Your All-in-One AI-Powered Toolkit for Academic Success.

+13062052269

info@desklib.com

Available 24*7 on WhatsApp / Email

Company

Tools

Support

Cloud Computing Security Challenges

Verified

Added on 2020/04/07

AI Summary

This assignment delves into the complex world of cloud computing security. It analyzes the various risks and vulnerabilities inherent in cloud environments, including data breaches, unauthorized access, and service disruptions. The document also explores existing security measures and best practices aimed at mitigating these threats, providing a comprehensive understanding of the challenges and solutions in securing cloud-based systems.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.

Running head: CLOUD SECURITY AND PRIVACY
Cloud Security and Privacy
Name of the Student
Name of the University
Author’s Note:

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

💎 Get Pro

1
CLOUD PRIVACY AND SECURITY
Table of Contents
Introduction......................................................................................................................................3
Discussion........................................................................................................................................5
1. Personal Data Privacy Strategy...............................................................................................5
1.1 Management of Personal Information...............................................................................5
1.2 Collection and Management of Solicited Personal Information........................................6
1.3 Use and Disclosure of Personal Information.....................................................................6
1.4 Use and Security of Digital Identities................................................................................7
1.5 Security of Personal Information.......................................................................................8
1.6 Access to Personal Information.........................................................................................9
1.7 Quality and Correction of Personal Information.............................................................10
2. Privacy Controls Recommendations......................................................................................11
3. Personal Data Protection Strategies.......................................................................................18
3.1 Protection of Personal Information..................................................................................18
3.2 Authorized Access and Disclosure of Personal Information...........................................19
3.3 De-Identification of Personal Data..................................................................................19
3.4 Use of Personal Digital Identities....................................................................................19
3.5 Security of Personal Data................................................................................................20
3.6 Archiving of Personal Data.............................................................................................20
4. Privacy Control Recommendations.......................................................................................20

2
CLOUD PRIVACY AND SECURITY
5. Interaction..............................................................................................................................27
Conclusion.....................................................................................................................................28
References......................................................................................................................................31

3
CLOUD PRIVACY AND SECURITY
Introduction
Cloud computing is a technique or tool that helps to transfer data and other services of
computing. The computing services are of many types like the networking, storage, analytics,
software, servers and many more (AlZain et al., 2012). These services transfers and delivers
these services on the Internet. This internet is also known as cloud. The organizations that
provide these types of services in the cloud are known as the providers of cloud or cloud
providers. They get money for providing these types of services. This charge is taken on the
basis of the amount of usage the other organization is incurring and the amount of time the
organization is using those cloud services. In modern world, cloud computing is one of the most
utilized technologies. It is not even realized when cloud computing is used. Cloud computing
delivers software whenever they are on demand (Chaisiri, Lee & Niyato, 2012). It analyzes data
and makes them secured. It streams several video and audio. The main advantage of cloud
computing is that it is extremely cost effective. The other advantages include the speed and
productivity of the services. It is extremely reliable and flexible, which makes it even popular for
all organizations. In spite of having so many advantages, cloud computing do have several
disadvantages. The main disadvantage of cloud computing is that it is completely dependent on
the Internet. When the Internet connection is not up to the mark or is not working, it is evident
that cloud would not work. The other disadvantage of cloud computing is its security and privacy
(Gampala, Inuganti & Muppidi, 2012). Though cloud is extremely reliable, however, there is
always a high chance that the data can get deleted or hacked in the cloud infrastructure. There are
normally three types of cloud services, which include Infrastructure as a Service, Platform as a
Service and Software as a Service.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

💎 Try AI Paraphraser

4
CLOUD PRIVACY AND SECURITY
The following report outlines a brief description on the cloud privacy and security on a
given case study. DAS or the Department of Administrative Services provides all types of
services to the State Government of Australia. The services are of various types and categories
(Gellman, 2012). These services include payroll, personnel management, procurement
management, contractor management and human resources management. The government of
Australia has recently changed their policies. For this reason, the Department of Administrative
Services is moving and shifting to an innovative cloud approach. This approach is known as
Shared Service approach. The specialty of this approach is that the Department of Administrative
Services or DAS will manage and control a constant and fixed number of services. The report
describes about the personal data privacy strategy (Hamlen et al., 2012). This strategy includes
the management of personal information, collection and management of solicited personal
information, usage and disclosure of personal information, utilization and security of digital
identities, security of personal identities, and access to personal information, quality and
correction of personal information. Proper recommendations are also provided for privacy
controls of personal information. The second strategy is for the personal data protection, which
includes protection of personal information, authorized access and disclosure of personal
information, de-identification of personal data, usage of personal digital identities, security of
personal data, archiving or personal data (Jain & Paul, 2013). Proper recommendations are also
provided for protection of personal data.

