Diese Präsentation wurde erfolgreich gemeldet.
Wir verwenden Ihre LinkedIn Profilangaben und Informationen zu Ihren Aktivitäten, um Anzeigen zu personalisieren und Ihnen relevantere Inhalte anzuzeigen. Sie können Ihre Anzeigeneinstellungen jederzeit ändern.
Surname 1
Topic: Cloud Computing Type: Research Paper Subject: Information Technology
Academic Level: Undergraduate Style:...
Surname 2
Security and Privacy Threats Facing Cloud Computing Technology
INTRODUCTION
Cloud computing is a technology that...
Surname 3
Existing written works (Mather, Kumaraswamy and Latif) depicts cloud computing as a
service factory, surrounding...
Surname 4
cloud computing environment (Lisovich, Mulligan and Wicker 11). In this context, their research
contrast that on...
Surname 5
technology face, by discussing various issues that renders the use of cloud services vulnerable.
Possible develo...
Surname 6
From the study’s results, one major problem affecting users, especially organizations
relying on cloud computing...
Surname 7
Apart from governance, the study also managed to reveal management of access and
identity as being an area of co...
Surname 8
From a literal point-of-view, implementing such an approach seemed to be easy. However, it the
researcher found ...
Surname 9
their intended destination. This was possible as the proposed framework was to increase the ratio
at which packe...
Surname 10
Works Cited
Cutillo, L.A., R. Molva and T. Strufe. "Safebook: A privacy-preserving online social network
levera...
Surname 11
Walker, E., W. Brisken and J. Romney. "To Lease or Not to Lease from Storage Clouds."
Computer (2010): 44. http...
Nächste SlideShare
Wird geladen in …5
×

Reseach paper-mla-sample

313 Aufrufe

Veröffentlicht am

Topic: Cloud Computing
Type: Research Paper Subject: Information Technology
Academic Level: Undergraduate
Style: MLA
Language: English (U.S)
Number of pages: 8 (double spaced, Times New Roman, Font 12)
Number of sources: 5

Task details
Write a 2000-word research paper that discusses the current state-of-the-art in cloud computing. The paper should discuss both the currently available technology and possible
New developments and designs to come in the next decade. The sources for your paper
are limited to the primary articles (not columns) in IEEE publications that have appeared
Since Jan. 2009:

Veröffentlicht in: Bildung
  • Login to see the comments

  • Gehören Sie zu den Ersten, denen das gefällt!

