Cloud Computing Security Report

Verified

Added on 2019/09/24

AI Summary

This report investigates the security challenges associated with cloud computing. It highlights key findings regarding identity management, physical security, data security, and the importance of encryption and access control. The report identifies a gap in existing literature concerning the proactive threat identification and mitigation strategies employed by cloud vendors, suggesting this as an area for future research. The conclusion summarizes the key aspects of cloud data security and points towards future research directions. The report includes a table of contents and a list of references.

TASK 2
1

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

Table of Contents
Introduction:....................................................................................................................................3
Key Findings:...................................................................................................................................3
Significance of the current research:...............................................................................................5
Conclusion:......................................................................................................................................5
References:......................................................................................................................................6
2

Introduction:
The cloud computing is used widely by the organizations in the recent years because of the many
benefits it provide to the users. The benefits provided by the cloud computing includes the higher
flexibility, enhanced efficiency and the better strategic value. The cloud computing depends on
excessive virtualization and so, the data stored in the cloud is vulnerable to the security threats.
Along with it, the hacking techniques are getting improved every day which demand increased
focus of the users to identify the security threats and act accordingly. In the current research, the
security challenges faced by cloud computing users are analyzed. The gaps in the existing
literature are also identified in the current research.
Key Findings:
Cloud computing and security issues
The key motivating factor behind the increasing importance of cloud computing is its numerous
benefits including the excellent opportunity of cost reduction for the businesses. Along with the
benefits obtained from the cloud computing, the privacy and security concerns are also
associated with the cloud computing (Von Solms & Roussel, 2015). Because of the security
issues associated with the cloud computing system, many business organizations hesitate to use
it.
As indicated in the research, the security in the cloud computing can be analyzed from several
aspects including the identity management, the physical security of the system, personal security
of the users and data security of the cloud services. The encryption, privacy, integrity, access
controllability are the other aspects of cloud security.
Identity management is one of the most important factors for the cloud service providers for
controlling access to information and computing resource (Fielder et al.2016). The cloud service
providers can have their own identity management system, can use the client's identity
management system or can employ a biometric-based identification system. When the identity
management system is in place, the risk of unauthorized data access reduces to a significant
extent.
3

Physical security of the hardware is another important aspect for the cloud services. The Cloud
service providers give importance on ensuring security of the hardware materials such as the
routers, the servers and the cables from impedance, unauthorized access, fire, theft and the power
surges (Amini et al.2015). The security of the hardware can be accomplished by using the
professionally designed, specified, managed, constructed, maintained and monitored data centers
to develop the cloud services (Liu et al.2015). A lot of security threats arise due to the lack of
consciousness or the lack of knowledge on the best practices . The personal security ensures that
the professionals dealing with the IT services are aware of the best practices. The personal
security related goals in the organizations are accomplished b conducting the security screening
potential recruits, security awareness and preparing programs. The every critical data in the
cloud based system needs to be protected. The digital identities as well as the credentials stored
in the cloud based system need to be protected with equal importance as the data security.
The cloud data services are associated with a number of security threats including the illegal
invasion, denial of service attacks, the cloud computing threats, the side channel attacks and the
mishandling issues (BRANQUINHO, 2018). The individuals dealing with the cloud services
require focusing on utilizing the additional security measures to enhance the data security.
Maintaining data confidentiality ensures that data contents are not made accessible or disclosed
to illegal users. In a cloud, it is ensured that the authorized users can access the sensitive data
while others, including CSPs, ought to increase any information of the data. However ,
maintaining the data confidentiality does not put any restriction on the use of data by the
authentic users. The authentic users become able to execute the activities such as the data search,
data computation, and data sharing.
The access controllability indicates that some limitations are put over the data access (Gordon et
al.2015). The vendors can authorize some users for accessing the data while others are not
allowed to get access to the information. In other words, in case of suspicious cloud
environments, the access authorization is primarily controlled by the host. The data integrity
indicates that the cloud service providers should ensure precision of the data. In other words, the
data integrity indicates that the information stored in the cloud cannot be be illegally altered,
changed, intentionally erased, or malignantly manufactured.
4

