Cloud-Based Computing Security - Essay Example

Table of Contents: Introduction: Security Overview: Computing Resources and Cloud Computing: How Security Issues Impact upon Cloud Computing: CurrentTrends: Security Concerns: Using the Cloud Safely: Data Storage: Conclusion: Name Date Professor’s Name Course Section/# Cloud Based Computing Security Introduction: Many enterprises rely on database systems for day-to-day operations and decision making; as such, the security of data managed by these systems becomes critical. Misuse or damage of data can affect not only a single user; it may have devastating consequences on the entire enterprise. As such, many firms face insurmountable financial liabilities because of losing sensitive data or face the impossible task of recreating the lost data from the scratch. This essay summarizes the most important data security requirements (confidentiality, integrity and availability) , discusses the security challenges that currently face the enterprise when storing data in its own local severs or deploying it the cloud and introduces available solution for these issues . Security Overview: Security is simply protecting data against improper disclosures, modification or destruction; whether these are intentionally or accidentally caused. That is to say, a complete solution to data security issues should meet three basic requirements: confidentiality, integrity and availability. Confidentiality requires that data should be protected from unauthorized individuals or systems . Integrity refers to an assurance in the accuracy of the data. This means preventing of unauthorized or improper data modification or deletions must be engaged. Availability refers to keeping timely access to data and resources by authorized person. It also refers to the protection from malicious data denials making the system no longer available; or the recovery from hardware and software errors. The importance assigned to these requirements significantly depends on the considered environment. For example, in military environments, most attention devoted to the confidently, while integrity is the most relevant aspect of commercial environment. In public institutions, such as hospitals and airline companies and credit institutions in which data correction is essential in addition to the privacy constraints, a combination of integrity and confidentiality are needed. Computing Resources and Cloud Computing: Developments in networking technology and an increase in the need of computing resources have encouraged many enterprises to outsource their storage and computing needs. This new model of computing is commonly referred to as “cloud computing”. Cloud computing is computing which leverages computer resource through the internet. It is defined by the national institute of standards and technology (NIST) as: “A model for enabling convenient, on-demand network access to shared pool of configurable computing resource that can rapidly provision and released with minimal management effort or service provider interaction”. How Security Issues Impact upon Cloud Computing: A crucial question in cloud computing has to do with whether or not this is a more secure form of computing as compared to a traditional IT system. First and foremost cloud computing characteristics need to be understood. Cloud computing has different characteristics which make it useful and one of the most noticeable technologies for all costumer types from individual to large organizations. The following characteristics are defined by (NIST) as the essential characteristics of cloud computing. Firstly, it provides on demand service and rapid elasticity so the enterprise can quickly scale up or scale down their usage of services; according to their business need without manual intervention. This stands in stark contrast to the many days it can take to procure the space and the equipment needed to expand the computational resource in house that were previously leveraged. Secondly, cloud computing provides broad network access; which means that cloud systems can be used from great distance as long as the customer has internet access. Thirdly, resource pooling is when a cloud provider makes the necessary resource available to serve multiple consumer using multi-tenant model and virtualization. Fourthly, cloud computing provides measured service; this means a service consumed will be measured in term of resources used. This is crucial for billing, access control and resource optimization. Current Trends: Based on the above advantages, more and more companies are now convinced of the value of the cloud computing has as a means of addressing some of their key challenges they face. As such, they are starting to migrate their data to the cloud solution to an ever increasing extent. According to one IBM survey, of 2,000 midsized companies, 70% were planning or had already adapting cloud technologies (Nanavati et al. 73). Benefits of Cloud Computing: While cloud computing bring many benefits. It also raises significant security issues and considerations that prevent many companies from switching to cloud computing. Data is traveling over the internet and stored in remote databases. Moreover, cloud providers serve multiple customers simultaneously .All of these issues raise privacy and security issues. Among these issues are operational trust modes, resource sharing, new attack strategies, and digital forensics (Kang et al. 704). These issues are associated with giving up the control in any environment. Unlike data centers (which are run by an in-house IT department) where the enterprise is responsible for its own security, the cloud computing is an off-premise system which users outsource their data need to a third party