Cloud Privacy and Security: Personal and Ethical Implications

Verified

Added on  2023/06/03

|12
|4044
|226
AI Summary
The report discusses the personal and ethical implications of maintaining cloud privacy and security. It analyzes the factors and usefulness of adopting the MySupport approach and recommends strategies to protect data integrity and rights.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.
Document Page
Running head: CLOUD PRIACY AND SECURITY
CLOUD PRIACY AND SECURITY
Name of the Student
Name of the University
Author Note

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
1
CLOUD PRIACY AND SECURITY
Introduction
The aim of the report is to share personal and ethical implications for maintaining the cloud
privacy and security. The report will discuss about all the issues that arises with privacy and security
from ethical point of view. This report will help the NGO to understand the ethical implications that
arises with the cloud security and privacy. The charity team has formed alliance with a community
plan that provides cloud connection. The objective of the project is to assess the threats and risks for
the PII data. The proposal for the PII strategy needs to be figured out. The strategy that is needed to
develop for protecting the digital identity and the governance plan (Zissis & Lekkas, 2014). The
report will analyse the factors and check the usefulness of adopting the MySupport approach. These
will also determine whether these will impact the behaviour of an individual.
Discussion
Privacy offered with implementing Cloud Computing
Privacy is the main concern of every organization. This becomes very much necessary to
maintain the privacy when moving to different server. As the organization is an NGO and deals with
helping the needed people and aims at providing complete centre and help towards them, thus I is
their responsibility to provide privacy towards the people within their organization. This becomes a
great challenge for the cloud server to maintain the privacy towards the personal data of the
employees and the people associated with them. The NGO work s for providing support services and
Takes responsibility of those people who are suffering from mental health. The organization has
shifted to cloud server and has included a digital id access that will differentiate all the clients from
each other and will contain all the details regarding to the employees and the clients (Wang et al.,
2015). Moving to cloud server will help to store the documents of everyone related to the NGO and
will help in storing and accessing the data easily. These is very much necessary to maintain the
Document Page
2
CLOUD PRIACY AND SECURITY
integrity of the information stored within the organization. There are several models that re offered by
the cloud computing and every architecture provides different features. Even it allows pay per use
business model that is the organization needs pay only for the resources that they are using.
The cloud server won’t charge for the resources that are not being used. With implementation
of new technologies, the organization faces several challenges. This is very much necessary to
overcome the challenges. The main aim of the cloud server is to store the documents with providing
highest privacy. Privacy refers to the right to self-determination that is an individual have the right to
know about the personal details that are known by others. An individual possess all the rights and has
the right t question the organization in case of any information gets leaked. The aim of implementing
cloud computing model is to enable convenient and on demand network access that will help in
providing the management efforts rapidly (Takabi, Joshi & Ahn, 2014). There are five essential
features, four deployment models and three delivery models. The five features that determine the
cloud computing are ubiquitous network access, local independent resource pooling, on demand self-
service, rapid elasticity and measured services , these all the features help in creating a server that will
provide transparent and seamless service. The three cloud service delivery model are SaaS , PaaS and
IaaS. Protecting the confidentiality for the details is a major concern. This is very much necessary to
maintain privacy as these will impact both in terms of avoiding the ethics and personal rights of an
individual. This is necessary to understand that in case the information gets leaked these will impact
and cause a huge damage for the organization. This is the main aim of the organization to maintain the
privacy and store all the information in a safe way. In order to provide maximum privacy towards the
data of the clients and the employees within the organization (Srinivasan, 2014). MySupport approach
will be beneficial as the cloud ha implemented fundamental protection right in order to maintain the
privacy of the data stored and is named as the privacy design principle. This includes several
objectives that will help in decision making and this includes:
Data minimization: these becomes very much necessary to minimize the steps involved in collecting,
processing and using the personal data. These will decrease the use of time and will be beneficial for
both the clients and the employees within the organization.
Document Page
3
CLOUD PRIACY AND SECURITY
Controllability: these becomes very much necessary to provide the control over their personal data.
The users should have the right to control the data within the organization (So, 2015).
Transparency: the system needs to be transparent, so that users can know about the working. The
operation taking place within the cloud server should always be monitored by the members of the
organization.
User friendly systems: these is necessary to develop and transfer to a server that will be user friendly
and will help the user to easy functioning.
Data confidentiality: the designing of the cloud server should be done in such a way that it will allow
access only to those who have the authorization. This will help to maintain the confidentiality of the
data stored within the organization.
Data quality: apart from all this, the data needs to maintain with good quality in terms of technical.
The access always should be granted to the users in case of the accessing the necessary data (Ryan,
2015).
Use limitation: there should be a limitation for using the data stored within the organization. This
will restrict the users and will prevent unauthorized person from having the access.
The privacy needs to be maintained for the information within the organization. The issues
related to the privacy differs from cloud to cloud. This are as follows:
This enables the users to have control over their personal data and when they are being stored
and processed within the cloud server (Robison, 2013). This will help to avoid unauthorized
access.
Protecting the data from loss and leakage and unauthorized modification.
The organization needs to understand the responsibility that will ensure the legal
responsibility for the personal information.
This becomes necessary to determine the part that will deal with measuring the legal rights.

