Security of Cloud Computing: Risks, Privacy, and Data Protection
Added on 2023-06-12
6 Pages4738 Words66 Views
Security of Cloud Computing
First A. Author, Second B. Author, and Third C. Author
Abstract— the primary aim of the paper is to take into
consideration the security which can be applied to the
concept of cloud computing. The security in this aspect
mainly refers to the data, which is stored in the idea of the
cloud. The paper would be directly focusing on the concept of
the security and the threat and the provide recommendation
to mitigate the problem. There are different concepts, which
can be applied to the idea of the clouding computing for the
aspect of giving provision for the security of the data. The
analysis of the element of the protection of the data can be
considered one of the most critical factors, which are related
to the concept of the data of the user.
Index Terms— cloud computing, data security, risks,
privacy and data protection.
I. TINTRODUCTION
The concept of cloud computing can be considered one of
the technologies which are playing a vital role in recent
times. A primary concern in the sector of the cloud
computing is the security which can be applied to the
concept. It is a critical factor for the cloud service
providers to ensure the aspects of privacy and protection.
To achieve this different concept policies are being
incorporated. Sometimes the data of the user is too
sensitive to be saved in the idea of the cloud as the
security, which would be applied to the data, is not entirely
up to the mark. These type of data can be a significant loss
for the organisation if it is exposed to any third party or
intruders. When comparing the concept of the cloud
computing to another aspect such as the traditional system
it can be stated, it has many advantages over the system,
but there is no justification of the security aspects, which
are involved into the concept. The concept of cloud
computing can deliver different types of infrastructure
solutions with the element of dynamic resource allocation
and system approach towards the retrieval of the data
which is stored in the concept of the cloud computing. The
application of the idea of cloud computing is not just
restricted to one area it can be applied to any area which
has data involved in the concept. Most of the data in the
are stored in the idea of the cloud are highly secured and
which can be retrieved when the user wants to do so. In
most of the cases taking into consideration technology,
there can be some flaws involved in the concept.
II. Research methods
In the 1970s, the GQM (Goal – Question –Metric) was
developed with a motive to move to move testing for the
defects of the software from the individual and qualitative
state, which is currently included in an empirical model.
This model helps to identify the errors, which would be
measured according to the defined goals, and objectives
when they can be linked with the result [1].
The GQM methodology states a model of
measurement on three level which is i) conceptual model
ii) operational model and iii) quantitative model. In a
model, the pyramid of the security is directly generated
from the GQM process relating to the definition during
which the security features are mapped to the equivalent
security matrices. The relation between the different
concepts shows the relationship between the security
metrics hierarchy (SHM) and the GQM methodology,
which play a vital in the sector of the security.
For each of the goal statement, which is
identified in the level a group matrices, will be adequately
defined. The operational level, that is, identified which
object or activities must be collected.
III. Result and analysis
Undoubtedly it can be stated that it is not easy to ensure
and secure the safety of the linked computers due to the
factor that a series of equipment and clients which are
involved; this concept can be termed as multi-tenancy. The
services, which are related to the idea of cloud computing
can be facing different types of problem which are
connected to the security issue and the safety of the data
which is stored in the context. Therefore, it can be stated
that it is very much essential to get the hold of the security
aspects and find out ways in which the overall elements
can be reduced. Some of the significant challenges, which
are founded out from the research, are stated below:
Lack of appropriate governance: During the
functionality of the cloud computing the cloud,
providers have the total access to the system. This
concept can have some security aspects involved in
the data due to the factor that the loss of the control
can put the data at a danger stage of being accessed by
any third person
Data interception: Taking into consideration the
traditional system, the data of the cloud computing is
distributed and segmented in transit. This aspect can
1
First A. Author, Second B. Author, and Third C. Author
Abstract— the primary aim of the paper is to take into
consideration the security which can be applied to the
concept of cloud computing. The security in this aspect
mainly refers to the data, which is stored in the idea of the
cloud. The paper would be directly focusing on the concept of
the security and the threat and the provide recommendation
to mitigate the problem. There are different concepts, which
can be applied to the idea of the clouding computing for the
aspect of giving provision for the security of the data. The
analysis of the element of the protection of the data can be
considered one of the most critical factors, which are related
to the concept of the data of the user.
Index Terms— cloud computing, data security, risks,
privacy and data protection.
I. TINTRODUCTION
The concept of cloud computing can be considered one of
the technologies which are playing a vital role in recent
times. A primary concern in the sector of the cloud
computing is the security which can be applied to the
concept. It is a critical factor for the cloud service
providers to ensure the aspects of privacy and protection.
