The concept of cloud computing can be considered one of the technologies which are playing a vital role in recent times. A primary concern in the sector of the cloud computing is the security which can be applied to the concept. It is a critical factor for the cloud service providers to ensure the aspects of privacy and protection. To achieve this different concept policies are being incorporated. Sometimes the data of the user is too sensitive to be saved in the idea of the cloud as the security, which would be applied to the data, is not entirely up to the mark. These type of data can be a significant loss for the organisation if it is exposed to any third party or intruders. When comparing the concept of the cloud computing to another aspect such as the traditional system it can be stated, it has many advantages over the system, but there is no justification of the security aspects, which are involved into the concept. The concept of cloud computing can deliver different types of infrastructure solutions with the element of dynamic resource allocation and system approach towards the retrieval of the data which is stored in the concept of the cloud computing. The application of the idea of cloud computing is not just restricted to one area it can be applied to any area which has data involved in the concept. Most of the data in the are stored in the idea of the cloud are highly secured and which can be retrieved when the user wants to do so. In most of the cases taking into consideration technology, there can be some flaws involved in the concept.
In the 1970s, the GQM (Goal – Question –Metric) was developed with a motive to move to move testing for the defects of the software from the individual and qualitative state, which is currently included in an empirical model. This model helps to identify the errors, which would be measured according to the defined goals, and objectives when they can be linked with the result [1].
The GQM methodology states a model of measurement on three level which is i) conceptual model ii) operational model and iii) quantitative model. In a model, the pyramid of the security is directly generated from the GQM process relating to the definition during which the security features are mapped to the equivalent security matrices. The relation between the different concepts shows the relationship between the security metrics hierarchy (SHM) and the GQM methodology, which play a vital in the sector of the security.
For each of the goal statement, which is identified in the level a group matrices, will be adequately defined. The operational level, that is, identified which object or activities must be collected.
Undoubtedly it can be stated that it is not easy to ensure and secure the safety of the linked computers due to the factor that a series of equipment and clients which are involved; this concept can be termed as multi-tenancy. The services, which are related to the idea of cloud computing can be facing different types of problem which are connected to the security issue and the safety of the data which is stored in the context. Therefore, it can be stated that it is very much essential to get the hold of the security aspects and find out ways in which the overall elements can be reduced. Some of the significant challenges, which are founded out from the research, are stated below:
There are different ways by which the data in the concept of cloud can be secured. The privacy aspect of the data can be achieved by implementing the following few factors. The sensitive data of the user should not be stored in the concept of the cloud. This is due to the element that the security of the data in the idea of the cloud so not very much secured. There is no justification which is in control of the data and how the different security aspects are applied to the data. The password should be one of the areas of concern. It should be taken into consideration that the password, which is implemented, are severe enough to be cracked by an unauthorised person.
|
GCM level |
SMH Level |
|
Operational level |
Metric |
|
Conceptual level |
Group metric |
|
Quantitative level |
Sub – metric |
GQM Model: The fundamental idea which can be applied to the concept of GQM is that the identification of the goals have to be made which has to be achieved and working according to the set goal. The main factor is to achieve the standard of goal by any means.
SMH Model: SMH can be considered as a model which is related to the mechanism of the actions which are directly goal oriented.
TABLE 1
In the concept of cloud, computing one of the most significant factors, which play a role, is the encryption technique of the data. The work, which can be followed in the concept, is that if someone has to store a file in the idea of the cloud, the user can add password security into the aspect, which would be directly securing the data, and no one would be able to access the file. The most trending technique, which can be implemented in this case, is performing a zip operation into the record and protecting it with a password. This would be beneficial in the way of not allowing unauthorised access to the data. Encryption can also be beneficial in the way of transferring data from one cloud platform to another. It can be stated here that the data are transferred in a highly secured manner by which no third party can have direct access to the data.
The methodology which is proposed in the aspect of the cloud security can be derived from the concept of the security management which mainly include i) security index (IndSec) ii) security matrix hierarchy iii) allocation index (IndAlloc) iv) management of the cloud computing. A security matrix is derived from the GQM methodology [13]. A security index (IndSec) will be able to compute using the aspect of the security management hierarchy; this aspect helps in the concept of the allocation of the security metrics hierarchy. At the end of the step, the scheduler of the cloud management will be able to use the allocation index as a reference to the process of resource allocation. In the context of the life cycle, which is related to the management of the security, a security matrix hierarchy can be considered as a new form of virtualisation which is associated with the information security that is collected over the concept of the cloud computing environment [20].
