Cloud Security in ITC595: A Comprehensive Analysis

Verified

Added on 2025/05/03

AI Summary

Desklib provides solved assignments and past papers to help students succeed.

Cloud Security
ITC595 MIT, School of Computing & Mathematics, Charles Sturt University
author@first-third.edu.au
ABSTRACT – cloud computing is the most wanted and
demanding technology nowadays, due to high demand the risk
of its security also increases as it contains many confidential
information of any person for any organisation. All the
information is stored on the cloud and can be access form
anywhere, data can be back-up and restore at any moment.
There are mostly two types of attack done in cloud: -
 Active Attack: - active attacks states that it will attack
on the main contents of the information that is in the
cloud I will attack. There are some types of active
attack
1. The masquerade attack: - the attacker
somehow manages to break the security by
some loopholes in the system and retrieve the
password of the admin and access the data of
cloud.
 Passive attack: - in this kind of attack, the attacker will
only be able to view the contents in the cloud by not
able to access the content. passive attack is of type: -
1. War driving: - in this, it will
automatically detect or trace the address
of the cloud, where the data is stored. It
just only views the data.
Keywords— Cloud computing, cloud security threat, cloud
service.
INTRODUCTION
Cloud computing is the most convenient form of technology
which is used nowadays, all the content is kept in the cloud
which can be access form anywhere with the use of a stable
speed internet connection. Cloud computing gives various kind
of services like exchange of information using mail, sharing of
images, status using Facebook platform, which helps in
connected with social media. It also gives the service to store
data on the cloud and which can be access from anywhere. It
also provide services to various on demand services like
hotstar, where someone can watch tv series and various kind of
show and it doesn’t cost any much, because of its easy feature
and low cost this technology is very high in demand and
various company is adopting this technology to work easily.
Here the data on the cloud is not secured as third person can
access the data and without the permission in can enter in the
cloud and access the data and can alter it. In this article, some
preventive measures are discussed here and how hackers hack
the information is also discussed. In the recent hack of the drop
box in 2014 in which the data of around 40 billion people was
stolen, after this incident its security issue came into boom.
Security issue is the major concern cloud computing. This
article gives a brief knowledge about the security issue and
problems faced in the cloud computing
Cloud Security
Cloud security is one of the major issue facing many people as
numerous types of information is stored on the cloud and if the
cloud is hacked, one can easily take the data from the cloud and
misuse the data easily. In order to protect the data from the
hackers some security measures have to be implemented by the
organisations. In this kind of technology, sharing of
information is quite easy but appropriate safety measures
should be implemented while sharing data. The cloud service is
of various types
 SaaS model- it refers to software as a service. in this
type of model, it only provide a software over the
internet, user can use the software all over the internet
but cannot able own it.
 PaaS model- it refers to platform as a service in this
type of model it provide a frame work to implement
the service which we want to use
 IaaS model- it refers to a Infrastructure as a service.
A. Research Problem
1

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

In the recent time, cloud security is become a major concern for
protecting the data which is stored on the cloud, as many
entities adopted the cloud computing for ease of access and
data can be used from anywhere with the help of internet
connection. The problem is the security of data that is stored in
the cloud and it should be protected from unauthorized access
of data. In order to use the services or to avail the features of
cloud, it must provide some addition security or layers to
prevent the misuse [1].
Research Justification
Cloud computing research is useful in today’s technology
needs due to its low cost and easy to access form anywhere
using a mobile, laptop with the help of a secure internet
connection. With the growing technology, the security should
also be strong enough to withstand the various threats.
LITEERATURE REVIEW
Distributed computing experiences various concern problems
which can't ignored. ENISA shows ongoing report has
distinguished 13 specialized dangers. As per NIST, distributed
computing presents certain interesting security challenges
coming about because of the cloud extremely good level of
redistributing, reliance on systems, shared (multi-occupancy),
and it give an exhaustive survey of the exploration writing to
unmistakably characterize cloud security open issues and
difficulties.
it very well may be guaranteed that these days’ primary
security issue are:
• IS1: Spread innovations vulnerabilities: it made the cloud so
intriguing is likewise a point of sensitive as far as concern. it
show that aggressors could abuse attack in the hyper-visor and
gives permission to the physical manager where other side
virtual machines (VM) live [1].
• IS2: information break: the information can experience the ill
effects of unplanned information misfortune and from
pernicious meddlesome activities. Information misfortune is
out of the extent of this work, since we just consider here
information ruptures, that is the activity of taking touchy
information, (for example, individual or Mastercard data).
• IS3: administration information capturing: one can lost the
command to its personal information. Numerous assaults that
need to portrayed, can prompt record or administration
capturing. This empowers the gatecrasher to get into basic
regions of a sent administration and perhaps bargain the
secrecy, uprightness, and accessibility of those administrations.
• IS4: Denial of Service (DoS): One of the most knocking
condition is the key at which the cloud framework is develop
unapproachable (simply believe that a costs Amazon sixty-six
K bucks for each moment). DoS in a cloud configuration is
generally more risky than in a normal one, since when the
remaining task at hand increments concerning a administration,
the cloud situation makes some more computational capacity in
respect to that administration. This results from one of the
cloud framework manages the contact of the assault, yet then it
bolsters the assailant in the cloud insidious action, by
disclosing it with many assets. [2]
• IS5: Malicious insiders: This is climbing the rundown of
cloud top dangers. The likelihood that a vindictive insider – for
example a representative – might endeavor to exploit his
special position to get to delicate data is ending up increasingly
concrete and troubling
Block diagram of working of cloud security
Different types of attack done in cloud computing are:
 Network based attack
Another regular kind of assault is Code Injection. For
this situation programmers embed vindictive code into
applications to run subjective code with the benefits of
2
user
attempt
access
cloud based
profile
similarity
value
calculation
is the
similarity
value less
than
threshold
yes( correct
user)
no
(unknown
user)

