University: Information Security - Cloud Computing Security Report

Verified

Added on 2020/04/07

AI Summary

This report provides a comprehensive overview of cloud computing security, starting with an introduction to cloud computing and its various deployment and service models. It highlights the benefits of cloud computing, such as cost reduction, scalability, and resource utilization, while also addressing the associated privacy and security issues. The report identifies common security threats, including data breaches, poor user access management, system vulnerabilities, and account hijacking. It explores research questions related to cloud computing privacy and security, referencing several research papers that discuss topics like data protection, threats, and the use of technologies like quantum cryptography to enhance security. The report also covers cloud disaster recovery, its benefits, and implementation strategies, emphasizing the importance of analyzing requirements, comparing vendors, and training employees. The report concludes by highlighting the need for continuous development and adaptation of security measures to address the evolving challenges in cloud computing, emphasizing the importance of government regulations and the comparison of cloud-based solutions with traditional on-premises systems. References are provided for further reading.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.

Running Head: INFORMATION SECURITY
INFORMATION SECURITY
Name of the Student
Name of the University

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

1INFORMATION SECURITY
The very first thing that comes to the mind when people ask about the cloud, mostly
people mistakes it with the actual cloud or relates it to the weather. It is actually used very
commonly in the IT field. Cloud computing is quite a old concept of storing data. Cloud
Computing distributes computing on internet and delivery of computer services over the internet
(Han et al., 2016). IT refers to the configuring, manipulating and accessing of online
applications, which offers online storage, infrastructure and application. There are relatively two
working model of the cloud computing: The Deployment model and The Service Model. Service
model is also called the reference model. Service model is divided in to IaaS, PaaS and Saas
service cloud. Whereas the deployment model consists of Private cloud, Public cloud,
Communication cloud and Hybrid cloud infrastructure that has been provisioned for the
exclusive usage of the organization that are incorporated with multiple consumers. This model
can be managed by the organization itself or by any other third party or combination of both of
them. Cloud Computing involves the use of internet hosting in place of using local servers for
easier access to data and services. This technological feature includes multitenancy, elasticity
and potential for the maximum utilization of resources.
 Cloud computing has several business advantages for storing, computing scalability for
distributing the resources globally. Despite of the benefits of this cloud computing there
are several privacy and security issues. The system providers must be sufficient to guard
against the serous threats for the cloud computing data security. The common security
threats to the cloud are: Data Breaches, Poor User Access Management, System
Vulnerabilities, Insecure Interfaces and APIs, Malicious Insiders, Account Hijacking,
Advanced Persistent Threats, Data Loss, Insufficient Due Diligence, Fraudulent Use of

2INFORMATION SECURITY
Cloud Services, Denial of Service and Shared Technology Issues. Some of the commonly
research questions for security of cloud computing are:
 What are the main issues related to privacy of cloud computing?
 What does cloud computing benefits us?
 What are the ways to overcome the security and privacy issues for protecting the data?
As discussed in a research papers: 1) When a system involves cloud computing, it
becomes a major factor to protect the data. Privacy of the data is something that must not be
neglected as per the authors. It is vital to make sure to whom we are providing our personal data
and the later does not exploit our rights. There are risks where the non-public data are sent to the
clouds and must be used in an alternative function. The paper (Hindrance in the Security of
Cloud Computing) further analyzing and discussing about the threats of cloud computing that
includes Internal threats such as the Rouge administrators and Cloud Administrators, External
threats such as Data loss, Abusing and misusing of clouds and Service hijacking. In the end it has
been mentioned that the cloud service usage is still debatable, because of the major threats. Some
of the new techniques devised with addition to advance the computational issues in security
(Nanda et al., 2016). 2) In the second research (On Current Trends in Security and Privacy of
Cloud Computing) it has been analyzed that the computer infrastructure and network is
increasing with a tendency to become more sophisticated. Key management, cryptography,
identity and access management hence are the major tools for the security requirements of cloud
computing (Sahin, 2013). 3) Another research (Enhancing Data and Privacy Security in Mobile
Cloud Computing through Quantum Cryptography) displays the QCMC proposal of models that
effectively enhances the data privacy of the users in mobile cloud computing environment by
quantum cryptography technology. This technology can be used by users to communicate with

3INFORMATION SECURITY
cloud application after the process of authentication. It has been proved by experimenting that
the proposed QCMC model can be effectively implemented to the quantum cryptography in
mobile cloud computing environment that will protect the privacy and security of the mobile data
users (Han et al., 2016).
Cloud computing has been known to increase the competiveness by cost reduction,
increase in flexibility, elasticity and utilization of optimal resources. Some of the very common
uses of cloud to enhance the ability to achieve the business goals are:
1. Infrastructure as a Service (IaaS) and Platform as a Service (PaaS)
2. Private cloud and Hybrid cloud
3. Test and development
4. Big data analytics
5. File storage
6. Disaster recovery
7. Backup
The dangers and equivocalness as of now characteristic to the cloud demonstrate that more
development is required, for the most part with respect to suppliers. Assertions amongst
suppliers as well as the customers should be particular about these issues, particularly
unapproved utilize. Governments need to sanction laws that are intended to remain pertinent and
secure buyers in the age of the web. Rather than endeavoring to authorize laws from a prior time,
new laws must be made which are intended to oblige the vulnerabilities of distributed computing
and across the board web use when all is said in done. Cloud Computing disposes of a
considerable lot of the potential risks and threats that has already been characteristic. It gives a

