks. Furthermore, it explores established security mechanisms and best practices employed to mitigate these risks, including encryption, access control, and intrusion detection systems.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.

Running head: CLOUD COMPUTING
Cloud Computing
Name of the Student
Name of the University
Author Note

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

💎 Get Pro

1
CLOUD COMPUTING
Executive Summary
The purpose of this report id to highlight the different risks and security concerns associated with
the migration of data of Webb’s store to hybrid cloud. Webb’s Stores is a regional retailer
operating in Australia and New Zealand. The report discusses the different risks and benefits of
using cloud storage and recommends certain measures of protecting the data. The objective of
the report is to highlight the different issues and concerns associated with the IaaS cloud
infrastructure.

2
CLOUD COMPUTING
Table of Contents
Introduction..........................................................................................................................3
1. Migration of MS SQL Server 2012 R2 database to IaaS.................................................3
1.1. Security Type............................................................................................................3
1.2. Benefits and Issues with the deployed security measure..........................................4
2. Risks Associated with the migration of database to cloud..............................................6
2.1. The Risk in Database................................................................................................6
2.2. The Risk IaaS Infrastructure.....................................................................................6
2.3. The Risk in communication between Webb’s and IaaS database............................8
3. Risk associated with data archival and Data back up......................................................8
3.1. Risk of Backing up data to the cloud........................................................................8
3.2. Cloud back up and DR plans....................................................................................9
4. Access protection on moving to cloud...........................................................................10
4.1. IaaS Infrastructure..................................................................................................10
4.2. MS SQL Server 2012 R2 Cloud Instance...............................................................11
4.3. Cloud network infrastructure..................................................................................11
4.4. Cloud backup and restore infrastructure.................................................................12
Conclusion.........................................................................................................................12
References..........................................................................................................................14

3
CLOUD COMPUTING
Introduction
Webb’s Stores that operates in Australia and New Zealand has decided to integrate cloud
computing in their daily operations. In order to do so, they are planning to close their Auckland
data center and the existing data center would be moved to cloud (Li et al., 2015). The report
discusses the risks and security issues associated with a hybrid cloud approach. The different
risks and associated with backing up of data to cloud and the effects on cloud backup on their
DR plan are elaborated in the following paragraphs.
1. Migration of MS SQL Server 2012 R2 database to IaaS
1.1. Security Type
Webb’s Stores is planning to migrate their MS SQL Server 2012 R2 database to an IaaS
instance in a hybrid cloud environment. However, there are certain risks associated with storing
the database in a hybrid cloud environment and therefore, proper risk mitigation policy is needed
to be undertaken. The major types of security that Webb’s Stores can deploy in order to protect
the critical database are encryption of data and authenticated use of data apart from other
strategies, which include data masking and back up of the data (Hashizume et al., 2013).
Encryption is a process of converting a data into cipher text or unreadable text in order to
prevent the unauthorized use and access of data. Through the process of encryption, the
electronic data is converted into cipher text. The primary aim of enabling an encryption process
in to protect the confidentiality of the digital data stored over the cloud, in this case, it is the
database of Webb’s Stores. Different encryption algorithm can be used in order to severe the
database. Confidentiality of data is one of the primary aims of encryption and therefore, this
method will be very effective in securing the database (Malawski et al., 2013).

