Characterizing Loopholes in Cloud Computing
VerifiedAdded on 2020/10/01
|22
|7085
|56
AI Summary
The project aims to characterize the underlying loopholes related to privacy and security concerns present in cloud computing environments. It involves analyzing research papers, discussing issues, and characterizing mechanisms such as encryption and access control to identify best practices for privacy protection. The assignment concludes that more comprehensive considerations are needed to generate an absolute security protection system, including legal regulations and standardization.
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
Table of Contents
ABSTRACT....................................................................................................................................................2
INTRODUCTION...........................................................................................................................................2
PROBLEM DOMAIN......................................................................................................................................2
BACKGROUND/RELATED WORK..................................................................................................................3
1. Privacy Protection and Data Security in Cloud Computing: A Survey, Challenges, and Solutions....3
2. A Study and Survey of Security and Privacy Issues in Cloud Computing..........................................5
3. Database Security in Cloud..............................................................................................................7
4. Identity and Access Management in Cloud Environment: Mechanisms and Challenges.................9
5. Service Delivery Models of Cloud Computing: Security Issues and Open Challenges....................10
6. Cloud Computing Security and Privacy: An Empirical Study..........................................................11
7. Security and Privacy of Sensitive Data in Cloud Computing: A Survey of Recent Developments...12
8. SEPRICC: Security and Privacy in Cloud Computing.......................................................................13
9. Layers of Cloud – IaaS, PaaS and SaaS: A Survey............................................................................14
10. Challenges and Prosperity Research in Cloud Computing..............................................................14
11. Cloud Computing Service Models: A Comparative Study...............................................................15
12. A Review Paper on Cloud Computing............................................................................................16
EXPERIMENTAL ANALYSIS:.........................................................................................................................17
CONCLUSION.............................................................................................................................................20
SYNOPSIS...................................................................................................................................................20
Aim of the Project..................................................................................................................................20
Method..................................................................................................................................................20
Results...................................................................................................................................................20
Discussion..............................................................................................................................................21
Conclusion.............................................................................................................................................21
REFERENCES..............................................................................................................................................21
1
ABSTRACT....................................................................................................................................................2
INTRODUCTION...........................................................................................................................................2
PROBLEM DOMAIN......................................................................................................................................2
BACKGROUND/RELATED WORK..................................................................................................................3
1. Privacy Protection and Data Security in Cloud Computing: A Survey, Challenges, and Solutions....3
2. A Study and Survey of Security and Privacy Issues in Cloud Computing..........................................5
3. Database Security in Cloud..............................................................................................................7
4. Identity and Access Management in Cloud Environment: Mechanisms and Challenges.................9
5. Service Delivery Models of Cloud Computing: Security Issues and Open Challenges....................10
6. Cloud Computing Security and Privacy: An Empirical Study..........................................................11
7. Security and Privacy of Sensitive Data in Cloud Computing: A Survey of Recent Developments...12
8. SEPRICC: Security and Privacy in Cloud Computing.......................................................................13
9. Layers of Cloud – IaaS, PaaS and SaaS: A Survey............................................................................14
10. Challenges and Prosperity Research in Cloud Computing..............................................................14
11. Cloud Computing Service Models: A Comparative Study...............................................................15
12. A Review Paper on Cloud Computing............................................................................................16
EXPERIMENTAL ANALYSIS:.........................................................................................................................17
CONCLUSION.............................................................................................................................................20
SYNOPSIS...................................................................................................................................................20
Aim of the Project..................................................................................................................................20
Method..................................................................................................................................................20
Results...................................................................................................................................................20
Discussion..............................................................................................................................................21
Conclusion.............................................................................................................................................21
REFERENCES..............................................................................................................................................21
1
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
ABSTRACT: With the recent advancements, the technology of cloud computing has also gaining rise
in terms of popularity and success. Cloud computing is a rising technology standard which relocates
recent technological as well as concept of computing into solutions like utility familiar to water systems
and electricity. Cloud computing is providing huge amount of advantages which includes economic
saving, service flexibility and configurable computer resources. Although with this increasing popularity
of cloud computing carries some critical security and privacy issues due to the outsourcing of business
applications and data to third party. The concerns related to security and privacy are seems to be initial
hurdle in the adoption of cloud in vast amount. Cloud introduces some advance concepts like resource
sharing, multi tenancy and outsourcing comes along with new challenges in the security community.
Hence the goal of this study is to address the recent existing security and privacy issues in cloud
environment. Additionally the capability to pursue and adapt the measures of security that was developed
for traditional computing systems, initiating new security policies, models and protocols for addressing
distinct security challenges of cloud. We present a comprehensive study about cloud computing and its
related security and privacy concerns.
INTRODUCTION: Cloud computer constitutes as an advance firm in the field of information
technology and related to the virtualization of the available resources of computer on request. Cloud
computing liberates times as well as cost for businesses. Along with that the process of computing
contemplates revolutionary advancement in technology related to how companies are constructs,
organizes and deployed enterprise applications on the internet. Those clouds computing that are
virtualized specifically provides delivery models of cloud computing i.e. software as a service, platform
as a service and infrastructure as a service. However in recent times, the issues regarding security and
privacy in cloud computing considered as a serious component in the any model adaptation of cloud
service delivery. Cloud computing support few technologies in its process hence this model somehow
includes possible security hazards. Hence so far, the security issues in cloud computing have hardly
receive at service delivery level. Some specific security concerns are network security, integrations, web
application security, vulnerabilities presents in virtualized environment, physical security and data
security. The goal of this research is to provide a comprehensive study of security threats regarding to
their respected cloud service deliver model. We also characterized five most specific security and privacy
aspects such as confidentiality, integrity, accountability, availability and privacy preservability. Our main
aim behind this research is to comprehensively present the security threats with respect to their cloud
service deliver models. This study also determines how service delivery models differ from existing
enterprise applications, classify these models, and investigate the inherent security challenges. This study
primarily focuses on the security concerns of each layer of the cloud-service delivery model, as well as on
existing solutions and approaches. In addition, countermeasures to potential security threats are also
presented for each cloud model.
PROBLEM DOMAIN: From previous years, cloud computing is considered as an important
platform from the perspective of hosting and delivering services through the internet. It gained popularity
by providing several computing services like cloud hosting, cloud storage and cloud servers etc. in order
to assist multiple kind businesses as well as in academics [2]. But it suffers from few major security and
privacy challenges. Privacy is cloud an important aspect for the customers. If we consider privacy in
cloud there are many threats for sensitive data of users over the cloud storage. Although the structure of
2
in terms of popularity and success. Cloud computing is a rising technology standard which relocates
recent technological as well as concept of computing into solutions like utility familiar to water systems
and electricity. Cloud computing is providing huge amount of advantages which includes economic
saving, service flexibility and configurable computer resources. Although with this increasing popularity
of cloud computing carries some critical security and privacy issues due to the outsourcing of business
applications and data to third party. The concerns related to security and privacy are seems to be initial
hurdle in the adoption of cloud in vast amount. Cloud introduces some advance concepts like resource
sharing, multi tenancy and outsourcing comes along with new challenges in the security community.
Hence the goal of this study is to address the recent existing security and privacy issues in cloud
environment. Additionally the capability to pursue and adapt the measures of security that was developed
for traditional computing systems, initiating new security policies, models and protocols for addressing
distinct security challenges of cloud. We present a comprehensive study about cloud computing and its
related security and privacy concerns.
INTRODUCTION: Cloud computer constitutes as an advance firm in the field of information
technology and related to the virtualization of the available resources of computer on request. Cloud
computing liberates times as well as cost for businesses. Along with that the process of computing
contemplates revolutionary advancement in technology related to how companies are constructs,
organizes and deployed enterprise applications on the internet. Those clouds computing that are
virtualized specifically provides delivery models of cloud computing i.e. software as a service, platform
as a service and infrastructure as a service. However in recent times, the issues regarding security and
privacy in cloud computing considered as a serious component in the any model adaptation of cloud
service delivery. Cloud computing support few technologies in its process hence this model somehow
includes possible security hazards. Hence so far, the security issues in cloud computing have hardly
receive at service delivery level. Some specific security concerns are network security, integrations, web
application security, vulnerabilities presents in virtualized environment, physical security and data
security. The goal of this research is to provide a comprehensive study of security threats regarding to
their respected cloud service deliver model. We also characterized five most specific security and privacy
aspects such as confidentiality, integrity, accountability, availability and privacy preservability. Our main
aim behind this research is to comprehensively present the security threats with respect to their cloud
service deliver models. This study also determines how service delivery models differ from existing
enterprise applications, classify these models, and investigate the inherent security challenges. This study
primarily focuses on the security concerns of each layer of the cloud-service delivery model, as well as on
existing solutions and approaches. In addition, countermeasures to potential security threats are also
presented for each cloud model.
