Data Security in Cloud Computing
In the global pool of huge information that is unaccountably generated on daily basis, security is becoming consistently a foremost issue in the field of information technology. In relevance to cloud-computing upbringings, it is becoming predominantly severe, as the huge amount of information is to be found in various places and even across the globe. Confidentiality protections as well as data security are the two main features of cloud concern of the users regarding this cloud technology. Though numerous techniques in regards to this topics of cloud computing have been highly investigated in both industrial aspects as well as academics, data security followed by privacy protection is still more important to be considered for ensuring immense future development in cloud computing expertise for industry, business as well as government. Data security as well as privacy protection issues in cloud computing are in relevance to both the software and hardware stuffs associated with the cloud architecture. In this research study, reviews on various security techniques as well as the concerning challenges from the perspective of both software as well as hardware aspects towards providing protection of data, which is residing in the cloud has been reflected. Furthermore, this assignment has aimed at enhancement of the data security modelling as well as privacy protection to upright cloud computing conceptualization. In this research study, a review and appropriate analysis of the prevalent research works in relevance to the data security modelling as well as privacy protection tools that has been enforced for providing security in the cloud computing is vividly described
In the 21st century, cloud computing can be envisioned as next generation paradigm in terms of computation. Taking under consideration the cloud-computing environment it is well known to every cloud users that both applications as well as resources are appropriately delivered based on demand through the Internet as services. It is worth mentioning that cloud is defined as an environment, which is associated with the hardware as well as software resources located at the data centres, which will eventually provide diversified services through the network or even the Internet for attainment of satisfaction of the cloud user’s requirements.
Literature review – Broad Scan and Reading
Interest that led to selection of initial keywords
For the pursuance of this research, the finding of initial keywords holds much significance which would be helpful in understanding the data security in cloud computing. While thriving with the technological innovations of the 21st century and the generation of huge amount of information across the world, data security has become the most concerning and highly discussed topic. Another significant innovation that has been made in this century is cloud computing which is secured platform and migrating to it means that the users’ responsibility for securing their data goes up considerably (datamation.com, 2019). Data having a varied level of sensitivity is continuously moving out of the confoundedness of the computer firewalls. The users no longer have any sort of control on their data, which could reside anywhere across the world and it invariably depends on the cloud company the user is using at present. While stepping forward towards the public cloud or making use of the hybrid cloud clearly signify the potentiality for cloud security issues has been observed ubiquitously all along the chain.
Number of search results and keywords:
While searching for data security in cloud computing, precisely 188,000 results were returned in Google Scholar. The keywords found in this first round of search are cloud computing, data security, cloud security, cloud computing adoption framework, research issues, edge computing and Big Data.
After going through the first search result list, it has been identified that data security is serving only in case of cloud service providers, which has significantly risen to the occasion. It never matters which platform the user has preferably selected for the debate in between Google or Azure or AWZ, all exercise different compliances according to the standards such as ISO, HIPAA, SOC and PCI DSS. They have been some critical measure of responsibility that extensively creates an important challenge in cloud computing. Thus, there here are numerous decisive concepts strategized for assurance of data security in the cloud.
After a detailed research in the Round 1, various concepts have been acknowledged, which has favoured the researcher to advance in the Round 2 of literature review. Depending on the numerous concepts for assuring data security in the cloud, the researcher has directed stringent focus on the privacy protection, preserve data integrity, availability of data and its privacy (Manogaran et al., 2016). The users’ data is necessary to be protected from having some unauthorized accessibility irrespective of their cloud decisions, which is inclusive of data controlling and data encryption that can access and sees what. There may be numerous situations where the user might desire to make availability of data to some assured personnel taking under consideration certain conditions. Automated tools help in discovering and identification of the sensitive data of the organization as well as where it resides. Amazon Web Services possess Macie whereas Microsoft Azure is possessed with Azure Information Protection (AIP) for acute classification of data with the applic
ation of labels. The third party tools comprises of Fivetran, Logikcull, Tableau and Looker.