5
CLOUD PRIVACY AND SECURITY
Discussion
1. Personal Data Privacy Strategy
1.1 Management of Personal Information
Department of Administrative Services or DAS is worried about their security and
privacy of data in the cloud (Liu, 2012). The quality of the strategy that is to be involved in DAS
should be of good quality. However, the first step for this strategy is to manage and control the
personal information. This will help in protecting the information easily. There are several steps
that can help the DAS to manage their personal information. This particular step is in their hand
only (Zissis & Lekkas, 2012). This management can stop other intruders to hack and intrude the
information. The several steps for securing the information are as follows:
a) Passwords: This is the most efficient and basic step for securing information.
Passwords should be present in all aspects of their cloud, so that there exists no loophole in the
security. Moreover, keeping passwords is not only enough (Jadeja & Modi, 2012). Changing and
altering these passwords on a regular basis is mandatory for the DAS. The passwords can easily
mange and secure the information from hackers.
b) Secured Browser: The second most important way of managing and controlling the
personal information in the Department of Administrative Services is utilizing a safe and secured
browser (Yu et al., 2013). The safe browser does not allow any spam or virus to enter through it
and even the hackers are unable to get into it. The personal information can be easily managed
through a safe and secured browser.

6
CLOUD PRIVACY AND SECURITY
1.2 Collection and Management of Solicited Personal Information
The second step in the privacy strategy is to collect and manage the solicited or requested
personal information. The collection of this data is easily done by following certain simple steps.
These steps include:
a) Reliable Source: Solicited personal information can be collected and managed only
when all the requirements are met and the information is absolutely necessary and are related to
every action and function (Iankoulova & Daneva, 2012). The main step is to collect, gather and
acquire the information from a reliable source.
b) Filtering of Information: This is the second most important step for secured collection
and management of personal information. Once the collection is done from a reliable source, the
information should be filtered (Yang & Jia, 2013). This includes the management portion. The
filtering of information will eradicate all the unnecessary information and thus only the required
information will be collected.
c) Review: The third step of this collection and management process is to review the
information. This review is extremely important once the information is filtered out (Zissis &
Lekkas, 2012). If the information is useful it will be kept and if the information is not useful, it
should be deleted on immediate basis.
The above steps would be helpful for collection and management of personal information
of DAS.
1.3 Use and Disclosure of Personal Information
This is the third step of the privacy strategy of personal information. The information
should be used and disclosed by authenticated users (Garrison, Kim & Wakefield, 2012). There

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

💎 Get Pro

7
CLOUD PRIVACY AND SECURITY
are various ways to secure and block the access of unauthenticated users. The ways are as
follows:
a) Logging Out: This is most basic way of securing personal information from
unauthenticated users (Gupta, Seetharaman & Raj, 2013). When a user logs in into an account
that contains all the confidential data, there is always a chance that the data can be lost. The
hackers and the intruders will be easily able to get the information if he does not log out from
that account or of he closes the system without logging out (Jadeja & Modi, 2012). This
phenomenon stops the hackers from using the information to some extent. Even, the information
is not disclosed easily.
b) Limited Access to Systems: This is the second way of securing the personal
information from being used and disclosed in front of the unauthenticated users (Pearson, 2013).
The access should be limited so that the hackers are not able to track them down. Passwords play
a significant role in this phenomenon.
The above ways would be extremely helpful for DAS to stop the use and disclosure of
their personal information.
1.4 Use and Security of Digital Identities
The data of an organization, utilized to portray or represent an external representative is
known as a digital identity (Yang & Jia, 2013). This digital identity can either be an
organization, an application or a person. These identities have various advantages and benefits.
The important benefits of digital identities are as follows:
a) Data Integrity: Digital identity helps to maintain the integrity of the data. It is
extremely beneficial for DAS.

