Discuss about the Challenges in Cloud security.
There are several researches that show that security is one of the key challenges that is faced in the cloud computing. When considered form the prospect of the customers of cloud computing it can be explained as the fact that they have little or no control over the data or the application along with the infrastructure that is involved in the computing as the cloud services are mainly delivered by the cloud providers and the clouds are accessed by the use of internet (Benslimane et al., 2014). The cloud service provider explains the concern of security by considering the vulnerabilities regarding the attacks along with the failure of equipment’s, software’s or controls. These are the factors which results in the becoming of the cloud services to serious deterrents for the adaptation of the cloud computing. This report is a literature review on cloud security (Kaur & Kumar, 2014). The analysis will be helping in identifying the potential gaps in the cloud services.
Cloud security models and solutions:
The theme which has been covered frequently in “Cloud Computing Security” is the solutions regarding the security along with the related models. The literature helps in differentiating the solutions for individual security and the models for security. This often combines several individual solutions for the purpose of addressing a particular issue regarding cloud security (Liang, 2014). Most of the individual cloud security solution covers the effective security management. The key aspect of the security management effectively mainly includes the complete adaptation of all the policies which provides the essential guidelines regarding the protection of the data assets. This asset is the part of approach associated with risk assessment along with this it helps in protection of the key assets of the standards associated with security management (Eken, 2013). Standards like ITIL and ISO 27001/27002 are involved in this case. There are also other aspects like the monitoring of events, detection and response to incidents, programs for security training, allocation of effective resources. Along with this the prospect of the cloud customers is also considered as a relevant criterion which is mainly used for the right selection of the cloud service providers (Bernardo, 2013).
The second most import solution regarding threats to cloud security is by encryption of the data. Encryption also ensures confidentiality of the data along with integrity. All the encryption process is not equal so it is necessary for the providers along with the customers to use latest version of the encryption algorithm (Shuijing, 2014). It is also necessary to use the longer keys that will be straining the capabilities of the processors. The majority of the researches conducted mainly includes the various presentations and the comparisons of the various encryption schemes and the algorithms.
After encryption comes the “identity management and access control”. This mainly covers the technologies along with the processes that are responsible for the supporting of mechanism related to authentication and authorisation. This is done for the entities so as to access the resources of the cloud (Kumari, & Nath, 2015). The main focus of this topic is on the various authentication schemes, management of the identity tools along with schemes related to access control. Besides this there is advance solution which mainly focuses on the multiple sources of identity along with focusing on the federate identities of different types of domains.
There are also solutions regarding the compliance and this mainly refers to the compliance that exists with different Trusted Computing Group Standards. This trusted computing systems and the platforms are mainly designed for the purpose of strengthening the securities in the cloud and gain the trust of the customers (Elhouni et al., 2014). There are also other topics like the audit performance. the cloud service providers, customers and the third parties performs an audit for the purpose of accessing the security of the cloud or the compliances associated with the security standards and the regulations.
There are also solutions which are related to the availability and the continuity of business. This solution covers the protections that are provided by the cloud service providers to protect against any interruptions, data loss or destruction. It also includes the availability of architecture at a high level. Along with this there is also high reductant and geographical spread facilities. Besides this there is also plans for backup and robust disaster recovery plan. Things like the physical security so as to protect from theft vandalism, fire, flood or any kind of natural disaster is also included in the solutions. Followed by this there is solutions regarding the legal protection of the cloud customers which is mainly based upon the Service Level Agreement and on the enforcement of the contract. Under this context it can be stated that the delivery of the services to the customers by signing them up for the different levels of security along with the performances that are specified in the SLA (Bouayad et al., 2012). This SLA also has the ability of specifying the physical location of the storage along with the auditability of the cloud service providers.
There are also other categories of the solution and this includes things like the multi-cloud usage so as to reduce the various types of security risks. There is also standardization of the formats for the importing and exporting of the data so as to improve the probability and the interoperability that is present between the clouds and the checking of the computing integrity so as to secure the integrity of the different processing’s.
Security regarding virtualisation mainly includes the solution that mainly supports the isolation that exists between the virtual machines so as to protect the data against any type of leaks along with the cross virtual attacks to machines.
The last thing that I related to the solution mainly includes 36 cloud security models. This models are mainly theoretical but often this are the combination of the “Identity management and access control” and “Encryption and key management” which helps in providing security to data along with comprehensive security and to address the other security issues (Narula & Jain, 2015).