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
4
CLOUD PRIACY AND SECURITY
The types of attacks that will harm the privacy maintained by the organization for the information of
employees and clients. These are as follows:
Service abuse: this means that the attackers aims at abusing the cloud service and gathers the data
and or destroy the data gathered from the users. The data abuse can be done by the other users of by
the attackers. Duplication also causes harm as these is referred to the case in which one data is being
stored within the cloud and is being used by several users for different times (Rittinghouse &
Ransome, 2016). This will help in saving the cost and also will save the storage but these will also
provide easy access to the attackers.
Averting attack: with shifting to the cloud computing server, it allows to share huge number of
resources on the internet. Cloud system should be able to avert the Denial of service attacks.
Identity management: these becomes very much difficult to understand the working of the cloud and
the privacy provided when third party enters.
Cloud computing is an emerging technology for the organization those aims at managing the
documents easily with less effort. Thus this is necessary to maintain the privacy within the
organization. Data breaching will lead to harm individual’s data and is also against the ethics of every
organization. This is against ethics to access someone else information or breach them. As the
organization deals with the people who are mentally ill or suffering through mental disorders. So any
alteration in their information can cause serious damage (Rimal, Choi & Lumb, 2014). Thus it is
essential to sort and manage the data in such a way that it will not harm anyone’s emotions. The
organization needs to perform activity that will be ethically correct and will not harm any individual
rights. Every individual has the right to maintain the privacy and in case the privacy is being violated
they ha e the right to fill case against the organization.
Security issues that arises with personal and ethical implications
With the implication of cloud computing in the organization it is necessary to understand the
security provided by the server. The data security needs to be maintained so that data does not gets
breached. The access of the data should be given only to the authorized person. This will help in
Document Page
5
CLOUD PRIACY AND SECURITY
maintaining the security (Popović & Hocenski, 2015). This is the responsibility of the organization to
rectify all the doubts related to the cloud. Some of the major security concerns includes the following:
Loss of governance: While using the cloud infrastructure the clients are associated with putting the
control over the data in the hands of the Cloud provider and this give arise to numerous issues might
be having an adverse effect upon the security. Besides this at the same time the SLAs might also not
be associated with offering a commitment that is needed in order to provide this kind of services by
being a part of the cloud provider (Ogigau-Neamtiu, 2014). This initially leads to the formation of a
gap in the security defences. Besides this there might also arise the risks related to compliance and
this mainly happens because the process of achieving certification might put to risk because of the
migration to the cloud. There are two major responsible for this and this includes the following:
In case if the cloud provider is not capable of providing evidences related to the compliance
that they are having in relation to the requirements which are relevant (Krutz & Vines, 2014).
In case if the service provider is not associated with permitting the audits provided by the
cloud customers.
Lock-in: There exists a little amount of offerings related to the ways by which the tools, standard data
formats or procedures which are capable of guaranteeing the probability of the data, application and
the services. This is initially responsible for making it difficult for the customers to migrate from one
of the provider to another or migration of the data and the services back to the In house IT
environment (Itani, Kayssi & Chehab, 2017). This initially leads to the dependency upon a particular
cloud provider for provisioning of the services specially when it is regarding the data probability and
this mainly happens because most of the fundamental aspects are not in enabled condition (Chen &
Zhao, 2017).
Isolation Failure: The characteristics of cloud computing are of multi-tenancy and are of shared
nature. Besides this the risk category is associated with covering the failures related to the
mechanisms which are associated with separating the storage, memory, routing the reputation that
exists between the various tenants (Bertino et al., 2014). But despite of this the attacks upon the
Document Page
6
CLOUD PRIACY AND SECURITY
resource isolation mechanism is very little and besides those it is much more difficult for the attacker
to attack this than the traditional Oss.
Compromise of the management interface: By making use of the internet or the mediated access to
the larger set of assets it is possible to have access of the customer management interfaces present in
the public cloud providers (Asma, Chaurasia & Mokhtar, 2015). This is initially responsible for
posing an increased amount of risk especially when they are combined with the vulnerabilities related
to the remote access and web browser.
Protection of the data: Different and numerous data protection risks are put forward by the cloud
computing and similar things happen for the cloud providers as well. There exist many cases where it
is seen that the effective checking of the data handling process that the cloud providers are having
becomes difficult for the cloud customers. This type of problem generally gets exacerbated whenever
multiple transfers of the data takes place (Almulla & Yeun, 2015).
Incomplete or insecure deletion of the data: whenever there exists the request related to deletion of
a cloud resource might not be associated with providing results in true wiping of the data and this is
common for most of the operating systems. It might seem to be impossible to delete a cloud resource
in a timely manner, which mainly happens because of eth existence of multiple copies that are stored
however are not available (Asma, Chaurasia & Mokhtar, 2015). This might also happen because of
the fact that the disk that is to be destroyed might be storing data from the other clients as well. In
cases where it is seen that there exists multi-tenancies or when the hardware resources are being
reused might be responsible for putting forward a high amount of risk for the customers than the
hardware dedicated towards it.
Malicious insider: This is another major security risk that is faced while using the clouds. Damage
might also be caused due to the malicious users existing inside the system and this type of damage is
often far greater. There are certain roles played by individuals that are of extremely high risk
(Almorsy, Grundy & Müller, 2016).