8
CLOUD PRIVACY AND SECURITY
b) Security: The first and foremost thing that comes into mind in case of data is its
security (Wu et al., 2012). Digital identities help to secure the data completely and thus data does
not get lost.
c) Fast: The third advantage of digital identity is that it is extremely fast and the speed of
this identity makes it popular amongst all.
d) Simple: Digital identities do not have many complexities and is extremely simple. This
simplicity makes it easier to implement and use.
In spite of having many advantages, there always exists a chance of hacking in such
identities (Iankoulova & Daneva, 2012). The security should be extremely high while
implementing these digital identities. DAS should focus on their security and use of the digital
identities in the privacy control strategy of personal information.
1.5 Security of Personal Information
This is the most important step in the strategy. The personal information contains all the
necessary and confidential data that an organization wants to preserve (AlZain et al., 2012). This
information cannot be leaked at any cost as it will increase vulnerabilities and cyber threats.
There are several ways to secure the personal information. They are as follows:
a) Anti Virus: This is the simplest way of securing any system. If the system will be
protected, it is evident that the information will also be protected (Hashizume et al., 2013). Each
and every system should be secured with antivirus so that there exists no loopholes in security.
b) Passwords: This is the most efficient and basic step for securing information.
Passwords should be present in all aspects of their cloud. Moreover, keeping passwords is not

9
CLOUD PRIVACY AND SECURITY
only enough (Yang & Jia, 2013). Changing and altering these passwords on a regular basis is
mandatory for the DAS. The passwords can easily mange and secure the information from
hackers.
c) Pop up Blocking: This type of software helps to block the pop up windows and thus
the information cannot be hacked or intruded (Behl & Behl, 2012). The pop up windows are
always attracting various hackers for phishing purposes.
These several ways will be helpful for the Department of Administrative Services in
designing their personal information privacy strategy.
1.6 Access to Personal Information
The personal information should not be accessible to everyone especially for the
unauthenticated and unsanctioned users (Yu et al., 2013). There are various ways to stop these
types of users from accessing the personal information. DAS have to take certain measures for
securing the information. These security measures are as follows:
a) Access Control: The access to the system should be controlled and managed so that the
personal information is accessed by all the users. This measure is needed and required for all the
systems in the Department of Administrative Services.
b) Using Special Characters in Passwords: Passwords should be set in such a way that
they could not encrypted easily (Ryan, 2013). This type of passwords is used by almost
organizations for security purposes.
c) Limited Access to Systems: This is the third way of securing the access of the personal
information from being used and disclosed in front of the unauthenticated users. The access

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

💎 Try AI Paraphraser

10
CLOUD PRIVACY AND SECURITY
should be limited so that the hackers are not able to track them down. Passwords play a
significant role in this phenomenon.
d) Private WiFi Connections: Most of the security issues arises because of the open
access of the Internet or most precisely the WiFi connections. These types of connections allow
multiple users to access the information easily (Srinivasan et al., 2012). Department of
Administrative Services or DAS should restrict the access of the Internet so that everybody is not
able to access the WiFi connection. It should be absolutely private and only the authenticated
users would be able to access them.
These security measures would help DAS for securing and preserving their personal
information and their privacy strategy would be completed.
1.7 Quality and Correction of Personal Information
The quality of any information should be up to the mark to ensure that the organization is
not securing and storing wrong information. Department of Administrative Services should
preserve their personal information by taking several measures (Behl & Behl, 2012). However, it
should be ensured at first that the information which is being stored is of the best quality. This
will help the organization to eradicate all the unnecessary information and to store only the
necessary and important information. The second part is to correct the information. Even if the
information has some problems within it, it should be corrected immediately so that DAS do not
face any problems in future (Khalil, Khreishah & Azeem, 2014). This quality and correction of
personal information is the most important step in the strategy of privacy and security. Moreover,
a system should be implemented to check the overall privacy and security of the system and the
information.