PROBLEM DOMAIN: From previous years, cloud computing is considered as an important
platform from the perspective of hosting and delivering services through the internet. It gained popularity
by providing several computing services like cloud hosting, cloud storage and cloud servers etc. in order
to assist multiple kind businesses as well as in academics [2]. But it suffers from few major security and
privacy challenges. Privacy is cloud an important aspect for the customers. If we consider privacy in
cloud there are many threats for sensitive data of users over the cloud storage. Although the structure of
2
cloud computing is getting advance and progressing fast conceptually as well as in reality. But service
quality, security and privacy, economic, contractual issues still remains crucial challenges.
After reviewing several research articles, we conclude that they somehow interlinked over these familiar
categories:
Issues of privacy, compliance, trust, legal and audit in cloud.
Vulnerabilities and threats present in cloud.
Challenges faced by organizations while adopting cloud solution
Recommendations and solutions for cloud security issues and concerns
BACKGROUND/RELATED WORK:
1. Privacy Protection and Data Security in Cloud Computing: A Survey,
Challenges, and Solutions
Privacy and security related issues are very critical with regards to cloud computing. There are many
current research schemes carries out related to access control based cloud computing privacy
protection, trust and reputation and Attribute Based Encryption (ABE). Along with that it also discusses
KP-ABE i.e. Key Policy Attribute Based Encryption, CP i.e. Ciphertext Policy Attribute Based Encryption ,
revocation, mechanism, fine grain, trace mechanism, access structure, multi authority, proxy re-
encryption, reputation, trust, searchable encryption, hierarchical encryption, hierarchical key and
extension of tradition access control . Still they are dissipate or had insufficient unified logic. This paper
reviewed and identified progressive researches related to these factors and concludes the result on the
basis of its characterization.
1. Access control based Mechanism
2. Trust and Reputation of cloud computing
3. Attribute Based Encryption
CLOUD COMPUTING PRIVACY PROTECTION FRAMEWORK
Privacy data of user is confidential in cloud computing. Although the presence of virtualization, big data,
multi-tenancy, data outsourcing storage and some other technologies hence generate the risk of privacy
disclosure of user’s data (Sun, 2019).
3
quality, security and privacy, economic, contractual issues still remains crucial challenges.
After reviewing several research articles, we conclude that they somehow interlinked over these familiar
categories:
Issues of privacy, compliance, trust, legal and audit in cloud.
Vulnerabilities and threats present in cloud.
Challenges faced by organizations while adopting cloud solution
Recommendations and solutions for cloud security issues and concerns
BACKGROUND/RELATED WORK:
1. Privacy Protection and Data Security in Cloud Computing: A Survey,
Challenges, and Solutions
Privacy and security related issues are very critical with regards to cloud computing. There are many
current research schemes carries out related to access control based cloud computing privacy
protection, trust and reputation and Attribute Based Encryption (ABE). Along with that it also discusses
KP-ABE i.e. Key Policy Attribute Based Encryption, CP i.e. Ciphertext Policy Attribute Based Encryption ,
revocation, mechanism, fine grain, trace mechanism, access structure, multi authority, proxy re-
encryption, reputation, trust, searchable encryption, hierarchical encryption, hierarchical key and
extension of tradition access control . Still they are dissipate or had insufficient unified logic. This paper
reviewed and identified progressive researches related to these factors and concludes the result on the
basis of its characterization.
1. Access control based Mechanism
2. Trust and Reputation of cloud computing
3. Attribute Based Encryption
CLOUD COMPUTING PRIVACY PROTECTION FRAMEWORK
Privacy data of user is confidential in cloud computing. Although the presence of virtualization, big data,
multi-tenancy, data outsourcing storage and some other technologies hence generate the risk of privacy
disclosure of user’s data (Sun, 2019).
3
Fig. Cloud Computing Risks and Related Technologies
Access Control Mechanism:
In order to achieve efficient and secure access control of data resources in cloud computing, this method
is proposed. After analyzes the identity of legitimate user, access control system authorizes the scope
and capability to access the data of the requester. This is generally implements to secure the private
data resources and illegal operations intrusion of legitimate users. Various access control technologies
are used such as (mandatory access control), ABAC (attribute based access control), TBAC (task based
access control), RBAC (role based access control) and DAC (discretionary access control) having diverse
range of accessing policies shown in figure given below.
TRUST AND REPUTATION OF CLOUD COMPUTING
4
Access Control Mechanism:
In order to achieve efficient and secure access control of data resources in cloud computing, this method
is proposed. After analyzes the identity of legitimate user, access control system authorizes the scope
and capability to access the data of the requester. This is generally implements to secure the private
data resources and illegal operations intrusion of legitimate users. Various access control technologies
are used such as (mandatory access control), ABAC (attribute based access control), TBAC (task based
access control), RBAC (role based access control) and DAC (discretionary access control) having diverse
range of accessing policies shown in figure given below.
TRUST AND REPUTATION OF CLOUD COMPUTING
4
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
Trust and Reputation TR are very crucial to consider for the adaptation of cloud service and are
firmly relatable to privacy protection. Cloud computing system needs trust of user and
reputation concerning to information to be entirely disclosed that will introduce undiscovered
privacy risks of users. Lately different compounds of multiple methods give a nearly optimal
solution for the management of TR in privacy protection of cloud computing services.
ABE OF CLOUD COMPUTING
ABE related to public key mechanism. The object is decryption of a group instead of a single
user. Its essential feature is the origination of attribute concept. This group is related to those
users that belong to specific fusion of attribute values. ABE introduces advantages in cloud
computing. ABE is preferable for architecture of cloud computing. Additionally it also provides
the ability to entirely implements data access control in the platform of cloud. Researches has
shown significant progress like attribute revocation, proxy re-encryption, multi-authority,
hierarchical encryption, policy flexibility etc. Still there are multiple issues that require further
research [10].
Fig. Comparison of several access control model-based encryption
2. A Study and Survey of Security and Privacy Issues in Cloud Computing
Cloud computing is an emerging model which transforms the information technological ways of
individuals as well as the organizations. It involves some significant aspects like broad network,
rapid elasticity, resource pooling board network access and characterizes services that help the
organization in converting to agile. Characteristics of cloud are related to few open issues such
as scalability, availability, interoperability and security. The security and privacy problems
generally come along with cloud deployment, delivery models are main source behind these
issues in current cloud computing world. This paper discusses security and privacy issues
addressed between the development and delivery.
Cloud computing becomes a fragment of business strategies universally now. Cloud adoption is
now become a part of business strategies globally. All sectors of enterprises, research institutes,
financial institutes, government agencies and education sectors are adopting cloud computing.
Latest advance technologies such as social media, big data analysis and mobility are basic reason
behind the enforcement of cloud computing in organizations. Few popular cloud providers are
Salesforce.com, Amazon’s EC2 (Elastic Compute Cloud), Google’s suite of apps (Google Docs,
Google Calendar and Gmail etc), IBM blue cloud, Microsoft’s Azure etc. Along with many
advantages cloud computing involves issues regarding privacy and security of users. Even after
many years of cloud existence it still requires adequate trust level in terms of requirements of
security and privacy (Ahmad, 2017)
5
firmly relatable to privacy protection. Cloud computing system needs trust of user and
reputation concerning to information to be entirely disclosed that will introduce undiscovered
privacy risks of users. Lately different compounds of multiple methods give a nearly optimal
solution for the management of TR in privacy protection of cloud computing services.
ABE OF CLOUD COMPUTING
ABE related to public key mechanism. The object is decryption of a group instead of a single
user. Its essential feature is the origination of attribute concept. This group is related to those
users that belong to specific fusion of attribute values. ABE introduces advantages in cloud
computing. ABE is preferable for architecture of cloud computing. Additionally it also provides
the ability to entirely implements data access control in the platform of cloud. Researches has
shown significant progress like attribute revocation, proxy re-encryption, multi-authority,
hierarchical encryption, policy flexibility etc. Still there are multiple issues that require further
research [10].
