Discuss about the Webbs Stores for Cloud IaaS Security.
Webb’s Stores is an Australian firm that sells food stuff and specialty items. The retailer has its data centres in many locations as Sydney and Melbourne along with Wagga, Brisbane etc. There are a lot many members of staff that work in the store and it is being expanding at a rapid rate. There are many problems that have been recently observed in the business operations and data management tasks. To overcome these problems, the use and involvement of cloud in terms of data storage and management has been proposed. The report analyzes the cloud database security.
There are huge clusters of information that the store manages and processes using MS SQL Server 2012 R2 database. Due to the set of problems that have started showing up with the use of current database, it has been agreed to move to Infrastructure as a Cloud (IaaS) model based database. The following security considerations would be necessary with this model.
Security of the cloud is one of the prime concerns that have been witnessed with the business organizations. This is because cloud data and information is exposed to increased number of security risks and attacks. Due to a higher threat probability, the frequency of the attacks is also considerably high that may have a negative implication on the customer engagement. The security measures in associated with IaaS security discussed above may get rid of such occurrences and may lead to benefits, such as, increased customer trust and higher market rates (Simou, 2016).
IaaS cloud database may face many technical challenges in terms of its integration with the rest of the tools implemented in the store. There may also be technical errors, faults along with the issues around compatibility with the software and hardware equipment (Shahid, 2015).
There will also be many costs in terms of deployment, maintenance and training that will be associated with this cloud model.
There are many of the database related risks that may come up with the deployment of a cloud database in the organization. The number of access points and threat agents will increase which may increase the probability of the attacker to breach the information by making use of unauthorized access. There may also be availability attacks on the database which may make it unavailable for usage (Alashoor, 2014).
Many of the cloud services and operations that will take place may not be possible to be controlled by the technical staff members at the store. There may be network based security attacks on the IaaS cloud model, such as, eavesdropping attacks, man in the middle and phishing attacks (Singh, 2001).
The information on the cloud will be shared and transmitted on the internal and the external networks. There may be integrity and confidentiality attacks that may be given shape by the attackers during the communication process. Alteration of the attributes or contents of the information sets or the leakage/loss of the information may also be observed.
There are several security risks that are associated with the use and implementation of cloud database in the store.
These risks will be associated with various data relates operations as well. Backing up of the data is an essential activity that is carried out in the cloud based database systems so that disaster recovery can be ensured. There are codes that are implemented for automatic capturing of the backups. However, the attackers may modify the code to malicious code which may damage the contents of the information sets.
The stored data will have the likelihood to be impacted by a lot many database security risks and attacks. The properties of stored information viz. availability, confidentiality and integrity of the information may be negatively affected as a result. The attacks may execute denial of service, message alteration, media alteration, distributed denial of services and information breaches as some forms of the security attacks (Fowler, 2010).
Access control, identity management and authentication are the three elements that play a critical role in information retrieval. There may be security risks and attacks associated with these three elements as the attackers may gain unauthorized access by violating all of the security norms and controls.
With the modifications in the database of the store, it would be necessary to modify the disaster recovery strategy that is followed in the store.
Risk identification and assessment would be the first step that would be necessary to perform to understand all the new forms of cloud related security risks and attacks. A response and recovery strategy mapped with all the listed risks will then be necessary to be prepared (Tari, Yi, Premarathne, Bertok & Khalil, 2015).
The identified response and recovery strategy would be required to be implemented and the backing up of the information sets will also be made automated in nature.
Access control is a protection mechanism which is used to prevent the security risks and attacks. There are various physical and virtual access points that will be associated with the store and it would be necessary to implement the access control mechanism on the basis of the possible security risks for each component.
In the role base access control process, the users are provided the access to the system and its components on the basis of their roles and privileges. However, the attributes of the users are considered in case of attribute based access control (Khan, 2012).
