The future of Cloud Security - Article Example

?The Future of Cloud Security First Second 2, Third 3 #First-Third Department, First-Third Address Including Country Name 1first.author@first-third.edu 3third.author@first-third.edu *Second Company Address Including Country Name 2second.author@second.com Abstract: The concept of cloud computing and the space utilization is one of the most prevailing terms in modern technological field. With the multimedia world and its applications dominating the entire scenario, space saturation and congestion was a serious obstacle and consideration, thereby solutions were being thought of in form of cloud computing. However the concept of cloud computing is equally prone to the threats in terms of the security and other safety measures of the entire network and the clients and their information. Resolving the security factor is top priority and this paper looks into the future outlook of the cloud computing and associated security level attainable. Key words: API, security, virtualization, malware Introduction: The cloud computing allows for large number of benefits ranging from space to ease of work, however the security threat makes it one of the most vulnerable medium in this regard (Mather, et al. 2009). On demand delivery is one of the core functions of cloud computing, making use of the resources only when required. They can be operated on various scales in private environments, hybrid or community as a whole. Safety with regard to the data contained in the networks, the structuring of the data with regard to ease of flow of information. The fact that the potential provider of data may stand helpless with the safety of data and this happens due to the fact that the overall interface is a virtual one and does not have any fixed physical existence as was the case in previous storage patterns and methods that were commonly in use. Future prospect: Considering its effective performance and the potential advantages it possesses, it is certainly the technology that would dominate the future trends of technological world, however factors like security of interface, the password cracking, minimizing the challenges posed by the bots, and eliminating their role, allowing for safer operations from within the network, all these are few of the steps and actions that must be taken into account in order to make cloud computing a more secure one for the future operations and future dominance. Present day situation: At present the concept of cloud computing is prone to number of direct and indirect threats; these threats raise serious concerns regarding the future and their potential productivity in this regard. These challenges come in form of inappropriate usage of the network from within, ease of access to outside intruders, and most prominently the lack of infrastructure that would be required for an established network that facilitates the usage and services with due consideration of the security concerns of the users and the service providers in form of the servers, business enterprises and numerous other related entities. I.P address stealing, intellectual property related content stealing, these are few of the potential loopholes that define the present day standing of cloud computing technologies. Handling of the data bases (Fiore & Aloisio, 2011), ensuring their safety with regard to all the information that is being stored in them, transactions that are being performed through the integrated network, scheduling procedures for the resources that are being allocated and parallel processing without any infringement of the data and information are few of the steps and considerations that ought to be resolved to make the cloud computing networks a safer technological option. Shared technology consideration: The sharing of the interface and architecture is a concern that allows for vulnerability with regard to the safe existence and performance of cloud computing networks. The function of isolation is a vital concept in the domain of cloud computing and the virtual interfaces, thereby the isolation property must be provided with sufficient security. The access of unauthorized agents into the network is a serious challenge faced in this regard and the future of cloud computing would be an unsafe concept with such a loophole in the overall network and infrastructure (Chee & Franklin Jr. 2010). Encryption keys: While encryption itself provides for security of the network, the keys being used for access serve as the pitfall in the entire concept of encrypting techniques, thereby they must be handled properly and made use of in form of effective algorithms generation, mapping procedures (Sosinsky 2010) and other scheduling and routing mechanisms that allow for minimum entry chances of any outsider force that are unauthorized. Some options that are provided in this regard and a trend of future for this purpose is that of key less encryption techniques which takes out the overall chances of any loss or misuse of the encryption key which is often being used by the intruders for getting into the networks. Inter connecting factor: Cloud computing concept engages multiple networks for exchange of information and data. Safe flow of information between the various nodes of each of the network should be a priority and in future trends of cloud computing, the domain must be well protected in order to make the overall cloud computing concept a safer one for use. Secure Mapping: Cloud computing entails mapping from a physical interface to virtual one, this mapping must be secure enough and must ensure no loss of data. Mapping can be made secure through the use of various algorithms; any weakness that may exist could be due to the low strength of the algorithms engaged. Besides the engagement and implementation of algorithms, encryption procedures must be made functional in a better way. Clear definition of policies: Policies definition allow for safer transmission between the nodes and networks from virtual to physical network. Defining the roles with regard to the safety, the resources allocation, the management, algorithm implementation, all these must be done in prior to engaging in an extensive exchange or setup of a network with extensive traffic on the underlying surface. The first step to overcoming any challenge and obstacle is to understand it, this can be done so in the policy definition phase, defining what is the present state of the technology, what are the challenges faced and what is the possible future and possible challenges and obstacles that are faced in this regard. Data mining techniques: Malware is a generic name to all kinds of threats posed. These come in form of viruses, Trojan horses, bugs, and various other forms attacking the network both from inside and outside and from large scale to small scale. The effective data mining techniques would allow for mitigation of the threats that are being posed by various kinds of the malware that are presently known and also the ones that may come into existence in longer run. Password extraction, key cracking, attacks of the bots, rainbow tables are few of the possible forms of attacks