Fig. Comparison of several access control model-based encryption
2. A Study and Survey of Security and Privacy Issues in Cloud Computing
Cloud computing is an emerging model which transforms the information technological ways of
individuals as well as the organizations. It involves some significant aspects like broad network,
rapid elasticity, resource pooling board network access and characterizes services that help the
organization in converting to agile. Characteristics of cloud are related to few open issues such
as scalability, availability, interoperability and security. The security and privacy problems
generally come along with cloud deployment, delivery models are main source behind these
issues in current cloud computing world. This paper discusses security and privacy issues
addressed between the development and delivery.
Cloud computing becomes a fragment of business strategies universally now. Cloud adoption is
now become a part of business strategies globally. All sectors of enterprises, research institutes,
financial institutes, government agencies and education sectors are adopting cloud computing.
Latest advance technologies such as social media, big data analysis and mobility are basic reason
behind the enforcement of cloud computing in organizations. Few popular cloud providers are
Salesforce.com, Amazon’s EC2 (Elastic Compute Cloud), Google’s suite of apps (Google Docs,
Google Calendar and Gmail etc), IBM blue cloud, Microsoft’s Azure etc. Along with many
advantages cloud computing involves issues regarding privacy and security of users. Even after
many years of cloud existence it still requires adequate trust level in terms of requirements of
security and privacy (Ahmad, 2017)
5
SaaS: SaaS provides service to multiple consumers by distributing its separate data and
sessions. SaaS provides user the ability the access the application from any location as per
demand and utilize it by web browser on many operating systems.
PaaS: PaaS provides the ability to application developers and design applications based on
cloud by implementing programming languages, class libraries and tools that are used to
support cloud provider. PaaS provides consumers the ability to construct high scalable cloud
applications that are efficient enough to support huge amount of end users. The scalability
and elasticity are transparently provided by cloud infrastructure.
IaaS: IaaS gives the ability to consumers for hiring IT resources like storage capacity,
network bandwidth and computer systems from the provider of cloud service. The provider
is also responsible for managed and deployed the underlying cloud infrastructure. Software
like operating systems, applications and databases are configured and deployed by
consumers over cloud resources.
Hybrid Cloud
Hybrid cloud joins two or more separate clouds. This combination may involves private,
public or community cloud. There are several feasible compositions of hybrid clouds. It has
diverse propertied regarding to parameters like security, cost, performance etc. Component
clouds are joined by using open or exclusive technology In Hybrid cloud environment, like
6
sessions. SaaS provides user the ability the access the application from any location as per
demand and utilize it by web browser on many operating systems.
PaaS: PaaS provides the ability to application developers and design applications based on
cloud by implementing programming languages, class libraries and tools that are used to
support cloud provider. PaaS provides consumers the ability to construct high scalable cloud
applications that are efficient enough to support huge amount of end users. The scalability
and elasticity are transparently provided by cloud infrastructure.
IaaS: IaaS gives the ability to consumers for hiring IT resources like storage capacity,
network bandwidth and computer systems from the provider of cloud service. The provider
is also responsible for managed and deployed the underlying cloud infrastructure. Software
like operating systems, applications and databases are configured and deployed by
consumers over cloud resources.
Hybrid Cloud
Hybrid cloud joins two or more separate clouds. This combination may involves private,
public or community cloud. There are several feasible compositions of hybrid clouds. It has
diverse propertied regarding to parameters like security, cost, performance etc. Component
clouds are joined by using open or exclusive technology In Hybrid cloud environment, like
6
protocols, architectures, application programming interfaces (APIs) and data formats etc.
Portability of data and applications is possible by the combination of diverse technologies.
3. Database Security in Cloud
Database migration towards cloud environment introduces multiple security concerns that are
required to be considered by organization because its an organization’s utmost responsibility
for the security assurance of data instead of the providers. The users should assured about the
implementation of proper security measurements encompasses with data integrity, availability
and confidentiality in the location before migrating their internal database having sensitive
data towards the cloud. Some major factors of database security in cloud are data requires to be
secured enough either its in rest, in use, accessing or transmits should be control [8].
Some main challenges of security that are faced by cloud databases are as follows:
1. Availability: It can be define as the extent to which the resources of system are usable and
accessible by its users and organizations. Its is a serious security factor that organizations
required to take into account while the consideration of cloud database services. The affect
7
Portability of data and applications is possible by the combination of diverse technologies.
3. Database Security in Cloud
Database migration towards cloud environment introduces multiple security concerns that are
required to be considered by organization because its an organization’s utmost responsibility
for the security assurance of data instead of the providers. The users should assured about the
implementation of proper security measurements encompasses with data integrity, availability
and confidentiality in the location before migrating their internal database having sensitive
data towards the cloud. Some major factors of database security in cloud are data requires to be
secured enough either its in rest, in use, accessing or transmits should be control [8].
Some main challenges of security that are faced by cloud databases are as follows:
1. Availability: It can be define as the extent to which the resources of system are usable and
accessible by its users and organizations. Its is a serious security factor that organizations
required to take into account while the consideration of cloud database services. The affect
7
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
of availability failure can be permanent or temporary and the loss can also be fully or
partially. There are multiple threats to availability such equipment failure, Dos attack or
nature disasters etc. Mostly the downtime is not planned which leads to some serious effect
on the daily routine of organization. Databases does not need availability of 100% still
specific applications suffers much incase of unavailability of database for unmeasured time
period. Services of cloud computing are designed to give reliability, high availability and
suffers unplanned outages instead of having infrastructure.
2. Access control issues in public cloud: Access control is considered as one of the major
security threat in cloud environment. The outsourcing of sensitive data of to cloud
providers leads to the lose of logical, physical and personnel control on it and it introduces
inbuilt risk of security. Inspite of the fact that external threats are a huge concern still
from the recent studies it proves that mostly threats related to access control doesn’t only
comes from internal employee of organizations but also from cloud service provider
employees. Hence proper monitoring and access control procedures for administrators of
cloud database are very crucial in terms of ensuring sensitive data security. Background
checks are generally perform by organizations over privilege user prior to recruiting them
and along with that apply continuous physical monitoring through security cameras or
security personnel in order to protect sensitive data of their onsite databases
3. Monitoring and auditing issues: Even though flexibility and elasticity is contemplate
among vital advantages that cloud computing offers but along with that it introduces
some inherent security isses with it. Databases of cloud scale up and down rapidly in
order to meet the needs of customers, it means that those physical servers that host
databases are provisioned and de provisioned frequently without any earlier knowledge
of consumers. Additionally for achieving high availability and redundancy, the data of
consumers is replicated around many data centers in various locations. These factors lead
to non static environment which have almost no accessibility and visibility to physical
infrastructure of consumers.
4. Data Sanitization: It is another kind of risk related to the physical security is the deletion
of data from storage devices is known as data sanitization. Sanitization of data includes
degaussing, removing data from storage media through overwriting or demotion of data
itself in order to prevent it from unauthorized information disclosure. Additionally
complications increases due to the backups that carried out in cloud environment
regularly in order to ensure high redundancy. There are various examples where
researchers brought utilized drive from online auction in order to retrieve huge amount of
sensitive data from it. Incase data doesn’t removed properly this data can be recovered
later from failed drives by using proper equipments. Hence it is crucial that SLA s should
clear that whether clod providers give enough measurements in order to ensure that data
sanitization is appropriately performs in the entire lifecycle of the system (Sakhi,2012).
8
partially. There are multiple threats to availability such equipment failure, Dos attack or
nature disasters etc. Mostly the downtime is not planned which leads to some serious effect
on the daily routine of organization. Databases does not need availability of 100% still
specific applications suffers much incase of unavailability of database for unmeasured time
period. Services of cloud computing are designed to give reliability, high availability and
suffers unplanned outages instead of having infrastructure.
