Cloud Computing Security Challenges

Verified

Added on  2020/04/07

|9
|1877
|298
AI Summary
This assignment delves into the multifaceted security challenges posed by cloud computing. It analyzes various threats, including data breaches, denial-of-service attacks, and unauthorized access. The assignment explores security models, architectures, and best practices employed to mitigate these risks. Additionally, it discusses the importance of regulatory compliance, such as GDPR, in ensuring secure cloud environments.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.
Document Page
Webb’s Stores
Cloud Security
9/20/2017

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
Webb’s Stores
Table of Contents
Introduction.................................................................................................................................................4
Cloud IaaS Security.....................................................................................................................................4
Benefits offered by IaaS Security............................................................................................................4
Challenges & Difficulties........................................................................................................................5
Database Risks............................................................................................................................................5
IaaS Infrastructure Risks.............................................................................................................................5
Communication Risks.................................................................................................................................5
Risks & Issues related to the Backup, Storage and Retrieval.......................................................................6
Strategy for Disaster Recovery....................................................................................................................6
Access Control............................................................................................................................................7
Conclusion...................................................................................................................................................7
References...................................................................................................................................................9
2
Document Page
Webb’s Stores
Executive Summary
Cloud databases are being extensively used by the business organizations for the storage and
management of their data sets. The report analyses the use and application of the same for
Webb’s Stores that is retail chain of Australia. There are many security considerations that will
be necessary to be analyzed in order to make sure that the decision yields positive results for the
store. The cloud model that has been selected for migration of the database to the cloud is
Infrastructure as a Service (IaaS) cloud model.
3
Document Page
Webb’s Stores
Introduction
Webb’s Stores is an Australian firm that sells food stuff and specialty items. The retailer has its
data centres in many locations as Sydney and Melbourne along with Wagga, Brisbane etc. There
are a lot many members of staff that work in the store and it is being expanding at a rapid rate.
There are many problems that have been recently observed in the business operations and data
management tasks. To overcome these problems, the use and involvement of cloud in terms of
data storage and management has been proposed. The report analyzes the cloud database
security.
Cloud IaaS Security
There are huge clusters of information that the store manages and processes using MS SQL
Server 2012 R2 database. Due to the set of problems that have started showing up with the use of
current database, it has been agreed to move to Infrastructure as a Cloud (IaaS) model based
database. The following security considerations would be necessary with this model.
Network based intrusion detection amalgamated with the behavior analysis tools to
understand the patterns being followed by the intruders.
Advanced access control processes combining of methods such as role and attribute
based access control.
Multi-fold authentication of the users by implementing login id, one time passwords and
iris recognition systems.
Use of anti-virus, anti-denial and internet security tools (Ismail, 2017)
Conversion of the information to its cipher form by making use of encryption algorithms
and protocols.
Automated backup of the data sets and information.
Benefits offered by IaaS Security
Security of the cloud is one of the prime concerns that have been witnessed with the business
organizations. This is because cloud data and information is exposed to increased number of
security risks and attacks. Due to a higher threat probability, the frequency of the attacks is also
considerably high that may have a negative implication on the customer engagement. The
4

