ITC595 Research Project: Cloud Computing Security Threats & Solutions
VerifiedAdded on 2024/05/29
|4
|3796
|314
Report
AI Summary
This ITC595 research project delves into the critical security threats facing cloud computing, emphasizing the necessity for robust security measures in light of cloud computing's increasing importance for continuous network connectivity and global accessibility. It explores strategies such as hardening and redundancy, highlighting how service providers like Google and Amazon utilize geographic redundancy to ensure service availability. The study identifies key security challenges, including malware infections, insecure APIs, shared technology vulnerabilities, data loss, and traffic hijacking, emphasizing the importance of data integrity, identity management, and comprehensive monitoring. It further discusses the implications of data storage in various global locations and the associated risks, such as potential service provider shutdowns or data breaches. Ultimately, the report underscores the need for organizations to understand and address these threats to maintain data security and trust in cloud computing environments, making it a valuable resource available on Desklib for students and professionals alike.
ITC595 Research Project
Security Threats in Cloud Computing and Preventive
Methods
K. Arun Kumar
ITC595 MIT, School of Computing & Mathematics, Charles Sturt University
author@first-third.edu.au
ABSTRACT – Cloud computing has been the major need for the
assessment and long-run investment in an information system. The
cloud computing system is ensuring that the users can have the
system access from all over the world. It is deemed as the web-
native and the other enabled users for utilizing it from the different
places. The cloud computing has different implications in the
category of IT world. The Cloud computing has been working for the
nature of covering major threats in IT. This study has emphasized
over major Cloud Computing threats and the solutions available for
the IT organizations. The future implications can be a generation of
the other threats on the basis of specific issues being faced by the
organizations as well as implications of those assessed threats in a
combination of the threats identified in this study in the terms of
the difference in various organizations.
Keywords— Cloud Computing, preventive methods, and security
threats
INTRODUCTION
The prime goal of cloud computing is to ensure that users can
use the system from anywhere and anytime. Cloud computing
is considered as web-native which enable users to use it from
any place. This perception is true for all systems which are
working on cloud computing. There are two prominent
strategies use to ensure availability of cloud computing system
or applications running on it. These strategies are; (1)
hardening, (2) redundancy. There are many service providers
of cloud computing which have developed their infrastructure
on virtual machines. For instance, Web services of Amazon
give S3 and EC2 which is completely based on virtual
machines. It includes Xen and Skytap which provide
application of lab management virtually. Now, these are
relying on hypervisors.
It includes Microsoft Hyper-V, VMware, and Xen.
Therefore, it is reasonable due to which service providers of
cloud computing split their resources (such as the capacity
storage, cycles of CPU and memory). Therefore, availability of
virtual machine is a fundamental element in order to host
online services. It is very clear that virtual machines can
provide services to a large number of users on demand. Big
vendors of cloud computing services such as Google and
Amazon have redundancy. They are offering geographic
redundancy in systems due to which chances are high for the
availability of services through an only single provider of
service. Availability zones mean that locations are divided into
different zones.
There are different locations which enable other
location zones to receive unstoppable, inexpensive and
continuous connectivity of the network in case of service
failure in one zone. Service providers use instances in different
zones and one can save the system from failure through a
single location. There are more than 1 million machines
installed in Google and 36 databases and centers in all over
the world. Amazon provides geographic redundancy in the
system as for provided by Google.
RESEARCH PROBLEM
Cloud computing has been the major need for the
assessment and long-run investment in an information system.
The cloud computing system is ensuring that the users can
have the system access from all over the world. It is deemed
as the web-native and the other enabled users for utilizing it
from the different places. The cloud computing has different
implications in the category of IT world. The cloud computing
has different issues those must be understood for effective
working of the system. This study will emphasize the cloud
computing assessment.
RESEARCH JUSTIFICATION
The research is effective on the basis for strong cloud
computing method’s identification in terms of their
importance and how they can affect the system. The models
can effectively measure the research on the basis of cloud
computing based solutions in the integration of other different
models.
