Wednesday, December 4, 2019
Security Threats In Cloud Computing And Preventive Techniques
Question: Discuss about the Security Threats In Cloud Computing And Preventive Methods. Answer: Introduction The cloud computing has been required to each individual existence. It delivers on the programs as well as storage space spaces as the services on the internet for small or maybe no cost. Many individuals use the cloud computing solutions every day (Armbrust, Fox, Griffith, Joseph, Katz, Konwinski Zaharia, 2010). The cloud computing is not an advancement, but instead, It is an approach for the building of the IT solutions that use the sophisticated computational power in addition to the enhanced storage functionality. The concentrate of the cloud computing is from the providers perspective as the redundant hardware that is linked to the support downtime on any of the devices in the network, without the alternation in the user's point of view. Security challenges and threats of the cloud computing Cloud computing has been an emerging technological know-how that has collective resources in addition to the lower cost which depends on the pay per use depending on the demand of the user ( Krutz Vines, 2010 ). Because of its features, it encounters numerous risks along with issue in the scopes of the security. 1) Abuse in addition to nefarious utilization of the cloud computing: The abuse and dubious usage of the cloud computing are the primary threat which has been recognized by the Cloud security Alliance. An example on this is the utilization of the botnets to stretch the spam in addition to the malware (Bhadauria Sanyal, 2012). The attacker could penetrate a public cloud and plan to upload on the malware to various computers in addition to utilize the power of the cloud infrastructure to attack other machines. 2 ) Insecure application programming interfaces: The software interfaces or the APIs are exactly what the clients utilize for interacting with the cloud services, these really should have extraordinary authentication, access control, encryption as well as activity monitoring mechanisms whenever the third parties begin to develop in it (So, 2011 ). 3) There is the issue of the data leakages along with the consequent problems. The information deletion or even the alteration devoid of any backup could possibly lead to the drastic data related problem, for instance, the security, integrity, segregation as well as the breaches (Zissis Lekkas, 2012). This, therefore, can easily lead to the sensitive data becoming accessed by the unauthorized users (Krutz, Vines, 2010). The cloud computing platforms ought to offer new solutions to have the ability to gather data and well as carrying out evaluation and control on the privacy to support the application, which is seeking for the information. 4) Malicious attacks: The risk that has been related to the malicious attackers is augmented for the customer of the cloud services via utilization of the numerous IT services that absence the lucidity that is between the procedure and process that pertains to the services providers (Krutz Vines, 2010). The malicious users might gain a usage of numerous confidential data and consequently result in the data failures. 5) Service Hijacking: the service hijacking might be regarded as the gain of the illegal control on numerous services that are not authorized by an individual. It accounts for several techniques, for example, phishing, exploitation of the software along with the fraud. This continues to be thought to be among the top most threats and it is often pointed as the extreme threats. The likelihood of the hijacking of a person accounts considerably as no native API could be employed for the registering of the numerous cloud services. Security countermeasures in the cloud-computing environment To be able to implement data security to cloud computing technology, the study community should seize effective along with constructive steps to be able to assure the security (Sabahi, 2011). Depending on Gunnar emphasizes that a group exists to be able to presume the wide-ranging standards, in addition, to ensure inter-operability among the providers of the services (Sabahi, 2011). The endeavor to improve the security standard will certainly guarantee element for example confidentiality, integrity as well as availability. There are several methods in the cloud computing one may expand on the subject of the security. The issue of Architecture security on the cloud computing risks could be dealt with significantly practically via the overall performance of security evaluation. The architecture of the cloud consists of the numerous security parts, which are embossed in the cloud architecture to be able to offer secure cloud computing (Sabahi, 2011). A few of these parts are access management, security API, and the security of the network and the storage. Security protection in the cloud servers, encryption is the better solution in order to secure the data. Before the information is saved in the cloud servers, it might be vital that you encrypt the data (So, 2011). The owners of the data might give consent to a specific group member to allow they access this kind of data easily. Heterogeneous data-centric security could be utilized in the provision of the data access control. When one wish to attain privacy and the data security protection it is applicable when it is used as a service. Application of the encryption on the data makes the data to be totally unusable as well as normal encryption can complicate on the availability. To be able to overcome on the threats of the malicious attack one can use the access control mechanism tools, which are used to control the not authorized end user while using the secured information. According to Peter Mell (2012), he suggested that the infrastructure as the service as well as one of the models which reveals the problems with the aid of the virtualization as the frontier security protection to have the ability to protect against any one of the malicious attacks in