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

4INFORMATION SECURITY
stage to sharing data comprehensively, during a time where most business includes worldwide
components. Alongside cell phones, and progressively dependable web, distributed computing is
another progression in pulling down separation between the business and collaboration.
As per the survey feedback received one asks “How does the cloud service sustain
disasters affecting data centers or connections, and which data is backed up and where?”, as per
the record the business thus has own data centers, operating in the cloud service with other
providers. Cloud disaster recovery is implemented generally when there is an urgent requirement
of the service. Cloud organizations are not just about accommodating accumulating, accessible
by various devices, yet consolidate basic favorable circumstances, for instance, more worthwhile
correspondence and minute multi-point joint exertion. Customary reinforcements are produced
using a server farm to a distributed storage vault. On account of information misfortune or a
broadened blackout (absence of administration) by a seller, another duplicated virtual server can
be propelled from the option physical area to deal with information and application prerequisites
until the point when the first is set up back. There is a requirement of Cloud Disaster Recovery
because Cloud DR has a numerous benefits for all, which have: Lower cost and attainable
disasters recovery implementation, data stability doubts must be removed and has the access
from a single clod service provider, reduction of vendors locked-in and meeting the industrial
laws and regulations. The main keys by which we can analyze the successful implementation of
cloud recovery are: by analyzing the disaster recovery requirements, comparing the vendors by
advertising services having service-level agreement and creating a cloud disaster recovery policy
training the employees and testing the server regularly. After recovery the data is put into the
server for further implementation. Along these lines, a comparative examination needs to
consider not only the threats of securing data in better places (on premises versus the cloud) yet

5INFORMATION SECURITY
also the risks when on premises-data set away on premises – e.g. a spreadsheet - is informed to
various individuals for their responsibilities, against the security issues of a spreadsheet set away
in the cloud and open to composed exertion between those individuals.
In the second feedback it was asked “How does the cloud provider manage network and
information security risks related to the cloud service?” Hazards are generally dependable to the
connection over the greater business opportunity and craving for disasters, in some of the cases
there are chances to repair by the circumstances eventually. The danger of utilization of the
distributed computing are ought to be contrasted to the risks of the remaining along with the
customary arrangements like desktop-based models. The level of disasters will be large as
compared to others and will be having different fundamentals according to the type of cloud
design to be considered.
Hence, the security issues in the field of cloud computing the zone of distributed
computing are dynamic territory of research and experimentation. Different issues are recognized
one of which is the security of client information and applications. Cloud administrations are
accessible to accomplish security with the changing procedures and techniques. To address the
test of choosing one of the cloud benefits in view of the client prerequisites of security, an
assessor instrument is proposed. Thus the cloud services are hence analyzed and evaluated by the
trusted values and are in the process of improvement.

6INFORMATION SECURITY
References
Mishra, A., Mathur, R., Jain, S., & Rathore, J. S. (2013). Cloud computing security. International
Journal on Recent and Innovation Trends in Computing and Communication, 1(1), 36-39.
Almorsy, M., Grundy, J., & Müller, I. (2016). An analysis of the cloud computing security
problem. arXiv preprint arXiv:1609.01107.
Ryan, M. D. (2013). Cloud computing security: The scientific challenge, and a survey of
solutions. Journal of Systems and Software, 86(9), 2263-2268.
Verma, D., & Mahajan, E. K. (2014). To Enhance Data Security in Cloud Computing using
Combination of Encryption Algorithms. International Journal of Advances in Science and
Technology (IJAST) Vol, 2.
Rittinghouse, J. W., & Ransome, J. F. (2016). Cloud computing: implementation, management,
and security. CRC press.
Khalil, I. M., Khreishah, A., & Azeem, M. (2014). Cloud computing security: a survey.
Computers, 3(1), 1-35.
Shahzad, F. (2014). State-of-the-art survey on cloud computing security Challenges, approaches
and solutions. Procedia Computer Science, 37, 357-362.
Wei, L., Zhu, H., Cao, Z., Dong, X., Jia, W., Chen, Y., & Vasilakos, A. V. (2014). Security and
privacy for storage and computation in cloud computing. Information Sciences, 258, 371-386.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

7INFORMATION SECURITY
Sahin, S. (2013, October). On current trends in security and privacy of cloud computing. In
Application of Information and Communication Technologies (AICT), 2013 7th International
Conference on (pp. 1-5). IEEE.
Zhao, F., Li, C., & Liu, C. F. (2014, February). A cloud computing security solution based on
fully homomorphic encryption. In Advanced Communication Technology (ICACT), 2014 16th
International Conference on (pp. 485-488). IEEE.
Nanda, M., Tyagi, A., Saxena, K., & Chauhan, N. (2016, January). Hindrances in the security of
Cloud Computing. In Cloud System and Big Data Engineering (Confluence), 2016 6th
International Conference (pp. 193-198). IEEE.
Han, J., Liu, Y., Sun, X., & Song, L. (2016, August). Enhancing data and privacy security in
mobile cloud computing through quantum cryptography. In Software Engineering and Service
Science (ICSESS), 2016 7th IEEE International Conference on (pp. 398-401). IEEE.