Information Security in Cloud Computing: Threats and Preventive Measures
Added on 2024-05-21
4 Pages3542 Words272 Views
|
|
|
ITC595 Research Project
Information Security in Cloud Computing and its
Preventive Measures
N. V. Sunil
ITC595 MIT, School of Computing & Mathematics, Charles Sturt University
author@first-third.edu.au
ABSTRACT– Cloud computing is a vast technology aimed to
provide companies with the facility to store data over the Internet.
It allows maintaining records, share resources, process data using
remote servers on the Internet than localhost of a company. In
recent years, it has been widely used by companies with large data
like Google, Salesforce, Microsoft to effectively store that data with
minimized management attempt to arrange the huge stacks of data.
Cloud computing has been used as a public utility where it provides
a platform for companies to run their applications faster by
adjusting resources and to manage fluctuating demands of markets
more efficiently. Along with its assured benefits, it is as well
important to learn about the risks and security issues while moving
the data on the internet. Lack of safety and security is a merely
acceptable issue in the widespread computing world. The major
problems related to information policies and security, reliability,
and access to the cloud will be discussed in this report. Cloud
security issues have been dealt as per perspectives of both client
and users. According to the user’s perspective, computing records
security warranty troubleshooting and disturbed management and
maintenance. This paper will give an all over a review of statistics
protection and security issues regarding cloud computing.
Keywords- cloud computing, Information Security, cloud services,
prevention cloud attack, security threats.
INTRODUCTION
Cloud computing is a market technology that provides
system software, data access, computation and storage of
data without the end user’s knowing the exact location of the
system that provides all these services. It allows the user to
access their files via internet without downloading any specific
software. It basically is a technology that allows outsourcing
computer programs. Before cloud computing, it had been
difficult and expensive to run applications on a variety of
computers by installing and configuring them on each system.
With cloud computing, it has become easy to deal with
different software and applications as the user won’t have to
deal with the management of the software but the cloud
providers take charge of it. Assets are provided in the cloud for
every programming language and can be accessed from any
part of the globe. It is a cost-efficient way to store data. Cloud
computing is widely used in today’s scenario and is embraced
by all sort of companies from start-ups to global multi-national
companies for its use in creating apps, providing and
recovering the backup, hosting web pages, delivering services,
and analyzing data for patterns and predictions (Line, 2010).
Cloud computing has been divided into three segments that
provide different services to customers. The three types of
cloud computing are:
1. Infrastructure as a Service (IaaS) - Cloud provides
hardware or software infrastructure to clients for
easy operational benefits along with backup and
maintenance.
2. Software as a Service (SaaS) – Using cloud, an
application can be put to use over the internet and
acts as a useful tool to manipulate data.
3. Platform as a Service (PaaS) – This helps in managing
applications running over cloud without getting
caught in code and infrastructure.
Figure 1 Cloud computing Service Models
A. Research Problem
The research paper will cover several issues linked to the
security of information in cloud computing.
The process of creating and setting up a cloud computing
system is riskier as the new technology is not fully tested and
is prone to new attacks. The main threats in this technology
are data loss and data privacy. When data is loaded on the
cloud, it is the duty of both cloud provider and the client for its
privacy. Although through miscommunications among the
both, data privacy becomes more vulnerable to threat. As per
different service models, different responsibilities have been
assigned to both parties. In IaaS, the cloud provider is in
charge of physical and hardware security while the client is in
charge of software and application security. In SaaS, the cloud
provider is in charge of both physical and application security
(Shaikh, 2011).
Cloud computing, like any other internet technology,
is vulnerable to security threats. Attackers tend to penetrate in
customer cloud to get access to the information by passing
through connections, obtain cloud computational services for
free, and steal private information from storage areas after
breaking into it. The most common cloud attacks include SQL
injection, free VoIP calls, and data loss and leakages as data is
1
Information Security in Cloud Computing and its
Preventive Measures
N. V. Sunil
ITC595 MIT, School of Computing & Mathematics, Charles Sturt University
author@first-third.edu.au
ABSTRACT– Cloud computing is a vast technology aimed to
provide companies with the facility to store data over the Internet.