While researching on the various aspects in relevance to the data security in cloud computing in
various other interconnected aspects comes under consideration, which is necessary to be briefed in Round 3. During the pursuance of literature survey on data security in cloud computing, it is essential to be aware of certain other factors such as encryption process, relevant threats, data security and staffing and finally contractual data security (Ali et al., 2015). At present, encryption technologies has become fairly matured, which ensure data privacy is insured and protected. The encryption of data is completed through key-based algorithms and those private and public keys are acutely stored in the cloud by its provider. However, it has also been identified that some business-related apps such as Dynamix and Salesforce are proficiently using tokenization in place of keys. This is associated with substitution of particular token fields for unsigned data tokens. Providers of cloud service have a wide variety of tools and policies for security in place, however, occurrence of certain issues can never be avoided at certain times, which usually originate due to some error from users’ end.
Literature Review – Focused Reading
Article 1: Towards achieving Data Security with the Cloud Computing Adoption Framework
Authors: Victor Chang, Muthu Ramachandran, Member, IEEE
In case of cloud computing, offering of real time data security in case of petabytes holds much significance in this 21st century technical innovations. A recent survey conducted on cloud security has stated that security of users data is highly concerning as well as prioritised. It is believed that this could only be achieved with the execution of a systematic approach, which can be easily adopted as well as well structured. Thus, in this research paper, a strategic framework termed as Could Computing Adoption Framework (CCAF) that can easily be customised to ensure security of cloud data has been formulated. This research paper further explains overview, components and rationale in the CCAF for extensive provision of protection towards data security. CCAF has been illustrated by system design depending on the necessities as well as the implementation, which has been demonstrated by CCAF multi-layered security. As Data Center has approximately 10 petabytes of data, there is immense undertaking for providing real-time quarantine as well as protection. In this research study, Business Process Modeling Notation (BPMN) has been used for the stimulation of how data is to be used for betterment. The enforcement of BPMN model will allow the users in evaluation of their selected security performances prior to its tangible implementation. The outcomes in this paper acutely reflect that the needy time for acutely taking control over security breach ranges from 50 to 150 hours. This signifies that incorporation of additional security is necessary for ensuring all data has been protected well within the crucial 125 hours. Through this research, it has been accurately demonstrated that CCAF multi-layered security proactively protect data over real-time. It has three key layers of security namely firewall and access control followed by identity management and intrusion prevention and finally convergent encryption. For validation of CCAF, this research has undertaken two accurate ethical-hacking experimentations, which involves testing of virus penetration with approximately 10,000 trojans (Chang and Ramachandran, 2015). It has been proved through the research that CCAF multi-layered security has been a perfect player in blocking upmost of roughly 9,900 trojan viruses, which can easily be destroyed within a couple of seconds and the existing ones can be isolated or quarantined. The experimentations reflect that although percentage of blocking could be considerably decreased from being harmed with uninterrupted injection of Trojan viruses, however nearly 97.43% of them could only be quarantined. In this research paper, CCAF multi-layered security has recorded a better performance averaging nearly 20% while compared with the single-layered approach that could be successful in blocking only around 7,500 Trojan viruses. CCAF could be more helpful in later phases when it is appropriately combined with BPMN simulation for evaluation of penetrating testing results and security process.
Article 2: An Analysis of the Cloud Computing Security Problem
Authors: Mohamed Al Morsy, John Grundy and Ingo Müller
In this research paper, cloud computing has been reflected as an innovative computational paradigm, which proficiently offers a new business model for all organizations in their adoption of IT infrastructure without making any kind of upfront investment. In spite of having numerous potential gains that has been achieved due to the conceptualization of cloud computing, the security modelling has been still under question, which intensely affects the adoption of cloud model. As opined by Almorsy et al. (2016), the security issue is becoming more complex under cloud computing model, which is because of the fact that new dimensions has been incorporated within the problem scope in acute relevance to the architecture modelling, elasticity, multi-tenancy and layered dependency stack. In this research study, the researchers have introduced a vivid detailed assessment of cloud security problem. The researchers have proficiently investigated the issue from the perspective of cloud architecture, its extensively offered characteristics, the perspective of cloud stakeholders, and finally the modular perspective of cloud service delivery. Being reliant as well as dependent on this research analysis the researchers has eventually derived a comprehensive specification in relevance to the cloud security problem as well as its key features, which is necessary to be covered by any anticipated security solution.