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Document Page
7
CLOUD PRIACY AND SECURITY
Security expectations of the customers: there might exist a great amount of difference in the level of
security from the customer’s perspective and the actual security that is provided by the cloud
providers. This might also happen due to the actual temptation that the cloud providers have in order
to decrease the cost by means of sacrificing certain security related aspects.
Recommendation
From the above report it can be said that implementation of the cloud computing will help in
improving the efficiency. The data can be easily stored within the organization. In order to improve
the privacy and the security within the organization it is necessary to understand the need of the
privacy and security. The organization needs to understand the importance of privacy and security
within the organization. In order to improve the working and maintaining proper security, it is
recommended for the organization to implement some strategies that will help in protecting the rights
and integrity of the data stored within the organization. The NGO has planned to have digital identity
that will help the people of organization to easily distinguish between clients. The digital id
implemented needs to get scanned before accessing any data. Thus, this will ensure that the data is
being accessed by only authorized people. The best recommendations that can be provided to the
customers includes providing assurance towards the cloud customer. It is necessary to take steps in
order to mitigate the risks faced by the customer and the provider.
The organization needs to have the following documents prepared ,this are as assess the
service provided by the cloud server, the different models offered by the cloud server, assurance from
the best cloud provider and reducing the burden from cloud providers. These is the responsibility of
the organization to prepare a security check list that will cover every requirements including policy
issues, legal issues, technical issue and the physical issue. The organization can make the digital
identity process much better. Every verification step should include the following steps identity
proofing, once the client is allowed to get access and the identity gets proofed. That is the digital
identity once get accepted than the user will be allowed to move to the next step. After this the next
Document Page
8
CLOUD PRIACY AND SECURITY
step involves authentication. The last step is the authorisation. This step involves allowing the user to
access the data stored within the cloud server once this gets approved. Few recommendation that will
help in identifying the users details are:
In the time of registration, the organization should implement a DFS operator that will create
digital identity for their customer and employees. This will be used for both DFS transactions
and in identity assertion with the external service provider.
A customer needs to provide a foundational document for maintaining the digital identity. For
this the use of a dynamic, self-asserted digital identity needs to be installed that can be
updated whenever required.
Also unique digital identity with biometric will help in maintaining accurate data for the
clients and employees. Without the biometric entry no one should be allowed to get the
authority to access the documents.
The recommendations are necessary for the NGO, so that they can manage the details and
information even in a better way. These is very much necessary to maintain the privacy and security
towards the data stored within the organization. As this data stored belongs to the employees and
clients. Thus this needs to be kept safely without altering. The digital identity will help to maintain the
integrity of an individual and all the data will be stored safely. Without authentication, no one will be
allowed to access the data.
Conclusion
From the above report it can be concluded that there is a need of implementing privacy and
security within the organization. This is necessary to understand that these two features are the
important one. Every organization aims at providing best services towards their customer. This is the
responsibility of the organization to provide highest security and privacy towards the information. The
report has discussed about the need of privacy and the security, maintained within the document. The
later part of the report has given the recommendation that will help in maintain the integrity of the
Document Page
9
CLOUD PRIACY AND SECURITY
data. In addition to this, the NGO has implemented digital identity that will help them identifying the
clients and will allow the authorization accordingly.