To achieve this different concept policies are being
incorporated. Sometimes the data of the user is too
sensitive to be saved in the idea of the cloud as the
security, which would be applied to the data, is not entirely
up to the mark. These type of data can be a significant loss
for the organisation if it is exposed to any third party or
intruders. When comparing the concept of the cloud
computing to another aspect such as the traditional system
it can be stated, it has many advantages over the system,
but there is no justification of the security aspects, which
are involved into the concept. The concept of cloud
computing can deliver different types of infrastructure
solutions with the element of dynamic resource allocation
and system approach towards the retrieval of the data
which is stored in the concept of the cloud computing. The
application of the idea of cloud computing is not just
restricted to one area it can be applied to any area which
has data involved in the concept. Most of the data in the
are stored in the idea of the cloud are highly secured and
which can be retrieved when the user wants to do so. In
most of the cases taking into consideration technology,
there can be some flaws involved in the concept.
II. Research methods
In the 1970s, the GQM (Goal – Question –Metric) was
developed with a motive to move to move testing for the
defects of the software from the individual and qualitative
state, which is currently included in an empirical model.
This model helps to identify the errors, which would be
measured according to the defined goals, and objectives
when they can be linked with the result [1].
The GQM methodology states a model of
measurement on three level which is i) conceptual model
ii) operational model and iii) quantitative model. In a
model, the pyramid of the security is directly generated
from the GQM process relating to the definition during
which the security features are mapped to the equivalent
security matrices. The relation between the different
concepts shows the relationship between the security
metrics hierarchy (SHM) and the GQM methodology,
which play a vital in the sector of the security.
For each of the goal statement, which is
identified in the level a group matrices, will be adequately
defined. The operational level, that is, identified which
object or activities must be collected.
III. Result and analysis
Undoubtedly it can be stated that it is not easy to ensure
and secure the safety of the linked computers due to the
factor that a series of equipment and clients which are
involved; this concept can be termed as multi-tenancy. The
services, which are related to the idea of cloud computing
can be facing different types of problem which are
connected to the security issue and the safety of the data
which is stored in the context. Therefore, it can be stated
that it is very much essential to get the hold of the security
aspects and find out ways in which the overall elements
can be reduced. Some of the significant challenges, which
are founded out from the research, are stated below:
Lack of appropriate governance: During the
functionality of the cloud computing the cloud,
providers have the total access to the system. This
concept can have some security aspects involved in
the data due to the factor that the loss of the control
can put the data at a danger stage of being accessed by
any third person
Data interception: Taking into consideration the
traditional system, the data of the cloud computing is
distributed and segmented in transit. This aspect can
1
possess more threats due to the concept of the fragility
and vulnerability of the computing technology and in
notably spoofing and sniffing, third-party attacks and
he replies attacks.
Insecure and incomplete data deletion: in the situation
where the client wants the data either entirely or
partially, this can raise the question whether it would
be possible to delete the desired part of the data
segments with accuracy. [4].
Retrieval of the data: In most of the cases, it is seen
that the users store their crucial data into the concept
of the cloud. On the other hand, when the data of the
user need it is not available. This can be due to many
factors, for example, link failure between the domain
of the cloud and the user. Another aspect, which can
directly lead to the problem, is the aspect of the
server. The data can be stored in one of the servers
which are located at another location which would not
be easily accessed. This can directly lead to different
types of problem for the user.
Pricing: The concept of pricing can also be considered
to be one of the areas where the idea of cloud
computing lacks. It can be stated here that in most of
the situation the cloud providers tend to increase the
price of the service, and on the other hand, it can be
noted that the customers do not have any other option
but to involve in the given amount due to the service
they have to achieve. There are different factors which
play a role in this context due to which the pricing of
the technology varies all the time. On the other hand,
it can be stated that the process is sometimes very
much useful if the pricing is based on the concept of
the usage.
FIGURE 1
MANAGEMENT OF CLOUD COMPUTING
IV. Literature Review
There are different ways by which the data in the
concept of cloud can be secured. The privacy aspect of
the data can be achieved by implementing the following
few factors. The sensitive data of the user should not be
stored in the concept of the cloud. This is due to the
element that the security of the data in the idea of the
cloud so not very much secured. There is no
justification which is in control of the data and how the
different security aspects are applied to the data. The
password should be one of the areas of concern. It
should be taken into consideration that the password,
which is implemented, are severe enough to be cracked
by an unauthorised person.
GCM level SMH Level
Operational level Metric
Conceptual level Group metric
Quantitative level Sub - metric
GQM Model: The fundamental idea which can be
applied to the concept of GQM is that the identification
of the goals have to be made which has to be achieved
and working according to the set goal. The main factor
is to achieve the standard of goal by any means.
SMH Model: SMH can be considered as a model
which is related to the mechanism of the actions which
are directly goal oriented.