11
CLOUD PRIVACY AND SECURITY
The above-mentioned steps will complete the entire process of privacy data control
strategy (Popa et al., 2012). Department of Administrative Services should opt for this strategy to
control and secure their personal information.
2. Privacy Controls Recommendations
S.
No
“Privacy Controls
Risks
(Personal data)”
“Mitigation Plans” “Implementation “
1. Malicious Code or
Software: This type
of software or code
is implemented in
any system for
hacking purpose
(Rong, Nguyen &
Jaatun, 2013). A
hacker or an intruder
does this type of job
so that he is able to
hack into the hack
and obtain all the
1. Antivirus: This is the
most basic and simple
mitigation plan for any type
of risk in the personal data
(Khalil, Khreishah & Azeem,
2014). This type of software
helps to detect and prevent
the virus attacks and
malicious codes or software
from entering into the
system.
1. Antivirus can be
implemented in any
system by installing the
software in the system
easily.

12
CLOUD PRIVACY AND SECURITY
confidential and
necessary data. This
type of code can
replicate itself and
once it enters the
system, the entire
system is formatted.
2. Firewalls: This is the
second way of securing
personal information ( Dinh
et al., 2013). The firewalls
act ac walls in case of
security. They eventually
detect and prevent the
security risks and threats of
the data.
2. Firewalls can be easily
implemented in any
system for security.
Software is available for
implementation of
firewalls (Rong, Nguyen &
Jaatun, 2013). It does not
incur any type of
complexities. It can be
easily installed in the
system.
2. Denial of Service:
This is the second
most vulnerable risk
for all personal
information. It is
done by simply
denying the service
of a system
( Rittinghouse &
1. Increase in Server
Bandwidth: This is the
simplest way to mitigate or
reduce the denial of service
attacks ( Chen & Zhao, 2012).
The server bandwidth
should be increased to
mitigate such risks.
1. The server bandwidth
can be increased by
increasing the budget. It
is a little bit expensive,
however, if it is
implemented, there is a
sure chance of reduction
of denial of service
attacks.

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

💎 Get Pro

13
CLOUD PRIVACY AND SECURITY
Ransome, 2016). The
user has no idea
about this type of
attack. The hacker or
the intruder denies
the access and this is
turn increases the
risk of the personal
information.
2. Architecture: The
architecture should be
resilient to prevent these
types of attacks ( Lin &
Chen, 2012). If the
architecture is not up to the
mark it is evident that there
will be a massive problem
in the overall security of the
personal information.
2. The architecture is the
most important part of
any system. The
architecture should be
resilient by locating the
servers in several data
centres and ensuring that
the data centres are
located in different
networks.

14
CLOUD PRIVACY AND SECURITY
3. Personal
Information
Leakage: This is one
of the most
important threat or
risk for any personal
information. The
information can be
easily leaked or
exposed in the cloud
and the information
loses all the integrity
and confidentiality.
This type of risk is
extremely common
for any organization.
1. Encryption: This is the
most basic and simple way
of securing data and
information in any system
( Srinivasan et al., 2012).
Encryption is the process of
encoding a confidential
message or text into a cipher
text in such a way that only
the receiver would be able
to access that message or
text. It is extremely popular
for any organization for
securing their information.
DAS should implement this
security measure.
1. Encryption has two
basic algorithms. The
symmetric key and
asymmetric key
algorithms. According to
the symmetric key
algorithm, the key that
will open the message is
same as the key that has
encoded the message
(Popa et al., 2012). The
main advantage of this
algorithm is that t is
extremely simple to
implement. The second
algorithm is the
asymmetric key
algorithm, which has two
different keys within it.
This is little complex as
there are two keys
involved in the case. The
implementation is done
by simply following the

15
CLOUD PRIVACY AND SECURITY
2. Digital Authentication:
This is the second most
popular way of securing the
personal information.
Digital authentication is the
procedure of authenticating
a person or an individual by
digital means (Popa et al.,
2012). The most basic
examples of digital
authentication include the
face recognition software,
digital signatures and
fingerprint recognition.
2. Digital authentication
is implemented by
installing biometric
entrance to all the systems
in the organization (Ren,
Wang, & Wang, 2012).
This is extremely simple
to install and can be easily
implemented without
many complexities.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

