This presentation gives a detailed overview about Cloud Computing, its features and challenges faced by it in the market. It gives an insight into cloud security and privacy issues and its measures.
3. What is CLOUD COMPUTING?
The most demanding computing.
Cloud computing means storing and accessing data and
programs over the Internet instead of your computer's
hard drive. [5]
4. Featuresof cloudcomputing
On demand-self service
Broad Network access
Resource pooling
Rapid elasticity
Measured service
Pricing [10]
5. CHALLENGES
IN CLOUD COMPUTING
o Security
o Costing model
o Charging model
o Service level agreement
o Cloud interoperability issue [7]
6. What do we mean by
CLOUDSECURITY?
Set of control-based technologies and policies designed to
adhere to regulatory compliance rules and protect information,
data applications and infrastructure associated with cloud
computing use.
It can be done without the cost of maintaining facilities and
hardware.
It addresses both physical
and logical security issues across
all service models of software. [3]
7. INTRODUCTION
The Introduction of numerous cloud based services and
geographically dispersed cloud service providers, sensitive
information of different entities are normally stored in remote
servers.
Locations with the possibilities of being exposed to
unwanted parties in situations where the cloud servers
storing those information are compromised. [1]
8. Sometimes, it might be required or at least possible
for a person to store data on remote cloud servers.
Sensitive States of cloudcomputing :
The transmission of personal sensitive data to the cloud
server.
The transmission of data from the cloud server to clients'
computers.
The storage of clients’ personal data in cloud servers which
are remote servers, not owned by the clients. [1]
9. PROBLEM STATEMENT
Cloud security is becoming a key differentiator and
competitive edge between cloud providers. So by applying
the strongest security techniques and practices, cloud
security may soon be more secure than the level that IT
departments achieve using their own hardware and
software.
10. TYPES OF CLOUD
• Private cloud
--The cloud is managed by an organization and serves it
solely.
• Public cloud
--The cloud infrastructure is owned and managed by a large
Cloud Service Provider (CSP).
• Hybrid cloud
--The cloud infrastructure is composed of two or more of
the above models.
• Community cloud
--The cloud is managed by several organizations and
supports a specific community that has the same interest.
[7]
11. If security is not robust and consistent, the
flexibility and advantages that cloud computing
has to offer will have little credibility.
Here, we are going to discuss about the security
issues of cloud computing.
12. SECURITY AND PRIVACY ISSUES
Concerns of security issues:
‼ Availability :
It is to ensure its users can use them at any time, at any
place.
‼ Confidentiality :
It means keeping users’ data secret in the cloud systems.
‼ Data integrity :
It means to preserve information integrity (i.e., not lost or
modified by unauthorized users).
13. ‼ Control :
It means to regulate the use of the system, including the
applications, its infrastructure and the data.
‼ Audit :
It means to watch what happened in the cloud system,
could be added virtualized application environment hosted
on the virtual machine to provide facilities watching what
happened in the system. [3]
14. THREATS TO CLOUD COMPUTING
Data Breaches:
In cloud computing, the virtual machines (VMs) are residing in the
same physical host and when one VM is able to access information
from another VM, data breach occurs.
Data Loss:
The things leading to permanent loss of data include malicious
attacker, hard drive failure, fire or earthquake. Some of these
reasons could be due to the service providers fault.
AccountHijacking:
Account hijacking uses attack methods such as fraud ,exploitation
etc of software vulnerabilities where credentials and passwords
are reused.
15. Denial-of-Service:
This attack attempts to make the system or network resources
unavailable to the users from accessing their data and applications
from cloud.
AbuseofCloudService:
The main concern is for the CSVs rather than cloud service clients
since the users will be trying to hack the system to gain access to
confidential data.
MaliciousInsiders:
The employees who are working for cloud service providers such
as the system administrator will have complete access to the
confidential resources. Their access can be a big threat to
customers to view confidential data. [11]
16. WHY DO WE NEED CLOUD-SECURITY ?
Cloud adoption is expected to accelerate in the coming
years, organizations are still wary of the cloud as the
right delivery environment for many business
applications. The dominant concern is Security.
Businesses question whether their data is safe in
the cloud, and how they can employ an on-demand
service while maintaining regulatory and industry
compliance.
Organizations are right to balk about going head first into
the cloud without some guarantees about protection.
17. SECURITY MEASURES OF CLOUD
User control.
Investigative support, investigating inappropriate or
illegal activity may be impossible in cloud computing.
Intrusion detection and prevention.
18. Misconfiguration takes place, because lack of
expertise coupled with insufficient communication.
Threat to access important information is also a
major concern which can lead to huge loss of data
and can even lead to hacking.
Availability and backup. [23]
20. Denial of Service (DoS) :
Being of the latter is obviously always an issue for
servers. The added risk to using the cloud is that attacks on
other users of the cloud would affect your
portion.