TABLE 1
RELATION BETWEEN GQM METHODOLOGY
AND SMG
In the concept of cloud, computing one of the most
significant factors, which play a role, is the encryption
technique of the data. The work, which can be followed
in the concept, is that if someone has to store a file in
the idea of the cloud, the user can add password security
into the aspect, which would be directly securing the
data, and no one would be able to access the file. The
most trending technique, which can be implemented in
this case, is performing a zip operation into the record
and protecting it with a password. This would be
beneficial in the way of not allowing unauthorised
access to the data. Encryption can also be beneficial in
the way of transferring data from one cloud platform to
another. It can be stated here that the data are
transferred in a highly secured manner by which no
third party can have direct access to the data.
The methodology which is proposed in the aspect
of the cloud security can be derived from the concept of
the security management which mainly include i)
security index (IndSec) ii) security matrix hierarchy iii)
allocation index (IndAlloc) iv) management of the cloud
2
and vulnerability of the computing technology and in
notably spoofing and sniffing, third-party attacks and
he replies attacks.
Insecure and incomplete data deletion: in the situation
where the client wants the data either entirely or
partially, this can raise the question whether it would
be possible to delete the desired part of the data
segments with accuracy. [4].
Retrieval of the data: In most of the cases, it is seen
that the users store their crucial data into the concept
of the cloud. On the other hand, when the data of the
user need it is not available. This can be due to many
factors, for example, link failure between the domain
of the cloud and the user. Another aspect, which can
directly lead to the problem, is the aspect of the
server. The data can be stored in one of the servers
which are located at another location which would not
be easily accessed. This can directly lead to different
types of problem for the user.
Pricing: The concept of pricing can also be considered
to be one of the areas where the idea of cloud
computing lacks. It can be stated here that in most of
the situation the cloud providers tend to increase the
price of the service, and on the other hand, it can be
noted that the customers do not have any other option
but to involve in the given amount due to the service
they have to achieve. There are different factors which
play a role in this context due to which the pricing of
the technology varies all the time. On the other hand,
it can be stated that the process is sometimes very
much useful if the pricing is based on the concept of
the usage.
FIGURE 1
MANAGEMENT OF CLOUD COMPUTING
IV. Literature Review
There are different ways by which the data in the
concept of cloud can be secured. The privacy aspect of
the data can be achieved by implementing the following
few factors. The sensitive data of the user should not be
stored in the concept of the cloud. This is due to the
element that the security of the data in the idea of the
cloud so not very much secured. There is no
justification which is in control of the data and how the
different security aspects are applied to the data. The
password should be one of the areas of concern. It
should be taken into consideration that the password,
which is implemented, are severe enough to be cracked
by an unauthorised person.
GCM level SMH Level
Operational level Metric
Conceptual level Group metric
Quantitative level Sub - metric
GQM Model: The fundamental idea which can be
applied to the concept of GQM is that the identification
of the goals have to be made which has to be achieved
and working according to the set goal. The main factor
is to achieve the standard of goal by any means.
SMH Model: SMH can be considered as a model
which is related to the mechanism of the actions which
are directly goal oriented.
TABLE 1
RELATION BETWEEN GQM METHODOLOGY
AND SMG
In the concept of cloud, computing one of the most
significant factors, which play a role, is the encryption
technique of the data. The work, which can be followed
in the concept, is that if someone has to store a file in
the idea of the cloud, the user can add password security
into the aspect, which would be directly securing the
data, and no one would be able to access the file. The
most trending technique, which can be implemented in
this case, is performing a zip operation into the record
and protecting it with a password. This would be
beneficial in the way of not allowing unauthorised
access to the data. Encryption can also be beneficial in
the way of transferring data from one cloud platform to
another. It can be stated here that the data are
transferred in a highly secured manner by which no
third party can have direct access to the data.
The methodology which is proposed in the aspect
of the cloud security can be derived from the concept of
the security management which mainly include i)
security index (IndSec) ii) security matrix hierarchy iii)
allocation index (IndAlloc) iv) management of the cloud
2
computing. A security matrix is derived from the GQM
methodology [13]. A security index (IndSec) will be
able to compute using the aspect of the security
management hierarchy; this aspect helps in the concept
of the allocation of the security metrics hierarchy. At the
end of the step, the scheduler of the cloud management
will be able to use the allocation index as a reference to
the process of resource allocation. In the context of the
life cycle, which is related to the management of the
security, a security matrix hierarchy can be considered
as a new form of virtualisation which is associated with
the information security that is collected over the
concept of the cloud computing environment [20].
II. A Security matrix
Security matrix can be used for the concept of
measuring the concept of privacy and security as well as
the status of the guard, which is applied to the data,
which is stored in the idea of the cloud. The use of the
security matrix can be used for the concept of achieving
a standard of transparency, proactive planning,
predictability and decision-making [12]. The form can
be considered as a standard of measurement defining
both the concept of what is being measured and how it
is being measured and the means of how the
measurement is done. The main components of the
matrix are the submatrix or the primitive matrix. Any
restriction, which can be applied to the concept of
primitives, are defined in the process of measurement.
