Computer & Network Security Assignment Help
TOP FIVE SECURITY ISSUES IN CLOUD COMPUTING
INTRODUCTION
The security issues of cloud computing are just as important for individuals and companies both as is the maintenance of their data in Cloud Environment. Cloud Computing itself is a shared environment which provides various services to its subscribers without them having to make massive hardware/software changes to incorporate those changes (Jonathan, 2008). The key characteristics of cloud computing, as described by a report from University of California Berkley (2009) describes cloud computing as:
“(1) the illusion of infinite computing resources;
(2) the elimination of an up-front commitment by cloud users; and
(3) the ability to pay for use . . . as needed . . .” (Fox et al., p.1, 2009)
With the gradual increase in number of users getting themselves registered on clouds for data storage the security issues are becoming intense. There are a number of protocols to which the environment of cloud computing is subjected. These protocols include issues of confidentiality, integrity and availability. Security of cloud environments is essential so that the intentional or unintentional / unauthorized disclosure of data is prevented (Miller, 2008). To prevent unauthorized disclosure with respect to the cloud environment network security protocols, network authentication services and data encryption services are used. It is essential that companies become vigilant and keep restricted eye on how passwords are assigned, protected and changed. Cloud computing service providers often take the help of third party companies. It therefore becomes inevitable that companies should gain information about those companies which could potentially access their data (Jonathan, 2008). Companies that opt for taking the services of cloud environments need to incorporate firewall services, communications security management and intrusion detection services in order to prevent and combat unauthorized access to their data over the cloud environment. One of the key factors that should be noted about cloud service providers prior to taking up their services is the down time experienced by a cloud service provider. In order to assess the downtime the cloud service provider’s reliability reports could be viewed and assessed. The cloud service provider should be chosen only if it is determined from the reports that the requirements of the business can be met by the service provider.
The services provided by the cloud service provider are ensured by maintenance of backups, redundant disk systems, acceptable logins and operating performance, security processes and security protocols relative to the networking environment. The overall security challenges being faced by the cloud environment can be categorized into two distinct categories (Brunette, Mogull, p.26, 2009). These are security issues faced by cloud providers. This includes issues of the organizations that provide structural mechanism, Software or Platform via the cloud and stage for cloud environment. Secondly there are security issues that are faced by customers. With respect to their level of severity the security issues can be numbered in the following order where levels 1-5 are from the greater to the smaller levels of severity.
Empower your business with Assignmentstudio’s expertise in IT Security Essentials. Our tailored solutions ensure that your digital assets remain secure, enabling you to mitigate risks and maintain compliance in today’s dynamic cybersecurity environment.
Navigate the intricate world of cloud computing with Assignmentstudio’s Professional Assignment Help on Innovation: Cloud Computing. Our dedicated experts provide unparalleled support, fostering mastery and innovation in this transformative technology landscape.
PRIVACY AND SECURITY ISSUES
Privacy is termed as the right to the freedom of knowing where one’s information is being used and accessed. Formally it may be said as the right of an individual to ‘know what is known about them’ (Privacy in Cloud Computing, 2012). Each user has the right to get to know where information about them is being stored and how it is being communicated and in what paradigms. This is also intended in order to ensure that no abuse is being done to information relative to oneself. Privacy is thus concerned with not only confidentiality but much more than that. Privacy rights are supposed to ensure that each individual controls his or her data with his or her free will and keeps it public or private whether whatever the nature of the data may be (Privacy in cloud computing, 2012).
Privacy is the top most security issue with respect to cloud computing. The data being stored on clouds is of a varied nature and may consist of data of high importance and critical nature such as monetary information and credit card numbers. It is therefore essential that all critical data such as financial information is masked and also that only the authorized users would have access to that data. The protection of digital identities and credentials should also be ensured along with any data relevant to the customer’s activity in the cloud. Legal issues similar to contracts, E-Discovery, other laws related to these should be taken into consideration as they may vary from one physical region into another.
“Due to the nature of cloud computing (e.g. multitenancy) and the volume of data likely to be put in the cloud, data security capabilities are important for the future of cloud computing.” (Mather, et. al., 2009)
The possibility if any unpredictable incidents should be discussed among the cloud service providers and the clients. These include problems of liability, which may discuss how any issue relevant to accidental data loss, or compromise may be resolved. The importance and integral nature of privacy and compliance issues can be assessed by the fact that an identity loss that may result in the loss of privacy may cost an organization short term losses in terms of remediation, investigation and costs of resolution. The long-term damage that may occur as a result of privacy loss may be intense and may result in negative publicity. A distinct point of view exhibits that major cloud servicce providers may actually be suffering from ” a disturbing lack of respect for essential privacy” (Larkin 2010, p. 44). It is due to this security hitch that most of the major business and finances services hesitate to store their values data in the cloud. They claim that it is their common observation that while cloud service providers offer attractive storage packages to prospective users their performance with respect to policy matters relevant to privacy has not been convincing at all (Wittow & Buller 2010). For the sake of ensuring flawless security it is essential that comprehensive privacy policies should be written. Such policies are specifically beneficial in cases of disasters and also owing to the challenges of processes of virtualization, servers that are geographically dispersed and processing and storage spanned over vast geographical locations. Cloud security is important as virtualization process, geographically dispersed servers and co-location of processing and storage pose especial challenges. Security involves using trusted hardware and software, a secure execution environment, establishing secure communications and hardware augmentation.