2. Access control issues in public cloud: Access control is considered as one of the major
security threat in cloud environment. The outsourcing of sensitive data of to cloud
providers leads to the lose of logical, physical and personnel control on it and it introduces
inbuilt risk of security. Inspite of the fact that external threats are a huge concern still
from the recent studies it proves that mostly threats related to access control doesn’t only
comes from internal employee of organizations but also from cloud service provider
employees. Hence proper monitoring and access control procedures for administrators of
cloud database are very crucial in terms of ensuring sensitive data security. Background
checks are generally perform by organizations over privilege user prior to recruiting them
and along with that apply continuous physical monitoring through security cameras or
security personnel in order to protect sensitive data of their onsite databases
3. Monitoring and auditing issues: Even though flexibility and elasticity is contemplate
among vital advantages that cloud computing offers but along with that it introduces
some inherent security isses with it. Databases of cloud scale up and down rapidly in
order to meet the needs of customers, it means that those physical servers that host
databases are provisioned and de provisioned frequently without any earlier knowledge
of consumers. Additionally for achieving high availability and redundancy, the data of
consumers is replicated around many data centers in various locations. These factors lead
to non static environment which have almost no accessibility and visibility to physical
infrastructure of consumers.
4. Data Sanitization: It is another kind of risk related to the physical security is the deletion
of data from storage devices is known as data sanitization. Sanitization of data includes
degaussing, removing data from storage media through overwriting or demotion of data
itself in order to prevent it from unauthorized information disclosure. Additionally
complications increases due to the backups that carried out in cloud environment
regularly in order to ensure high redundancy. There are various examples where
researchers brought utilized drive from online auction in order to retrieve huge amount of
sensitive data from it. Incase data doesn’t removed properly this data can be recovered
later from failed drives by using proper equipments. Hence it is crucial that SLA s should
clear that whether clod providers give enough measurements in order to ensure that data
sanitization is appropriately performs in the entire lifecycle of the system (Sakhi,2012).
8
4. Identity and Access Management in Cloud Environment: Mechanisms
and Challenges
One of the best methods to identify security measures is Identity and access management
(IAM).Recently, IAM is providing efficient security for cloud systems. In order to provide security,
many effective security mechanisms have been introduced by IAM. IAM executes many
operations in cloud environment for achieving security, this includes authorization, verification,
provision of storage and authentication. Security of attribute and identities of cloud users is
guaranteed by IAM system in order to make sure that authorize user are allowed in cloud
system. IAM also assist to maintain rights of access by examining if correct person with right
privileges are retrieving data that is kept in the cloud system. Many organizations are using
systems of IAM currently for sensitive information stored in cloud environment (Vidhyacharan,
2018)
Digital security mechanisms:
1. Credentials and secure shell keys: Credentials are the verification of authority, access right,
entitlements and status. It provides the proof that specific user is granted or deserves to use
services and resources. Credentials are similar to one time password and pattern while
captcha is a conventional way for the securing the system from malicious acts and attacks.
Some common used mechanisms for managing access credentials in cloud environment are
Microsoft Active Directory MAD technologies, AD servers, Lightweight Directory Access
Protocol LDAP are either control by vendors of third party or inside the organizational
network in cloud. When various applications are employed on these conventional credential
mechanism then cloud maintenance overhead will be increased.
2. Multifactor authentication: This is another method to secure transactions and digital
resources over the internet. Specifically patterns or Captchas, One Time Password OTP are
utilized as secondary authentication mechanisms with credentials. An additional layer of
security is given by multifactor over the authentication of traditional credentials. Mostly One
9
and Challenges
One of the best methods to identify security measures is Identity and access management
(IAM).Recently, IAM is providing efficient security for cloud systems. In order to provide security,
many effective security mechanisms have been introduced by IAM. IAM executes many
operations in cloud environment for achieving security, this includes authorization, verification,
provision of storage and authentication. Security of attribute and identities of cloud users is
guaranteed by IAM system in order to make sure that authorize user are allowed in cloud
system. IAM also assist to maintain rights of access by examining if correct person with right
privileges are retrieving data that is kept in the cloud system. Many organizations are using
systems of IAM currently for sensitive information stored in cloud environment (Vidhyacharan,
2018)
Digital security mechanisms:
1. Credentials and secure shell keys: Credentials are the verification of authority, access right,
entitlements and status. It provides the proof that specific user is granted or deserves to use
services and resources. Credentials are similar to one time password and pattern while
captcha is a conventional way for the securing the system from malicious acts and attacks.
Some common used mechanisms for managing access credentials in cloud environment are
Microsoft Active Directory MAD technologies, AD servers, Lightweight Directory Access
Protocol LDAP are either control by vendors of third party or inside the organizational
network in cloud. When various applications are employed on these conventional credential
mechanism then cloud maintenance overhead will be increased.
2. Multifactor authentication: This is another method to secure transactions and digital
resources over the internet. Specifically patterns or Captchas, One Time Password OTP are
utilized as secondary authentication mechanisms with credentials. An additional layer of
security is given by multifactor over the authentication of traditional credentials. Mostly One
9
Time Password are authenticated in online transactions. In online financial transactions, one
time password is generated by server by using particular algorithms that are related to its
configuration and produce OTP is sent to the user through email or registered mobile
number.
3. PIN and Chip: Identification Number (PIN) and Chip is a traditional authentication method in
business transactions. This can be utilized for service/machines authentication in an
organization’s network. Asymmetric encryption technology utilizes private and public keys in
order to encrypt and decrypt data that is used in PIN and chip mechanism. For protecting
data from fraud and unethical use, this microprocessor chip save the security keys and data
of user by generating unique data transaction. By using security key that is stored in chip,
communication among terminals with authentication server is signed and encrypted. The
signature is verified and communication is decrypted by using pairing keys that are stored in
server. To authenticate terminal for retrieving keys from chips and data of user, PIN method
is used [13].
5. Service Delivery Models of Cloud Computing: Security Issues and Open
Challenges
Cloud computing appeared as successful technology which is adapted by almost every organization in
recent times for facilitating elasticity in their business in terms of exchange, transform and data storage
that provides them the ability to advance their capabilities, income and interoperability. The network
community enhanced every model of cloud computing that involves public cloud, private cloud, hybrid
cloud and community cloud. Cloud commuting is altering recent IT delivery models for the services. It
advantages IT and business field through facilitating scalability, flexibility, economic, data access on
10
time password is generated by server by using particular algorithms that are related to its
configuration and produce OTP is sent to the user through email or registered mobile
number.
3. PIN and Chip: Identification Number (PIN) and Chip is a traditional authentication method in
business transactions. This can be utilized for service/machines authentication in an
organization’s network. Asymmetric encryption technology utilizes private and public keys in
order to encrypt and decrypt data that is used in PIN and chip mechanism. For protecting
data from fraud and unethical use, this microprocessor chip save the security keys and data
of user by generating unique data transaction. By using security key that is stored in chip,
communication among terminals with authentication server is signed and encrypted. The
signature is verified and communication is decrypted by using pairing keys that are stored in
server. To authenticate terminal for retrieving keys from chips and data of user, PIN method
is used [13].
5. Service Delivery Models of Cloud Computing: Security Issues and Open
Challenges
Cloud computing appeared as successful technology which is adapted by almost every organization in
recent times for facilitating elasticity in their business in terms of exchange, transform and data storage
that provides them the ability to advance their capabilities, income and interoperability. The network
community enhanced every model of cloud computing that involves public cloud, private cloud, hybrid
cloud and community cloud. Cloud commuting is altering recent IT delivery models for the services. It
advantages IT and business field through facilitating scalability, flexibility, economic, data access on
10
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
cloud storage, great efficiency, mobility, performance and utilization of space. Along with these
advantages it also associated with few several issues related to security management such as
organization inertia, lack of trust by users in data privacy and security, undetermined compliance by
provider and governance loss. Issue of security has become exceptionally complicated in cloud models
as the arrival of new scopes has occurred in the problem scope related to data security model,
infrastructure and platform issues, privacy network issues of users. From studies we identified there are
basically five major issues associated with the implementation of cloud computing environment. It
includes Cloud Security data, Cloud Government Application security and mobility issues, cloud security
platform, infrastructure issues and cloud network security issues. There issues generates an open room
for further researches in order to fill this gap of security issues by giving either empirical models or
technical approach for mitigating these issues (Iqbal, 2016).
6. Cloud Computing Security and Privacy: An Empirical Study
This paper presents issues and vulnerabilities that are characterized in cloud models.