A metric can be composed in the following ways:
% - “percentage”, it is the expression of the aspects
which are measured by the total number of
elements which are measured.
# - “number”, this concept can be used to provide
an exact value of the quality
“logic value” expressing No and Yes for an event.
TABEL 2
RISK MATRIX
The sub-matrix hierarchy can be considered as a
subpart of the matrix, which can be used for the
specialisation in different types of ways. The each of the
aspects has a distinct contribution to the overall metrics
II. B conversion of the security metrics.
The primary motive, which can be included into
the aspect of the value conversion, can be considered as
a means of extracting the value of the quantity, which is
measured by the primitive metrics, to sort them directly.
The main aim of using the concept of the rudimentary
parameters and the aspect of preventing the element of
the measuring of the quantity, which is highly difficult
to be measured.
Table 2
Security Metrics
V. Discussion
To identify the fundamentals of the cloud computing and
the storing of data in the cloud, several assets have been
checked. This section gives a basic understanding of the
concept of the security of the cloud computing. Significant
experts have provided a necessary explanation of the idea
of cloud computing [14]. Several approaches which are
vital to the understanding of the process are majorly
discussed in the here. There are several risk factors, which
are included in the concept of the cloud computing that is
explained below:
A. Storing of data in public cloud
The idea of the saving of the data in the public cloud
can be considered one of the problem area relating to the
concept of the cloud. Frequently cloud implements the
idea of the central storage facility, which can be engaging
from the hackers.
Private cloud for storing the data can be very much
beneficial in the aspect of securing the data in the cloud.
3
methodology [13]. A security index (IndSec) will be
able to compute using the aspect of the security
management hierarchy; this aspect helps in the concept
of the allocation of the security metrics hierarchy. At the
end of the step, the scheduler of the cloud management
will be able to use the allocation index as a reference to
the process of resource allocation. In the context of the
life cycle, which is related to the management of the
security, a security matrix hierarchy can be considered
as a new form of virtualisation which is associated with
the information security that is collected over the
concept of the cloud computing environment [20].
II. A Security matrix
Security matrix can be used for the concept of
measuring the concept of privacy and security as well as
the status of the guard, which is applied to the data,
which is stored in the idea of the cloud. The use of the
security matrix can be used for the concept of achieving
a standard of transparency, proactive planning,
predictability and decision-making [12]. The form can
be considered as a standard of measurement defining
both the concept of what is being measured and how it
is being measured and the means of how the
measurement is done. The main components of the
matrix are the submatrix or the primitive matrix. Any
restriction, which can be applied to the concept of
primitives, are defined in the process of measurement.
A metric can be composed in the following ways:
% - “percentage”, it is the expression of the aspects
which are measured by the total number of
elements which are measured.
# - “number”, this concept can be used to provide
an exact value of the quality
“logic value” expressing No and Yes for an event.
TABEL 2
RISK MATRIX
The sub-matrix hierarchy can be considered as a
subpart of the matrix, which can be used for the
specialisation in different types of ways. The each of the
aspects has a distinct contribution to the overall metrics
II. B conversion of the security metrics.
The primary motive, which can be included into
the aspect of the value conversion, can be considered as
a means of extracting the value of the quantity, which is
measured by the primitive metrics, to sort them directly.
The main aim of using the concept of the rudimentary
parameters and the aspect of preventing the element of
the measuring of the quantity, which is highly difficult
to be measured.
Table 2
Security Metrics
V. Discussion
To identify the fundamentals of the cloud computing and
the storing of data in the cloud, several assets have been
checked. This section gives a basic understanding of the
concept of the security of the cloud computing. Significant
experts have provided a necessary explanation of the idea
of cloud computing [14]. Several approaches which are
vital to the understanding of the process are majorly
discussed in the here. There are several risk factors, which
are included in the concept of the cloud computing that is
explained below:
A. Storing of data in public cloud
The idea of the saving of the data in the public cloud
can be considered one of the problem area relating to the
concept of the cloud. Frequently cloud implements the
idea of the central storage facility, which can be engaging
from the hackers.
Private cloud for storing the data can be very much
beneficial in the aspect of securing the data in the cloud.
3
End of preview
Want to access all the pages? Upload your documents or become a member.
Related Documents
Framework Modeling for User Privacy in Cloud Computinglg...
|8
|5479
|500
Risk Management Assignment | Information Technologylg...
|11
|2714
|96
Cloud Cryptography for Privacylg...
|14
|3660
|239
Cloud Computing: Advantages, Models and Future Scopelg...
|4
|792
|312
Assignment on Information Security Cloud Computinglg...
|8
|2070
|158
Data Security in Cloud Computinglg...
|14
|2815
|29