Security matrix can be used for the concept of measuring the concept of privacy and security as well as the status of the guard, which is applied to the data, which is stored in the idea of the cloud. The use of the security matrix can be used for the concept of achieving a standard of transparency, proactive planning, predictability and decision-making [12]. The form can be considered as a standard of measurement defining both the concept of what is being measured and how it is being measured and the means of how the measurement is done. The main components of the matrix are the submatrix or the primitive matrix. Any restriction, which can be applied to the concept of primitives, are defined in the process of measurement. A metric can be composed in the following ways:
The sub-matrix hierarchy can be considered as a subpart of the matrix, which can be used for the specialisation in different types of ways. The each of the aspects has a distinct contribution to the overall metrics
The primary motive, which can be included into the aspect of the value conversion, can be considered as a means of extracting the value of the quantity, which is measured by the primitive metrics, to sort them directly. The main aim of using the concept of the rudimentary parameters and the aspect of preventing the element of the measuring of the quantity, which is highly difficult to be measured.
To identify the fundamentals of the cloud computing and the storing of data in the cloud, several assets have been checked. This section gives a basic understanding of the concept of the security of the cloud computing. Significant experts have provided a necessary explanation of the idea of cloud computing [14]. Several approaches which are vital to the understanding of the process are majorly discussed in the here. There are several risk factors, which are included in the concept of the cloud computing that is explained below:
The idea of the saving of the data in the public cloud can be considered one of the problem area relating to the concept of the cloud. Frequently cloud implements the idea of the central storage facility, which can be engaging from the hackers.
Private cloud for storing the data can be very much beneficial in the aspect of securing the data in the cloud.
The concept of virtualisation can be considered as a technique in which the operating system image is taken into consideration into another operating system to make direct use of the operating system and its benefits. The concept helps in running directly in the operating system, which can be used for the proper implementation of the operating system.
The risk factor, which is associated with the virtualisation concept, is the allocation and the idea of de-allocation of the resources [2]. If the virtual machine operation data is written to the memory and it is not clear before the reallocation of the mind next to the virtual machine then there is a potential loss of data exposure to the next virtual machine, which can be very much uninvited.
A solution to the problem can be done if proper planning for the virtualisation of the data is done. Resources should be very much carefully implemented and used, and the information appropriately authenticated before the reallocation of the funds is done.
The connect of multitenancy, or the shared access can be considered one of the most risk-oriented factors in the concept of the powerful computing. This is due to the element that more than one user is accessing the same shared computing resources like the CPU, memory and storage [1]. In such type of situation, it can be stated that there is always a risk, which is associated with the private data if accidentally being exposed or leaked to any third person. In this type of scenario, it can be seen that the risk factor always exists in the working. The concept of multi can exploit exceptional risk due to the consideration of one fault in the system can help another person or hacker to indulge in the idea.
This type of issue can be taken care of user authentication of the user relating to direct access to the data. Several authentication processes are available which can be used for the proper functioning of the approach [1].
There are a consistent increase and growth in the application of the cloud usage over the past few years. This is due to the factor that the organisational leader of the IT has realised the importance of the concept. The cloud computing has different types of benefits applied to the overall working of any organisation [17]. On the other hand, it can be stated that ones the implementation of the concept is done for the mangers it becomes a headache. Just as the idea of the in-house provisioning system, the account admin should be able to efficiently change provision and disable the account as well as manage the overall password and directly ensure the global network is secured. When any of the organisation implement the concept of the cloud, computing it becomes a big problem, which is related to the aspect of who would be in control of the working and the security of the data. The user can sometimes have the power of the data, which they should not be allowed to do so. On the other hand, the security of the data can also be enhanced using removing the account of the user ones they leave the organisation.
One of the techniques, which is in recent use, is the concept of the identity and access management [19]. The idea of the character and access management can be used for many purposes. The main advantage of this approach is for the managers; the manager can easily plot down who would be having access to the data and who would not be allowed to access the features. Many of the solution in this aspect helps me the concept of the management of the workflow. With the idea of the workflow management and the self-service, the manager and the employee individually can request the access and approve the request without the involvement of any IT interventions. The approval part can be considered the part of the structured workflow. The concept or the approach can be very much beneficial not only in the aspect of the efficiency but also increases the security aspect of the idea of the cloud computing [21].