Reseach paper-mla-sample

  1. 1. Surname 1 Topic: Cloud Computing Type: Research Paper Subject: Information Technology Academic Level: Undergraduate Style: MLA Language: English (U.S) Number of pages: 8 (double spaced, Times New Roman, Font 12) Number of sources: 5 Task details Write a 2000-word research paper that discusses the current state-of-the-art in cloud computing. The paper should discuss both the currently available technology and possibleNew developments and designs to come in the next decade. The sources for your paperare limited to the primary articles (not columns) in IEEE publications that have appearedSince Jan. 2009:
  2. 2. Surname 2 Security and Privacy Threats Facing Cloud Computing Technology INTRODUCTION Cloud computing is a technology that works under the principle of resource sharing through self-provision means. Most organizations utilize resource sharing of this technology by storing data in the cloud, thereby economizing the use of resources while improving efficiency in their operations (Walker, Brisken and Romney 44). The resources to be shared must, however, be characterized by massive scalability and elasticity to facilitate the pay as you go model1 (Mather, Kumaraswamy and Latif 7). Quite a number of technologies have been incorporated in cloud computing, primarily to enhance efficiency of cloud services2 (Cutillo, Molva and Strufe 94). Although this area is a recent development in computing, its initial users and researchers who have experimented with the few cloud providers’ platforms and technologies already in the industry, have repeatedly complained of vulnerabilities in the services offered. This paper will delve on some of the security and privacy concerns that cloud computing face, from both perspectives of the user and the service provider. The paper will also make some recommendations on how the available and new approaches to be developed can help in solving those issues. This means, both the current literature and future possible developments in technology will be vitally necessary for a successful completion of the study. LITERATURE REVIEW 1 Pay as you go is used to refer to a state where the user’s contract to use resources is instantly renewed when a new payment for the resources is made on expiry of the previous payment. 2 Utility computing, virtualization, service-oriented architecture, and web 2.0 platforms are among the few technologies incorporated in cloud computing
  3. 3. Surname 3 Existing written works (Mather, Kumaraswamy and Latif) depicts cloud computing as a service factory, surrounding web-scale data centers. This service as evidenced from IBM, Google, and Amazon platforms is vulnerable to cyber-attacks. Unfortunately, cloud service users are naive to realize such weakness contained in cloud services, as all they value is the great data processing and elastic resources they get from using cloud computing technology, making them ignore the fact that cloud services are subject to issues like copyright violation, abuse of privacy, and security breaches (Kai, Kulkareni and Hu). This fact is emphasized by Mather, Kumaraswamy and Latif, who argued out that although cloud services contain many attractive features, precaution measures should be observed before a user fully engages in the use of cloud services. In this regard, Mather, Kumaraswamy and Latif acknowledged cloud computing technology as a paradigm shift suitable to replace the traditional norms used by organizations to organize their data center, and deperimitize their data infrastructure that might have been possibly made opened by hackers as a result of using a weak data security framework that is vulnerable to cyber attackers3 . However, the suitable approach that cloud providers should use to shift to this new technology should have the capacity to consider data sensitivity, which can be achieved via planning thoroughly to ensure that all computing processes are compliant with the laid down regulations for a stable privacy to be maintained without any violation that possess the potential to damage cloud users’ information or property. Lisovich, Mulligan and Wicker on their part, understand cloud computing to entail demand-response systems that result into detailed power-consumption data utilities, comprising a diversity of players whose aim is to help users on how to effectively utilize their energies in data management and security, without necessarily caring whether such efforts result in the creation of new privacy concerns in the 3 To deperimitize is to develop a strategy that employs the use of encryption and dynamic data-level authentication to provide multi-level data protection
  4. 4. Surname 4 cloud computing environment (Lisovich, Mulligan and Wicker 11). In this context, their research contrast that one of Mather, Kumaraswamy and Latif, who considered data security as the first priority when a user makes a decision regarding outsourcing of information technology services like cloud computing, especially if the decision entails moving an organization’s processes to the cloud, known to have resources that are public and being shared by many users, with even some having malicious intents that may breach security of other users’ data4 . As such, Mather, Kumaraswamy and Latif in their opinion, recommends organizations before shifting to the new technology, to take a risk-based approach that thoroughly analyzes the available security and privacy options before moving all their processes to the cloud environment. This is one way through organizations will be able to maximize the effectiveness of their operations and minimize costs. Thus, this argument can be justified, as from a literal point of view, addressing security and privacy issues after implementing the concerned system or process is not only technical and expensive, but also renders the organization vulnerable to potential adversaries. As such, it is essential for organizations to first understand cloud computing services offered by cloud providers, in terms of their security and privacy issues, before fully dedicating their operations to be accessed from the cloud. This includes making sure that the cloud computing solution to be engaged is flexible to incorporate all security and privacy issues held by the organization. OBJECTIVE The central directing principle of this study will be security and privacy issues that both cloud providers and cloud users encounter in their operations. This means the study will be answering the question that regard to security and privacy issues that cloud computing 4 Organization’s processes may be data, and applications used in daily running of the organization