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

💎 Try AI Paraphraser

4
CLOUD COMPUTING
Authentication is often used to ensure that only the registered candidates are allowed to
access the data. Authentication allows any user to access the data only if he is registered to use
that data. Different authentication techniques can be used to protect unauthorized use and access
of data (Boyd & Mathuria, 2013).
Therefore, the Webb’s Stores must necessarily deploy these two security techniques as a
primary security feature. Although the hybrid environment is safe to be used, the Webb’s Stores
must implement these two security essentials for securing their data after moving their MS SQL
server 2012 R2 database to an IaaS instance in cloud.
1.2. Benefits and Issues with the deployed security measure
The security measures deployed for securing the data in cloud approach is encryption and
authentication. The different benefits that is associated with the deployment of these information
security are as follows-
1) Security of all data types: Data is generally more vulnerable when it is moved to a
different location. The same is the case for Webb’s Stores as well. Encryption works in the
process of data transferring as well. The protects the data from being stolen, as even if an
attacker gets access to the data, it would be unreadable for them since it is encrypted (Chen &
Zhao, 2012).
2) Data Integration is maintained in Encryption: Maintaining the integrity of data is
essential. Encryption helps in maintaining the integrity of the data (Doan, Halevy & Ives, 2012).

5
CLOUD COMPUTING
3) Privacy of data is protected: The personal and the confidential data of the Store is
properly protected through the method of encryption. This is possible because, with the method
of encryption only the authorized person is able to access the data (Zissis & Lekkas, 2012).
Apart from this, deployment of these security standards would further allow other
advantages that are discussed below-
1) Flexibility: the deployment of this security policy would offer a high flexibility in the
use of database.
2) High security: the process of encryption coupled with the authentication provides high
security of the database (Arora, Parashar & Transforming, 2013).
3) Cost Effective: The deployment of this security policy is a cost effective solution with
a very low maintenance cost.
However, with these advantages, there are certain issues that are associated with the
process of encryption and authentication. The issues associated with the security measures of the
organization is listed below (Tao et al., 2014)-
1) Complex structure: The method of encryption is complex and therefore proper
research is necessary for implementing this structure.
2) Brute Force Attack: It is a method of trial and error method that can be used by an
attacker to decode an encrypted data stored in a database (Wei et al., 2014). Therefore, it can be
said that the process of encryption is associated with the risk of Brute Force attack as it can result
in data leak and loss of data.

6
CLOUD COMPUTING
These are the two major issues associated with the security measure deployed by the
organization apart from the other minor issues that includes, the method of data storage, and
process of proper encryption of the data (Garg, Versteeg & Buyya, 2013).
2. Risks Associated with the migration of database to cloud
2.1. The Risk in Database
There are certain risks that are associated with the migration of database in cloud.
Furthermore, Webb’s Stores is planning to migrate their MS SQL server 2012 R2 database to an
IaaS instance in cloud. The risk associated with the migration of the database in cloud
environment are listed below-
1) The major risk in migration of data to a cloud database is the risk of data loss. This is
because, migrating the whole R2 database is prone is very complex and if proper measures are
not taken, few or all data may face this risk (Hashem et al., 2015). Therefore, Webb’s Stores
must ensure proper strategic plan before the migration of data in order to avoid this risk.
2) Another risk associated with migrating the database to IaaS instance is data loss due to
corruption of data. This is a common risk associated with data migration and therefore, proper
measures are needed to be taken by the Webb’s Stores in order to eliminate the risk of data
corruption.
2.2. The Risk IaaS Infrastructure
The different risk associated with the migration of Webb’s Stores MS SQL server 2012
R2 database to an IaaS instance are listed below-

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

💎 Get Pro

7
CLOUD COMPUTING
1) Privacy and security Risk: One of the major concerns associated with adopting the
IaaS infrastructure is security of confidential data. This is because, the database is hosted on a
public server managed by a vendor, and therefore Webb’s should ensure that the vendor is
trusted enough to protect the data from unauthorized access. This risk can be termed as risk from
insider as well (Hashizume et al., 2013). Since the vendor would be able to access the data, it is
essential for Webb’s Stores to keep a track of their database.
2) Risk of downtime and technical difficulties- The IaaS Infrastructure is a bit complex
and therefore, it is probable that the structure would face technical difficulty, which may freeze
the operational work of the Store. Furthermore, the whole IaaS setup is largely dependent of an
internet connection and therefore, any connectivity or network related issue might render the
entire setup useless.
3) The risk of Vulnerability: Any cloud-based solution has a high chance of being
attacked or exploited by malicious users and hackers. Nothing is completely secure on internet
and the interdependency of cloud systems may lead to the loss and leakage of important data
(Zissis & Lekkas, 2012).
4) Limited Flexibility and control: Another issue associate with the IaaS instance is that,
it is controlled by a third party vendor and therefore, it offers little control and low or negligible
flexibility.
5) Denial of Service Attack: The cloud storage is prone to external attack, one of which
may be denial of service attack. This attack is generally implemented to make the resources
unavailable for the legitimate users. Public cloud environment is more prone to this attack
(Malawski et al., 2013).