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
Webb’s Stores
security measures in associated with IaaS security discussed above may get rid of such
occurrences and may lead to benefits, such as, increased customer trust and higher market rates
(Simou, 2016).
Challenges & Difficulties
IaaS cloud database may face many technical challenges in terms of its integration with the rest
of the tools implemented in the store. There may also be technical errors, faults along with the
issues around compatibility with the software and hardware equipment (Shahid, 2015).
There will also be many costs in terms of deployment, maintenance and training that will be
associated with this cloud model.
Database Risks
There are many of the database related risks that may come up with the deployment of a cloud
database in the organization. The number of access points and threat agents will increase which
may increase the probability of the attacker to breach the information by making use of
unauthorized access. There may also be availability attacks on the database which may make it
unavailable for usage (Alashoor, 2014).
IaaS Infrastructure Risks
Many of the cloud services and operations that will take place may not be possible to be
controlled by the technical staff members at the store. There may be network based security
attacks on the IaaS cloud model, such as, eavesdropping attacks, man in the middle and phishing
attacks (Singh, 2001).
Communication Risks
The information on the cloud will be shared and transmitted on the internal and the external
networks. There may be integrity and confidentiality attacks that may be given shape by the
attackers during the communication process. Alteration of the attributes or contents of the
information sets or the leakage/loss of the information may also be observed.
5
Document Page
Webb’s Stores
Risks & Issues related to the Backup, Storage and Retrieval
There are several security risks that are associated with the use and implementation of cloud
database in the store.
These risks will be associated with various data relates operations as well. Backing up of the data
is an essential activity that is carried out in the cloud based database systems so that disaster
recovery can be ensured. There are codes that are implemented for automatic capturing of the
backups. However, the attackers may modify the code to malicious code which may damage the
contents of the information sets.
The stored data will have the likelihood to be impacted by a lot many database security risks and
attacks. The properties of stored information viz. availability, confidentiality and integrity of the
information may be negatively affected as a result. The attacks may execute denial of service,
message alteration, media alteration, distributed denial of services and information breaches as
some forms of the security attacks (Fowler, 2010).
Access control, identity management and authentication are the three elements that play a critical
role in information retrieval. There may be security risks and attacks associated with these three
elements as the attackers may gain unauthorized access by violating all of the security norms and
controls.
Strategy for Disaster Recovery
With the modifications in the database of the store, it would be necessary to modify the disaster
recovery strategy that is followed in the store.
Risk identification and assessment would be the first step that would be necessary to perform to
understand all the new forms of cloud related security risks and attacks. A response and recovery
strategy mapped with all the listed risks will then be necessary to be prepared (Tari, Yi,
Premarathne, Bertok & Khalil, 2015).
The identified response and recovery strategy would be required to be implemented and the
backing up of the information sets will also be made automated in nature.
6
Document Page
Webb’s Stores
Access Control
Access control is a protection mechanism which is used to prevent the security risks and attacks.
There are various physical and virtual access points that will be associated with the store and it
would be necessary to implement the access control mechanism on the basis of the possible
security risks for each component.
IaaS infrastructure: Access control method that shall be applied shall be role-based in
nature.
Ms SQL Server 2012 R2 cloud instance: Access control method that shall be applied
shall be role-based in nature.
Cloud network infrastructure: Access control method that shall be applied shall be
attribute-based in nature.
Backup and data restore: Access control method that shall be applied shall be attribute-
based in nature.
In the role base access control process, the users are provided the access to the system and its
components on the basis of their roles and privileges. However, the attributes of the users are
considered in case of attribute based access control (Khan, 2012).
Conclusion
Technological changes are taking place at a fast speed in the present times and the business units
are required to maintain pace with this changing face of technology. Cloud databases provide the
business units to perform the data related operations like storage, management and retrieval with
ease and the decision of the Webb’s Stores to migrate its current database to cloud is as per the
technological norms (Nadeem, 2016). There are certain issues in terms of security that are
observed in the cloud environment that would be required to be identified, assessed and treated.
The security risks will revolve around the database related, network related and operational risks
and attacks. There are technical controls along with administrative checks that must be done so
that the occurrence of such events is prohibited and the information of the store is safe and
protected (Hashemi & Hesarlo, 2014). There are many technological components that may also
be explored by the management of the store, such as Business Intelligence concepts along with
7

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Document Page
Webb’s Stores
the use of Big Data tools and technologies in the area of secure information storage and
management.
8
Document Page
Webb’s Stores
References
Alashoor, T. (2014). Cloud computing: a review of security issues and solutions. International
Journal Of Cloud Computing, 3(3), 228. http://dx.doi.org/10.1504/ijcc.2014.064760
Fowler, S. (2010). Impact of denial of service solutions on network quality of service. Security
And Communication Networks, 4(10), 1089-1103. http://dx.doi.org/10.1002/sec.219
Hashemi, S., & Hesarlo, P. (2014). Security, Privacy and Trust Challenges in Cloud Computing
and Solutions. International Journal Of Computer Network And Information Security, 6(8),
34-40. http://dx.doi.org/10.5815/ijcnis.2014.08.05
Ismail, N. (2017). The winding road to GDPR compliance - Information Age. Information Age.
Retrieved 20 September 2017, from http://www.information-age.com/winding-road-gdpr-
compliance-123468132/
Khan, A. (2012). Access Control in Cloud Computing Environment. Retrieved 20 September
2017, from
https://pdfs.semanticscholar.org/ef20/bc1239539f9a8502715153c5af67fc9e9034.pdf
Nadeem, M. (2016). Cloud Computing: Security Issues and Challenges. Journal Of Wireless
Communications, 1(1). http://dx.doi.org/10.21174/jowc.v1i1.73
Shahid, M. (2015). Cloud Computing Security Models, Architectures, Issues and Challenges: A
Survey. The Smart Computing Review, 602-616.
http://dx.doi.org/10.6029/smartcr.2015.06.010
Simou, S. (2016). A survey on cloud forensics challenges and solutions. Security And
Communication Networks, 9(18), 6285-6314. http://dx.doi.org/10.1002/sec.1688
Singh, K. (2001). IT Infrastructure Security-Step by Step. Sans.org. Retrieved 20 September
2017, from https://www.sans.org/reading-room/whitepapers/basics/infrastructure-security-
step-step-430
Tari, Z., Yi, X., Premarathne, U., Bertok, P., & Khalil, I. (2015). Security and Privacy in Cloud
Computing: Vision, Trends, and Challenges. IEEE Cloud Computing, 2(2), 30-38.
http://dx.doi.org/10.1109/mcc.2015.45
9
1 out of 9
circle_padding
hide_on_mobile
zoom_out_icon
[object Object]

Your All-in-One AI-Powered Toolkit for Academic Success.

Available 24*7 on WhatsApp / Email

[object Object]