Virtualization facilitates scalability, improves performance, efficient resource management and
stores data efficiently. Although vulnerabilities are present in virtual environment leads to
powerful threats to sensitive information. Design concerns and cloud based applications hosting
involves privacy, SLA protection, governance, legal issues and compliance issues. These issues
need to consider in the development of major security majors in order to achieve user data
privacy and continuity of operations related to cloud based services. Providers of third party
11
advantages it also associated with few several issues related to security management such as
organization inertia, lack of trust by users in data privacy and security, undetermined compliance by
provider and governance loss. Issue of security has become exceptionally complicated in cloud models
as the arrival of new scopes has occurred in the problem scope related to data security model,
infrastructure and platform issues, privacy network issues of users. From studies we identified there are
basically five major issues associated with the implementation of cloud computing environment. It
includes Cloud Security data, Cloud Government Application security and mobility issues, cloud security
platform, infrastructure issues and cloud network security issues. There issues generates an open room
for further researches in order to fill this gap of security issues by giving either empirical models or
technical approach for mitigating these issues (Iqbal, 2016).
6. Cloud Computing Security and Privacy: An Empirical Study
This paper presents issues and vulnerabilities that are characterized in cloud models.
Virtualization facilitates scalability, improves performance, efficient resource management and
stores data efficiently. Although vulnerabilities are present in virtual environment leads to
powerful threats to sensitive information. Design concerns and cloud based applications hosting
involves privacy, SLA protection, governance, legal issues and compliance issues. These issues
need to consider in the development of major security majors in order to achieve user data
privacy and continuity of operations related to cloud based services. Providers of third party
11
service also do not prefer to utilized their solutions with non trustable servers. Although already
exist model deteriorate to active coherent security controls [9].
Research shows multiple practical issues that still require attention by CPs. Cloud computing
models still challenged. Although already exist proposals are inconsistent as well as immature.
Advanced protection system is needed to monitor the activities of guest machines in order to
ensure confidentiality, end to end encryption and integrity of client data (Shirazi, 2017)
7. Security and Privacy of Sensitive Data in Cloud Computing: A Survey of
Recent Developments
Since many years organization gathered data about people in our society that involves sensitive data
such as medical data, bank details etc. hence researchers are required to analyze and access these
data by implementing technologies of big data. Organizations are needed to ensure compliances of
data protection. Although successful results has already been achieved for preservation of sensitive
data privacy Example: tools for anonymization, protocols and data encryption fro confidentiality.
Some solutions are discussed below:
Outsourcing privacy: It is an approach where owners of database updates database on
untrusted servers with passing time. This definition defines that untrusted severs cant be
able to grasp contents of database without authorized access. A server side indexing
structure is introduce by authors for generating system that permits owner of single
database to efficiently and privately write data and many clients of database to read that
data privately from an outsourced database.
12
exist model deteriorate to active coherent security controls [9].
Research shows multiple practical issues that still require attention by CPs. Cloud computing
models still challenged. Although already exist proposals are inconsistent as well as immature.
Advanced protection system is needed to monitor the activities of guest machines in order to
ensure confidentiality, end to end encryption and integrity of client data (Shirazi, 2017)
7. Security and Privacy of Sensitive Data in Cloud Computing: A Survey of
Recent Developments
Since many years organization gathered data about people in our society that involves sensitive data
such as medical data, bank details etc. hence researchers are required to analyze and access these
data by implementing technologies of big data. Organizations are needed to ensure compliances of
data protection. Although successful results has already been achieved for preservation of sensitive
data privacy Example: tools for anonymization, protocols and data encryption fro confidentiality.
Some solutions are discussed below:
Outsourcing privacy: It is an approach where owners of database updates database on
untrusted servers with passing time. This definition defines that untrusted severs cant be
able to grasp contents of database without authorized access. A server side indexing
structure is introduce by authors for generating system that permits owner of single
database to efficiently and privately write data and many clients of database to read that
data privately from an outsourced database.
12
Homomorphic encryption: Its is another solution for privacy preservation that depends on
the objective of computing over encrypted data without the knowledge that keys related to
distinct parties. In order to certify confidentiality, the data will be encrypted by data owner
with the help of public key and thus this data is stored in cloud. When this data is read by
process engine, no requirement is needed for private kry of DP to decrypt this data.
Anonymization: Its another approach for ensuring sensitive data privacy. SAIL gives
independent level information over data types availability inside a collection. Reasearchers
are unable to cross link data from distinct studies externally due to the issues that identities
of samples are anonymized.
ScaBIA is another solution for saving anonymized images of brain in cloud. This method
gives PKI authentication for roles of administrators in order to deploy PaaS middleware and
shows researchers as users in Microsoft Azure cloud. Login through user or password facility
is not provided to users for running statistical parametric mapping overflows inside the
containers of generic workers [3].
These solutions are not widely adopted yet by cloud service providers. Still researches are required
to put issues of data sensitivity into consideration for solving security concern lifetime (Gholami,
2015)
8. SEPRICC: Security and Privacy in Cloud Computing
Recent financial issues and increased requirements of storage and computation have applied
some serious modifications in modern IT structure. The cost reduction is attained by
computations and offloading data in cloud computing. Services of cloud ranges from data
storage, requirements implementation for high availability, processing to software provision and
on demand commitment. Cloud computing is generally considered as a secure environment
which provides services, on demand processing power and services (Sokratis, 2015). It consists
of two important features.
Scale: For achieving efficient savings, cloud model provides the ability to support diverse range
of hardware resources for the assistance of supporting services.
Architecture: Customers who shares software and hardware resources are specifically
independent they only depend upon intellectual isolation mechanism for securing their data.
While computing storage, processing and contents are widely distributed. The ability of
universally distributed and redundancy means related resources are in vast amount and
managed in bulk logically as well as physically. Although this economic model provides diverse
grounds for attracting investments, companies and individuals are resistant to utilize services of
cloud due to the issues related to privacy, security and trust. The two features mentioned
above are at the heart of privacy, security and trust of cloud. As far as the scale is concerned,
cloud computing includes huge attention of computational resources. Concurrently if security
incident occur it will be more powerful than on ordinary IT and distributed systems. Cloud
providers give assurance about logical and physical isolation but still its hard to accomplish due
to the fact of sharing computational resources on same physical machine by virtual machines or
cloud services hence it leads to new privacy and security issues [5].
13
the objective of computing over encrypted data without the knowledge that keys related to
distinct parties. In order to certify confidentiality, the data will be encrypted by data owner
with the help of public key and thus this data is stored in cloud. When this data is read by
process engine, no requirement is needed for private kry of DP to decrypt this data.
Anonymization: Its another approach for ensuring sensitive data privacy. SAIL gives
independent level information over data types availability inside a collection. Reasearchers
are unable to cross link data from distinct studies externally due to the issues that identities
of samples are anonymized.
ScaBIA is another solution for saving anonymized images of brain in cloud. This method
gives PKI authentication for roles of administrators in order to deploy PaaS middleware and
shows researchers as users in Microsoft Azure cloud. Login through user or password facility
is not provided to users for running statistical parametric mapping overflows inside the
containers of generic workers [3].
These solutions are not widely adopted yet by cloud service providers. Still researches are required
to put issues of data sensitivity into consideration for solving security concern lifetime (Gholami,
2015)
8. SEPRICC: Security and Privacy in Cloud Computing
Recent financial issues and increased requirements of storage and computation have applied
some serious modifications in modern IT structure. The cost reduction is attained by
computations and offloading data in cloud computing. Services of cloud ranges from data
storage, requirements implementation for high availability, processing to software provision and
on demand commitment. Cloud computing is generally considered as a secure environment
which provides services, on demand processing power and services (Sokratis, 2015). It consists
of two important features.
Scale: For achieving efficient savings, cloud model provides the ability to support diverse range
of hardware resources for the assistance of supporting services.
Architecture: Customers who shares software and hardware resources are specifically
independent they only depend upon intellectual isolation mechanism for securing their data.
While computing storage, processing and contents are widely distributed. The ability of
universally distributed and redundancy means related resources are in vast amount and
managed in bulk logically as well as physically. Although this economic model provides diverse
grounds for attracting investments, companies and individuals are resistant to utilize services of
cloud due to the issues related to privacy, security and trust. The two features mentioned
above are at the heart of privacy, security and trust of cloud. As far as the scale is concerned,
cloud computing includes huge attention of computational resources. Concurrently if security
incident occur it will be more powerful than on ordinary IT and distributed systems. Cloud
providers give assurance about logical and physical isolation but still its hard to accomplish due
to the fact of sharing computational resources on same physical machine by virtual machines or
cloud services hence it leads to new privacy and security issues [5].