It allows maintaining records, share resources, process data using
remote servers on the Internet than localhost of a company. In
recent years, it has been widely used by companies with large data
like Google, Salesforce, Microsoft to effectively store that data with
minimized management attempt to arrange the huge stacks of data.
Cloud computing has been used as a public utility where it provides
a platform for companies to run their applications faster by
adjusting resources and to manage fluctuating demands of markets
more efficiently. Along with its assured benefits, it is as well
important to learn about the risks and security issues while moving
the data on the internet. Lack of safety and security is a merely
acceptable issue in the widespread computing world. The major
problems related to information policies and security, reliability,
and access to the cloud will be discussed in this report. Cloud
security issues have been dealt as per perspectives of both client
and users. According to the user’s perspective, computing records
security warranty troubleshooting and disturbed management and
maintenance. This paper will give an all over a review of statistics
protection and security issues regarding cloud computing.
Keywords- cloud computing, Information Security, cloud services,
prevention cloud attack, security threats.
INTRODUCTION
Cloud computing is a market technology that provides
system software, data access, computation and storage of
data without the end user’s knowing the exact location of the
system that provides all these services. It allows the user to
access their files via internet without downloading any specific
software. It basically is a technology that allows outsourcing
computer programs. Before cloud computing, it had been
difficult and expensive to run applications on a variety of
computers by installing and configuring them on each system.
With cloud computing, it has become easy to deal with
different software and applications as the user won’t have to
deal with the management of the software but the cloud
providers take charge of it. Assets are provided in the cloud for
every programming language and can be accessed from any
part of the globe. It is a cost-efficient way to store data. Cloud
computing is widely used in today’s scenario and is embraced
by all sort of companies from start-ups to global multi-national
companies for its use in creating apps, providing and
recovering the backup, hosting web pages, delivering services,
and analyzing data for patterns and predictions (Line, 2010).
Cloud computing has been divided into three segments that
provide different services to customers. The three types of
cloud computing are:
1. Infrastructure as a Service (IaaS) - Cloud provides
hardware or software infrastructure to clients for
easy operational benefits along with backup and
maintenance.
2. Software as a Service (SaaS) – Using cloud, an
application can be put to use over the internet and
acts as a useful tool to manipulate data.
3. Platform as a Service (PaaS) – This helps in managing
applications running over cloud without getting
caught in code and infrastructure.
Figure 1 Cloud computing Service Models
A. Research Problem
The research paper will cover several issues linked to the
security of information in cloud computing.
The process of creating and setting up a cloud computing
system is riskier as the new technology is not fully tested and
is prone to new attacks. The main threats in this technology
are data loss and data privacy. When data is loaded on the
cloud, it is the duty of both cloud provider and the client for its
privacy. Although through miscommunications among the
both, data privacy becomes more vulnerable to threat. As per
different service models, different responsibilities have been
assigned to both parties. In IaaS, the cloud provider is in
charge of physical and hardware security while the client is in
charge of software and application security. In SaaS, the cloud
provider is in charge of both physical and application security
(Shaikh, 2011).
Cloud computing, like any other internet technology,
is vulnerable to security threats. Attackers tend to penetrate in
customer cloud to get access to the information by passing
through connections, obtain cloud computational services for
free, and steal private information from storage areas after
breaking into it. The most common cloud attacks include SQL
injection, free VoIP calls, and data loss and leakages as data is
1
downloaded from drives. Security issues of cloud computing
have been a challenge to cloud providers who are facilitating
customers with their cloud services. A large amount of data
has been stored at a single place; it is easy for attackers to get
access to huge amount of data in a single successful attack.