Conclusion
Technological changes are taking place at a fast speed in the present times and the business units are required to maintain pace with this changing face of technology. Cloud databases provide the business units to perform the data related operations like storage, management and retrieval with ease and the decision of the Webb’s Stores to migrate its current database to cloud is as per the technological norms (Nadeem, 2016). There are certain issues in terms of security that are observed in the cloud environment that would be required to be identified, assessed and treated. The security risks will revolve around the database related, network related and operational risks and attacks. There are technical controls along with administrative checks that must be done so that the occurrence of such events is prohibited and the information of the store is safe and protected (Hashemi & Hesarlo, 2014). There are many technological components that may also be explored by the management of the store, such as Business Intelligence concepts along with the use of Big Data tools and technologies in the area of secure information storage and management.
References
Alashoor, T. (2014). Cloud computing: a review of security issues and solutions. International Journal Of Cloud Computing, 3(3), 228. https://dx.doi.org/10.1504/ijcc.2014.064760
Fowler, S. (2010). Impact of denial of service solutions on network quality of service. Security And Communication Networks, 4(10), 1089-1103. https://dx.doi.org/10.1002/sec.219
Hashemi, S., & Hesarlo, P. (2014). Security, Privacy and Trust Challenges in Cloud Computing and Solutions. International Journal Of Computer Network And Information Security, 6(8), 34-40. https://dx.doi.org/10.5815/ijcnis.2014.08.05
Ismail, N. (2017). The winding road to GDPR compliance – Information Age. Information Age. Retrieved 20 September 2017, from https://www.information-age.com/winding-road-gdpr-compliance-123468132/
Khan, A. (2012). Access Control in Cloud Computing Environment. Retrieved 20 September 2017, from https://pdfs.semanticscholar.org/ef20/bc1239539f9a8502715153c5af67fc9e9034.pdf
Nadeem, M. (2016). Cloud Computing: Security Issues and Challenges. Journal Of Wireless Communications, 1(1). https://dx.doi.org/10.21174/jowc.v1i1.73
Shahid, M. (2015). Cloud Computing Security Models, Architectures, Issues and Challenges: A Survey. The Smart Computing Review, 602-616. https://dx.doi.org/10.6029/smartcr.2015.06.010
Simou, S. (2016). A survey on cloud forensics challenges and solutions. Security And Communication Networks, 9(18), 6285-6314. https://dx.doi.org/10.1002/sec.1688
Singh, K. (2001). IT Infrastructure Security-Step by Step. Sans.org. Retrieved 20 September 2017, from https://www.sans.org/reading-room/whitepapers/basics/infrastructure-security-step-step-430
Tari, Z., Yi, X., Premarathne, U., Bertok, P., & Khalil, I. (2015). Security and Privacy in Cloud Computing: Vision, Trends, and Challenges. IEEE Cloud Computing, 2(2), 30-38. https://dx.doi.org/10.1109/mcc.2015.45
Essay Writing Service Features
Our Experience
No matter how complex your assignment is, we can find the right professional for your specific task. Contact Essay is an essay writing company that hires only the smartest minds to help you with your projects. Our expertise allows us to provide students with high-quality academic writing, editing & proofreading services.
Free Features
Free revision policy
$10Free bibliography & reference
$8Free title page
$8Free formatting
$8How Our Essay Writing Service Works
First, you will need to complete an order form. It's not difficult but, in case there is anything you find not to be clear, you may always call us so that we can guide you through it. On the order form, you will need to include some basic information concerning your order: subject, topic, number of pages, etc. We also encourage our clients to upload any relevant information or sources that will help.
Complete the order form
Once we have all the information and instructions that we need, we select the most suitable writer for your assignment. While everything seems to be clear, the writer, who has complete knowledge of the subject, may need clarification from you. It is at that point that you would receive a call or email from us.
Writer’s assignment
As soon as the writer has finished, it will be delivered both to the website and to your email address so that you will not miss it. If your deadline is close at hand, we will place a call to you to make sure that you receive the paper on time.
Completing the order and download