Overview of the challenges in cloud security:
The second theme that are mainly discussed are the challenges in the Cloud Security. This has been investigated in the cloud computing security. Almost 98 papers discuss on this topic. The versions that has been adapted for the versions of the security domain classifications was used for the purpose of classifying the schemes.
Security of the data is the top security challenge and this mainly refers to the protection of the data from the time of its generation to its transfer, usage along with the sharing of the data and archival (Daniel, 2014). The key topics that has been discussed in this topic is the data confidentiality, integrity, data loss and data breach.
Another thing is the vulnerability and this attacks mainly refers to the possible more frequent and more sophisticated attacks that occur on the cloud computing environments which hosts a larger amount of data.
The third security challenge is the lack of the control of the user as the cloud customers have to rely on the providers associated with cloud computing. The topics which are the key focus are contracting and trust mechanism which is responsible for the protection of the customer’s data.
The fourth challenge mainly refers to the risks that are associated with virtualisation due to the fact that the virtualised environments are mainly responsible for the introduction of new security risks. The main issues that are covered in this topic are attacks on the virtual machines long with the hypervisors. This leads to the violations of the access control, DOS Attacks, under or over utilisation of the virtual machines and physical machines.
Another issue is the availability and the business continuity and this challenges mainly refers to the protection that the customer needs from the different cloud providers. This protection is mainly against the service interruptions along with the loss or the destruction of the data along with a guaranteed recovery of the data in case of any type of failure.
The next challenges are related to the management of identity along with control access. This topic cover topic like the protection of confidentiality along with non-repudiation, supporting of the auditing mechanism and many more.
The cloud is no longer just an appropriate way to reduce the IT cost related issue in the organization it is mainly a way of transforming the business, interacting directly with the customer in real time, gaining advantage in competitive environment and dozens of other gaming challenges possibilities. Challenges to the cloud adaptation can come in any shape, severities and size depending upon the structure of the organization who has adopted the technology. There is no definite challenges list; if there was it would have been outdated as soon as it was put on paper. The following are the challenges that are most often faced by the organizations with the implementation of cloud computing (Sugumaran, Murugan & Kamalraj, 2014).
Lack of resource / expertise: For a long time, security aspect of the cloud was the number one security issue related to the cloud computing. The organizations are continuously increasing the work load in the cloud while cloud technology continues to rapidly advance. This is the main reason organizations are having a hard time in keeping up with the advancement of the technology. Also in the field of expertise the demand is growing. These challenges can be reduced through additional training of development of the staff and IT.
Security issue: The main headline of focus with the security aspect are the data breaches, broken credentials and compromised credentials, hacked interfaces and proprietary. The security issues are continuously improving with the perspective of the cloud provider and the user. In order to ensure that the organizations privacy and security is intact, verifying the Software as a Service provider has mainly secured the user identity, authentication, management and access mechanism control in place.
Cost management and containment: The main aim of cloud computing is the save of business money. With the cloud the organization can easily ramp up its capability of processing without making large investment in the new hardware. The business on the other hand can access extra processing through the use of pay-as-you go models from the cloud provider which is public (Behl, 2011).
Performance: with the movement of a particular business to the cloud it becomes dependent on the service provider of the cloud. The partnership between the cloud provider and the business can be involved with innovations which can be related to some security aspect of the cloud. When the cloud provider is down the business is also down. For a data driven organization real time access to anything is very important with an inherent lack of control that comes with the cloud computing.
Segmentation usage and adaptation: Much organization did not have a robust cloud adaptation strategy in place when they first started to move toward cloud computing. This resulted in an individual development team using the public cloud for specific application and project (Yu & Zhu, 2012). These bootstrap environments have fostered full maturation and integration issue which are:
Conclusion:
This paper helps in understanding and identifying the key themes in the cloud computing security along with the ranks and the related topics. This topic is mainly based upon the relative importance in the literature. This makes a huge contribution in the research as well as practices. In regards to the contribution of the research which is based upon the SLR. This has helped in aggregating the accumulated research on the security in the clouds. Along with this it is interpreted and a comprehensive picture of the work is provided in this area. The contribution to the several practices the key security requirements are identified. Along with the key security threats and the key solutions and key guidelines for cloud providers. Awareness among customer is also an important feature. Future research can be expanded to include other databases of articles to avoid a possible bias
References:
Behl, A. (2011, December). Emerging security challenges in cloud computing: An insight to cloud security challenges and their mitigation. In Information and communication technologies (WICT), 2011 world congress on (pp. 217-222). IEEE.