LITERATURE REVIEW
Cloud computing has various implications in the business
those can be measured for the long run strategies
development. The problems can be identified through the
services and the integration of the techniques. The cloud
computing is also serving the technical assessment and its
long-run investment in the tools, the terms, and conditions as
well as the change management in the organizations. The
problems can also be identified in the area of the managing
the services and their impact assessment. The prolific studies
have been analyzed and included in this study.
A. Benefits
It means keeping and maintaining the secrecy of user’s data in
cloud computing system. It is important to understand that
public networks are available due to cloud computing system.
1
Security Threats in Cloud Computing and Preventive
Methods
K. Arun Kumar
ITC595 MIT, School of Computing & Mathematics, Charles Sturt University
author@first-third.edu.au
ABSTRACT – Cloud computing has been the major need for the
assessment and long-run investment in an information system. The
cloud computing system is ensuring that the users can have the
system access from all over the world. It is deemed as the web-
native and the other enabled users for utilizing it from the different
places. The cloud computing has different implications in the
category of IT world. The Cloud computing has been working for the
nature of covering major threats in IT. This study has emphasized
over major Cloud Computing threats and the solutions available for
the IT organizations. The future implications can be a generation of
the other threats on the basis of specific issues being faced by the
organizations as well as implications of those assessed threats in a
combination of the threats identified in this study in the terms of
the difference in various organizations.
Keywords— Cloud Computing, preventive methods, and security
threats
INTRODUCTION
The prime goal of cloud computing is to ensure that users can
use the system from anywhere and anytime. Cloud computing
is considered as web-native which enable users to use it from
any place. This perception is true for all systems which are
working on cloud computing. There are two prominent
strategies use to ensure availability of cloud computing system
or applications running on it. These strategies are; (1)
hardening, (2) redundancy. There are many service providers
of cloud computing which have developed their infrastructure
on virtual machines. For instance, Web services of Amazon
give S3 and EC2 which is completely based on virtual
machines. It includes Xen and Skytap which provide
application of lab management virtually. Now, these are
relying on hypervisors.
It includes Microsoft Hyper-V, VMware, and Xen.
Therefore, it is reasonable due to which service providers of
cloud computing split their resources (such as the capacity
storage, cycles of CPU and memory). Therefore, availability of
virtual machine is a fundamental element in order to host
online services. It is very clear that virtual machines can
provide services to a large number of users on demand. Big
vendors of cloud computing services such as Google and
Amazon have redundancy. They are offering geographic
redundancy in systems due to which chances are high for the
availability of services through an only single provider of
service. Availability zones mean that locations are divided into
different zones.
There are different locations which enable other
location zones to receive unstoppable, inexpensive and
continuous connectivity of the network in case of service
failure in one zone. Service providers use instances in different
zones and one can save the system from failure through a
single location. There are more than 1 million machines
installed in Google and 36 databases and centers in all over
the world. Amazon provides geographic redundancy in the
system as for provided by Google.
RESEARCH PROBLEM
Cloud computing has been the major need for the
assessment and long-run investment in an information system.
The cloud computing system is ensuring that the users can
have the system access from all over the world. It is deemed
as the web-native and the other enabled users for utilizing it
from the different places. The cloud computing has different
implications in the category of IT world. The cloud computing
has different issues those must be understood for effective
working of the system. This study will emphasize the cloud
computing assessment.
RESEARCH JUSTIFICATION
The research is effective on the basis for strong cloud
computing method’s identification in terms of their
importance and how they can affect the system. The models
can effectively measure the research on the basis of cloud
computing based solutions in the integration of other different
models.
LITERATURE REVIEW
Cloud computing has various implications in the business
those can be measured for the long run strategies
development. The problems can be identified through the
services and the integration of the techniques. The cloud
computing is also serving the technical assessment and its
long-run investment in the tools, the terms, and conditions as
well as the change management in the organizations. The
problems can also be identified in the area of the managing
the services and their impact assessment. The prolific studies
have been analyzed and included in this study.
A. Benefits
It means keeping and maintaining the secrecy of user’s data in
cloud computing system. It is important to understand that
public networks are available due to cloud computing system.
1
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Therefore, secrecy of data is an essential requirement of cloud
computing system. The surety of secrecy of data helps in
attracting more number of users. There are two different
techniques through which target of secrecy can be achieved;
(1) Physical isolation and (2) cryptography. The encryption of
data is more secured approach as compared to unencrypted
data in the local system. This technique has been
implemented successfully by TC3[1].