  5. 5. Surname 5 technology face, by discussing various issues that renders the use of cloud services vulnerable. Possible developments and designs that can secure this technology will also be highlighted to make cloud computing more secure and attractive to users. METHODOLOGY No particular area was chosen to carry out the research as it was governing issues that users across the globe face. Therefore, the researcher made the study an open-ended one. Descriptive research designs, were, however, essential to facilitate proper understanding of the research question. Besides, being a new emerging field, not much had been discussed to provide users with a clear view of the benefits and risks associated with cloud computing. Therefore, it was essential to provide some insights that would help users to come up with viable decisions on whether or not to transfer all their organizational processes to the cloud environment. Since the study was not to be practically conducted in the field, the primary source of data was to be retrieved from secondary sources, including existing literature from previous researches conducted by technology-oriented experts. However, sources to be used were strictly to have been published after Jan 2009 in the IEEE magazines. This is because technology changes on a daily basis, thereby using older sources would not have revealed the actual situation faced by cloud computing providers and users on the ground. The sources to be used could easily be accessed online with the help of Google Scholar, which is a recommended search engine for academic tasks. As the data sources belonged to other people, the research was to receive approval from his instructor before using them, in that, no commercial use of the data collected would be allowed. RESULTS AND DISCUSSION
  6. 6. Surname 6 From the study’s results, one major problem affecting users, especially organizations relying on cloud computing was governance related issues. Mather, Kumaraswamy and Latif from their point-of- view, understand governance in computing as a user control and oversight over policies and procedures required in developing applications and acquiring information technology services. A good example of governance problem is the inadequacy of organizational control over its employees who arbitrarily use cloud computing services. Such practices were found by the researcher to raise privacy concerns and security breaches, especially in situations where some employees could go to an extent of disclosing customers’ information and leaking out organization’s information to unauthorized people requiring such information for their material gains. According to the study; Employees could be tempted to leak out confidential data of an organization to its competitors in exchange for money, especially if the organization that they worked for did not treat them fairly in terms of compensation for their services. In this regard, cloud providers should enforce the use of robust sensors and algorithms that authenticates users before accessing data stored on their servers. Such algorithms should have the capacity to analyze user data, in that, a user is allowed only to access information meant for him or his organization. Additionally, cloud computing users should understand that risk management in cloud computing is more technical. Therefore, they should help cloud computing providers to enhance the security of the data they provide to be stored in the cloud, by ensuring that adequate audit mechanisms and tools were used to encrypt and authenticate data at the organizational level. From this argument, it is evidence that both the user and the provider were to coordinate properly for the required governance to be achieved.
  7. 7. Surname 7 Apart from governance, the study also managed to reveal management of access and identity as being an area of concern in cloud offering and using cloud computing services. In this context, the research managed to establish that any user data submitted for storage to the cloud to only be accessed by authorized personnel as a way of avoiding security breaches and maintain data confidentiality. However, the researcher went ahead to establish that the framework that had been implemented by most organizations to identify and authenticate users accessing their data to incompatible with cloud computing platforms. To make the matter complicated, the study also realized that changing the framework that had been already implemented at the organizational level to make it cloud computing compatible, would not only be challenging, but expensive due to the expertise required to carry out the changeover process. As such, Cutillo, Molva and Strufe had to propose that organizations operate two frameworks, one for the organization and another one for the cloud. Their proposal, however, turned out to be unpractical due to lack of coordination between the user and the provider, in terms of the trust (Cutillo, Molva and Strufe 94). But since the area being studied was a technological one, carrying out various tests was still viable. As such, new ideas like federation identification in service-oriented architecture needed to be tested because the little available literature from previous studies had depicted federation identification to have the potential of developing a strong relationship between the service provider and the user, which could allow them to share digital identities and attributes across the domain being used at both organizational and cloud computing levels. Such a strategy would be meant to ensure that a user who sign-in to a domain used internally at the organization level could access data stored on the external-based domain running cloud services. Additionally, the new platform was not to allow multiple login using the same access codes, and therefore, it would also use the user’s internet protocol (IP) address to map the user’s location to the domain.
