MITS4003 Report: Data Security and Privacy Protection in Cloud Systems

Verified

Added on 2023/04/23

AI Summary

This report delves into the crucial domain of data security and privacy within cloud computing environments. It begins with an introduction outlining the purpose and intention of the study, which is to understand and analyze the challenges associated with data security and privacy in the cloud. The research methodology employed is secondary qualitative analysis, relying on a selected journal article for data. A case study from the journal highlights the growth of cloud computing and the subsequent security and privacy concerns. The report identifies various issues, including those related to security, privacy, compliance, privileged user access, and data location tracking. It then examines the data lifecycle phases (generation, transfer, use, share, storage, archival, and destruction) and the specific security and privacy challenges at each stage. The problems discussed encompass unauthorized data access, compliance issues, and software, platform, and infrastructure security concerns. The relevance of data security and privacy in software engineering is also addressed. Finally, the report concludes by emphasizing the need for addressing these issues to ensure the effective and secure implementation of cloud computing.

Running head: DATA SECURITY AND PRIVACY PROTECTION
DATA SECURITY AND PRIVACY PROTECTION
Name of the Student
Name of the University
Author note

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

2
DATA SECURITY AND PRIVACY PROTECTION
Table of Contents
Introduction..........................................................................................................................3
Research Method.................................................................................................................3
Case Study...........................................................................................................................4
Observation..........................................................................................................................4
Problems..............................................................................................................................6
Relevance.............................................................................................................................8
Conclusion...........................................................................................................................8
Bibliography........................................................................................................................9

3
DATA SECURITY AND PRIVACY PROTECTION
Article
Chen, D. and Zhao, H., 2012, March. Data security and privacy protection issues in cloud
computing. In Computer Science and Electronics Engineering (ICCSEE), 2012 International
Conference on (Vol. 1, pp. 647-651). IEEE.
Introduction
Purpose statement: Understanding the Data Security and Privacy Protection Issues in
Cloud Computing
This report will discuss about the research methodology that will be used in data
gathering of the project. This report will also provide a case study from the selected journal. This
report will also discuss about the observations that can be made from the selected journal. This
report will also provide a relevance of the topic of Data Security and Privacy Protection Issues in
Cloud Computing as per the topics stated in the subject. This report will also provide the
applications of the privacy protection. This report will also discuss about the basic background of
the data security processing as well as privacy management of the database.
Intention: The intention of this project is to understand the purpose of implementation of
the Data Security and Privacy Issues. This report also intend on analyzing the issues that are
present in Data Security and Privacy Issues
Research Method
The research methodology that is used in this report is secondary qualitative analysis.
This is the main reason that the project completion gets performed in a better manner. The data
that are present in the journal are well authenticated and this is the main reason that the
authenticity of the report stays maintained. The data that are present in the journal are very well
referenced. The data that are gained from the journal helps in developing a brief ideology of the
topic stated security and privacy issues that are present in the commencement of the project.
Case Study
Cloud computing has been one of the most highly expanding technology. This
technology imbibes implementation of the data migration facilities for increasing the efficiency
of the project completion. With respect to the demands of the clients the most important aspect

4
DATA SECURITY AND PRIVACY PROTECTION
that must be taken into consideration includes the fact that the large scale business organizations
has been implement the technology. Despite the drastic growth in the technology of cloud system
the main disadvantage that is present is that the expectant growth is still not met. Taking over the
entire market stature with the help of the cloud computing requires probating of the project after
the robust development in terms of infrastructure of cloud computing. Security issues have been
the main concern for the implementation of the cloud computing system. Privacy issue has also
been one of the major concern that led to non-implementation off the cloud computing system.
Data security is concerned around the data life cycle. Entire data life cycle is projected in 7
stages, namely Phase 1 (Generation), Phase 2 (Transfer), Phase 3 (Use), Phase 4 (Share), Phase 5
(Storage), Phase 6 (Archival) and Phase 7 (Destruction). Implementation of Decentralizing of
data and Differential privacy protection methodology is implemented. Implementation of airavat,
a data protection system will enhance the data and privacy security of the cloud computing
system.
Observation
The issues that are detected in the selected journal are as follows: -
 Issues related to Security and privacy
 Issues related to Compliance
 Issues related to Privileged user access
 Issues related to Tracking data location
 Issues related to Software security
 Issues related to Platform security
 Issues related to Infrastructure security
 Issues related to Auditing and Compliance security
Data life cycle is used for better management of the privacy issues that are related to
cloud computing. In the process of data life cycle the steps that are used are as follows: -
 Phase 1
Generation: In this phase the data generation that is done, which requires much data
related information in order to maintain the regular day to day privacy [5]. This section of
the data life cycle is mainly concerned with the transferring of data. This phase marks the

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

5
DATA SECURITY AND PRIVACY PROTECTION
main difference in between the management of the data transfer in between the traditional
method and the newly implemented cloud technology [2].
 Phase 2
Transfer: It is observed that this phase is one of the most important phase where the
privacy and security system needs to be implemented. It is also seen that in case the data transfer
is made in intra enterprise stature, data transcription is not implemented. Again in case the same
data is transferred in between inter organizational basis, transcription of the data is performed.
This transcription helps in securing the data. The main issue that is taken into consideration
includes the fact that the management of the data is performed with the help of elasticity. The
cloud users are not well accustomed with the security systems. This is the main reason that the
cloud platform providers are responsible for securing the data that are being passed through the
cloud platform.
 Phase 3
Use: Data encryption is feasible. Usage of Amazon S3 is one of the main platform that is
used. Usage of PaaS or SaaS is the main concern in this section. This leads to the fact that the
indexing and querying issues are present in the commencement of the data management system.
This insists the fact the prosecution of the data usage gets performed in a better manner. Multi-
tenant feature of the cloud model is one of the most important feature of the cloud data base
system
 Phase 5
Share: data sharing has been making the entre task more complex. The owners of the data
can authorize the data that can be accessed by other people [2]. This is the main reason that the
projection of the entire system will get acknowledged as per the permission provided by the
owner of the data. Maintaining of the protection measures are performed. Granularity and the
data that are to be shared have been acting as the main concern of the entire system
 Phase 6
Storage: The main issues that are observed from the as per the cloud system includes
proper management of the confidentiality, integrity and availability of the data as per