8
CLOUD COMPUTING
2.3. The Risk in communication between Webb’s and IaaS database
The different risks that is associated with the communication between Webb’s and iaaS
database in cloud are listed below-
1) The major risk associated with the communication is that, an attacker can intercept or
breach the data during an ongoing communication.
2) The data might be lost due to some technical error while an ongoing communication.
This is another risk associated with communication (Fernando, Loke & Rahayu, 2013).
3) Any technical error may render the data unavailable, thus freezing the operations of
the Webb’s Stores.
3. Risk associated with data archival and Data back up
3.1. Risk of Backing up data to the cloud
i) The risks associated with the backing up of data in the cloud are listed below-
Security: One of the major concerns or risks in backing up of data in cloud is the security
risk. This is because, while backing up of data in cloud, The Webb’s Stores will have to rely on
the IaaS Vendor thus inviting a risk of unauthorized access of data (Gonzalez et al., 2012).
Data Loss: The cloud storage while backing up of data, overwrite the previous version of
the files, which saves the time and bandwidth. However, this leads to the delete of the previous
versions of the data and in case if the Store needs an old data, it may find itself in a problem
(Hashem et al., 2015). Therefore, the procedure of backing up of data leads to data loss.

9
CLOUD COMPUTING
ii) The risks associated with the storage of data in cloud after backing up described
below-
Security Risk: Since the vendor has access to the data stored in IaaS infrastructure, there
is a high possibility of security risk and data loss. The chances of sensitive and confidential data
being stolen are high in storage of data in cloud (Wei et al., 2014).
Lack of data Standardization: The data stored will be can be accessed by the third
party vendor and there is lack of proper standardization and protocol in limiting the access of
data. This is another concern of data storage in a cloud environment (Dinh et al., 2013).
Data Theft of data loss: another major concern associated with the storage of data in the
cloud environment is that it is prone to data theft.
Malware infections: Third party vendors use cloud services for data ex filtration, which
can result in malware infections (Chou, 2013)
iii) The risk that Webb’s Stores might face while retrieving the data are listed below-
Snooping: One of the major risks associated with the retrieval of data in cloud is
snooping. The stored data is transmitted over internet, which is a primary risk factor. The
possibility of intercepting of data on route is high during the data retrieval and therefore it
possesses a significant amount of risk (Leippold & Lohre, 2012).
Data leakage: Retrieval of data is dependent is largely dependent on internet connection
and therefore, the risk of data leakage is considerably high during the data retrieval.
3.2. Cloud back up and DR plans

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

💎 Try AI Paraphraser

10
CLOUD COMPUTING
The disaster recovery concept in cloud involves the storage and maintenance of the
copies of electronic records in cloud environment. The primary aim of DR is proving an
organization a way to recover its important data in case of data loss (Li et al., 2013). The
migration of the entire database to cloud will definitely help in developing a better DR plan for
Webb’s Stores. This is because, the process of data recovery us very simple in case of cloud
environment (Phillips, 2015). The primary advantage of migrating the data in cloud and
deploying a cloud back up strategy is that it keeps a copy of the data in an offsite server as well
(Rahimi et al., 2014). The Iaas infrastructure allows this facility of periodic data backup and
therefore, data recovery becomes easier.
The backup and restore strategy will definitely change as a result of this service. This is
because the process of data recovery and back up in cloud is very simple and Webb’s Stores
need not have to worry about the backup as well. This is because; the cloud provider will control
the regular data backup (Sanaei et al., 2014). A proper DR plan eliminates the risk of data loss
during migration, retrieval or storage. Therefore, this strategy will be helpful for the Webb’s
Stores in data recovery.
4. Access protection on moving to cloud
Access control and access protection is very essential for protection of data from
unauthorized access. Access control limits the access of data only to the authorized person thus
eliminating the risk of data theft and data loss. The recommendation for protecting the access to
IaaS infrastructure, database, cloud network infrastructure and cloud backup and restore are
elaborated below (Khan, 2012)-
4.1. IaaS Infrastructure