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
10
CLOUD PRIACY AND SECURITY
Reference
Almorsy, M., Grundy, J., & Müller, I. (2016). An analysis of the cloud computing security
problem. arXiv preprint arXiv:1609.01107.
Almulla, S. A., & Yeun, C. Y. (2015, March). Cloud computing security management.
In Engineering Systems Management and Its Applications (ICESMA), 2010 Second
International Conference on (pp. 1-7). IEEE.
Asma, A., Chaurasia, M. A., & Mokhtar, H. (2015). Cloud Computing Security Issues. International
Journal of Application or Innovation in Engineering & Management, 1(2), 141-147.
Bertino, E., Paci, F., Ferrini, R., & Shang, N. (2014). Privacy-preserving digital identity management
for cloud computing. IEEE Data Eng. Bull., 32(1), 21-27.
Chang, D. Y., Benantar, M., Chang, J. Y. C., & Venkataramappa, V. (2014). U.S. Patent No.
8,769,622. Washington, DC: U.S. Patent and Trademark Office.
Chen, D., & Zhao, H. (2017, March). Data security and privacy protection issues in cloud computing.
In Computer Science and Electronics Engineering (ICCSEE), 2012 International Conference
on (Vol. 1, pp. 647-651). IEEE.
Itani, W., Kayssi, A., & Chehab, A. (2017, December). Privacy as a service: Privacy-aware data
storage and processing in cloud computing architectures. In Dependable, Autonomic and
Secure Computing, 2009. DASC'09. Eighth IEEE International Conference on (pp. 711-716).
IEEE.
Krutz, R. L., & Vines, R. D. (2014). Cloud security: A comprehensive guide to secure cloud
computing. Wiley Publishing.
Ogigau-Neamtiu, F. (2014). Cloud computing security issues. Journal of Defense Resources
Management, 3(2), 141.
Document Page
11
CLOUD PRIACY AND SECURITY
Popović, K., & Hocenski, Ž. (2015, May). Cloud computing security issues and challenges.
In MIPRO, 2010 proceedings of the 33rd international convention (pp. 344-349). IEEE.
Rimal, B. P., Choi, E., & Lumb, I. (2014, August). A taxonomy and survey of cloud computing
systems. In INC, IMS and IDC, 2009. NCM'09. Fifth International Joint Conference on (pp.
44-51). Ieee.
Rittinghouse, J. W., & Ransome, J. F. (2016). Cloud computing: implementation, management, and
security. CRC press.
Robison, W. J. (2013). Free at what cost: Cloud computing privacy under the stored communications
act. Geo. Lj, 98, 1195.
Ryan, M. D. (2015). Cloud computing privacy concerns on our doorstep. Communications of the
ACM, 54(1), 36-38.
So, K. (2015). Cloud computing security issues and challenges. International Journal of Computer
Networks, 3(5), 247-55.
Srinivasan, S. (2014). Cloud computing security. In Cloud Computing Basics (pp. 81-100). Springer,
New York, NY.
Takabi, H., Joshi, J. B., & Ahn, G. J. (2014). Security and privacy challenges in cloud computing
environments. IEEE Security & Privacy, (6), 24-31.
Wang, C., Wang, Q., Ren, K., & Lou, W. (2014, March). Privacy-preserving public auditing for data
storage security in cloud computing. In Infocom, 2010 proceedings ieee (pp. 1-9). Ieee.
Wang, J., Zhao, Y., Jiang, S., & Le, J. (2015, May). Providing privacy preserving in cloud computing.
In Human System Interactions (HSI), 2010 3rd Conference on (pp. 472-475). IEEE.
Zissis, D., & Lekkas, D. (2014). Addressing cloud computing security issues. Future Generation
computer systems, 28(3), 583-592.
1 out of 12
circle_padding
hide_on_mobile
zoom_out_icon
[object Object]

Your All-in-One AI-Powered Toolkit for Academic Success.

Available 24*7 on WhatsApp / Email

[object Object]