Figure 2 Security hazards of cloud computing
B. Research Justification
The research examination has been aroused to deal with
security attacks and measures invalidated procedures of cloud
computing. Due to its zero maintenance and low cost, it has
been termed as ‘IT on Demand’ technology. Scalability is its
key feature that can be achieved by virtualization. The
Research has been done considering the security hazards of
cloud and solution for its prevention. The results of this
examination will prove to be impactful in cloud framework
that will store private and confidential information of clients
that can’t be accessed by unauthorized users. The problem
regarding the use of cloud computing will widely is tackled by
exploring its security threat and preventive measures.
Cloud computing can be deployed in three important ways as
public, private, and hybrid structure as per the requirement of
client and data availability issues. Security issues can be
improved by centralization of data and increasing security
focus on resources and controlling access to sensitive data. In
this report, we will discuss the security of information over the
cloud and the various means by which it can be harassed. It
will give us an overview of how to tackle situation when a
system or storage platform has been attacked over the cloud.
LITERATURE REVIEW
Shaikh & Haider (2011) this paper gives an overview of cloud
computing which gives the user the facility to use a collection
of resources and services via the internet. It serves its
customers by delivering services of virtual resources. This
paper helps in identifying most vulnerable threats to data
privacy in cloud computing. Different models have been
proposed in this research paper and by the study of a previous
research paper for the security implementation of the cloud
data from the most vulnerable attacks. As per suggested by
the study from the paper, it is found that both users and
administrator have to face the security issues. As the demand
for cloud is increasing due to its benefits over other
technologies, it is important to have a solution and preventive
measures for cloud computing from the known threats. Also,
this research paper helped in constituting a strong proposed
model for the prevention of security issues and helped in
strengthening my research work by providing a distinct idea of
the security issues that are known and most vulnerable to the
cloud.
Mohammed, Chaurasia & Mokhtar (2012) According to this
research paper, it has been stated that 36% lack in the usage
of cloud is due to its security issues. By securing the various
service models for cloud, we can indirectly secure the whole
cloud. Data security is related to confidentiality, accessibility
and data integrity, along with trust and other legal issues. To
deal with these issues, the report suggests encryption of data
to enhance the privacy and confidentiality of data so that only
authorized user can have access to the data. Tokenization of
sensitive data into dummy tokens has been considered as a
good option to provide security of data at cloud storage
devices. SaaS provides Ws- Transaction and WS-Reliability
functionalities to ensure data integrity so that people with
proper authentication can read and write to the data as per
their rights. In this paper, security challenges have been
addressed according to the three models of the cloud.
(Mowbray& Pearson, 2009) Researcher, through this research
paper, wants to introduce the most preliminary rule to the
wide assertion of ―security and assurance issues of cloud
providing organizations in appropriated procedures, clients
have stress over private data usage. When data has been set
up in the openly accessible cloud, security hasn’t been viewed
as a primary aspect. Some same minded situations have been
inspected in this paper, after which it has been recommended
largely to restrict the use of tricky and complicated
information when dealing with fogs and insurance and data
assurance should be ensured to end customers. To address
this problem, a chief gadget based on client assurance has
been presented in this research base. The proposed solution
minimizes security issues and provides security assurance
facilities. The device that has developed using proposed
solution has been attempted to work as necessities in
unmistakably circulated processing situations.
Figure 4 overview of the proposed solution
According to the research work of Wei et al. (2009), it had
been mentioned that cloud computing unfolds several new
data security hazards. These dangers have been concluded
internally and externally from a photograph repository side in
this research document. They've also examined the dangers
presented by the system heads and cease customers from
using cloud's image data storage and warehouse. An image
presentation framework configuration has been submitted to
report the related hazards. They assured that their proposed
model tends to one of the biggest risk in the scope of cloud
security and that the proposed model is precious and
implementable. The medium of the configuration in its initial
steps unveil resentful stuff and in further levels private
2
have been a challenge to cloud providers who are facilitating
customers with their cloud services. A large amount of data
has been stored at a single place; it is easy for attackers to get
access to huge amount of data in a single successful attack.