💎 Try AI Paraphraser

16
CLOUD PRIVACY AND SECURITY
4. Identity Theft: One
of the most
dangerous and
vulnerable threat is
the identity theft.
The hacker or the
intruder acts as the
user and thus access
all the information
easily (Ren, Wang, &
Wang, 2012). The
identity of the user is
stolen in this type of
risk.
1. Passwords: This is the
basic security for reducing
and mitigating identity
thefts ( Herbst, Kounev &
Reussner, 2013). Passwords
protect the entire system
from hackers and intruders
to enter into the system and
hack.
1. Passwords are set by
users in any system.
Special characters are
used to set this password.
Only authenticated users
have the right to know the
passwords. Moreover,
they are changed and
altered periodically. This
will be helpful for DAS.
2. Not Responding to
Unsolicited Mails: This is
another simple way of
mitigating such risks.
Unsolicited e-mails attract
various hackers and
intruders into the system.
Even such phones calls
should be avoided, which
wants confidential
information.
2. No as such
implementation is needed
for this mitigating plan
(Arora, Parashar &
Transforming, 2013). The
simple way is to avoid
such phone calls and
emails so that the intruder
does not get any idea
about the personal
information.
5. Receiving
Unsolicited E-mails:
1. Avoid Clicking: This is
the simplest step to mitigate
1. No such
implementation is

17
CLOUD PRIVACY AND SECURITY
et This is also a
vulnerable security
threat for any
organization. Such
mails are known as
spam. They have the
ability to steal and
modify all
confidential
information within
few moments.
reducing this type of emails
( Sefraoui, Aissaoui & Eleuldj,
2012). The user should
avoid or stop clicking on all
mails and open only the
important and required
emails.
required for this
mitigation plan. Just the
user has to be careful
before entertaining any
sort of emails.
2. Use a Disposable Email
Address: A disposable email
always protects the user
from receiving all sorts of
unsolicited emails from fake
addresses (Wu et al. 2013).
This in turn helps the user to
avoid spam messages.
2. The Department of
Administrative Services
should use a disposable
email address. They will
only have to open their
accounts in that email.
This will protect their
data from spam and thus
integrity would be
maintained.
6. Loss of Data in the
Clouds: This is an
extremely significant
risk in case of
securing personal
information. While
1. Encryption: This is the
most basic and simple way
of securing data and
information in the clouds.
Encryption is the process of
encoding a confidential
1. Encryption has two
basic algorithms. The
symmetric key and
asymmetric key
algorithms (Xiao, Song &
Chen, 2013). According to

18
CLOUD PRIVACY AND SECURITY
storing or retrieving
the data in the cloud,
there is always a
high chance that the
data will be lost in
the clouds. Often,
these data cannot be
retrieved once lost.
This can lead an
organization to a
serious trouble.
message or text into a cipher
text in such a way that only
the receiver would be able
to access that message or
text (Yu et al., 2013). It is
extremely popular for any
organization for securing
their information. DAS
should implement this
security measure.
the symmetric key
algorithm, the key that
will open the message is
same as the key that has
encoded the message. The
main advantage of this
algorithm is that t is
extremely simple to
implement (Wang et al.,
2012). The second
algorithm is the
asymmetric key
algorithm, which has two
different keys within it.
This is little complex as
there are two keys
involved in the case. The
implementation is done
by simply following the
steps of the algorithms.
2. Passwords: This is the
basic security for reducing
and mitigating loss of data
2. Passwords are set by
users in any system.
Special characters are

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

💎 Get Pro

19
CLOUD PRIVACY AND SECURITY
in the clouds (Xiao, Song &
Chen, 2013). Passwords
protect the entire system
from hackers and intruders
to enter into the system and
hack.
used to set this password.
Only authenticated users
have the right to know the
passwords. Moreover,
they are changed and
altered periodically. This
will be helpful for DAS.
3. Personal Data Protection Strategies
3.1 Protection of Personal Information
DAS or the Department of Administrative Services is suffering from several security
issues in their personal information. There are several kinds of risks and threats that prevent the
information from getting secured (Arora, Parashar & Transforming, 2013). The hackers and the
intruders get easy access of the data if the information is not completely protected. Personal
information should be protected at any cost. There are several ways of protection of personal
information. They are as follows:
a) Passwords: This is the most efficient and basic step for securing information.
Passwords should be present in all aspects of their cloud, so that there exists no loophole in the
security. Moreover, keeping passwords is not only enough (Sefraoui, Aissaoui & Eleuldj, 2012).
Changing and altering these passwords on a regular basis is mandatory for the DAS. The
passwords can easily mange and secure the information from hackers.
b) Secured Browser: The second most important way of managing and controlling the
personal information in the Department of Administrative Services is utilizing a safe and secured

