Discuss about the Security and Privacy Issues in Cloud Computing.
Cloud computing can be considered as the most vital part of information technology, which helps in accessing every shared pool of the system resources (Sen, 2013). The services of cloud computing that are of higher-level, are rapidly provisioned with extremely less managerial effort on the Internet. The main advantage of this particular technology is that it is extremely safe and secured (Kshetri, 2013). However, in spite of the security, there are few of major challenges or issues that are faced in case of the clouds security.
The following research report will mainly focus on the several privacy threats and how these problems can be easily eradicated. The research report will comprise of the relevant information regarding the topic (Xiao & Xiao, 2013). Every challenge and problem that is related to cloud computing technology will be discussed here. Moreover, the technologies and the applications of those technologies will also be described in the research report.
This research report will be done with the objective of analysis of the various kinds of privacy and security problems or issues that are solely related to cloud computing or the procedure of eradicating these problems.
The research questions for this particular research study are as follows:
Cloud Computing Definition and Advantages of Cloud Computing
According to Rittinghouse and Ransome, (2016), cloud computing is a technology that is utilized for delivering the several services on the Internet. This technology solely allows various organizations for consuming any specific compute resource, just like virtual machine, application or storage. It provides faster delivery of services from any specific location to another. Various types of such services are properly available in the market. This is due to the exclusive presence of Internet (Hashizume et al., 2013). The major advantages of cloud computing are as follows:
Provision of self-service: The users can easily compute various resources for all types of services (Pearson, 2013). This helps in eradication of all the traditional requirements for the administrators of information technology to control and provision the computing resources.
Elasticity: This is the second major advantage of cloud computing. Any organization can utilize cloud computing for eliminating the requirements of huge investments in the local infrastructure (Wei et al., 2014). Cloud computing requires increment whenever needed.
Cost Effective: Cloud computing services are extremely cost effective and can be easily afforded by all organizations or companies. As per Suo et al., (2013), thecost effectiveness of cloud computing makes it extremely popular for any organization.
Flexibility in Migration: The users of cloud computing can easily transfer their data or information without any complexity and thus migration of data in extremely flexible.
Scalability: The other advantage of this technology is scalability. It is extremely scalable and all organizations can utilize cloud computing easily.
According to Moreno-Vozmediano, Montero and Llorente, (2013), cloud computing is an extremely safe and secured technology that helps in transferring data or information over the Internet. However, in spite of being one of the most secured technology, cloud computing does comprise of some of the most deadly challenges or problems in case of security. The most significant challenges and problems in cloud security are as follows:
Breaching of Data: The most significant problem in cloud security is data breaching. The data can be easily breached while transfer or migration from one location to another (Sinjilawi, Al-Nabhan & Abu-Shanab, 2014). This particular disadvantage of cloud computing often becomes highly threatening for the entire security system of cloud computing.
Hacking of Accounts: This is the second most significant issue in cloud security. The accounts of the users are easily hacked while data migration or data transfer. This hacking is done either by reusing the passwords or by scripting bugs to the cloud account (Modi et al., 2013). Key logging and phishing are the most dangerous types of threats in cloud computing.
Malware Injection: The hackers or intruders often inject the malware for the purpose of data theft in cloud computing. This specific type of attack is common in SaaS model, where the hackers get the scope of injecting the virus via software.Insider Threat: This is again the most dangerous problem in cloud security (Arora, Parashar & Transforming, 2013). Often it has been noticed that theemployees or the staffs of any particular organization utilize their authorization to access the confidential data. This data is mainly related to the finance, bank details and many other confidential sources.
Insecure APIs: APIs or the Application Programming Interfaces always provide relevant scope to the users for customizing their experience in cloud (Yan et al., 2013). For this particular feature of allowing users to customize the cloud experience, application programming interfaces often turn to be extremely unsafe.
Denial of Service Attacks: Inukollu, Arsi and Ravuri, (2014), state that DoS attacks or Denial of service attacks is considered as the most dangerous attacks in cloud security. Denial of service attacks never breach the confidential information or data. On the contrary, they block the servers or websites for the legal users (Sun et al., 2014). In some of the most complicated cases of denial of service attacks, the attackers even utilize a specific smokescreen for any malicious activity and then act as relevant security appliances like firewalls or antivirus of web applications.
Insufficient Due Diligence: This particular security issue of insufficient due diligence is not a technical problem. However, it can bring major threat to an organization, when it transfers or migrates its data to the cloud rapidly without the proper information that whether the services will meet the expectations of the clients (Almorsy, Grundy & Müller, 2016). This type of security issue is mainly important to such organizations, whose data fall under the laws of regulatory like FERPA, PHI, PII and PCI. The organizations that eventually handle all types of financial data of the clients also come under this security issue.