Privacy is considered an important issue related to
cloud computing. This issue is important in the context of two
perspectives; (1) compliance with law, (2) trust of users.
Therefore, it should be considered at every stage of design of
the system. It has become a critical issue for engineers and
they need to develop cloud computing system with minimum
privacy and security risks. Scholars have recommended
different tips for engineers of cloud computing system.
Need to minimize storage and sending of personal
information on a cloud system
Protection against personal information
Improve control of the user in the system
Availability of choices for users
Limited and specific reason for using data
Regular feedback
It means to preserve the integrity of data which
means no unauthorized person or the user can have access,
modify or steal data. Data is considered as basic service in
cloud computing system. Data, software, and platform are
services of cloud computing and keeping the integrity of it are
an essential task in cloud computing services. The procession
of huge data is common due to which digital signature’s
technique is used for data integrity. Another technique for
data integrity is RAID strategies[2].
There is need to have the robust united management of
identity for managing identities in cloud computing system
and it is considered a critical element of success. “Identity as
Services” is considered as a useful technique to outsource
identity management in cloud computing system.
The concept of “control” in cloud computing system suggests
regulation of system and its usage. The system involves
applications, data, and infrastructure. There is distributed
computation exist in cloud computing at large sets of data.
Moreover, every user of the internet is also capable to
contribute data in cloud system at an individual level which is
placed on another side of the internet. For instance, click of
the user can give the option of different webs such as Google,
bookstore of Amazon and it can be used for purpose of
targeted marketing[3].
It means to monitor functions of cloud computing system. An
audit can be considered as further level over the virtualized
system of operation which is hosting by virtual machines in
order to facilitate monitoring on cloud computing system. It
has been considered as secured options as compared to the
existence of monitoring function in applications and software
itself. It is critically essential to have information about
runtime environment, used applications of users, and
monitoring the availability of the system. The most important
thing is that monitoring should be discreet and limited to
offered services in order to assess facility[4].
Advancement development in cloud computing is focusing on
giving virtualized assistance in place of hardware. There is
another important concern is that there is the law of many
countries have limited and bound to cloud computing service
providers to keep user’s data and information within
boundaries of the country. It has made possible to ensure
suitability within the jurisdiction of law. There are some
business organizations which do not like to give access to
government through the court of law[4].
The programmatic approach can be used for monitoring and
compliance purpose. It will help in developing CSP and users of
it can highlight requirements of future and its business models
in cloud computing. There should be a strong internal control
for purpose of monitoring which has robustness with effective
external audit and its process. It will improve efficiency,
compliance and better risk management[5]. Moreover, users
of CSP should define their requirements of control, processing
of internal control, execution of duties in an effective manner
and comprehensive analysis of external audit in order to have
control over cloud computing services.
B. Security challenges and threats of cloud computing
The technology of cloud computing is emerging one. It is
available at low cost and using shared resources. Cloud
computing has different characteristics due to which it is
facing serious security issues and problems.
IT organizations are considered a reliable and
renowned body which works for better security of cloud
computing technology. IT organizations have identified some
bigger security threats to the system of cloud computing. The
threats are following;
It is considered as top threat identified by IT organizations.
There is a simple example of this threat is that hackers use
botnets in order to spread virus, malware or spam in the
system. It is possible that attackers penetrate in the system of
public cloud in order to upload a virus in hundreds system.
They can also use power to attack the infrastructure of other
computer machines[6].
Customers use APIs for developing interaction with cloud
computing services. It is important that cloud computing
system has secured authentication, encryption, secured
access, a comprehensive monitoring system in case of third
party involvement.
This threat has gain importance because it has not been
revealed that how service providers hire such people, how
they give access to data, system, and assets and who and how
to observe them. In this case, transparency is vital in order to
secure cloud computing with law compliance. The system
should provide reporting of compliance and notifications in
case of breach of law[6].
IaaS providers use shared infrastructure. The problem is that
components of this infrastructure have not designed for
sharing a purpose. Monitoring is required in order to ensure
that customers are not threading in the territory of each
other.