and loopholes that loom large over the present day infrastructure of cloud computing. Virtual servers are prone to various forms of threats and vulnerabilities (Winkler, 2011). Secure Grid: Deploying secure grids is one of the solutions to the overall cloud computing network security concerns. It allows for better protection mechanisms, enhanced authentication schemes in form of deploying of codes and schemes and most importantly the remote network connection establishment which is one of the most serious point to be taken into account while dealing with the cloud computing interface. Secure grid also allows an option for the policies definition and creation that would make virtualization a safer option (Das & Thankachan, 2013). Other safety measures: Other options with regard to safer cloud computing include the usage of firewalls, the IP version 6 usage, the IP sec function, advanced routers implementation and installation. Storage Management: Storage management is another area that indirectly contributes towards the safety of overall network in a cloud enabled computing infrastructure. Developing applications for secure distribution within the network and outside are the factors that should be taken into account in order to maintain good management scheme in storage. Secure co Processors: Apart from the software consideration, some efforts can be made on the hardware level too, secure co processors is an attempt of the hardware front. Co processors usage is one of the technique for making the network a secure one with regard to the data privacy, encryption, resources allocation and data management. While Public Key Interface ( P.K.I) is one technique that has been in practice for a considerable while, seeing the number of events of security breaches and the damages incurred as a result of it, new techniques are in practice on test level as well as on commercial level though not on complete scale. Key splitting technique is one similar concept. Key splitting technologies: The split key technology and encryption option is seen as a massive breakthrough in the field of coding, and protection of data and this can be further enacted through commercial implementation and usage in times to come. Usage of encryption techniques such as AES 256 (Gillam 2010) and other similarly relevant and more effective coding techniques are the ones that are deeply required by the cloud computing field in order to make it a more effective domain for future prospect of computing world. Making use of the mathematical functions and models along with various options is the core function and secret to the key splitting technology. Homo morphic encryption: This kind of encryption technique can come in handy in the databases applications and servers that make use of the large amount of data being stored across their networks and servers. Websites are a prime example in this regard along with the business enterprises that make use of extensive data and operate both on national and international level in different parts of the world. Homo morphic encryption technique allows for only one owner of the key and access to the data with no or minimum chances of data proliferation (Zhou & Yung 2010, 241). It is best suited to the cloud computing environment. Making use of the mathematical models and combinations, it nearly equates out any chances of data breach and penetration into the network. This technique may stand proprietary at present, however in future its commercialization would allow for better options towards security in a cloud atmosphere (Krutz & Vines 2010). Threshold Cryptography: This is another method and a prospect for future which would allow for safer operations in longer run and ultimately a more secure medium to operate and perform functions in a larger way. Making use of the enhanced encryption techniques with little reliance on the key usage which often creates problems and obstacles, along with the usage of the algorithms are few of the features of the threshold cryptography functioning technique and application. It is often termed as the distributed key splitting technique (Pearson & Yee 2013, 159). The advantages served in it are the no or little dependency over the memory and little concern and addressing of the data and memory for this purpose. This allows for incremental approach and working which reduces any possible chances of massive damages that may be incurred as is the case in the presently existent working units and security options that are available all around (Geer. Jr & Yung 2002). Crypto APIs are a core entity of this technique that allows for better implementation of the available resources. Overcoming the difficultly level with regard to its implementation and the overall network up gradation are two concerns in this area which must be undertaken in order to make it a more viable option for usage over the cloud interface (Josyula, et al. 2011, 116). Conclusion: Cloud computing is the trend of future and it is bound to take overall almost everything related to the field of computing in times ahead, however the security factor is a serious consideration and it must be sorted out in order to make it an effective tool rather than a weapon which may be used against its effective usage and the core purpose for which it has been created and introduced. The beefing up on the security measures is desired. This can come up in form of the software applications (Lake & Hirsch 2013, 224) and up gradation as well as the hardware applications and options, some of which are being mentioned and specified in the paper. While virtualization allows for many benefits, the usage over the open space with no physical data and content poses threats, and this can be overcome only through the best security functions employment. References: Chee, B. J. & Franklin Jr., C., 2010. Cloud Computing: Technologies and Strategies of the Ubiquitous Data Center. s.l.:CRC Press. Das, V. v. & Thankachan, N., 2013. Computational Intelligence and Information Technology. s.l., Springer. Fiore, S. & Aloisio, G., 2011. Grid and Cloud Database Management. s.l.:Springer. Geer. Jr, D. E. & Yung, M., 2002. Split and Delegate: Threshold Cryptography for the Masses, Columbia: Columbia University. Gillam, L., 2010. Cloud Computing: Principles, Systems and Applications. s.l.:Springer. Josyula, V., Page, G. & Orr, M., 2011. Cloud Computing: Automating the Virtualized Data Center. s.l.:Cisco Press. Krutz, R. L. & Vines, R. D., 2010. Cloud Security: A Comprehensive Guide to Secure Cloud Computin. s.l.:John Wiley & Sons. Lake, P. & Hirsch, L., 2013. Guide to Cloud Computing: Principles and Practice. s.l.:Springer. Mather, T., Latif, S. & Kumaraswamy, S., 2009. Cloud Security and Privacy: An Enterprise Perspective on Risks and Compliance. s.l.:O'Reilly Media, Inc. Pearson, S. & Yee, G., 2013. Privacy and Security for Cloud Computing. s.l.:Springer. Sosinsky, B., 2010. Cloud Computing Bible. s.l.:John Wiley & Sons. Winkler, V. (., 2011. Securing the Cloud: Cloud Computer Security Techniques and Tactics. s.l.:Elsevier. Zhou, J. & Yung, M., 2010. Applied Cryptography and Network Security. s.l., Springer. Read More