Software Engineering Methodology
Added on 2023-01-23
7 Pages1846 Words28 Views
Running head: SOFTWARE ENGINEERING METHODOLOGY
SOFTWARE ENGINEERING METHODOLOGY
Name of Student
Name of University
Author’s Note
SOFTWARE ENGINEERING METHODOLOGY
Name of Student
Name of University
Author’s Note
1SOFTWARE ENGINEERING METHODOLOGY
Introduction
This particular article discusses regarding the infrastructure of cloud computing, this
infrastructure enables companies to reduce the costs. This is done by outsourcing the
computations that are in demand [1]. Clients of various services of cloud computing do not have
methods to verify confidentiality as well as integrity of the data as well as computation.
Companies are allowed to reduce the IT costs with the help of offloading computation and data
to the services in cloud computing. Inspite of this, the organizations implement cloud computing
services due to the outstanding concerns of security [3]. The most serious concerns include the
possibility of the violation of confidentiality. Accidentally or maliciously the employees of cloud
providers might tamper with the data of the company. Some actions might harm the finance or
reputation of the company. For maintaining confidentiality, the customers of cloud services
might carry out encryption [6]. Encryption is helpful for the purpose of securing information
even before the data has been stored by the provider. This service could not be applied in cases
where information needs to be computed because the data that has not been encrypted data
should reside within the host’s memory that runs the computation.
Discussion
Various myriads of various cloud providers provide services at numerous layers
belonging to the stack of software. In the lower layers, the Infrastructure as a Service providers
like Amazon, GoGrid and Flexiscale allow various customers for gaining access to the overall
virtual machines that is hosted by various providers [2]. A customer as well as user of a
particular system provides the complete stack of software that runs within a virtual machine. At a
Introduction
This particular article discusses regarding the infrastructure of cloud computing, this
infrastructure enables companies to reduce the costs. This is done by outsourcing the
computations that are in demand [1]. Clients of various services of cloud computing do not have
methods to verify confidentiality as well as integrity of the data as well as computation.
Companies are allowed to reduce the IT costs with the help of offloading computation and data
to the services in cloud computing. Inspite of this, the organizations implement cloud computing
services due to the outstanding concerns of security [3]. The most serious concerns include the
possibility of the violation of confidentiality. Accidentally or maliciously the employees of cloud
providers might tamper with the data of the company. Some actions might harm the finance or
reputation of the company. For maintaining confidentiality, the customers of cloud services
might carry out encryption [6]. Encryption is helpful for the purpose of securing information
even before the data has been stored by the provider. This service could not be applied in cases
where information needs to be computed because the data that has not been encrypted data
should reside within the host’s memory that runs the computation.
Discussion
Various myriads of various cloud providers provide services at numerous layers
belonging to the stack of software. In the lower layers, the Infrastructure as a Service providers
like Amazon, GoGrid and Flexiscale allow various customers for gaining access to the overall
virtual machines that is hosted by various providers [2]. A customer as well as user of a
particular system provides the complete stack of software that runs within a virtual machine. At a
2SOFTWARE ENGINEERING METHODOLOGY
high layer, the Software as a Service like Google Apps provide applications that are available
online and could be directly executed by the users [5]. The main issue in guaranteeing privacy of
the computations is increased for the services that are present in the higher layers of software
stack. This is because the services provide as well as runs the software which manipulates the
data of customers directly [4]. This particular assignment focuses on lower layers where securing
the virtual machine of a customer is manageable.
A sysadmin of cloud providers that are given the privileged control on the blackened
might perpetrate numerous attacks for accessing the memory of the virtual machine of the
customer [7]. With the root privileges in every machine, the sysadmin would be able to install as
well as execute all the types of software for performing any attack. In case Xen is utilized in the
backend, it allows a particular sysadmin to run a particular user level processes in Dom () which
would access the content of the memory of VM at the run time directly [10]. In case physical
access of machine is provide, sysadmin would be allowed to perform various sophisticated
attacks such as cold boot attacks and then tamper them with the use of hardware [8]. In present
providers of IaaS, the users are allowed to consider that no one accumulates the entire set of
privileges. Besides this, the providers deploy a stringent security device, surveillance machine
and restricted policies of access control for protecting the hardware’s physical integrity [9].
Hence it has been assumed in this paper that enforcing a particular security perimeter, the
provider could prevent the attacks that need physical access to various machines.
Trusted computing group had proposed a specific set of hardware as well as software
technologies for enabling construction of various trusted platforms module (TPM) chip, this chip
has now been bundled along with commodity hardware [1]. This TPM has a particular
endorsement private key which identifies TPM along with the functions of cryptography which
high layer, the Software as a Service like Google Apps provide applications that are available
online and could be directly executed by the users [5]. The main issue in guaranteeing privacy of
the computations is increased for the services that are present in the higher layers of software
stack. This is because the services provide as well as runs the software which manipulates the
data of customers directly [4]. This particular assignment focuses on lower layers where securing
the virtual machine of a customer is manageable.
A sysadmin of cloud providers that are given the privileged control on the blackened
might perpetrate numerous attacks for accessing the memory of the virtual machine of the
customer [7]. With the root privileges in every machine, the sysadmin would be able to install as
well as execute all the types of software for performing any attack. In case Xen is utilized in the
backend, it allows a particular sysadmin to run a particular user level processes in Dom () which
would access the content of the memory of VM at the run time directly [10]. In case physical
access of machine is provide, sysadmin would be allowed to perform various sophisticated
attacks such as cold boot attacks and then tamper them with the use of hardware [8]. In present
providers of IaaS, the users are allowed to consider that no one accumulates the entire set of
privileges. Besides this, the providers deploy a stringent security device, surveillance machine
and restricted policies of access control for protecting the hardware’s physical integrity [9].
Hence it has been assumed in this paper that enforcing a particular security perimeter, the
provider could prevent the attacks that need physical access to various machines.
Trusted computing group had proposed a specific set of hardware as well as software
technologies for enabling construction of various trusted platforms module (TPM) chip, this chip
has now been bundled along with commodity hardware [1]. This TPM has a particular
endorsement private key which identifies TPM along with the functions of cryptography which
End of preview
Want to access all the pages? Upload your documents or become a member.
Related Documents
Infrastructure of Cloud Computing: Methodology and Trusted Computinglg...
|10
|648
|46
Report on Cloud Vendors | Assignmentlg...
|6
|1138
|17
(PDF) Cloud Computing Assignmentlg...
|3
|2868
|157
Cloud Computinglg...
|10
|2280
|86
Ping Ponglg...
|12
|647
|318
Security Issue in Cloud Computinglg...
|14
|624
|70