Data is considered as always in danger. It can be lost or stolen.
It can be lost through deletion without backup, missing
encoding key or unauthorized individual has got access. It has
become number one concern for business organizations. The
2
computing system. The surety of secrecy of data helps in
attracting more number of users. There are two different
techniques through which target of secrecy can be achieved;
(1) Physical isolation and (2) cryptography. The encryption of
data is more secured approach as compared to unencrypted
data in the local system. This technique has been
implemented successfully by TC3[1].
Privacy is considered an important issue related to
cloud computing. This issue is important in the context of two
perspectives; (1) compliance with law, (2) trust of users.
Therefore, it should be considered at every stage of design of
the system. It has become a critical issue for engineers and
they need to develop cloud computing system with minimum
privacy and security risks. Scholars have recommended
different tips for engineers of cloud computing system.
Need to minimize storage and sending of personal
information on a cloud system
Protection against personal information
Improve control of the user in the system
Availability of choices for users
Limited and specific reason for using data
Regular feedback
It means to preserve the integrity of data which
means no unauthorized person or the user can have access,
modify or steal data. Data is considered as basic service in
cloud computing system. Data, software, and platform are
services of cloud computing and keeping the integrity of it are
an essential task in cloud computing services. The procession
of huge data is common due to which digital signature’s
technique is used for data integrity. Another technique for
data integrity is RAID strategies[2].
There is need to have the robust united management of
identity for managing identities in cloud computing system
and it is considered a critical element of success. “Identity as
Services” is considered as a useful technique to outsource
identity management in cloud computing system.
The concept of “control” in cloud computing system suggests
regulation of system and its usage. The system involves
applications, data, and infrastructure. There is distributed
computation exist in cloud computing at large sets of data.
Moreover, every user of the internet is also capable to
contribute data in cloud system at an individual level which is
placed on another side of the internet. For instance, click of
the user can give the option of different webs such as Google,
bookstore of Amazon and it can be used for purpose of
targeted marketing[3].
It means to monitor functions of cloud computing system. An
audit can be considered as further level over the virtualized
system of operation which is hosting by virtual machines in
order to facilitate monitoring on cloud computing system. It
has been considered as secured options as compared to the
existence of monitoring function in applications and software
itself. It is critically essential to have information about
runtime environment, used applications of users, and
monitoring the availability of the system. The most important
thing is that monitoring should be discreet and limited to
offered services in order to assess facility[4].
Advancement development in cloud computing is focusing on
giving virtualized assistance in place of hardware. There is
another important concern is that there is the law of many
countries have limited and bound to cloud computing service
providers to keep user’s data and information within
boundaries of the country. It has made possible to ensure
suitability within the jurisdiction of law. There are some
business organizations which do not like to give access to
government through the court of law[4].
The programmatic approach can be used for monitoring and
compliance purpose. It will help in developing CSP and users of
it can highlight requirements of future and its business models
in cloud computing. There should be a strong internal control
for purpose of monitoring which has robustness with effective
external audit and its process. It will improve efficiency,
compliance and better risk management[5]. Moreover, users
of CSP should define their requirements of control, processing
of internal control, execution of duties in an effective manner
and comprehensive analysis of external audit in order to have
control over cloud computing services.
B. Security challenges and threats of cloud computing
The technology of cloud computing is emerging one. It is
available at low cost and using shared resources. Cloud
computing has different characteristics due to which it is
facing serious security issues and problems.
IT organizations are considered a reliable and
renowned body which works for better security of cloud
computing technology. IT organizations have identified some
bigger security threats to the system of cloud computing. The
threats are following;
It is considered as top threat identified by IT organizations.
There is a simple example of this threat is that hackers use
botnets in order to spread virus, malware or spam in the
system. It is possible that attackers penetrate in the system of
public cloud in order to upload a virus in hundreds system.
They can also use power to attack the infrastructure of other
computer machines[6].
Customers use APIs for developing interaction with cloud
computing services. It is important that cloud computing
system has secured authentication, encryption, secured
access, a comprehensive monitoring system in case of third
party involvement.