the cloud users. Data leakages as regarded as a security threat to get over this kind of is through deduplication with enabling of the limitation on the variety of the user uploads per window time (Saripalli Walters, 2010). Deduplication of as the means of storing an only single copy of the redundant data and providing just the connect to the providers rather than storing the precise and essential copies of the information. The user might confront on the threat of service hijacking by prohibiting the sharing of the account credentials between the users and the services. Furthermore, an alternative way would be to Leverage a solid two-factor authentication method in which it is possible and employment of a proactive monitoring to have the ability to identify any not permitted activity ( Subashini Kavitha, 2011 ). A user should be capable of recognizing the cloud provider security policies. In the real word, the providers of the cloud services makes use of the requirements much more often in order to provide the security. Applications of the cloud computing technologies and use The cloud computing has been credited with the increase to the competiveness through the cost reduction, a greater flexibility, and the optimal utilization of the resources (Kandukuri Rakshit, 2009). Some of the application of the cloud computing aimed at achieving business goals for the organization are as follows: one is the use of the cloud has been used for the testing and the development. There are many cloud-computing environments, which are tailored to the needs of the organization (Ko, Jagadpramana, Mowbray, Pearson, Kirchberg, Liang, Lee, 2011). The cloud computing has been used in the big data analytic application. This has been possible through leveraging of the in order to tap to quantities of the structured and the unstructured data to harness the benefit of extracting the business data. The cloud could offer file storage facilities. An individual can be able to store and retrieve the files in any of the web-enabled interfaces. Organizations are running a much cloud-ba sed application such as the customer relationship management, the accounting, and the human resource. Impact on the discussed issues and their application in real life The cloud computing has changed lives in many ways. On the social impact, it has seen the likes of the YouTube and the Google, to be testimony to the shift on how the individuals are interacting with other individuals (Takabi, Joshi Ahn, 2010). Taking on the advantages associated with the development of the cloud technology as well as the social media space has allowed individuals to access analytical abilities. The cloud computing technology has offered other benefits such as the development of the education and improvement of the healthcare industry. Information can now be available instantly through the proliferation of the websites. Lesson learned in the research The cloud computing in its current form has been around for a decade now. With the activities going on each year, I have come to understand some key lessons on what cloud computing is all about. I have understood it is relatively safe as well as secure. Putting the data in the cloud could have potential risk proposition, but nonetheless, many organization is embracing the cloud services. The cloud computing models can be regarded as working well. This has been publicized among the cloud provides. Conclusion The cloud computing is in continual development to able to make a difference in various levels of the demand services, which is to be available to the customers. Many individuals are enjoying the benefits of the cloud computing, nonetheless, there is security concern in the cloud, which has become a key challenge. To be able to provide a better quality of the services to the cloud users, the security flaws should be identified as well as be addressed. In this research, it has examined on the security threats in the cloud computing along with the precautionary techniques. In the near future, I believe we are going to continue to contribute to the initiatives in the researching of the cloud security threats along with the countermeasures to the cloud negligence. References Armbrust, M., Fox, A., Griffith, R., Joseph, A. D., Katz, R., Konwinski, A., ... Zaharia, M.(2010). A view of cloud computing. Communications of the ACM, 53(4), 50-58. Bhadauria, R., Sanyal, S. (2012). Survey on security issues in cloud computing and associated mitigation techniques. arXiv preprint arXiv:1204.0764. Kandukuri, B. R., Rakshit, A. (2009, September). Cloud security issues. In Services Computing, 2009. SCC'09. IEEE International Conference on (pp. 517-520). IEEE. Krutz, R. L., Vines, R. D. (2010). Cloud security: A comprehensive guide to secure cloud computing. Wiley Publishing. Ko, R. K., Jagadpramana, P., Mowbray, M., Pearson, S., Kirchberg, M., Liang, Q., Lee, B. S. (2011, July). TrustCloud: A framework for accountability and trust in cloud computing. In Services (SERVICES), 2011 IEEE World Congress on (pp. 584-588). IEEE. Sabahi, F. (2011, May). Cloud computing security threats and responses. In Communication Software and Networks (ICCSN), 2011 IEEE 3rd International Conference on (pp. 245- 249). IEEE. Saripalli, P., Walters, B. (2010, July). Quirc: A quantitative impact and risk assessment framework for cloud security. In Cloud Computing (CLOUD), 2010 IEEE 3rd International Conference on (pp. 280-288). Ieee. So, K. (2011). Cloud computing security issues and challenges. International Journal of Computer Networks, 3(5), 247-55. Subashini, S., Kavitha, V. (2011). A survey on security issues in service delivery models of cloud computing. Journal of network and computer applications, 34(1), 1-11. Takabi, H., Joshi, J. B., Ahn, G. J. (2010). Security and privacy challenges in cloud computing environments. IEEE Security Privacy, 8(6), 24-31. Zissis, D., Lekkas, D. (2012). Addressing cloud computing security issues. Future Generation computer systems, 28(3), 583-592.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.