To handle the aspect of the different password and naming conventions, an automated solution would be very much helpful. The concept of the IAM solution can enforce a means of naming conventions across the different platforms. This allows the uniqueness aspect when more than one user has the same name attached to the username. Additionally, it can be stated that the single sign-on the solution can be helpful in the concept of mitigating the password complexity. This is achieved using a set of credential, which is unique. This concept can be used for the idea of logging into the system, and automatic authentication would be provided. In the background of such aspect, it can be stated that a SSO application can be used for the purpose of routinely resetting the password when the session expires. This is directly prompted to the user [28].
Conclusion
This paper illustrates the concept of the cloud and demonstrates the cloud capabilities such as elasticity, scalability, platform, low cost and the aspect of reliability. The security problem which is faced with the concept of cloud computing are majorly discussed. The concept of cloud computing is related to the areas of services and information management. The issue, which are linked with the security of the data, is seen more in the concept of the cloud computing when comparing it with other traditional systems. This is due to the factor that the data in the cloud-computing environment are highly dependent on the concept of the network and the servers. There are many users who are not aware of the privacy and security of the cloud and they do not want to move towards the concept. These type of problem have hindered the development of the concept of cloud computing and the aspect of the security. The solution which is related to the IAM has evolved in the recent times which would be helping to secure the data of the user as well provide a basic framework of the concept of the data security. Security in any type of technology can one of the main aspects, which can lead to failure of the technology and the trust of the people in using the technology. The consideration into how to promote the security of the technology should be prime factor of investigation which would be directly include how to upsurge the security of the data which is stored into the concept of the cloud and how to benefit from the concept.
References
[1] Lombardi, Flavio, and Roberto Di Pietro. Security for cloud computing. Artech House, 2015.
[2] Singh, Shweta. “Security in Cloud Computing.” International Journal of Computer Applications Technology and Research 3.8 (2014): 488-493.
[3] Ali, Mazhar, Samee U. Khan, and Athanasios V. Vasilakos. “Security in cloud computing: Opportunities and challenges.” Information sciences 305 (2015): 357-383.
[4] Almorsy, Mohamed, John Grundy, and Ingo Müller. “An analysis of the cloud computing security problem.” arXiv preprint arXiv:1609.01107 (2016).
[5] Rittinghouse, John W., and James F. Ransome. Cloud computing: implementation, management, and security. CRC press, 2016.
Hashem, Ibrahim Abaker Targio, et al. “The rise of “big data” on cloud computing: Review and open research issues.” Information Systems 47 (2015): 98-115
Almorsy, Mohamed, John Grundy, and Ingo Müller. “An analysis of the cloud computing security problem.” arXiv preprint arXiv:1609.01107 (2016).
[6]Rao, R. Velumadhava, and K. Selvamani. “Data security challenges and its solutions in cloud computing.” Procedia Computer Science 48 (2015): 204-209.
[7]Puthal, Deepak, et al. “Cloud computing features, issues, and challenges: a big picture.” Computational Intelligence and Networks (CINE), 2015 International Conference on. IEEE, 2015.
[8]Krishnan, Y. Navaneeth, Chandan N. Bhagwat, and Aparajit P. Utpat. “Fog computing—Network based cloud computing.” Electronics and Communication Systems (ICECS), 2015 2nd International Conference on. IEEE, 2015.
[9]Inukollu, Venkata Narasimha, Sailaja Arsi, and Srinivasa Rao Ravuri. “Security issues associated with big data in cloud computing.” International Journal of Network Security & Its Applications 6.3 (2014): 45.
[10]Wang, Bing, et al. “DDoS attack protection in the era of cloud computing and software-defined networking.” Computer Networks 81 (2015): 308-319.
[11] Fu, Zhangjie, et al. “Achieving efficient cloud search services: multi-keyword ranked search over encrypted cloud data supporting parallel computing.” IEICE Transactions on Communications 98.1 (2015): 190-200.
[12]Botta, Alessio, et al. “On the integration of cloud computing and internet of things.” Future internet of things and cloud (FiCloud), 2014 international conference on. IEEE, 2014.
[13]Aazam, Mohammad, et al. “Cloud of Things: Integrating Internet of Things and cloud computing and the issues involved.” Applied Sciences and Technology (IBCAST), 2014 11th International Bhurban Conference on. IEEE, 2014.