a powerless procedure thus access client's figuring
assets, applications (i.e., Cross-Site scripting/HTML
infusion), or databases (i.e., SQL infusion). Malware
infusion can be organize based, or infusions should be
possible by means of the hypervisor [2].
 Hypervisor attacks
The hypervisor is the product layer that lies between
virtual machines and the physical equipment,
accountable for abstracting the basic design. It is a
basic part to ensure the cloud multi-occupancy
highlight. It designates physical assets to the visitor
VMs, for example, primary memory, CPU and
peripherals. Regarding security, hypervisors ought to
be considered as the most significant layer to ensure in
the cloud stack, since they have the most noteworthy
benefit and subsequently any direction can be kept
running from this space. Aggressors can accomplish
full control of any asset of the host framework in the
event that they change or bargain the hypervisor
(whose unique objective was guaranteeing VMs
separation) [3].
Some other scenario of DoS attack :
 SOAP
 Spoofing
 Sniffing attacks
Cloud security gives many advantages like,
Brought together security: as like the rearranged
computing collaborates applications and data, cloud
security assure assurance. Cloud-based business
structure consists of many applications and some
lastpoints. interacting with these substances midway
improves data transfer investigation and sifting, this
will results in less programming and arrangement
regenerates. Debacle repetition plans can really be
implementing [4].
Decreased costs: One of the benefits of implementing
spreaded storage and security is that it dispenses with
the need to put reserved information into required
equipment. With respect to the information that this
consume less capital, however it additionally
diminishes authoritative overheads. Where once IT
entities were facing security problems regularly, cloud
security gives more and active security includes that
benefit insurance time in and time out with almost no
personal intercession [2].
Decreased Administration: When one takes a cloud
manager supply or it can be cloud security levels, one
can go to un-automatic security arrangements and real
steady security regenates These things can impact a
huge network on assets, but on moving to the cloud all
the things can be easily manages and able to track
those information at any instance of time
Unwavering quality: Cloud registering managers
gives a constant thing. With the right cloud safety
measure built up, users can easily and safely use the
data and the gadgets inside the cloud irrespective of
using the application at that time
As the numbers of entities moving towards the cloud
of their many beneifts of their frameworks in the
cloud. Which leads to work on a bigger scale results in
decrease in this expense. Be that as it may, it is basic
that oraganisation have full trust in their distributed
computing security and that all data, architecture and
gadgets are protected from data burglary and many
more things it is protected [4]
Many cloud architectures are less protective to
burglary. cloud entities are generally mindful about
taking mission-easy architecture to the cloud and it is
basic of the correctly secure the things are set up,
irrespective of whether user operating a public cloud,
crossover or on-good situation. Cloud security offers
all the usefulness of customary IT security, enables
entities to bridle the various focal issue of distributed
calculating while at the same time getting secure and
moreover assure that data safety and consistence
3

prerequisites are done properly with all matching all
the conditions.
Benefits of cloud computing:
 Flexibility :- person can alter its application according
to their need and kind of requirement
 Efficiency: - users can quickly access to their data
with any issue.
 One can get the frequent updates.
 It can be collaborated easily with other applications
 Reduced it cost- the cost of cloud is quite low as
compared to any other technology
 Flexible with work- work can be done from
everywhere with the use of a steady internet
connection and can also monitor it various activities.
 Have a good control and good monitoring on all the
work from everywhere
 Back-up and recovery : data saved on the cloud can be
backed and recovery anytime until it is saves on the
cloud
Disadvantages:
 Downtime: when the internet connection is low, data
cannot be accessed.
 Security and privacy: - the most important issue in
cloud computing is related to security and privacy
issue which can breach the data.
 Manufacture lock in – as cloud gives the benefit to use
the data, but it migration occurs it is difficult to
migrate the data form one place to another place
which is a very difficult task to perform
 Network dependency
 Technical issue- sometime the servers can face
technical issue which leads to the not able to access
the data and cannot able to do work
Above discussed are some cons and pros of the cloud
CONCLUSION
As the cloud technology demand increases day by day, its
security must be good enough to secure the data from the
intruders. Cloud technology has many benefits. Due to its
benefits many organizations are moving towards this
technology and adopted this kind of technology. So to use this
technology security layers should be good enough to counter
the attack of viruses and keeps the data safe. This technology is
cost effective. The important information should be kept
private or hybrid cloud as these have additional layers’ security
to protect the data. Cloud is very important for many entities to
save their data and remove the data burden to stored at client
end.
4

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

REFERENCES
[1] M. Ali, S. U. Khan and A. V. Vasilakos, "Security in cloud computing : Opportunities and
challenges.," INFORMATION SCIENCES, vol. 305, no. 2, p. 357–383., 2015.
[2] L. Coppolino, S. D. Antonio, G. Mazzeo and L. Romano, " Cloud security : Emerging threats and
current solutions R.," Computers and Electrical Engineering, , vol. 59, no. 1, p. 126–140., 2017.
[3] S. Iqbal, L. Mat, B. Dhaghighi and M. Hussain, "Journal of Network and Computer Applications On
cloud security attacks : A taxonomy and intrusion detection and prevention as a service.," Journal of
Network and Computer Applications,, vol. 74, no. 1, p. 98–120., 2016.
[4] N. Subramanian and A. Jeyaraj, "Recent security challenges in cloud computing ☆.," Computers
and Electrical Engineering,, vol. 71, no. 2, p. 28–42., 2018.
5