Cloud computing has expanded the victory of recognition since its commencement in the IT industry and academic sectors. The business has been already shifted to the cloud as it fascinates the people, industry and community because of its marvelous benefits from its shared resources (Ali, Khan and Vasilakos, 2015). The flexible cost, fresh software and elastic capacity makes more feasible for its use with less environmental impacts. It also has helped to collaborate with the diverse people by sharing the information in real time interval through virtual meeting. According to Cloud Security Alliance a part of the IT budget is spent on the different cloud services by 86% of the companies and 33% of them are proceeding with the utmost speed (Adamuthe et. al, 2015).
National Institute of Standards and Technology (NIST, 2011) has defined the cloud computing as a representation that empowers the globally suitable access of network services that can be shared through the nominal management practice. The basic three service model emphasizes the consumer to apply the various functions that are running in the cloud infrastructures. Besides these, cloud services concern with different challenges regarding the security issues (Mell and Grance, 2011). The risk associated with the operation, management and real practice has been determined in the cloud computing technology. The survey done by the IDCI has declared that 74% of the IT experts mentioned that the cloud service is bounded by the higher security challenge and should be addressed to the privacy because of disloyal management of data and services (Subashini and Kavitha, 2010).
Here, the figure 2 represents the level of complexity in security that has been encountered in cloud environment. The bottom section stands for the deployment models and above which the delivery model consisting Saas, PasS and IaaS. The characteristics of these delivery models strictly need the security that directly depends on the deployment modes. The major issues that have been encountered in the cloud are considered as data storage, transmission and application security. Beside these the security interrelated with third party is also considered as the major security challenge (Ragi, 2011).
With the increasing progress in cloud computing sector, the risk in the data protection has become prominent because of various reasons such as unauthorized access to the data.
Security Techniques to protect data in Cloud is one another challenge that occurs in the cloud due to which unintended data are released to the public. It has been always ranked as top concern to the cloud users. According to the Identity Resource Theft Centre (2016), 29 million records have been exposed because of the data breaches in US (Chae et.al, 2016). Another serious issue that seems most prominent are system vulnerabilities and account hijacking that leads to the data stealing, service operation disruption and disturbing on the activities or may redirect the users to dishonest sites.
To minimize and avoid all these security issues different techniques has been proposed in the cloud computing that also includes the contractual and legal level solutions to prevent the different attacks on the cloud services. The different approaches that have been proposed to avoid the security issues are described in the following chapter.
In chapter 2, the brief definitions and background of the cloud computing will be described. From section 2.1 to 2.9 different aspects of cloud computing will be described with different sub sections.
In today’s world, cloud computing has become essential part in every sector of business in IT industry which has been acknowledged as the universal access application through the internet. Different researchers have defined the cloud computing in different way making it quite controversial. Here, the definition given by the NIST, 2011 has been considered as standard definition for cloud computing.
“Cloud Computing is model for enabling ubiquitous, convenient, on demand network access to a shared pool of configurable computing resources (e.g Networks, servers, storage, applications and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction” (Mell, 2011).
As mentioned by the NIST, it is still growing model where its definitions, security issues, challenges and advantages are defined differently by the private and public sectors. The above definition attempt to incorporate different cloud approaches.
Cloud computing has been most popular in IT industry that make easy access to the cloud to use any application through network. The perception towards cloud computing is different for different people where some people accept it as cost beneficial and some other people are still careful towards privacy and security. Hence, the feature of cloud computing should be explored to understand its nature. According to NIST the key charechteristics of the cloud computing are described as follows:
As per need of user, cloud computing allows to carry out the tasks to manage, deploy and schedule the programs that is accessible to the users. This process can be performed without any communication between the user and cloud service provider that helps users to work elegantly helping them to make their own decision as per need in the future.
The accessibility of network is higher in this platform which is accessible through the mechanism that is available on the network. The examples of platforms that the network can be accessible are laptops, mobile phones tab and different workstations. This availability of network helps user to perform the task at any moment because of easily available platforms.