Shared Vulnerabilities: Cloud computing security is a specific shared responsibility within the client and the provider. This particular type of partnership amongst the provider and the client needs the client in taking several preventive actions for protection of their data. The most popular and important providers like Google, Microsoft, Box and many more have their own standardized procedures for the security of their data (Younis & Kifayat, 2013). The significant ways of securing confidential data mainly include utilization of user password, access limitation to the devices and files and even multi factor authentication. The sharing of responsibilities amongst the provider and client can result into sharing of vulnerabilities.
Loss of Data: Loss of data is again the most vital problems in cloud security and privacy. This type of threat mainly occurs with the help of any malicious activity, natural disaster or simply wiping of data by the provider of the service (Yi, Qin & Li, 2015). Recovering of the confidential data often becomes extremely dangerous if the affected organization does not have any backup or recovery plan.
The above mentioned challenges or issues in cloud security and privacy are extremely dangerous and these can be dreadful for any business or organization, who are utilizing cloud computing for their data migration or transfer.
As per Rittinghouse and Ransome, (2016), cloud computing is a vast area in IT that mainly deals with the migration or transfer of confidential data or information through the Internet. There are various relevant technologies of cloud computing. The three models of service of cloud computing are given below:
IaaS: Infrastructure as a Service or IaaS is a specific model of cloud service that eventually gives virtual infrastructure to its clients over the Internet (Xiao & Xiao, 2013). It is extremely safe and secured.PaaS: Platform as a Service or PaaS is the second model of cloud service, where a specific third party provider provides software and hardware tools for the purpose of developing application.
SaaS: Software as a Service or SaaS is the third model of cloud service that enables its clients for connecting to various cloud based applications on the Internet (Pearson, 2013).
Apart from the three above mentioned service models, cloud computing also comprises of four deployment models. The four distinct types of cloud deployment models that provide security to data are as follows:
Private Cloud: The services of private cloud allow only a restricted or limited number of users to utilize this particular cloud deployment model. This model provides the convenience and versatility of cloud and even preserves the entire security, management and control to the local centres of data (Moreno-Vozmediano, Montero & Llorente, 2013). Apart from the restricted users, no other user is allowed in accessing the data or information from the private cloud. The security of private cloud is extremely high.
Public Cloud: Public cloud deployment model is completely different from the private cloud. The third party provider of cloud service helps in delivering the various services of cloud on the Internet (Wei et al., 2014). All the users can access data from public cloud and there is no specific restriction in the users.
Hybrid Cloud: Hybrid cloud is the amalgamation of private cloud and public cloud. Thus, it comprises of all the benefits of public and private cloud (Modi et al.,2013). Although the cost of this particular deployment model is extremely high due to the amalgamation of public and private cloud, it has various advantages for providing high security to the organizations.
Community Cloud: According to Sinjilawi, Al-Nabhan and Abu-Shanab, (2014), this is the fourth type of deployment model of cloud computing. This type of cloud is mainly useful for the collaborative utilization of infrastructure between various users from any particular community with similar concern. The main advantage of this community cloud is that as all the users are from a specific community, there is absolutely no chance of security issues or data theft.
The applications of the deployment models and service models are given below:
IaaS: Infrastructure as a Service is utilized for providing unrestricted virtual scalability (Yan et al., 2013). Moreover, it is cost effective. Amazon Web Services or AWS and Microsoft Azure are the most common examples of IaaS.
PaaS: PaaS is utilized for providing a virtual platform to its clients. Google App Engine and Apache Stratos are the most common examples of PaaS.
SaaS: SaaS is utilized for connecting to various cloud based applications. Google Apps and Salesforce are the most common examples of SaaS.
Private Cloud: It allows limited users to access data. Small or medium sized organizations opt for private cloud (Sun et al., 2014).
Public Cloud: It allows data access to everybody. Blue Cloud of IBM, Amazon Elastic Compute Cloud or EC2 are the most common examples of public cloud.Hybrid Cloud: It is the mixture of both private and public cloud. Google Compute Engine is the most common example.
Community Cloud: It is collaborative utilization of infrastructure between various users from any particular community with similar concern (Suo et al., 2013).
In the future, this research study of “security and privacy issues in cloud computing” could be done in more advanced level, as this technology of cloud computing is getting updated in a higher speed regularly. Innovative and new characteristics are getting added up in the vast area of the technology of cloud computing and more deadly issues or challenges are also coming with the advanced technology. In the research study, few important and significant advantages are provided for the well organized utilization of cloud computing technology in any business or organization. The future research studies could be done to understand the effectiveness of the provided advantages and disadvantages of cloud computing.
Conclusion
Therefore, from the above research study, the conclusion can be drawn that cloud computing can be considered as the most important part of IT, that eventually helps to access each and every collective group of the system resources. The particular services that belong to higher level are often quickly provisioned with absolutely lower managerial attempt within the Internet. The migration of data or information is extremely easier when it is done with cloud computing. The third party cloud allows every organization to focus on the major businesses. The major benefit of this cloud computing technology is that it is absolutely secured and safe. On the other hand, in spite of the security given by the technology of cloud computing, there exist some of the most deadly issues or challenges, which are eventually faced in case of cloud security. The above research report has mainly focused on the various privacy problems in the technology of cloud computing and the proper procedure how these issues could be eliminated. The research report has also comprised of all the relevant information regarding this particular topic. Every problem or challenge that is solely related to cloud computing technology is being discussed here. Moreover, the technologies and the applications of those technologies of cloud computing are also described in this research report.