13
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
9. Layers of Cloud – IaaS, PaaS and SaaS: A Survey
Cloud Service Models: NIST categorized three models of cloud computing and these models are
typically known as SPI model. Selection of service models depends upon the requirements of
consumers according to their business objectives and capabilities.
Software as a Service(SaaS): This model provides the ability to cloud provider for hosting the
application central in cloud and gives it to many other cloud consumers for using it as service.
Consumer doesn’t control any component in cloud infrastructure. SaaS provides application’s
version along with typical configuration and specifically gives service to multiple consumers by
distributing its separate data and sessions. SaaS provides user the ability the access the
application from any location as per demand and utilize it by web browser on many operating
systems. Additionally consumers don’t require to controls the network resources, operating
systems, storage, servers and cloud infrastructure. Few popular SaaS providers are Google,
Microsoft etc [Sokratis, 2017).
Platform as a Service(PaaS): In PaaS, cloud services includes storage, compute, network
resources and platform software: database, OS, middleware, programming framework along
with tools for the purpose of developing, texting, deploying and managing applications. PaaS
provides the ability to application developers and design applications based on cloud by
implementing programming languages, class libraries and tools that are used to support cloud
provider. PaaS provides consumers the ability to construct high scalable cloud applications that
are efficient enough to support huge amount of end users. The scalability and elasticity are
transparently provided by cloud infrastructure. PaaS also helps testers to the the applications in
diverse cloudbased environments along with that it also let application developers to update
and public applications over central cloud infrastructure. Additionally PaaS gives access to
administrators for monitor, configure and regulate cloud applications. Several PaaS providers
are Force.com and Google’s App Engine.
Infrastructure as a Service (IaaS): This model gives the ability to consumers for hiring IT
resources like storage capacity, network bandwidth and computer systems from the provider of
cloud service. The provider is also responsible for managed and deployed the underlying cloud
infrastructure. Software like operating systems, applications and databases are configured and
deployed by consumers over cloud resources. Specifically IaaS users are administrators of IT
systems. Organizations can implements the IT systems internally along with managing of its
services and resources. The pricing of IaaS is based on either subscription or utilization of
resources. Example of IaaS providers are GoGrid and Amazon [5].
10. Challenges and Prosperity Research in Cloud Computing
Cloud computing used to enhance work of diverse range of fields which ranges from green cloud
computing system to attain efficiencies of energy consumption in data centers in order to search
for expert educational system. There are diverse range of systems that are using implementing
cloud computing technology such as data servers, WebSphere, cloud Middleware like WSO2,
Carbon 3.0, SaaSGrid and skycomputing etc (Singh, 2017). These are advanced systems but
somehow still need amendments in their applications, supporting services and developing new
features.
14
Cloud Service Models: NIST categorized three models of cloud computing and these models are
typically known as SPI model. Selection of service models depends upon the requirements of
consumers according to their business objectives and capabilities.
Software as a Service(SaaS): This model provides the ability to cloud provider for hosting the
application central in cloud and gives it to many other cloud consumers for using it as service.
Consumer doesn’t control any component in cloud infrastructure. SaaS provides application’s
version along with typical configuration and specifically gives service to multiple consumers by
distributing its separate data and sessions. SaaS provides user the ability the access the
application from any location as per demand and utilize it by web browser on many operating
systems. Additionally consumers don’t require to controls the network resources, operating
systems, storage, servers and cloud infrastructure. Few popular SaaS providers are Google,
Microsoft etc [Sokratis, 2017).
Platform as a Service(PaaS): In PaaS, cloud services includes storage, compute, network
resources and platform software: database, OS, middleware, programming framework along
with tools for the purpose of developing, texting, deploying and managing applications. PaaS
provides the ability to application developers and design applications based on cloud by
implementing programming languages, class libraries and tools that are used to support cloud
provider. PaaS provides consumers the ability to construct high scalable cloud applications that
are efficient enough to support huge amount of end users. The scalability and elasticity are
transparently provided by cloud infrastructure. PaaS also helps testers to the the applications in
diverse cloudbased environments along with that it also let application developers to update
and public applications over central cloud infrastructure. Additionally PaaS gives access to
administrators for monitor, configure and regulate cloud applications. Several PaaS providers
are Force.com and Google’s App Engine.
Infrastructure as a Service (IaaS): This model gives the ability to consumers for hiring IT
resources like storage capacity, network bandwidth and computer systems from the provider of
cloud service. The provider is also responsible for managed and deployed the underlying cloud
infrastructure. Software like operating systems, applications and databases are configured and
deployed by consumers over cloud resources. Specifically IaaS users are administrators of IT
systems. Organizations can implements the IT systems internally along with managing of its
services and resources. The pricing of IaaS is based on either subscription or utilization of
resources. Example of IaaS providers are GoGrid and Amazon [5].
10. Challenges and Prosperity Research in Cloud Computing
Cloud computing used to enhance work of diverse range of fields which ranges from green cloud
computing system to attain efficiencies of energy consumption in data centers in order to search
for expert educational system. There are diverse range of systems that are using implementing
cloud computing technology such as data servers, WebSphere, cloud Middleware like WSO2,
Carbon 3.0, SaaSGrid and skycomputing etc (Singh, 2017). These are advanced systems but
somehow still need amendments in their applications, supporting services and developing new
features.
14
Issues over cloud computing models
Cloud computing has vast area of deployment and upgrading fields but it carries few important
issues that need to be highlighted.
Reliability
Open Standard
Data Integrity
Long Term Viability
Trust
Compliance
Data Portability
Freedom
Privacy
Security
Legal Issues
Challenges
1. Data location restrictions: every distinct user access distinct location for working in
cloud either its related to access infrastructure or data storing, it need the
adaptation of different locations and its use with regards to the defined regulations
and restrictions.
2. Data recovery: data is stored in distributed manner in cloud hence segmentation
confused backup management on multiple platforms.
3. Service interoperability: The insufficiency of communication among the services of
different platforms is a huge challenge in emerging technology.
4. Storage model and data access: The adaptation of usage scenarios by big vendors
for data storage models due to multiplicity in needs of user. Hence this flexibility
given by vendors generates DLP and encryption capabilities which are hard to
accomplish.
5. Protection of data privacy and security: Data protection in cloud is foremost
concern where no space should be left for loopholes due to the presence of vast
range of confidential and private data in cloud. More powerful mechanisms, security
measures and tools are thus required to authorize the access to users.
6. Lack of vendor and standards: many vendors defined their specific standards for
cloud architecture still complexity is increasing on daily basis and new service
providers are not efficient enough to provide quality of work and potential
deficiency [10].
11. Cloud Computing Service Models: A Comparative Study
SaaS Benefits:
Reduce the cost of licensing application
Application are handled by one to many criteria which means one application is utilized
by many users in same time.
15
Cloud computing has vast area of deployment and upgrading fields but it carries few important
issues that need to be highlighted.
Reliability
Open Standard
Data Integrity
Long Term Viability
Trust
Compliance
Data Portability
Freedom
Privacy
Security
Legal Issues
Challenges
1. Data location restrictions: every distinct user access distinct location for working in
cloud either its related to access infrastructure or data storing, it need the
adaptation of different locations and its use with regards to the defined regulations
and restrictions.
2. Data recovery: data is stored in distributed manner in cloud hence segmentation
confused backup management on multiple platforms.
3. Service interoperability: The insufficiency of communication among the services of
different platforms is a huge challenge in emerging technology.
4. Storage model and data access: The adaptation of usage scenarios by big vendors
for data storage models due to multiplicity in needs of user. Hence this flexibility
given by vendors generates DLP and encryption capabilities which are hard to
accomplish.
5. Protection of data privacy and security: Data protection in cloud is foremost
concern where no space should be left for loopholes due to the presence of vast
range of confidential and private data in cloud. More powerful mechanisms, security
measures and tools are thus required to authorize the access to users.
6. Lack of vendor and standards: many vendors defined their specific standards for
cloud architecture still complexity is increasing on daily basis and new service
providers are not efficient enough to provide quality of work and potential
deficiency [10].
11. Cloud Computing Service Models: A Comparative Study
SaaS Benefits:
Reduce the cost of licensing application
Application are handled by one to many criteria which means one application is utilized
by many users in same time.
15
Application provider is responsible for managing and restricting applications usage.
Requirement of separate infrastructure is not needed due to the use of cloud
infrastructure.
API configures SaaS model application but they are not entirely customized.