20
CLOUD PRIVACY AND SECURITY
browser (Wang et al., 2012). The safe browser does not allow any spam or virus to enter through
it and even the hackers are unable to get into it. The personal information can be easily managed
through a safe and secured browser.
3.2 Authorized Access and Disclosure of Personal Information
The authorized access and non disclosure are extremely important for any information.
The data always has the chance of getting modified or altered by the hacker (Arora, Parashar &
Transforming, 2013). The various ways to keep the access authorized include installing and
implementing firewalls, antivirus, and access control.
3.3 De-Identification of Personal Data
The particular process that stops and prevents a hacker to know the identity of a personal
information is known as the de-identification of personal data. There are various ways to prevent
the identification of data (Xiao, Song & Chen, 2013). The security measures include antivirus,
firewalls, security policies and many more. DAS should implement all of these for de-
identification of their personal data or information.
3.4 Use of Personal Digital Identities
The data of an organization, utilized to portray or represent an external representative is
known as a digital identity. This digital identity can either be an organization, an application or a
person (Gonzalez et al., 2012). These identities have various advantages and benefits. The
important benefits of digital identities are as follows:
a) Data Integrity: Digital identity helps to maintain the integrity of the data. It is
extremely beneficial for DAS.

21
CLOUD PRIVACY AND SECURITY
b) Security: The first and foremost thing that comes into mind in case of data is its
security (Xiao, Song & Chen, 2013). Digital identities help to secure the data completely and
thus data does not get lost.
c) Fast: The third advantage of digital identity is that it is extremely fast and the speed of
this identity makes it popular amongst all.
d) Simple: Digital identities do not have many complexities and is extremely simple. This
simplicity makes it easier to implement and use.
3.5 Security of Personal Data
The security of the personal data is the first and the foremost thing that is making DAS
worried enough. The security should be high for the personal data. Several ways are there to
secure the personal data (Wang et al., 2012). These measures include antivirus, firewalls,
security policies, digital authentication, digital signatures and many more.
3.6 Archiving of Personal Data
This is the last step of the personal data protection strategy. Archiving or storing of all
data is mandatory for its security and privacy (Gonzalez et al., 2012). It maintains the
confidentiality and integrity of the data. Moreover, archiving of data does not allow them to get
lost. DAS should take into account that their data should be archived.
4. Privacy Control Recommendations
S.
No
“Security Risks
(Personal data)”
“Mitigation Plans” “Implementation
Methods”

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

💎 Try AI Paraphraser

22
CLOUD PRIVACY AND SECURITY
1. Loss of storage: The
storage stores or
preserves all the
necessary and
confidential data in a
particular storage
(Beloglazov, Abawaj &
Buyya, 2012). This
storage is extremely
important for any
privacy security
system. However,
there is always a high
chance of losing or
destruction of that
storage.
1. Upgrading
Architecture: The storage
should have the best
possible architecture
within it so that there is no
chance of loss of that
storage.
1. The architecture of the
storage can be upgraded by
simply increasing the
budget to a certain level so
that a better storage is
affordable. This up
gradation of architecture
even will help DAS to store
their data fast and with
secured method.
2. Maintenance: This is
the second way of
mitigating the risk of loss
of storage in case of data
security ( Garg, Versteeg &
Buyya, 2013). Maintenance
should be done
periodically so that there
exists no chance of loss of
storage and thus data will
not be lost.
2. Maintenance is the most
important step for any
device or storage ( Wei et
al., 2012). If the storage is
not maintained properly,
there is a high chance that
the storage would be
destructed and the data
would be lost. DAS should
organize a periodic
maintenance so that this
storage is not lost.