In case of cloud computing, a huge number of customers make able to use the service by resource pooling. The resources in this case are, are enthusiastically allocated or dislocated according to the need or demand of the users.
The allocated resource in the cloud computing must be elastic that it should be changeable to fulfil the customers demand. The service provider system should be elastic enough that could fulfil the additional demand and should be recoverable to the normal point when the need decreases.
Cloud computing is totally relied on the usage that it does have any upfront cost. Whatever the users use the service, they are billed accordingly. This can help users to minimize the cost and they can also track the usage because of this the customer can appreciate the cost benefit provided by the cloud computing.
According to the performance, resource availability and bandwidth, cloud computing pledge with best service level for all its users. The available features of cloud computing can help to empower the commercial sector and businesses that they can negotiate with the facility provider.
As described above, cloud computing is a best model to enable the broad, suitable and on demand network admittance the end users through shared pooled of resources provided by the service provider (Subashini and Kavitha, 2011). Cloud computing is composed of three essential service modes (Mell, 2011) which are described as follows:
With the demand of customers, SaaS provides cloud-based foundation for the software and the users get into access the web delivered content or applications through the web browsers that are running in the cloud. In this case, the users are not capable of managing the network, operating system or server because of its application configuration setting (Mell and Grance, 2011).
PaaS offers the platform to arrange the application in the cloud that has been developed by the consumers with programming language and the tools. They can regulate or control the deployed application and its configuration although they do not manage the network, server or storage (Mell and Grance)
The consumer is provided with capability to facilitate the network and storage including other computer resources through which they can deploy the application and run random software. Here the user has power to control over the operating system storage space and functions that has been deployed in the cloud (Mell and Grance, 2011).
During the deployment process, the application created is made available for use that consists of different other interrelated activities. The deployment process could from both producer and consumer side. Here in case of cloud computing, NIST, 2011 has categorized the deployment model into four types as described below:
Private cloud is provisioned only for single institute that includes other several users. These types of cloud models are owned or operated by the organization itself and can be exist on or off sites (Dillon et. al, 2010).
In community cloud, the cloud infrastructures are provisioned for the particular or specific community of the users from the organizations for their use. These types of cloud are owned and managed by single or group of organizations within the community circle and these clouds may exist on or off premises sites (Dillon et. al, 2010).
Public Clouds are sold to the public which consists of mega scale infrastructures. These types are available for general public. These are owned or managed by government organization, academic or a business or mixture of them and exist on the site of the provider.
The mixture of two or more types of cloud infrastructure such as private cloud or community cloud or public cloud are hybrid cloud which consists of distinctive entities, but they are bounded by the standardized knowledge.
Cloud computing in IT services has numerous benefits as cloud services can minimize the capital cost, less operating costs and other many more. But cloud service provider can vary in different ways like security, reliability and consistency. Here the major cloud service providers that is providing the different cloud services. Google, Microsoft, Amazon, IBM, Oracle, Rackspace, Eucalyptus and Citrix are some popular cloud service provider (Vaquero et. al, 2008).
With the development of cloud and its practice in the , security concern towards it has increased because of threats of uncertainty on the data security. NIST has defined the cloud security as, any kind of protection that has been applied to the cloud services to preserve the privacy, reliability and accessibility of the resource in the sector of information system. Security has become important aspects in cloud computing as most of buyers concern about the security and kept in priority. As shown in figure 4, before using any cloud servicers, users seems to be more concern about the security in the service that is 74.6% than other aspects.
To protect information, cloud computing security has set the control-based techniques and policies. However, the issue of cloud security remains uncertain. The security issues in cloud computing is discussed below:
Basically, confidentiality preserves the information by preventing the access for the unauthorized parties. For example, by keeping any information secret to the people who have no authority to access the information will preserve the confidentiality. In this case the data are disclosed to the unauthorized users. When any data is accessed by the unauthorized user then loss of confidentiality occurs. When the messages are not encrypted the electronic confidentiality occurs (Ali et. al, 2014).