SSL Secure Socket Layer is used in SaaS model
PaaS Benefits:
Maximizes development process flexibility and minimizes over of server storage.
Securing includes data security backup and recovery.
Efficient version deployment.
Minimizes cost by rent physical and removing requirement of expert people for
infrastructure management.
Adaptability feature, means it has the ability to alter the situations if required.
PaaS use one to many scenario means multiple developers can utilizes same application.
Flexibility: Provides the ability to customers to manage the installed tools and platforms
along with that they can also generate new platform to fix on their specific needs.
IaaS Benefits:
Provides the ability to minimize or maximize the infrastructure on requirement.
Client can perform over virtual machine because of its virtualization as a service feature.
Reduce cost of hardware and human resources
Provide network as a service which involves hardware, firewalls, routers and load
balancing.
Automated streamlined and scaling.
Low level hurdles and ROI risks [12].
12. A Review Paper on Cloud Computing
Similar to the actual clouds, term cloud computing is the group of networks. User can get the
ability to use diverse methods of cloud computing unlimited when needed. Inspite of structuring
their personal physical infrastructure, user generally offers a moderator service provider of
internet in cloud computing. Users are required to pay only for their utilized services. The load
of work can be transferred in order to decrease workload in cloud computing. Service load is
managed by networks that generates the cloud due to which local computers load is not heavy
during the process of running an application. Thus the hardware and software prerequisite at
the user side is reduced. We only require a web browser such as chrome, opera etc in order to
use cloud computing services. There are some key features of cloud computing: (1) Resource
Pooling and Flexibility, (2) Quality of Service, (3) Pricing, (4) On demand and Self Services. Cloud
computing provides three distinctive service models SaaS (Software as a Service), PaaS (Platform
as a Service) and IaaS (Infrastructure as a Service). Some general examples of cloud computing
are YouTube, Dropbox and Facebook. Cloud computing provides flexibility, simplicity, scalability
and agile due to which it is spreading enormously (Khan, 2018)
Benefits of Cloud Computing:
16
Requirement of separate infrastructure is not needed due to the use of cloud
infrastructure.
API configures SaaS model application but they are not entirely customized.
SSL Secure Socket Layer is used in SaaS model
PaaS Benefits:
Maximizes development process flexibility and minimizes over of server storage.
Securing includes data security backup and recovery.
Efficient version deployment.
Minimizes cost by rent physical and removing requirement of expert people for
infrastructure management.
Adaptability feature, means it has the ability to alter the situations if required.
PaaS use one to many scenario means multiple developers can utilizes same application.
Flexibility: Provides the ability to customers to manage the installed tools and platforms
along with that they can also generate new platform to fix on their specific needs.
IaaS Benefits:
Provides the ability to minimize or maximize the infrastructure on requirement.
Client can perform over virtual machine because of its virtualization as a service feature.
Reduce cost of hardware and human resources
Provide network as a service which involves hardware, firewalls, routers and load
balancing.
Automated streamlined and scaling.
Low level hurdles and ROI risks [12].
12. A Review Paper on Cloud Computing
Similar to the actual clouds, term cloud computing is the group of networks. User can get the
ability to use diverse methods of cloud computing unlimited when needed. Inspite of structuring
their personal physical infrastructure, user generally offers a moderator service provider of
internet in cloud computing. Users are required to pay only for their utilized services. The load
of work can be transferred in order to decrease workload in cloud computing. Service load is
managed by networks that generates the cloud due to which local computers load is not heavy
during the process of running an application. Thus the hardware and software prerequisite at
the user side is reduced. We only require a web browser such as chrome, opera etc in order to
use cloud computing services. There are some key features of cloud computing: (1) Resource
Pooling and Flexibility, (2) Quality of Service, (3) Pricing, (4) On demand and Self Services. Cloud
computing provides three distinctive service models SaaS (Software as a Service), PaaS (Platform
as a Service) and IaaS (Infrastructure as a Service). Some general examples of cloud computing
are YouTube, Dropbox and Facebook. Cloud computing provides flexibility, simplicity, scalability
and agile due to which it is spreading enormously (Khan, 2018)
Benefits of Cloud Computing:
16
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
1. Flexibility: The requirement of fast scale ups and downs of operations in business needs an
efficient management of hardware and resources for the purpose of maintaining variations,
cloud computing is providing flexibility and scalability.
2. Economical: In the cloud computing environment user only have to pay for their personal
consumed services. Along with that maintenance cost is also cheap as user are not required
to buy the infrastructure.
3. Enhanced Security mechanisms: High security is offered by cloud computing through key
management, strong access control, security intelligence and data encryption [6].
EXPERIMENTAL ANALYSIS:
Method of Light weight for big data processing: For protecting security of vast amount of data, a
light weight and efficient algorithm will highly decreases the cost of computing related to
devices of resource-constrained
Access and Privacy control by Encryption: It is an efficient solution for protecting the privacy by
the combination of authentication, key management, encryption, access control and other ways
for ensuring privacy and security needed by cloud regulation.
Finer grained access and privacy control: Different sensitivity of diverse domains of cloud is very
crucial for privacy control. An appropriate technique is to distribute a record into multiple
fragments with regards to its sensitivity and encrypt every fragment with distinct keys.
Mitigation and security risk management: Its vital to develop a method that is secure enough for
intelligent clouds. Multiple applications required migration of applications from information
towards virtual servers disregarding the security level of data.
Acquisition with laws of privacy: Clouds required gathering data and transferring it towards local
data centers for online data analysis. Although the entire process of information gathering leads
to the issues regarding management, privacy protections along with legal issues. Hence the
related laws also required upgradation.
Cloud mechanisms compatibility: Multiple popular companies have introduced their personal
cloud computing products. In future, to be compatible enough with its related cloud product is
foremost direction regarding to minimizing waste, energy saving and improving computing
efficiency.
Securing cloud privacy by heterogeneous network architecture: Its important to design a
rational topology in order to provides the ability of coordination to every heterogeneous
element to coordinate communication which leads to the increasing efficiency of every
participant.
New concepts with Integration of cloud computing: There is an endless emergence of new
concepts over the internet. Hence to maintain competitiveness and vitality, it important to
integrate concepts such as internet of things, cloud computing, edge computing, fog computing,
block chains etc. Design secured, intelligent, fast, personalized and efficient internet products
are upcoming future trends.
17
efficient management of hardware and resources for the purpose of maintaining variations,
cloud computing is providing flexibility and scalability.
2. Economical: In the cloud computing environment user only have to pay for their personal
consumed services. Along with that maintenance cost is also cheap as user are not required
to buy the infrastructure.
3. Enhanced Security mechanisms: High security is offered by cloud computing through key
management, strong access control, security intelligence and data encryption [6].
EXPERIMENTAL ANALYSIS:
Method of Light weight for big data processing: For protecting security of vast amount of data, a
light weight and efficient algorithm will highly decreases the cost of computing related to
devices of resource-constrained
Access and Privacy control by Encryption: It is an efficient solution for protecting the privacy by
the combination of authentication, key management, encryption, access control and other ways
for ensuring privacy and security needed by cloud regulation.
Finer grained access and privacy control: Different sensitivity of diverse domains of cloud is very
crucial for privacy control. An appropriate technique is to distribute a record into multiple
fragments with regards to its sensitivity and encrypt every fragment with distinct keys.
Mitigation and security risk management: Its vital to develop a method that is secure enough for
intelligent clouds. Multiple applications required migration of applications from information
towards virtual servers disregarding the security level of data.
Acquisition with laws of privacy: Clouds required gathering data and transferring it towards local
data centers for online data analysis. Although the entire process of information gathering leads
to the issues regarding management, privacy protections along with legal issues. Hence the
related laws also required upgradation.
Cloud mechanisms compatibility: Multiple popular companies have introduced their personal
cloud computing products. In future, to be compatible enough with its related cloud product is
foremost direction regarding to minimizing waste, energy saving and improving computing
efficiency.
Securing cloud privacy by heterogeneous network architecture: Its important to design a
rational topology in order to provides the ability of coordination to every heterogeneous
element to coordinate communication which leads to the increasing efficiency of every
participant.
New concepts with Integration of cloud computing: There is an endless emergence of new
concepts over the internet. Hence to maintain competitiveness and vitality, it important to
integrate concepts such as internet of things, cloud computing, edge computing, fog computing,
block chains etc. Design secured, intelligent, fast, personalized and efficient internet products
are upcoming future trends.