SOFTWARE INTERFACE SECURITY
Application Programming Interfaces or APIs are inevitable components of Cloud Computing. The delivery of cloud service rapidly and the interoperable environment of cloud computing is made possible only via software interfaces. Since APIs are software they are customizable in line with the requirements of the environment. In order to be publically accessible via cloud APIs need to possess substantial security. This security is not only beneficial for the software interfaces themselves but also for the interfaces and users that interact with them (Cloud Special Interest Group, p.30, 2013)
Many researchers have concluded that privacy the security of software interfaces is the most integral issue. Of the most critical nature is the cloud’s software interface or API (Application Programming Interface) that lets a company’s infrastructure get connected into the cloud (Judith et al. 2013). The cloud security Alliance says with respect to software interface security that,
“Reliance on a weak set of interfaces and APIs exposes organizations to a variety of security issues related to confidentiality, integrity, availability, and accountability” (Beckham, 2011) There should be standard API rules that must be followed by all the companies when migrating to the cloud. This only would ensure that seamless secure data access is being conducted along the cloud.
DATA STORAGE
It should be the responsibility of the cloud service provider to provide the users with the details of the storage means being incorporated for storing the customer’s data, the abilities that the service provider possesses to process the data and other data relevant and account information. Security protocols should cover the act of acquiring information sensitive to the data being stored within the cloud. It should be noted that if the data is being stored by the cloud service provider in foreign locations the respective law enforcement agencies of the particular area may be granted access to that data. Data Centers are central locations within the cloud where data gets stored. Since the data and its processing is all on the servers it is therefore essential to signify that the security of the data is the responsibility of the handlers of the servers themselves (Kandukuri et al., 2009) The embedding of dynamic data storage mechanism in cloud computing enables users to not only store their data into clouds from remote locations but also enables them to access it and delete it as per desire. The practical application of storage outsourcing services ensures verifiability of access being made to the data stored within the cloud (Wang et al., 20 09) The interfaces that permit access to a cloud are often associated with third party software. It is essential that the information that is being transmitted through them is subject to non violation of privacy rules and therefore does not become a source of data leakage (Help Net Security, 2013)
ACCESS CONTROL VERIFICATIONS
Over the past few years the data access procedures have been refined to quite intricate levels in order to ensure data sanctity. “Various techniques have been developed to effectively implement fine grained access control which allows flexibility in specifying differential access rights of individual users.” (Yu et al., p.1, 2010) Data protection and compliance must be backed by relevant certification, logging and auditing. Security management issues are important in areas as access control, vulnerability analysis, change control, incident response, fault tolerance and disaster recovery (Yu et al., p.1, 2010). The ability to conduct forensic analysis on cloud system is important. This will assist in more rapid acquisition and verification of evidence.
DATA SEPARATION and ISOLATION
In order to keep the data secure over a cloud it is imperative to deploy data separation and isolation mechanisms. The threat of intermingled or unsynchronized data access may jeopardize the integrity of users’ data. Cloud environments struggle to ensure that the data of respective users should be kept separate in order to ensure security. It is for this purpose that virtual capsules are maintained that store data bundles separately. “Every cloud-based service shares resources, namely space on the provider’s servers and other parts of the provider’s infrastructure. Hypervisor software is used to create virtual containers on the provider’s hardware for each of its customers.” (Beckham, 2011)Currently Multi Tenant Data Architectures are deployed to implement data separation and isolation over the cloud. The data over the cloud can be classified into two types that are isolated and shared. There are three techniques that are in place regarding the application of Multi Tenancy in current cloud computing environments.
- Separate Databases: The most simple and primal approach regarding data isolation is storing the data of each tenant on individual databases. The application code and system resources are however kept shared among all the tenants over a server. With a logic Assignmenally isolated database setup and local database server security it is almost impossible for other users to access others’ data either accidentally or maliciously. This approach also facilitates fault tolerance greatly as in case of any failure it is relatively simple to restore tenant’s data from regularly acquired backups (About Multi-Tenancy, 2013).