This threat has gain importance because it has not been
revealed that how service providers hire such people, how
they give access to data, system, and assets and who and how
to observe them. In this case, transparency is vital in order to
secure cloud computing with law compliance. The system
should provide reporting of compliance and notifications in
case of breach of law[6].
IaaS providers use shared infrastructure. The problem is that
components of this infrastructure have not designed for
sharing a purpose. Monitoring is required in order to ensure
that customers are not threading in the territory of each
other.
Data is considered as always in danger. It can be lost or stolen.
It can be lost through deletion without backup, missing
encoding key or unauthorized individual has got access. It has
become number one concern for business organizations. The
2
reason is that data leakage can destroy their reputation. They
need to follow safety laws in order to keep data more secure.
Users of cloud computing system must aware from traffic
hijacking[7].
There are some security issues which considered as part of an
inheritance from a certain type of cloud computing[8]. One
thing is clear that storage of data in cloud computing system is
possible in all over the world.
It is considered as a dangerous act that business organizations
are saving their data in the system of the third party. It means
private data of companies is placed on someone else’s system.
It increases chances of many wrong things. It is possible that
service provider of cloud computing may shut its business. It is
also possible that service provider may take your data as a
hostage in case of dispute. Organizations need to have
knowledge about in which country their data will be stored
and hosted.
It is not possible for service providers to assure in which
country client’s data will store. For instance, Amazon has its
data centers in all over the world and data will be saved
automatically at any place. Amazon uses certain servers for
specific clients. The service provider should consider logistics.
They should subcontract some work of data storage and
hosting services to a third party[9].
Clients of cloud computing have concerns and demands to
save their data separately. If their data is saving combined
with others then it will increase danger and vulnerability. For
instance, it is possible that virus transferred by one client in
order to destroy data of another client. Hackers can affect the
integrity of organization’s data[10].
Clients need to ensure that service providers of cloud
computing are performing required services or not[11]. The
client can have a direct relationship with the service provider
and also control its own data.
C. Security Measures in Cloud computing environment
There are different methods can be used in order to ensure
and expand security level for cloud computing. For instance,
QualysGuard can be used to discover weaknesses in the
system. It has gained significant acceptance in the market.
Beside this, there are other techniques available which can be
used to improve security at acceptance level[10].
GENERAL SECURITY MEASURES
There are some general security measures identified related to
cloud computing system.
Security of architecture
Security assessment enables service providers to handle
security issues in a practical manner. Kelvin Jackson has
presented approach of ontology for a secured system of cloud
computing. There are various components include related to
the architecture of cloud system. For instance, access
management, security of storage devices, security of network
and API. These components are entrenched in the architecture
of cloud computing in order to provide secured services[12].
Security Pearson of data
Ji Hu Klein has suggested benchmark in order to secure data
which is in transit. Covert channels are formed on the bases of
exchange of information on a large scale in the search system.
There is security model exist on the base of agent system
which uses to control data on basis of availability of covert
channel[13].
FUTURE WORKING
It has been investigated in the study that what are the major
issues in cloud security management. The issues can be
removed by the policies development. The objective of this
research is the eradication of the issues arising in the process
of security management of the cloud consumption and the
cloud service from the cloud model adoption. For resolving
such issues the research will be in need of capturing the
various stakeholders’ demands for the security from the
different levels of details and perspectives as well as mapping
security demands in the aspects of security enforcement
mechanisms, security patterns, and cloud architecture. It can
be used for the delivery of feedback regarding the current
security status of the cloud consumption and provision. It is
proposed to adopt the adaptive model-based strategy in
coping with the issues of cloud security management. The
models will also support the abstraction of the issues and
capture of the security demands of various stakeholders at the
various detail levels. The enforceable, dynamic and integrated
models of the cloud computing can be generated through
addictiveness. The security status will be measured through
feedback loop for supporting enhancement in the current
security model of cloud computing and keeping the awareness
of cloud consumers with the status of asset’s security. Such
integration of the systems and its analysis can be integrated
into the long run assessment of the resources in this regard.