11
CLOUD COMPUTING
The IaaS infrastructure should be properly protected in order to avoid the risks associated
with the loss of data and data theft. The recommendations for ensuring access protection for IaaS
Infrastructure are elaborated below-
1) Controlling the physical access to the IaaS infrastructure is an effective method of
ensuring access control in IaaS Infrastructure. Use of multifactor authentication, which includes
OTP, tokens and smart cards, will help in reducing the risk of unauthorized access to the
infrastructure.
2) The access of IaaS infrastructure with unsecure API is one of the primary reasons of
malware infection and data threat. Only secure and authorized utilization of API should be
ensured in order to protect the data in IaaS infrastructure (Xiao, Song & Chen, 2013).
4.2. MS SQL Server 2012 R2 Cloud Instance
The contents of MS SQL Server R2 cloud instance can be protected ensuring a proper
access control methodology. The access control procedures recommended for SQL server are
elaborated below-
1)Only the registered users should be able to access the database. This should be
controlled by the Webb’s Stores to ensure that an employee with a sufficient permission will
only be allowed to access the database and the servers.
2) Proper encryption standards can help in preventing the unauthorized access to the data.
The person having the decryption key can only decrypt encrypted data and therefore, this
strategy helps in controlling the access to the database (Biham & Shamir, 2012).
4.3. Cloud network infrastructure

12
CLOUD COMPUTING
The recommendations in ensuring the access control in cloud network infrastructure are
listed below-
1) The only useful approach of ensuring the access control in cloud network
infrastructure is monitoring the cloud database server. This will help in keeping a tract of users
accessing the data and can further help in eliminating the risk of data theft (Whaiduzzaman et al.,
2014).
2) The cloud network infrastructure would be accessible to the cloud service vendor and
therefore, protection against the internal threats is necessary (Rittinghouse & Ransome, 2016).
The traffic in the system should be regularly monitored and any suspecting communication or
transaction should be immediately tracked.
4.4. Cloud backup and restore infrastructure
The recommendations from protecting the access to cloud backup and restore
infrastructure are listed below (Rahimi et al., 2014)-
1) One of the most useful security measures for protecting the access to backup data is to
encrypt the data. The encryption will help in preventing any unauthorized access to the backup
data (Avram, 2014).
2) The process of data restoring should ensure password protection. This indicates that
the data restoring will be enabled only after providing a valid password (Botta et al., 2016).
Conclusion
Therefore, from the above discussion it can b concluded that the migration of database to
an IaaS instance would definitely benefit the Webb’s Stores. However, there are certain issues

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

💎 Get Pro

13
CLOUD COMPUTING
that are associated with the data migration that should be properly dealt with. The report provides
certain recommendation in ensuring data protection in hybrid cloud and secure access of data.