6
DATA SECURITY AND PRIVACY PROTECTION
unauthorized access towards the data prosecution. The availability of the data issue acts as one of
the major issue as the existence of cloud platform availability can be questioned.
 Phase 7
Archival: Storage of data is the main concern of this stage. In case the data that are stored
in the data base if the cloud is not stored in a proper manner and leakage of data from the data
base of the cloud is possible, the robustness of the cloud data base decreases.
 Phase 8
Destruction: data that are not essential in the prosecution of the system gets destructed.
This is the main reason that the prosecution of the data is always kept under the survey of the
platform. This increases the security and privacy issues of the cloud computing platform.
Problems
The main issues that were observed are as follows:-
 Security and privacy: Privacy acts as the major concern of using the platform of the cloud
computing technology. Unauthorized access of data by the imposters are one of the main
concern
 Compliance: Elasticity, Scalability, Low entry cost and flexibility in the platform of the
cloud computing ensures the fact that the management of the project will get performed
with least robustness.
 Privileged user access: Inappropriate implementation of privileged user access incurs the
fact that management of the data will get performed in a better manner [3]. This leads to
the fact that the data are accessed are done in unauthorized manner.
 Tracking data location: Tracking of the stored data acts as an issue in the cloud
computing system
 Software security: software security issue insists the fact that the Multi-tenant access
security is not performed. Issues regarding Identity federation, Identity Authentication,
Access Control and Identity management falls under the heading of software security
 Platform security: issues regarding Framework security, environment security,
component security and interface security are the main concern of the cloud computation

7
DATA SECURITY AND PRIVACY PROTECTION
 Infrastructure security: Issues regarding virtual environment security is also one of the
major concern. Issues that are related to the loading of the virtual images as well as the
virtual machine isolation is considered to be the major issues [4]. In case the management
of these systems are performed with higher efficiency, these issues would not have arisen
 Auditing and Compliance security: issues regarding the inappropriate propagation of the
user management, authorization management, access management, SLA management,
Monitoring management, Auditing management and reporting management are taken into
consideration under the Auditing and Compliance security issues [6].
Relevance
Relevance of the topic of data security and privacy issue in cloud computing can be
considered to be a relevant topic under software engineering. Data base security issue is
considered to be one of the main reason of software engineering as it implements cloud
computing.
Conclusion of the case study: From the stated case study it can be concluded that there
are a lot of issues regarding the implementation of the Data Security and Privacy Issues in the
computing systems. During the implementation of the Data Security and Privacy Issues, a lot of
issues are detected. This article mainly focuses on those issues and steps that must be used for
mitigating the issues related to the introduction of Data Security and Privacy Issues in the
computing system.
Conclusion
From the above discussion, it can be concluded that despite the fact that cloud computing
has many advantages in the functioning of the data circulation, disadvantages that are present are
also huge. The total revenue of cloud computing has been very high. The existing vulnerabilities
of the company has been one of the main issue. Models that are deployed are one of the main
reason of security issues that are present. This includes the fact that the management of the data
that are transacted gets affected. It is seen that privacy issue acts as one of the major reason of
concern in software engineering. This aspect proves that the commencement of the project will
get performed in a better manner only if the security issues are resolved.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

8
DATA SECURITY AND PRIVACY PROTECTION
Bibliography
[1]Chen, D. and Zhao, H., 2012, March. Data security and privacy protection issues in cloud
computing. In Computer Science and Electronics Engineering (ICCSEE), 2012 International
Conference on (Vol. 1, pp. 647-651). IEEE.
[2]B. Halder, "Measuring Security, Privacy and Data Protection in Crowdsourcing", SSRN
Electronic Journal, 2014. Available: 10.2139/ssrn.2568818.
[3]B. Wong YongQuan, "Data privacy law: the Personal Data Protection Act
2012", International Data Privacy Law, vol. 7, no. 4, pp. 287-302, 2017. Available:
10.1093/idpl/ipx016.
[4]N. Chandramouli, "A Study on Data Security and Privacy Protection Issues in Cloud
Computing", International Journal of Computer Sciences and Engineering, vol. 5, no. 9, 2017.
Available: 10.26438/ijcse/v5i9.164170.
[5]A. Vedaschi, "Privacy and data protection versus national security in transnational flights: the
EU–Canada PNR agreement", International Data Privacy Law, vol. 8, no. 2, pp. 124-139, 2018.
Available: 10.1093/idpl/ipy004.
[6]L. Edwards, "Privacy, Security and Data Protection in Smart Cities:", European Data
Protection Law Review, vol. 2, no. 1, pp. 28-58, 2016. Available: 10.21552/edpl/2016/1/6.
[7]S. Roberts, "Learning lessons from data breaches", Network Security, vol. 2018, no. 11, pp. 8-
11, 2018. Available: 10.1016/s1353-4858(18)30111-9.
[8]T. Mander, R. Cheung and F. Nabhani, "Power system DNP3 data object security using data
sets", Computers & Security, vol. 29, no. 4, pp. 487-500, 2013. Available:
10.1016/j.cose.2009.10.001.