23
CLOUD PRIVACY AND SECURITY
2. Eavesdropping: This
is one of the most
vulnerable and
dangerous security
threat or risk in case
of information or data
(Gonzalez et al., 2012).
It certainly means of
hearing or sniffing
the data. The hacker
or the intruder gets
into the network and
gets to know all the
confidential
information that is
sent from the sender
to receiver.
1. Encryption: This is
the most basic and simple
way of securing data and
information in the clouds.
Encryption is the process
of encoding a confidential
message or text into a
cipher text in such a way
that only the receiver
would be able to access
that message or text (Wu
et al., 2012). It is
extremely popular for any
organization for securing
their information. DAS
should implement this
security measure.
1. Encryption has two
basic algorithms. The
symmetric key and
asymmetric key algorithms
(Wei et al., 2012). According
to the symmetric key
algorithm, the key that will
open the message is same
as the key that has encoded
the message (Mishra et al.,
2012). The main advantage
of this algorithm is that t is
extremely simple to
implement. The second
algorithm is the asymmetric
key algorithm, which has
two different keys within it.
This is little complex as
there are two keys involved
in the case. The
implementation is done by
simply following the steps
of the algorithms.

24
CLOUD PRIVACY AND SECURITY
Student 1 Student ID
2. Control of Software:
The software that is
installed in the system
should be controlled and
managed so that there is
no chance of
eavesdropping in the
network. Moreover, the
software should be up to
the mark and not a pirated
version.
2. Controlling of software
depends on the quality of
the software (Wei et al.,
2012). It should be kept in
mind that the software is
not of pirated version. For
implementation, the
software should be installed
by proper means and by
perfection.

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

💎 Get Pro

25
CLOUD PRIVACY AND SECURITY
3. Interception of
Messages: Message
or information is
intercepted easily in
any security system.
The hackers intercept
the data. In most
cases, they even
modify or change the
data completely
before the receiver
receives it.
1. Firewalls: This is the
best way of securing
personal information. The
firewalls act as walls in
case of security (Wu et al.,
2012). They eventually
detect and prevent the
security risks and threats
of the data. The
interception of
information can be
stopped by implementing
firewalls in the system.
1. Firewalls can be easily
implemented in any system
for security. Software is
available for
implementation of firewalls
(Garg, Versteeg & Buyya,
2013). It does not incur any
type of complexities. It can
be easily installed in the
system.

26
CLOUD PRIVACY AND SECURITY
2. Encryption: This is the
most basic and simple
way of securing data and
information from
interception (Mishra et al.,
2012). Encryption is the
process of encoding a
confidential message or
text into a cipher text in
such a way that only the
receiver would be able to
access that message or
text. It is extremely
popular for any
organization for securing
their information. DAS
should implement this
security measure.
1. Encryption has two basic
algorithms. The symmetric
key and asymmetric key
algorithms. According to
the symmetric key
algorithm, the key that will
open the message is same
as the key that has encoded
the message. The main
advantage of this algorithm
is that t is extremely simple
to implement ( Bonomi et al.,
2012). The second
algorithm is the asymmetric
key algorithm, which has
two different keys within it.
This is little complex as
there are two keys involved
in the case. The
implementation is done by
simply following the steps
of the algorithms.

27
CLOUD PRIVACY AND SECURITY
4. Man in the Middle:
This is another most
vulnerable threat in
case of security. A
man in present
between the user and
the network (Xu,
2012). The moment
the user sends the
data, immediately the
hacker is able to track
down all the data. He
does not change the
data but he knows all
of it.
1. Encryption: This is the
best way of preventing
man in the middle
problem (Lin et al., 2013).
The intruder will not be
able to read the message
and thus the message can
be easily protected.
1. Implementation of
encryption is extremely
simple. There are two types
of algorithms in encryption.
The symmetric key
algorithm is the best for this
type of risk.
2. VPN: Virtual Private
Network provides a
private network in a
public network for
sending and receiving data
( Lee & Zomaya, 2012).
This technology can easily
prevent man in the middle
attack.
2. There are few steps to
implement VPN in a
system. At first, the remote
VPN server should be
configured ( Garg, Versteeg
& Buyya, 2013). Then the IP
address should be given and
finally the implementation
gets completed.
5. Network Traffic
Manipulation: This
type of security risk
is extremely common
in modern world.
When the user sends
1. Firewalls: This is the
best way of securing
personal information. The
firewalls act as walls in
case of security (Nafi et
al., 2013). They
1. Firewalls can be easily
implemented in any system
for security. Software is
available for
implementation of firewalls
( Xiao & Xiao, 2013). It does