14
CLOUD COMPUTING
References
Arora, R., Parashar, A., & Transforming, C. C. I. (2013). Secure user data in cloud computing
using encryption algorithms. International journal of engineering research and
applications, 3(4), 1922-1926.
Biham, E., & Shamir, A. (2012). Differential cryptanalysis of the data encryption standard.
Springer Science & Business Media.
Boyd, C., & Mathuria, A. (2013). Protocols for authentication and key establishment. Springer
Science & Business Media.
Chen, D., & Zhao, H. (2012, March). Data security and privacy protection issues in cloud
computing. In Computer Science and Electronics Engineering (ICCSEE), 2012
International Conference on (Vol. 1, pp. 647-651). IEEE.
Chou, T. S. (2013). Security threats on cloud computing vulnerabilities. International Journal of
Computer Science & Information Technology, 5(3), 79.
Dinh, H. T., Lee, C., Niyato, D., & Wang, P. (2013). A survey of mobile cloud computing:
architecture, applications, and approaches. Wireless communications and mobile
computing, 13(18), 1587-1611.
Doan, A., Halevy, A., & Ives, Z. (2012). Principles of data integration. Elsevier.
Fernando, N., Loke, S. W., & Rahayu, W. (2013). Mobile cloud computing: A survey. Future
generation computer systems, 29(1), 84-106.

15
CLOUD COMPUTING
Garg, S. K., Versteeg, S., & Buyya, R. (2013). A framework for ranking of cloud computing
services. Future Generation Computer Systems, 29(4), 1012-1023.
Gonzalez, N., Miers, C., Redigolo, F., Simplicio, M., Carvalho, T., Näslund, M., & Pourzandi,
M. (2012). A quantitative analysis of current security concerns and solutions for cloud
computing. Journal of Cloud Computing: Advances, Systems and Applications, 1(1), 11.
Hashem, I. A. T., Yaqoob, I., Anuar, N. B., Mokhtar, S., Gani, A., & Khan, S. U. (2015). The
rise of “big data” on cloud computing: Review and open research issues. Information
Systems, 47, 98-115.
Hashizume, K., Rosado, D. G., Fernández-Medina, E., & Fernandez, E. B. (2013). An analysis of
security issues for cloud computing. Journal of Internet Services and Applications, 4(1),
5.
Khan, A. R. (2012). Access control in cloud computing environment. ARPN Journal of
Engineering and Applied Sciences, 7(5), 613-615.
Leippold, M., & Lohre, H. (2012). Data snooping and the global accrual anomaly. Applied
Financial Economics, 22(7), 509-535.
Li, J., Li, Y. K., Chen, X., Lee, P. P., & Lou, W. (2015). A hybrid cloud approach for secure
authorized deduplication. IEEE Transactions on Parallel and Distributed Systems, 26(5),
1206-1216.
Malawski, M., Juve, G., Deelman, E., & Nabrzyski, J. (2015). Algorithms for cost-and deadline-
constrained provisioning for scientific workflow ensembles in IaaS clouds. Future
Generation Computer Systems, 48, 1-18.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

💎 Try AI Paraphraser

16
CLOUD COMPUTING
Phillips, B. D. (2015). Disaster recovery. CRC press.
Tao, F., Cheng, Y., Da Xu, L., Zhang, L., & Li, B. H. (2014). CCIoT-CMfg: cloud computing
and internet of things-based cloud manufacturing service system. IEEE Transactions on
Industrial Informatics, 10(2), 1435-1442.
Wei, L., Zhu, H., Cao, Z., Dong, X., Jia, W., Chen, Y., & Vasilakos, A. V. (2014). Security and
privacy for storage and computation in cloud computing. Information Sciences, 258, 371-
386.
Zissis, D., & Lekkas, D. (2012). Addressing cloud computing security issues. Future Generation
computer systems, 28(3), 583-592.

1 out of 17

+13062052269

info@desklib.com

Cloud Computing: Challenges and Solutions

Contribute Materials

Secure Best Marks with AI Grader

Paraphrase This Document

Secure Best Marks with AI Grader

Paraphrase This Document

Secure Best Marks with AI Grader

Paraphrase This Document

Related Documents

Cloud Computing Security Risks and Mitigation

Cloud Computing Applications and Migration

Amazon AWS Benefits for Webb Stores

Cloud Computing for Small Businesses

Cloud Security and Data Control

Cloud Computing Security Risks and Benefits