PROPOSE SOLUTION
Model-based approaches, cloud architecture with the
inherent characteristics, coordination with the controls, multi-
tenant based models and stakeholder approaches must be
adopted. The issues will be resolved by the cloud computing
with systematic approaches of data sharing with restrictions
for data theft. Model-based approaches must be used for
focusing on the abstraction of issues for capturing various
securities views and integrate such views in the security model
of the holistic cloud.
Figure 1 Framework
3
need to follow safety laws in order to keep data more secure.
Users of cloud computing system must aware from traffic
hijacking[7].
There are some security issues which considered as part of an
inheritance from a certain type of cloud computing[8]. One
thing is clear that storage of data in cloud computing system is
possible in all over the world.
It is considered as a dangerous act that business organizations
are saving their data in the system of the third party. It means
private data of companies is placed on someone else’s system.
It increases chances of many wrong things. It is possible that
service provider of cloud computing may shut its business. It is
also possible that service provider may take your data as a
hostage in case of dispute. Organizations need to have
knowledge about in which country their data will be stored
and hosted.
It is not possible for service providers to assure in which
country client’s data will store. For instance, Amazon has its
data centers in all over the world and data will be saved
automatically at any place. Amazon uses certain servers for
specific clients. The service provider should consider logistics.
They should subcontract some work of data storage and
hosting services to a third party[9].
Clients of cloud computing have concerns and demands to
save their data separately. If their data is saving combined
with others then it will increase danger and vulnerability. For
instance, it is possible that virus transferred by one client in
order to destroy data of another client. Hackers can affect the
integrity of organization’s data[10].
Clients need to ensure that service providers of cloud
computing are performing required services or not[11]. The
client can have a direct relationship with the service provider
and also control its own data.
C. Security Measures in Cloud computing environment
There are different methods can be used in order to ensure
and expand security level for cloud computing. For instance,
QualysGuard can be used to discover weaknesses in the
system. It has gained significant acceptance in the market.
Beside this, there are other techniques available which can be
used to improve security at acceptance level[10].
GENERAL SECURITY MEASURES
There are some general security measures identified related to
cloud computing system.
Security of architecture
Security assessment enables service providers to handle
security issues in a practical manner. Kelvin Jackson has
presented approach of ontology for a secured system of cloud
computing. There are various components include related to
the architecture of cloud system. For instance, access
management, security of storage devices, security of network
and API. These components are entrenched in the architecture
of cloud computing in order to provide secured services[12].
Security Pearson of data
Ji Hu Klein has suggested benchmark in order to secure data
which is in transit. Covert channels are formed on the bases of
exchange of information on a large scale in the search system.
There is security model exist on the base of agent system
which uses to control data on basis of availability of covert
channel[13].
FUTURE WORKING
It has been investigated in the study that what are the major
issues in cloud security management. The issues can be
removed by the policies development. The objective of this
research is the eradication of the issues arising in the process
of security management of the cloud consumption and the
cloud service from the cloud model adoption. For resolving
such issues the research will be in need of capturing the
various stakeholders’ demands for the security from the
different levels of details and perspectives as well as mapping
security demands in the aspects of security enforcement
mechanisms, security patterns, and cloud architecture. It can
be used for the delivery of feedback regarding the current
security status of the cloud consumption and provision. It is
proposed to adopt the adaptive model-based strategy in
coping with the issues of cloud security management. The
models will also support the abstraction of the issues and
capture of the security demands of various stakeholders at the
various detail levels. The enforceable, dynamic and integrated
models of the cloud computing can be generated through
addictiveness. The security status will be measured through
feedback loop for supporting enhancement in the current
security model of cloud computing and keeping the awareness
of cloud consumers with the status of asset’s security. Such
integration of the systems and its analysis can be integrated
into the long run assessment of the resources in this regard.
PROPOSE SOLUTION
Model-based approaches, cloud architecture with the
inherent characteristics, coordination with the controls, multi-
tenant based models and stakeholder approaches must be
adopted. The issues will be resolved by the cloud computing
with systematic approaches of data sharing with restrictions
for data theft. Model-based approaches must be used for
focusing on the abstraction of issues for capturing various
securities views and integrate such views in the security model
of the holistic cloud.
Figure 1 Framework
3
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
CONCLUSION
In nutshell, the organizations are facing various threats and
ensuring the implications of cloud computing in their systems.