  8. 8. Surname 8 From a literal point-of-view, implementing such an approach seemed to be easy. However, it the researcher found it interesting that a thorough and precise interpretation of transactions with the ability to manage user identification and access to both organizational-based and cloud-based domains were required to provide assurance of a definite protection of both the internally and externally based servers against cyber crimes and attacks5 . A research carried out at Anna University also identified and proposed a new security framework that utilizes dispersion techniques to discard the path and prevent the data packets send by a malicious device to a network domain or cloud computing servers. This would be another approach to prevent multiple logins into the system with the same security-authentication, thereby would also prevent intruders from gaining unauthorized access to the system by only allowing authentic users to access and use the services. According to Mather, Kumaraswamy and Latif, that framework was to be referred to as “Reliable and Secure Framework”. He went ahead to quote as follows in the IEEE Security and Privacy magazine; The reliable and secure framework comes with a multi-path routing algorithm that is characterized by an inbuilt potential to determine a set of device-disjoint reliable paths, arranged from the highest order to the lowest order according to their reliability index, thereby facilitating simultaneous dispersion and transmission of data packets via the most reliable and secure disjoint paths. According to Mather, Kumaraswamy and Latif’s argument, the reliable and secure framework if successfully implemented and adopted by both cloud computing providers and organizations, whose operations were internet-based, had the potential to add value as it would reduce overhead and delay of packets that previously were being intercepted by the wrong people before reaching 5 Cybercrimes include spamming, hacking, or phishing as a result of the sheer number of connected devices, sharing a pool of resources stored at a single place.
  9. 9. Surname 9 their intended destination. This was possible as the proposed framework was to increase the ratio at which packet delivery would be occurring6 . CONCLUSION In a nutshell, the study primarily sought to find some of the security and privacy issues related to the use and provision of cloud computing services. Governance and identification and authentication were the issues recognized by the study. Although to some extent solving these issues could turn out being a puzzle, the study managed to propose new ideas the reliable and secure framework that would help organizations, who are the primary users of cloud computing, and providers of the service to get rid of user identification and authentication. Governance, on the other hand, was to be solved by having both the user and the provider understand risk management issues related to cloud computing (Mather, Kumaraswamy and Latif 258). However, this research does not mark the end of the road as many other issues related to the user and provision of cloud computing services still exist. As such, the technology will only be regarded as a viable shift from the traditional models and controls after all the remaining issues have been studied and possible frameworks with ability to handle them proposed and implemented for adoption by cloud computing users and providers. 6 Interception of confidential data like access codes may cost an organization to loss data, privacy, finance and security breaches, especially if whoever manages to intercept such data has malicious intents.
  10. 10. Surname 10 Works Cited Cutillo, L.A., R. Molva and T. Strufe. "Safebook: A privacy-preserving online social network leveraging on real-life trust." Communications Magazine, IEEE (2009): 94, 101. http://ieeexplore.ieee.org/xpl/login.jsp?tp=&arnumber=5350374&url=http%3A%2F %2Fieeexplore.ieee.org%2Fxpls%2Fabs_all.jsp%3Farnumber%3D5350374 Kai, Hwang, S. Kulkareni and Yue Hu. "Cloud Security with Virtualized Defense and Reputation-Based Trust Mangement." Dependable, Autonomic and Secure Computing. Chengdu: IEEE, 2009. 717. http://ieeexplore.ieee.org/xpl/login.jsp? tp=&arnumber=5380613&url=http%3A%2F%2Fieeexplore.ieee.org%2Fxpls %2Fabs_all.jsp%3Farnumber%3D5380613 Lisovich, M.A., D.K. Mulligan and S.B. Wicker. "Inferring Personal Information from Demand- Response System." Security & Privacy, IEEE (2010): 11. http://ieeexplore.ieee.org/xpl/login.jsp?tp=&arnumber=5403146&url=http%3A%2F %2Fieeexplore.ieee.org%2Fxpls%2Fabs_all.jsp%3Farnumber%3D5403146 Mather, Tim, Subra Kumaraswamy and Shahed Latif. Cloud Security and Privacy: An Enterprise Perspective on Risks and Compliance. New York: O'Reilly Media, Inc., 2009.http://books.google.co.ke/books? hl=en&lr=&id=BHazecOuDLYC&oi=fnd&pg=PR7&dq=IEEE+Security+and+Privacy+ Magazine&ots=Fz-6N- rWC9&sig=JlN62Q3GbGyHRwzOcMEpKVVuLX8&redir_esc=y#v=onepage&q=what %20is%20cloud%20computing&f=false
  11. 11. Surname 11 Walker, E., W. Brisken and J. Romney. "To Lease or Not to Lease from Storage Clouds." Computer (2010): 44. http://ieeexplore.ieee.org/xpl/articleDetails.jsp? tp=&arnumber=5445166&url=http%3A%2F%2Fieeexplore.ieee.org%2Fxpls %2Fabs_all.jsp%3Farnumber%3D5445166

×