Benslimane, Y., Plaisent, M., Bernard, P., & Bahli, B. (2014, December). Key Challenges and Opportunities in Cloud Computing and Implications on Service Requirements: Evidence from a Systematic Literature Review. In Cloud Computing Technology and Science (CloudCom), 2014 IEEE 6th International Conference on (pp. 114-121). IEEE.
Bernardo, D. V. (2013, September). Utilizing security risk approach in managing cloud computing services. In Network-Based Information Systems (NBiS), 2013 16th International Conference on (pp. 119-125). IEEE.
Bouayad, A., Blilat, A., Mejhed, N. E. H., & El Ghazi, M. (2012, October). Cloud computing: security challenges. In Information Science and Technology (CIST), 2012 Colloquium in (pp. 26-31). IEEE.
Daniel, W. K. (2014, April). Challenges on privacy and reliability in cloud computing security. In Information Science, Electronics and Electrical Engineering (ISEEE), 2014 International Conference on (Vol. 2, pp. 1181-1187). IEEE.
Eken, H. (2013, December). Security threats and solutions in cloud computing. In Internet Security (WorldCIS), 2013 World Congress on (pp. 139-143). IEEE.
Elhouni, A., ElFgee, E., Isak, M. A., & Ammer, K. B. (2014, January). Study of security mechanisms implemented in Cloud computing. In Computer Applications and Information Systems (WCCAIS), 2014 World Congress on (pp. 1-6). IEEE.
Kaur, K., & Kumar, N. (2014, December). Smart grid with cloud computing: Architecture, security issues and defense mechanism. In Industrial and Information Systems (ICIIS), 2014 9th International Conference on (pp. 1-6). IEEE.
Kumari, M., & Nath, R. (2015, February). Security concerns and countermeasures in cloud computing paradigm. In Advanced Computing & Communication Technologies (ACCT), 2015 Fifth International Conference on (pp. 534-540). IEEE.
Liang, G. (2014, May). Security of huge data in the digital campus on the cloud computing mode. In Electronics, Computer and Applications, 2014 IEEE Workshop on (pp. 736-739). IEEE.
Narula, S., & Jain, A. (2015, February). Cloud computing security: Amazon web service. In Advanced Computing & Communication Technologies (ACCT), 2015 Fifth International Conference on (pp. 501-505). IEEE.
Shuijing, H. (2014, January). Data Security: the challenges of cloud computing. In Measuring Technology and Mechatronics Automation (ICMTMA), 2014 Sixth International Conference on (pp. 203-206). IEEE.
Sugumaran, M., Murugan, B. B., & Kamalraj, D. (2014, February). An architecture for data security in cloud computing. In Computing and Communication Technologies (WCCCT), 2014 World Congress on (pp. 252-255). IEEE.
Yu, T. T., & Zhu, Y. G. (2012, October). Research on cloud computing and security. In Distributed Computing and Applications to Business, Engineering & Science (DCABES), 2012 11th International Symposium on (pp. 314-316). IEEE.
Essay Writing Service Features
Our Experience
No matter how complex your assignment is, we can find the right professional for your specific task. Contact Essay is an essay writing company that hires only the smartest minds to help you with your projects. Our expertise allows us to provide students with high-quality academic writing, editing & proofreading services.
Free Features
Free revision policy
$10Free bibliography & reference
$8Free title page
$8Free formatting
$8How Our Essay Writing Service Works
First, you will need to complete an order form. It's not difficult but, in case there is anything you find not to be clear, you may always call us so that we can guide you through it. On the order form, you will need to include some basic information concerning your order: subject, topic, number of pages, etc. We also encourage our clients to upload any relevant information or sources that will help.
Complete the order form
Once we have all the information and instructions that we need, we select the most suitable writer for your assignment. While everything seems to be clear, the writer, who has complete knowledge of the subject, may need clarification from you. It is at that point that you would receive a call or email from us.
Writer’s assignment
As soon as the writer has finished, it will be delivered both to the website and to your email address so that you will not miss it. If your deadline is close at hand, we will place a call to you to make sure that you receive the paper on time.
Completing the order and download