Cloud computing is one of the major models of the service
provider as well as cloud consumers. But for the best
utilization of the model, the researchers are in need of the
blocking of the existing security issues. On the basis of the
details explained in this study, the cloud computing issues can
be summarized as follows,
1. Some of the issues securities are inherited from the
technologies being used as the SOA and the
virtualization.
2. The isolation and Multi-tenancy are the major
dimensions for the cloud security issues that demand
the vertical solutions from the layer of SaaS for the
physical infrastructure in development of the like
boundaries.
3. The security management is a major control and the
managing demand for the organizations.
4. Cloud model must have the holistic nature of the
security wrapping, as stated. Such issues can also
pass through the security components at first.
On the basis of the discussion that has been mentioned in
this study, the cloud computing security issues can be
resolved through the presentation of the various solutions
like,
1. Model-based approaches must be used for focusing
on the abstraction of issues for capturing various
securities views and integrate such views in the
security model of the holistic cloud.
2. The cloud architecture must be inherent. When the
mechanisms have been delivered and the APIs must
also provide the interfaces for the flexible securities.
3. The multi-tenancy must be supported whereas all of
the users can also observe the only configurations of
security, for scaling down and upon the current level.
4. The coordination and integration must be supported
with the other controls in security at various layers to
provide the integrated security.
5. The organizations must be adaptive for meeting the
continuous changes in the environment and the
needs of stakeholders.
The issues can be resolved in accordance with the changes,
challenges to be met as well as the technical assessment of
the targets. The problems those have been identified in this
regard can be eradicated in the future researchers.
ACKNOWLEDGMENT
The work is completely original that cannot be the effect on
other work. For preparing this paper, several papers are
reviewed.
REFERENCES
[1] W. Stallings, L. Brown, M. D. Bauer, and A. K. Bhattacharjee,
Computer security: principles and practice. Pearson Education,
2012.
[2] O. Etzion, P. Niblett, and D. C. Luckham, Event processing in action.
Manning Greenwich, 2011.
[3] T. Erl, R. Cope, and A. Naserpour, Cloud computing design patterns.
Prentice Hall Press, 2015.
[4] V. Chang, A proposed cloud computing business framework. Nova
Science Publisher, 2015.
[5] E. Pulier, F. Martinez, and D. C. Hill, "System and method for a
cloud computing abstraction layer," ed: Google Patents, 2015.
[6] I. A. T. Hashem, I. Yaqoob, N. B. Anuar, S. Mokhtar, A. Gani, and S.
U. Khan, "The rise of “big data” on cloud computing: Review and
open research issues," Information Systems, vol. 47, pp. 98-115,
2015.
[7] R. N. Calheiros, R. Ranjan, A. Beloglazov, C. A. De Rose, and R.
Buyya, "CloudSim: a toolkit for modeling and simulation of cloud
computing environments and evaluation of resource provisioning
algorithms," Software: Practice and experience, vol. 41, no. 1, pp.
23-50, 2011.
[8] M. Armbrust et al., "A view of cloud computing," Communications
of the ACM, vol. 53, no. 4, pp. 50-58, 2010.
[9] Q. Zhang, L. Cheng, and R. Boutaba, "Cloud computing: state-of-
the-art and research challenges," Journal of internet services and
applications, vol. 1, no. 1, pp. 7-18, 2010.
[10] R. Buyya, C. S. Yeo, and S. Venugopal, "Market-oriented cloud
computing: Vision, hype, and reality for delivering it services as
computing utilities," in High-Performance Computing and
Communications, 2008. HPCC'08. 10th IEEE International
Conference on, 2008, pp. 5-13: Ieee.
[11] J. Hurwitz, R. Bloor, M. Kaufman, and F. Halper, Cloud computing
for dummies. John Wiley & Sons, 2010.
[12] A. Aljabre, "Cloud computing for increased business value,"
International Journal of Business and social science, vol. 3, no. 1,
2012.
[13] R. L. Grossman, "The case for cloud computing," IT professional,
vol. 11, no. 2, pp. 23-27, 2009.
4
In nutshell, the organizations are facing various threats and
ensuring the implications of cloud computing in their systems.