From the literature survey that has been pursued in section 3, it has been clearly understood that internet security in cloud computing has been a highly concerning topic of discussion, which is convincingly dragging the attention of most of the researchers at present. The key finding from the two research papers studied above can be summarised for having a close inspection. The cloud security problem are somewhat inherited from the proclamation of innovative technologies such as virtualization. Isolation as well as multi-tenancy is the major dimensions in relevance to cloud security issue, which desirably necessitates an upright solution initiating from the SaaS layer and going down until the physical infrastructure for the development of physical in similar way boundaries among tenants as an alternative of virtual boundaries that are presently applied. Furthermore, security management has become extensively crucial in the managing as well as controlling this number of necessities and controls. In addition, the cloud model should be equipped with holistic security wrapper, as reflected in the second article, such that any kind of accessibility to some object sustaining in the cloud platform could firstly pass through security components.
Following the first article, it can be inferred that multilayered security is a stable method and can be highly recommended as it accurately offers security improvements as well as multiple protection for excessive amount of data that are hold in the Data Centre. It is worth mentioning from the first article that the technical detailing in every layer of security has already been investigated following the proposition of an integrated solution for checking all types of data while in usage in the cloud. The paper has further investigated the use of Business Process Modelling Notation for simulation of certain cases that reflects how data can be effectively used which is either in use, or at rest or in continuous motion.
Aim of the research:
The aim of the research is to analyse data security in cloud computing.
Depending on the two recent research journals, various research works can be proposed which are necessary to be addressed in future for the enhancement of data security in cloud computing. It is necessary for the researchers to be indulged more in cloud security management. The objective is to create a blockage to the hole that unknowingly arises at stances of security management procedures of the cloud computing users as well as providers of cloud computing while adoption of cloud model. It is necessary to be more focused on the concept of problem abstraction by making use of model-based approaches for capturing various security viewpoints and afterwards link those standpoints within some holistic cloud security modelling. For resolving such issues, it is inevitable to capture various stakeholders’ security necessities from various levels of detailing and perspectives. Research propositions can be made in terms of mapping those cloud security requirements, which are necessary to be incorporated within the cloud architecture, security enforcement mechanisms and security pattern.
It is also necessary to deliver feedback regarding the contemporary security status for the cloud users as well as providers. It can also be proposed for acceptance of an adaptive model-based approach, which will assuredly be effective in tackling cloud security management issue. Various models can be developed like in the first article, which will promisingly help with the strategy of problem abstraction for ensuring extensive data security in cloud computing and thereby capturing security requests of various stakeholders at a diversified level with immense detailing. In due course of research, adaptiveness will surely assist to deliver a dynamic, enforceable and integrated cloud security model. Inclusion of a feedback loop in the cloud computing will be effective for the users and providers in measuring the security status, which will in turn be assistive in improving the present status of cloud security model. This will eventually be helpful in keeping cloud-computing users acutely aware regarding the security status of their assets by acute application of the trust but verification of the concept. It is also expected to improve the codes and methods associated with the simulation process and in due course select the appropriate type of algorithms for improving the performance taken as a whole during the execution time of blocking viruses or trojans and provision of data security in real-time. It can be recommended to develop more innovative services as well as proofs-of-concept in the CCAF for improving the performance level of penetration testing followed by BPMN simulation.
From the above research study, it has been very clear that extensive research work has been pursued in the field of data security and data protection while being associated with could technology. Reduction of data storage and ensuring more security is the mandatory requirement to any business organization. No users will transmit their information into the cloud until and unless the trust has been securely built in between the users and cloud service providers. Numerous techniques are proposed by researchers for ensuring data protection and thereby attain higher level of data security infused into the cloud. However, there is a coexistence of numerous gaps for being filled through making these data security models more effective. More work is necessary in the concerned area of cloud computing for making it up to standard for the cloud service users. This paper has proficiently surveyed a variety of models regarding data security and its privacy concerns, whereby being stringently focused on data storage and use of cloud technology, for acute data protection provided by the cloud computing environments for building excessive trust in between users and cloud service providers.