17
18
19
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
CONCLUSION
The proposed solutions of every article are quite familiar and somehow interlinked with regards to their
characterization and required to be applied in integrated way. Although due to the absence of solutions
on advance level in order to manages privacy and security issues from management perspective. The
deficiencies of management and transparency issues are needs to be solved through further research
investigations. The training of customer is extremely recommended along with complete understanding
regarding when cloud services required becoming a part of training of basic employee in multiple jobs
which includes managing data.
In recent world, there are many relatable legal professions present in foreign countries e.g. Financial
Agency Privacy Act (FAPA) and Insurance Portability and Accountability Act (HIPP) that needs
appropriate components in order to secure client’s privacy. The enterprise exist are required to take
step with regards to the protection of customer privacy and forwards their privacy policies like P3P
privacy systems or privacy seal program for effectively ensuring an everlasting advancement of privacy
protection and data security in cloud computing and accomplished controlled and well managed
development of cloud services.
SYNOPSIS:
Aim of the Project
This projects aims at characterizing the underlying loopholes related to privacy and security concerns
present in cloud computing environment.
Method
After analyzing various research papers and discussion about privacy and security related issues, its
challenges and characterizing mechanisms such as cloud computing service models (IaaS, PaaS, IaaS),
encryption, research results of multiple ABE models, integration trend of access control and many other
technologies to identify and achieve best privacy protection. We conclude that we required more
comprehensive considerations in order to generate an absolute security protection system like legal
regulations, standardization etc.
Results
The security challenges of cloud models SaaS, PaaS, and IaaS can be achieve through the gradation of
security. Greatest security model i.e. SaaS grants highest level of security due to the fact that cloud
service provider manages security measures. PaaS, and IaaS provides great degree of flexibility to the
clients for developing their personal software and left more security gaps until the user handles security
measures by his own. As the flexibility increase, more security requirements are needed for the cloud
customers.
20
The proposed solutions of every article are quite familiar and somehow interlinked with regards to their
characterization and required to be applied in integrated way. Although due to the absence of solutions
on advance level in order to manages privacy and security issues from management perspective. The
deficiencies of management and transparency issues are needs to be solved through further research
investigations. The training of customer is extremely recommended along with complete understanding
regarding when cloud services required becoming a part of training of basic employee in multiple jobs
which includes managing data.
In recent world, there are many relatable legal professions present in foreign countries e.g. Financial
Agency Privacy Act (FAPA) and Insurance Portability and Accountability Act (HIPP) that needs
appropriate components in order to secure client’s privacy. The enterprise exist are required to take
step with regards to the protection of customer privacy and forwards their privacy policies like P3P
privacy systems or privacy seal program for effectively ensuring an everlasting advancement of privacy
protection and data security in cloud computing and accomplished controlled and well managed
development of cloud services.
SYNOPSIS:
Aim of the Project
This projects aims at characterizing the underlying loopholes related to privacy and security concerns
present in cloud computing environment.
Method
After analyzing various research papers and discussion about privacy and security related issues, its
challenges and characterizing mechanisms such as cloud computing service models (IaaS, PaaS, IaaS),
encryption, research results of multiple ABE models, integration trend of access control and many other
technologies to identify and achieve best privacy protection. We conclude that we required more
comprehensive considerations in order to generate an absolute security protection system like legal
regulations, standardization etc.
Results
The security challenges of cloud models SaaS, PaaS, and IaaS can be achieve through the gradation of
security. Greatest security model i.e. SaaS grants highest level of security due to the fact that cloud
service provider manages security measures. PaaS, and IaaS provides great degree of flexibility to the
clients for developing their personal software and left more security gaps until the user handles security
measures by his own. As the flexibility increase, more security requirements are needed for the cloud
customers.
20
Discussion
The issues identified are basically categorized into two types. Technically orientated issues are loss of
control, multi tenancy and virtualization concerning issues, while management related issues involves
transparency and management related problems. After analyzing multiple research literatures, I
observed that numerous solutions has been proposed with regards to the issues concerning to multi
tenancy, virtualization and loss of control.
Conclusion
The challenges and problems innate in cloud prove the requirement of more advancement particularly
in the provider side of cloud. It needs more enhancements. If we see over more complex and diverse
networks of recent era, there is a continuous need of addressing security and privacy issues. This helps
the organizations to attain much more effect implementation of ICT and stimulates the adoption of
cloud computing and its innovations. The existence of specific related and privacy and security in cloud
computing strategies acquire the development of more advanced level security technologies in order to
manage these issues.
REFERENCES
1. Ahmad, S. (2017). A Study and Survey of Security and Privacy. International Journal of
Engineering Research & Technology (IJERT) .
2. Che, J. (2011). Study on the security models and strategies of cloud computing. International
Conference on Power Electronics and Engineering Application .
3. Gholami, A. (2015). Seurity and Privacy of Sensitive Data in Cloud Computing:A Survey of Recent
Developements.
4. Iqbal, S. (2016). Service delivery models of cloud computing: security issues and open
challenges. SECURITY AND COMMUNICATION NETWORKS .
5. K, S. (2017). SEPRICC: Security and Privacy in Cloud Computing.
6. Khan, R. (2018). A Review Paper on Cloud Computing.
7. Layers of Cloud – IaaS, PaaS and SaaS: A Survey. (2014). J Nareen .
8. Sakhi, I. (2012). Database security in the cloud.
9. Shirazi, F. (2017). Cloud Computing Security and Privacy: An Empirical Study. International
Conference on Human-Computer Interaction .
10. Singh, N. (2017). Challenges and Prosperity Research in Cloud Computing.
11. Sun, P. J. (2019). Privacy Protection and Data Security in Cloud. National Development and
Reform Commission .
21
The issues identified are basically categorized into two types. Technically orientated issues are loss of
control, multi tenancy and virtualization concerning issues, while management related issues involves
transparency and management related problems. After analyzing multiple research literatures, I
observed that numerous solutions has been proposed with regards to the issues concerning to multi
tenancy, virtualization and loss of control.
Conclusion
The challenges and problems innate in cloud prove the requirement of more advancement particularly
in the provider side of cloud. It needs more enhancements. If we see over more complex and diverse
networks of recent era, there is a continuous need of addressing security and privacy issues. This helps
the organizations to attain much more effect implementation of ICT and stimulates the adoption of
cloud computing and its innovations. The existence of specific related and privacy and security in cloud
computing strategies acquire the development of more advanced level security technologies in order to
manage these issues.
REFERENCES
1. Ahmad, S. (2017). A Study and Survey of Security and Privacy. International Journal of
Engineering Research & Technology (IJERT) .
2. Che, J. (2011). Study on the security models and strategies of cloud computing. International
Conference on Power Electronics and Engineering Application .
3. Gholami, A. (2015). Seurity and Privacy of Sensitive Data in Cloud Computing:A Survey of Recent
Developements.
4. Iqbal, S. (2016). Service delivery models of cloud computing: security issues and open
challenges. SECURITY AND COMMUNICATION NETWORKS .
5. K, S. (2017). SEPRICC: Security and Privacy in Cloud Computing.
6. Khan, R. (2018). A Review Paper on Cloud Computing.
7. Layers of Cloud – IaaS, PaaS and SaaS: A Survey. (2014). J Nareen .
8. Sakhi, I. (2012). Database security in the cloud.
9. Shirazi, F. (2017). Cloud Computing Security and Privacy: An Empirical Study. International
Conference on Human-Computer Interaction .
10. Singh, N. (2017). Challenges and Prosperity Research in Cloud Computing.
11. Sun, P. J. (2019). Privacy Protection and Data Security in Cloud. National Development and
Reform Commission .
21
12. Ubaidullah, M. (2016). Cloud Computing Service Models: A Comparative Study.
13. Vidhyacharan, B. (2018). Identity and access management in cloud environment: Mechanisms.
Engineering Science and Technology,an International Journal .
22
13. Vidhyacharan, B. (2018). Identity and access management in cloud environment: Mechanisms.
Engineering Science and Technology,an International Journal .
22
1 out of 22
Related Documents
![[object Object]](/_next/image/?url=%2F_next%2Fstatic%2Fmedia%2Flogo.6d15ce61.png&w=640&q=75){kind=small}
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
© 2024 | Zucol Services PVT LTD | All rights reserved.