References
Almorsy, M., Grundy, J., & Müller, I. (2016). An analysis of the cloud computing security problem. arXiv preprint arXiv:1609.01107.
Arora, R., Parashar, A., & Transforming, C. C. I. (2013). Secure user data in cloud computing using encryption algorithms. International journal of engineering research and applications, 3(4), 1922-1926.
Hashizume, K., Rosado, D. G., Fernández-Medina, E., & Fernandez, E. B. (2013). An analysis of security issues for cloud computing. Journal of Internet Services and Applications, 4(1), 5.
Inukollu, V. N., Arsi, S., & Ravuri, S. R. (2014). Security issues associated with big data in cloud computing. International Journal of Network Security & Its Applications, 6(3), 45.
Kshetri, N. (2013). Privacy and security issues in cloud computing: The role of institutions and institutional evolution. Telecommunications Policy, 37(4), 372-386.
Modi, C., Patel, D., Borisaniya, B., Patel, A., & Rajarajan, M. (2013). A survey on security issues and solutions at different layers of Cloud computing. The Journal of Supercomputing, 63(2), 561-592.
Moreno-Vozmediano, R., Montero, R. S., & Llorente, I. M. (2013). Key challenges in cloud computing: Enabling the future internet of services. IEEE Internet Computing, 17(4), 18-25.
Pearson, S. (2013). Privacy, security and trust in cloud computing. In Privacy and Security for Cloud Computing (pp. 3-42). Springer London.
Rittinghouse, J. W., & Ransome, J. F. (2016). Cloud computing: implementation, management, and security. CRC press.
Sen, J. (2013). Security and privacy issues in cloud computing. Architectures and Protocols for Secure Information Technology Infrastructures, 1-45.
Sinjilawi, Y. K., Al-Nabhan, M. Q., & Abu-Shanab, E. A. (2014). Addressing Security and Privacy Issues in Cloud Computing. Journal of Emerging Technologies in Web Intelligence, 6(2).
Sun, Y., Zhang, J., Xiong, Y., & Zhu, G. (2014). Data security and privacy in cloud computing. International Journal of Distributed Sensor Networks, 10(7), 190903.
Suo, H., Liu, Z., Wan, J., & Zhou, K. (2013, July). Security and privacy in mobile cloud computing. In Wireless Communications and Mobile Computing Conference (IWCMC), 2013 9th International (pp. 655-659). IEEE.
Wei, L., Zhu, H., Cao, Z., Dong, X., Jia, W., Chen, Y., & Vasilakos, A. V. (2014). Security and privacy for storage and computation in cloud computing. Information Sciences, 258, 371-386.
Xiao, Z., & Xiao, Y. (2013). Security and privacy in cloud computing. IEEE Communications Surveys & Tutorials, 15(2), 843-859.
Yan, G., Wen, D., Olariu, S., & Weigle, M. C. (2013). Security challenges in vehicular cloud computing. IEEE Transactions on Intelligent Transportation Systems, 14(1), 284-294.
Yi, S., Qin, Z., & Li, Q. (2015, August). Security and privacy issues of fog computing: A survey. In International Conference on Wireless Algorithms, Systems, and Applications (pp. 685-695). Springer, Cham.
Younis, M. Y. A., & Kifayat, K. (2013). Secure cloud computing for critical infrastructure: A survey. Liverpool John Moores University, United Kingdom, Tech. Rep, 599-610.
Essay Writing Service Features
Our Experience
No matter how complex your assignment is, we can find the right professional for your specific task. Contact Essay is an essay writing company that hires only the smartest minds to help you with your projects. Our expertise allows us to provide students with high-quality academic writing, editing & proofreading services.
Free Features
Free revision policy
$10Free bibliography & reference
$8Free title page
$8Free formatting
$8How Our Essay Writing Service Works
First, you will need to complete an order form. It's not difficult but, in case there is anything you find not to be clear, you may always call us so that we can guide you through it. On the order form, you will need to include some basic information concerning your order: subject, topic, number of pages, etc. We also encourage our clients to upload any relevant information or sources that will help.
Complete the order form
Once we have all the information and instructions that we need, we select the most suitable writer for your assignment. While everything seems to be clear, the writer, who has complete knowledge of the subject, may need clarification from you. It is at that point that you would receive a call or email from us.
Writer’s assignment
As soon as the writer has finished, it will be delivered both to the website and to your email address so that you will not miss it. If your deadline is close at hand, we will place a call to you to make sure that you receive the paper on time.
Completing the order and download