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

💎 Try AI Paraphraser

28
CLOUD PRIVACY AND SECURITY
S
t
u
d
e
n
t
2
S
t
u
d
e
n
t
I
D
a data, it travels
through a distinct
path or traffic ( Radut,
Popa & Codreanu,
2012). An intruder
eventually
manipulates the entire
traffic of the network
and the data does not
reach to the receiver.
eventually detect and
prevent the security risks
and threats of the data.
The network traffic
manipulation can be
stopped by implementing
firewalls in the system.
not incur any type of
complexities. It can be
easily installed in the
system.
2. Antivirus: This is the
most basic and simple
mitigation plan for any
type of risk in the personal
data (Hashem et al.,
2015). This type of
software helps to detect
and prevent the any type
of network manipulation
or intruder from entering
into the system.
2. Antivirus can be
implemented in any system
by installing the software in
the system easily.
6. Destruction of
Records: This type of
risk is mostly caused
unintentionally by the
employees of an
1. Proper Storage: This is
the most important
mitigation plan in case of
destruction of records
(Behl & Behl, 2012). The
1. The storage of
information should be
properly maintained and
secured by DAS.

29
CLOUD PRIVACY AND SECURITY
organization
(Kliazovich, Bouvry &
Khan, 2012).
However, if the
records are
destructed, it can
cause major problem
in the organization.
storage of the records
should be proper and
secured.
2. Proper Training: This
type of destruction is
mostly caused by the lack
of training of the
employees (Almorsy,
Grundy & Müller, 2016).
They should be properly
trained so that they does
not make any mistake.
2. No such implementation
method is present in this
plan. Trainers should be
hired by DAS for training
purposes.
5. Interaction
Student 1: What is cloud security?
Student 2: Cloud security is a broad range of strategies to secure the data with the help of
cloud computing.
Student 2: What is the problem with DAS?
Student 1: DAS is planning to shift their services to a new approach, known as the Shares
Service approach for better security.
Student 2: What are the major risks for privacy of personal information?

30
CLOUD PRIVACY AND SECURITY
Student 1: The main risks include the eavesdropping, leakage of data in clouds, denial of
service attacks, malicious code or software and many more.
Student 2: Are these harmful?
Student 1: Yes, these extremely harmful.
Student 2: Can these risks be mitigated?
Student 1: Yes, these risks can be mitigated by certain measures.
Student 1: There should be a strategy for security and privacy for DAS.
Student 2: Yes. This strategy should contain all the necessary and required information
about security and privacy of any data.
Student 1: The strategy should be helpful for the Department of Administrative Services.
Conclusion
Therefore, from the above discussion it can be concluded that, cloud computing is a
technique or tool that helps to transfer data and other services of computing. The computing
services are of many types like the networking, storage, analytics, software, servers and many
more. These services transfers and delivers these services on the Internet. This internet is also
known as cloud. The organizations that provide these types of services in the cloud are known as
the providers of cloud or cloud providers. They get money for providing these types of services.
This charge is taken on the basis of the amount of usage the other organization is incurring and
the amount of time the organization is using those cloud services. Cloud security is a broad range
of strategies to secure the data with the help of cloud computing. In modern world, cloud

1 out of 31

+13062052269

info@desklib.com

Cloud Computing Security Challenges

Contribute Materials

Secure Best Marks with AI Grader

Paraphrase This Document

Secure Best Marks with AI Grader

Paraphrase This Document

Secure Best Marks with AI Grader

Paraphrase This Document

Secure Best Marks with AI Grader

Paraphrase This Document

Secure Best Marks with AI Grader

Paraphrase This Document

Related Documents

Cloud Computing Security Challenges

Cloud Computing: PowerPoint Presentation, Office Automation, Migration and Cloud Models

Recommendation for Cloud Service Model

Cloud Privacy and Security

Cloud Computing in Universities: Case Study Analysis

Cloud Security and Risk