In this chapter, the existing information and finding on the cloud security techniques is reviewed critically. Here, 6 papers were selected for the review on the mentioned topic that is relevant. From section 3.1 to 3.6 all six papers will be reviewed with different sub sections of each paper.
Zia and Mansukhani (2012), has proposed “Virtualized High Trust Zone” as a solution to avoid or tackle with attacks in the virtualized infrastructures that are based on the cloud services. In addition, they also presented the findings of the survey of experts view on the cloud security. They presented this solution to enhance the existing security measures to make more secure from attacks to the services and to ensure high-level safety of the records in the cloud.
The author also briefly described about the unique security issues in the sector of cloud computing that includes minimum user control, unauthorized usage of data, data redundancy, multi tenancy and data mobility and control. This paper also mentioned about the necessity of well-defined security policies and procedures.
Before VHTZ, “A High Trust Zone “was proposed by Gutierrez et.al in 2012 to protect virtual cloud computing on Infrastructure as a Service platform including virtual environment (Zia and Mansukhani, 2012). When a high trust zone is created a high degree of trust is established between data, providers, users and the entire system.
The figure 5 below has been proposed by the authors that explain about the HTZ and its use to protect the virtual machines and other cloud infrastructures. T includes the two phases:
Phase 1: Virtual Infrastructures Configuration
Phase 2: Network Monitoring
Prakash, Prateek and Singh (2015) have proposed this technique to secure the data from its threat. The privacy cannot be guaranteed from the un-trusted third party after leaving the data from the service provider. In this paper, the authors have presented the “Trusted Third-Party Query Process (TTQP) technique to protect the graph structured outsourced data. This method used the encrypted graph frequent features search index that helps to match the quarry graph features. The performance analysis showed that, thus proposed technique is more protected than recent Privacy Preserving Encrypted Quarry Graph (PPQG). This method is proposed to maintain and process the increasing large-size data. In this process, the tree and path-based method has been developed to retrieve the graph structured data that can give more security to the information that has to be processed. This application consists of UML diagrams, chemistry, Bio-informatics and social networking.
He et.al commenced a Novel Network Security Architecture (NetSecCC) to guarantee the network security in cloud computing. It is developed to provide protection for both internal and external traffics in cloud. This paper basically considered the network secure ty other than data security. The proposed security technique also provides flexible scalability. In addition, this technique accomplished fault-tolerant among the virtual middle box failure. The authors have proposed this method in response to the large number of data destruction and data tampering including the fault that occurred in traditional architecture in the field of cloud computing. As mentioned in this paper, the conventional architecture is short of different internal network security method between the virtual machines (VM). Hence because of these lacks in the sector of cloud computing, He et.al proposed NetSecCC architecture which tries to eradicate these disadvantages where it provides, flexible scalability to virtual middle box load and fault tolerance in response to failure. NetSecCC uses the systematic approach that provides security in cloud and it provides on-demand network safety services.
Cloud Computing Security Assignment, Internet of Things Assignment Help, Information Technology Assignment Help, Cloud Computing Assignment Sample, Web Designing Assignment Help, Visualisation Assignment Help
Holding a PhD degree in Finance, Dr. John Adams is experienced in assisting students who are in dire need...
55 - Completed Orders
Canada, Toronto I have acquired my degree from Campion College at the University of Regina Occuption/Desi...
52 - Completed Orders
Even since I was a student in Italy I had a passion for languages, in fact I love teaching Italian, and I...
102 - Completed Orders
To work with an organization where I can optimally utilize my knowledge and skills for meeting challenges...
109 - Completed Orders
JOB OBJECTIVE Seeking entry level assignments in Marketing & Business Development with an organization...
202 - Completed Orders
Current work profile Project manager- The Researchers Hub (2nd Jan 2016 to presently working) Researc...
20 - Completed Orders
Sales Assistant, Mito Marina Assigned to the Stationery dept – assisted in merchandising, stock taking...
100 - Completed Orders