Cloud computing is one of the major models of the service
provider as well as cloud consumers. But for the best
utilization of the model, the researchers are in need of the
blocking of the existing security issues. On the basis of the
details explained in this study, the cloud computing issues can
be summarized as follows,
1. Some of the issues securities are inherited from the
technologies being used as the SOA and the
virtualization.
2. The isolation and Multi-tenancy are the major
dimensions for the cloud security issues that demand
the vertical solutions from the layer of SaaS for the
physical infrastructure in development of the like
boundaries.
3. The security management is a major control and the
managing demand for the organizations.
4. Cloud model must have the holistic nature of the
security wrapping, as stated. Such issues can also
pass through the security components at first.
On the basis of the discussion that has been mentioned in
this study, the cloud computing security issues can be
resolved through the presentation of the various solutions
like,
1. Model-based approaches must be used for focusing
on the abstraction of issues for capturing various
securities views and integrate such views in the
security model of the holistic cloud.
2. The cloud architecture must be inherent. When the
mechanisms have been delivered and the APIs must
also provide the interfaces for the flexible securities.
3. The multi-tenancy must be supported whereas all of
the users can also observe the only configurations of
security, for scaling down and upon the current level.
4. The coordination and integration must be supported
with the other controls in security at various layers to
provide the integrated security.
5. The organizations must be adaptive for meeting the
continuous changes in the environment and the
needs of stakeholders.
The issues can be resolved in accordance with the changes,
challenges to be met as well as the technical assessment of
the targets. The problems those have been identified in this
regard can be eradicated in the future researchers.
ACKNOWLEDGMENT
The work is completely original that cannot be the effect on
other work. For preparing this paper, several papers are
reviewed.
REFERENCES
[1] W. Stallings, L. Brown, M. D. Bauer, and A. K. Bhattacharjee,
Computer security: principles and practice. Pearson Education,
2012.
[2] O. Etzion, P. Niblett, and D. C. Luckham, Event processing in action.
Manning Greenwich, 2011.
[3] T. Erl, R. Cope, and A. Naserpour, Cloud computing design patterns.
Prentice Hall Press, 2015.
[4] V. Chang, A proposed cloud computing business framework. Nova
Science Publisher, 2015.
[5] E. Pulier, F. Martinez, and D. C. Hill, "System and method for a
cloud computing abstraction layer," ed: Google Patents, 2015.
[6] I. A. T. Hashem, I. Yaqoob, N. B. Anuar, S. Mokhtar, A. Gani, and S.
U. Khan, "The rise of “big data” on cloud computing: Review and
open research issues," Information Systems, vol. 47, pp. 98-115,
2015.
[7] R. N. Calheiros, R. Ranjan, A. Beloglazov, C. A. De Rose, and R.
Buyya, "CloudSim: a toolkit for modeling and simulation of cloud
computing environments and evaluation of resource provisioning
algorithms," Software: Practice and experience, vol. 41, no. 1, pp.
23-50, 2011.
[8] M. Armbrust et al., "A view of cloud computing," Communications
of the ACM, vol. 53, no. 4, pp. 50-58, 2010.
[9] Q. Zhang, L. Cheng, and R. Boutaba, "Cloud computing: state-of-
the-art and research challenges," Journal of internet services and
applications, vol. 1, no. 1, pp. 7-18, 2010.
[10] R. Buyya, C. S. Yeo, and S. Venugopal, "Market-oriented cloud
computing: Vision, hype, and reality for delivering it services as
computing utilities," in High-Performance Computing and
Communications, 2008. HPCC'08. 10th IEEE International
Conference on, 2008, pp. 5-13: Ieee.
[11] J. Hurwitz, R. Bloor, M. Kaufman, and F. Halper, Cloud computing
for dummies. John Wiley & Sons, 2010.
[12] A. Aljabre, "Cloud computing for increased business value,"
International Journal of Business and social science, vol. 3, no. 1,
2012.
[13] R. L. Grossman, "The case for cloud computing," IT professional,
vol. 11, no. 2, pp. 23-27, 2009.
4
1 out of 4
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
Copyright © 2020–2025 A2Z Services. All Rights Reserved. Developed and managed by ZUCOL.