[14] Cao, Ning, et al. “Privacy-preserving multi-keyword ranked search over encrypted cloud data.” IEEE Transactions on parallel and distributed systems 25.1 (2014): 222-233.
[15]Baek, Joonsang, et al. “A secure cloud computing based framework for big data information management of smart grid.” IEEE transactions on cloud computing 3.2 (2015): 233-244.
[16]Zhang, Yinghui, et al. “Ensuring attribute privacy protection and fast decryption for outsourced data security in mobile cloud computing.” Information Sciences 379 (2017): 42-61.
[17]Lian, Jiunn-Woei, David C. Yen, and Yen-Ting Wang. “An exploratory study to understand the critical factors affecting the decision to adopt cloud computing in Taiwan hospital.” International Journal of Information Management 34.1 (2014): 28-36.
[18]Pancholi, Vishal R., and Bhadresh P. Patel. “Enhancement of cloud computing security with secure data storage using AES.” International Journal for Innovative Research in Science and Technology 2.9 (2016): 18-21.
[19]Whaiduzzaman, Md, et al. “A survey on vehicular cloud computing.” Journal of Network and Computer Applications 40 (2014): 325-344.
[20]Shaikh, Rizwana, and M. Sasikumar. “Data Classification for achieving Security in cloud computing.” Procedia computer science 45 (2015): 493-498.
[21]Zhao, Feng, Chao Li, and Chun Feng Liu. “A cloud computing security solution based on fully homomorphic encryption.” Advanced Communication Technology (ICACT), 2014 16th International Conference on. IEEE, 2014.
[22]Pasupuleti, Syam Kumar, Subramanian Ramalingam, and Rajkumar Buyya. “An efficient and secure privacy-preserving approach for outsourced data of resource constrained mobile devices in cloud computing.” Journal of Network and Computer Applications 64 (2016): 12-22.
[23]Shi, Weisong, and Schahram Dustdar. “The promise of edge computing.” Computer 49.5 (2016): 78-81.
[24]Oliveira, Tiago, Manoj Thomas, and Mariana Espadanal. “Assessing the determinants of cloud computing adoption: An analysis of the manufacturing and services sectors.” Information & Management 51.5 (2014): 497-510.
[25]Oliveira, Tiago, Manoj Thomas, and Mariana Espadanal. “Assessing the determinants of cloud computing adoption: An analysis of the manufacturing and services sectors.” Information & Management 51.5 (2014): 497-510.
[26]Terzi, Duygu Sinanc, Ramazan Terzi, and Seref Sagiroglu. “A survey on security and privacy issues in big data.” Internet Technology and Secured Transactions (ICITST), 2015 10th International Conference for. IEEE, 2015.
[27]Ahmed, Monjur, and Mohammad Ashraf Hossain. “Cloud computing and security issues in the cloud.” International Journal of Network Security & Its Applications 6.1 (2014): 25.
[28]Sanaei, Zohreh, et al. “Heterogeneity in mobile cloud computing: taxonomy and open challenges.” IEEE Communications Surveys & Tutorials 16.1 (2014): 369-392.
[29]Shahzad, Farrukh. “State-of-the-art survey on cloud computing security Challenges, approaches and solutions.” Procedia Computer Science 37 (2014): 357-362
Essay Writing Service Features
Our Experience
No matter how complex your assignment is, we can find the right professional for your specific task. Contact Essay is an essay writing company that hires only the smartest minds to help you with your projects. Our expertise allows us to provide students with high-quality academic writing, editing & proofreading services.
Free Features
Free revision policy
$10Free bibliography & reference
$8Free title page
$8Free formatting
$8How Our Essay Writing Service Works
First, you will need to complete an order form. It's not difficult but, in case there is anything you find not to be clear, you may always call us so that we can guide you through it. On the order form, you will need to include some basic information concerning your order: subject, topic, number of pages, etc. We also encourage our clients to upload any relevant information or sources that will help.
Complete the order form
Once we have all the information and instructions that we need, we select the most suitable writer for your assignment. While everything seems to be clear, the writer, who has complete knowledge of the subject, may need clarification from you. It is at that point that you would receive a call or email from us.
Writer’s assignment
As soon as the writer has finished, it will be delivered both to the website and to your email address so that you will not miss it. If your deadline is close at hand, we will place a call to you to make sure that you receive the paper on time.
Completing the order and download