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

In case of any activities meant to corrupt or erase the data, the proprietor ought to have the
capacity to distinguish the corruption or loss. Further, when a portion of the outsourced data is
corrupted or lost, it can even now be recovered by the data users. The cloud based service should
be designed in such way so that the users become able to identify if there is any attempt to alter
the data unlawfully (Buczak & Guven, 2016). Security of the data stored in cloud also depends
on the encryption used to protect the information. The encryption can be based on the public key
or it can use the attribute based encryption method.
Significance of the current research:
The current research gives importance on analyzing the different aspects of security of the
information shared over cloud. The research also analyzes the current techniques used to cope up
with the cloud technology. Such findings are useful for enhancing security of the cloud systems
which are being used currently.
Although the existing literature of cloud security is effective to explore the different aspects of it,
it does not provide any information on how the cloud vendors can become able to identify the
potential threats and taking the necessary steps. So, the lack of information on the approaches
taken by cloud vendors can be considered as a gap. Identification of the gap can be useful to
decide the future research directions.
Conclusion:
The current research explores the different aspects of data security in cloud based systems as
well as the gaps in existing literature. The research also provides direction for the future study.
5

References:
Amini, L., Christodorescu, M., Cohen, M. A., Parthasarathy, S., Rao, J., Sailer, R., ... &
Verscheure, O. (2015). U.S. Patent No. 9,032,521. Washington, DC: U.S. Patent and Trademark
Office.
An, J., & Kim, H. W. (2018). A Data Analytics Approach to the Cybercrime Underground
Economy. IEEE Access, 6, 26636-26652.
BRANQUINHO, M. A. (2018). RANSOMWARE IN INDUSTRIAL CONTROL SYSTEMS.
WHAT COMES AFTER WANNACRY AND PETYA GLOBAL ATTACKS?. WIT
Transactions on The Built Environment, 174, 329-334.
Buczak, A. L., & Guven, E. (2016). A survey of data mining and machine learning methods for
cyber security intrusion detection. IEEE Communications Surveys & Tutorials, 18(2), 1153-
1176.
Cherdantseva, Y., Burnap, P., Blyth, A., Eden, P., Jones, K., Soulsby, H., & Stoddart, K. (2016).
A review of cyber security risk assessment methods for SCADA systems. Computers &
security, 56, 1-27.
Fielder, A., Panaousis, E., Malacaria, P., Hankin, C., & Smeraldi, F. (2016). Decision support
approaches for cyber security investment. Decision Support Systems, 86, 13-23.
Gordon, L. A., Loeb, M. P., Lucyshyn, W., & Zhou, L. (2015). Externalities and the magnitude
of cyber security underinvestment by private sector firms: a modification of the Gordon-Loeb
model. Journal of Information Security, 6(1), 24.
Gupta, B., Agrawal, D. P., & Yamaguchi, S. (Eds.). (2016). Handbook of research on modern
cryptographic solutions for computer and cyber security. IGI Global.
Ivanchenko, O., Kharchenko, V., Moroz, B., Kabak, L., & Smoktii, K. (2018, February). Semi-
Markov availability model considering deliberate malicious impacts on an Infrastructure-as-a-
Service Cloud. In Advanced Trends in Radioelecrtronics, Telecommunications and Computer
Engineering (TCSET), 2018 14th International Conference on (pp. 570-573). IEEE.
6

Liu, Y., Sarabi, A., Zhang, J., Naghizadeh, P., Karir, M., Bailey, M., & Liu, M. (2015, August).
Cloudy with a Chance of Breach: Forecasting Cyber Security Incidents. In USENIX Security
Symposium (pp. 1009-1024).
Von Solms, B., & Roussel, J. (2015, November). A Solution to improve the cyber security of
home users. In AFRICAN CYBER CITIZENSHIP CONFERENCE 2015 (ACCC2015) (p. 157).
7