Data Breaches:
Have greater potential of disaster on the cloud. A single
flaw in a cloud service could cause one data breach to extend
to a breach of the entire system.
21. Data loss :
It is an issue not unique to the cloud. Power loss is a
potential scenario everywhere on Earth and sometimes
unavoidable.
Data Integrity :
The risk of giving other access to your server’s internals
and secrets is once again almost unavoidable . Unless you
were to buy, setup, and implement your own server in your
home you will probably have to trust someone else to help
you, thereby risking the data’s integrity. [4]
22. APPLICATIONS OF CLOUD COMPUTING
1) Cloud computing provides dependable and secure data
storage center.
2) Cloud computing can realize data sharing between
different equipments.
3) The cloud provides nearly infinite possibility for users to
use the internet.
4) Cloud computing does not need high quality equipment
for the user and it is easy to use. [3]
23. FUTURESCOPE OF CLOUD SECURITY
It is facing many challenges regarding the security of data.
Modification of this technology helps to secure the data.
Many research on this technology are taking place which
would eventually help this technology to expand its scope in
future leading to more secure data.
Architectures , thus it will help to grow the IT industry as
well as advancement of this technology would help in big
organizations as well as full-fill the requirement of public
industry as well. [23]
24. STEPS TAKEN FOR BETTER CLOUD
There are organizations working towards a more secure cloud,
such as the CSA (CLOUD SECURITY ALLIANCE).
Another is Silver Sky, an expert provider of cloud security and
provider of “the industry’s only advanced Security-as-a-Service
platform from the cloud”.
The CTO of Silver Sky, Andrew Jaquith, explains that many CIOs
are moving their services to the cloud in order to save money,
but that security remains a key concern and these moves may
be insecure or at least hasty.
On the other hand, he also explains that many cloud service
providers are becoming clearer, more transparent, and more
assured than ever before that they could protect customer data.
25. SOLUTIONS OF ISSUESIN CLOUD SECURITY
‼ Network and security audits
‼ Security threat assessments
‼ Secure network and infrastructure design
‼ Network perimeter protection, including firewalls and
intrusion detection
‼ Remote access strategies, including VPN implementations
‼ Data loss prevention for information in motion and at rest
[23]
26. CONCLUSION
The Cloud provides many options for the everyday
computer user as well as large and small businesses.
Clouds are more subjected to the data theft, malicious
access, and unsecured internet access.
Efforts have been made to enforce confidentiality, integrity
and privacy of data.
We have discussed the Issues, Factors Affecting the Data
Security, Threats to it, Measures being taken towards it,
Applications of it as well.
27. The customers before shifting their data enter to cloud,
they should understand the sensitivity of data and choose
the cloud model based on their requirement.
Thus it will help to grow the IT industry as well as
advancement of this technology would help in big
organizations as well as full-fill the requirement of public
industry as well. [23]
28. CITATIONS
[1] K.S. Wagh, Swapnil Chaudhari, Anita Deshmukh and Prajakta Khandave, “Data Security in
Cloud Computing”. International Journal of Current Engineering and Technology, 2014.
[2] Naveen Dogra and Harpreet Kaur, “Cloud Computing Security: Issues and Concerns”.
International Journal of Emerging Technology and Advanced Engineering, 2013.
[3] Alycia Sebastian and Dr. L. Arockiam, “A Study on Data Security Issues in Public Cloud”.
International Journal of Scientific & Technology Research, 2014.
[4] Rabi Prasad Padhy, Manas Ranjan Patra and Suresh Chandra Satapathy, “Cloud Computing:
Security Issues and Research Challenges”. International Journal of Computer Science and
Information Technology & Security, 2011.
[5] Monjur Ahmed and Moh. Ammad Ashraf Hossain, “Cloud Computing and Security Issues in
the Cloud”. International Journal of Network Security & Its Applications, 2014.
[6] Rampal Singh, Sawan Kumar and Shani Kumar Agrahari, “Ensuring Data Security in Cloud
Computing”. IOSR Journal of Engineering, 2012.
29. [7] Santosh Kumar and R.H. Goudar, “Cloud Computing – Research Issues, Challenges,
Architecture, Platforms and Applications”. International Journal of Future Computer and
Communication, 2012.
[8] Shevleen Pandey and Mohammed Farik, “Cloud Computing Security: Latest Issues &
Countermeasures”. International Journal of Scientific & Technology Research, 2015.
[9] Narendra Gaurha and Dr. Manish Shrivastava, “Data Security in Cloud Computing Using
Linear Programming”. International Journal of Emerging Technology and Advanced Engineering,
2012.
[10] Patrick Mosca, Yanping Zhang, Xhifeng Xiao and Yun Wang, “Cloud Security: Services, Risks
and a Case Study on Amaon Cloud Services”. Technical Report, 2010.
[11] Anu Rathi, Yogesh Kumar and Anish Talwar, “Aspects of Security in Cloud Computing”.
International Journal Of Engineering And Computer Science ISSN, 2013.