Figure 2 Security hazards of cloud computing
B. Research Justification
The research examination has been aroused to deal with
security attacks and measures invalidated procedures of cloud
computing. Due to its zero maintenance and low cost, it has
been termed as ‘IT on Demand’ technology. Scalability is its
key feature that can be achieved by virtualization. The
Research has been done considering the security hazards of
cloud and solution for its prevention. The results of this
examination will prove to be impactful in cloud framework
that will store private and confidential information of clients
that can’t be accessed by unauthorized users. The problem
regarding the use of cloud computing will widely is tackled by
exploring its security threat and preventive measures.
Cloud computing can be deployed in three important ways as
public, private, and hybrid structure as per the requirement of
client and data availability issues. Security issues can be
improved by centralization of data and increasing security
focus on resources and controlling access to sensitive data. In
this report, we will discuss the security of information over the
cloud and the various means by which it can be harassed. It
will give us an overview of how to tackle situation when a
system or storage platform has been attacked over the cloud.
LITERATURE REVIEW
Shaikh & Haider (2011) this paper gives an overview of cloud
computing which gives the user the facility to use a collection
of resources and services via the internet. It serves its
customers by delivering services of virtual resources. This
paper helps in identifying most vulnerable threats to data
privacy in cloud computing. Different models have been
proposed in this research paper and by the study of a previous
research paper for the security implementation of the cloud
data from the most vulnerable attacks. As per suggested by
the study from the paper, it is found that both users and
administrator have to face the security issues. As the demand
for cloud is increasing due to its benefits over other
technologies, it is important to have a solution and preventive
measures for cloud computing from the known threats. Also,
this research paper helped in constituting a strong proposed
model for the prevention of security issues and helped in
strengthening my research work by providing a distinct idea of
the security issues that are known and most vulnerable to the
cloud.
Mohammed, Chaurasia & Mokhtar (2012) According to this
research paper, it has been stated that 36% lack in the usage
of cloud is due to its security issues. By securing the various
service models for cloud, we can indirectly secure the whole
cloud. Data security is related to confidentiality, accessibility
and data integrity, along with trust and other legal issues. To
deal with these issues, the report suggests encryption of data
to enhance the privacy and confidentiality of data so that only
authorized user can have access to the data. Tokenization of
sensitive data into dummy tokens has been considered as a
good option to provide security of data at cloud storage
devices. SaaS provides Ws- Transaction and WS-Reliability
functionalities to ensure data integrity so that people with
proper authentication can read and write to the data as per
their rights. In this paper, security challenges have been
addressed according to the three models of the cloud.
(Mowbray& Pearson, 2009) Researcher, through this research
paper, wants to introduce the most preliminary rule to the
wide assertion of ―security and assurance issues of cloud
providing organizations in appropriated procedures, clients
have stress over private data usage. When data has been set
up in the openly accessible cloud, security hasn’t been viewed
as a primary aspect. Some same minded situations have been
inspected in this paper, after which it has been recommended
largely to restrict the use of tricky and complicated
information when dealing with fogs and insurance and data
assurance should be ensured to end customers. To address
this problem, a chief gadget based on client assurance has
been presented in this research base. The proposed solution
minimizes security issues and provides security assurance
facilities. The device that has developed using proposed
solution has been attempted to work as necessities in
unmistakably circulated processing situations.
Figure 4 overview of the proposed solution
According to the research work of Wei et al. (2009), it had
been mentioned that cloud computing unfolds several new
data security hazards. These dangers have been concluded
internally and externally from a photograph repository side in
this research document. They've also examined the dangers
presented by the system heads and cease customers from
using cloud's image data storage and warehouse. An image
presentation framework configuration has been submitted to
report the related hazards. They assured that their proposed
model tends to one of the biggest risk in the scope of cloud
security and that the proposed model is precious and
implementable. The medium of the configuration in its initial
steps unveil resentful stuff and in further levels private
2
End of preview
Want to access all the pages? Upload your documents or become a member.
Related Documents