provider; that may or may not have the most up to date security certifications. Security Concerns: Another major security issue that results from the decision to move to cloud computing environment is the level of trust accorded the resource provider. In cloud computing systems, the cloud provider maintains access to the physical components of the system; and also provides the cloud customer with full of control over some portion of it. This means that the cloud provider has full access and control to all consumer’s operations and sensitive data that they store in the cloud. However, there are several approaches used to reduce the level of trust in the cloud resource provider. The first approach that offers guarantees in term of protecting resource confidently is encrypted communication channels. As such, the cloud consumer encrypts the data with cryptographic algorithms prior to insertion and decrypts it after moving it back to his/her own systems. Then , a key is used to protect the resource so the data cannot be read by unauthorized persons. This approach is used if the cloud is used only to store data. However, it is not effective if the data is intended for use within the cloud; due to the computational device in the cloud computing would need to access to the encrypted key continually – thereby making it useless and non-functional as a means of protecting data. A second approach that can be used to reduce the control access in the cloud resource provider is computation on Encrypted data (homomorphic encryption). This type of encryption allows specific types of operations to be carried out on cipher text and produce encrypted results without exposing the input or the results in plaintext format. However, even with this type of encryption, a malicious cloud provider can be able deduce useful information from the operation being carried out and the characteristic of the encrypted inputs and results such as the size of the result. Another security concern that hinders adoption is resource sharing. Unlike data centers where the resources tend to be used by single corporate entites, cloud computing relies on sharing of resources to achieve economies of scale. This means that a resource allocated to one corporation may be utilized on some physical infrastructure that also hosts resource allocated to another corporation. In this case, it is quite possible for two competitors to be sharing the same physical infrastructure. Consequently, there is a possibility for leaks of data between two computing corporation. It is also possible that the actions of one company may impact the ability of the competitor to conduct its business. In order to overcome this issue, some cloud providers use an approach called the Chinese Wall Model. This is an approach in which corporate cloud consumers are classified into conflict of interest categories so the cloud provider can be sure that no two companies with the same conflict of interest classification can share the same physical infrastructure . While there are many concerns regarding the inability to trust cloud computing because of it security and privacy issues, cloud computing comes with many benefits that address data security. For example, storing data in the cloud solves many problems related to losing laptop or flash driver which has become the most way for loosing data in many organizations. In addition, in cloud environments, incident response requires that the resources such as database centers or supercomputing power should be procured whenever needed. This bypasses the supplement red tape associated with traditional requests for resources within the enterprise world. Additionally, if the server is down for any reason similar instances of the client environment will be easy duplicated on other machines. This of course has a direct impact with regards to improving the acquisition time. From a security perspective, cloud providers are already able to provide algorithms for generating checksum (error detection scheme) whenever a file is stored in the cloud. This allows for bypasses that the client needs for encryption. Using the Cloud Safely: However, corporations can safely move to the cloud; as long as they aware of data protection practices. It important for any enterprise considering moving to the cloud computing environment to conduct comprehensive risk assessment before making the decision to move to the cloud. It is also crucial that the choice of data applications to deploy in the cloud environment be effectively managed. Scholars have indicated that analytical data management applications (data used in business planning ,problem solving and decision support) are more suited for deployment in the cloud than transactional data management applications (Fu et al. 738). This is due to the fact that transactional data management does not use a shared architecture (set of independent machine achieve task with minimal overlap). This means that it cannot take advantage of additional instance by offloading work to parallel new instance. In addition, a transactional database typically contain sensitive information such customer data or credit card number which make storing it in un-trusted hosts. Data Storage: Furthermore, storing data in an organization’s IT data center is not without its risks. Moving the enterprises’ data and application away from its servers and facilities is an effective way to improve reliability and security. This is due to the fact that major threats to an enterprise lie within its boundaries. Enterprise employees are one of the top security concerns of any organization. The top reason cited for losing data were SMB (small and medium size business) employees’ tendency to click link or open attachment files embedded in spam. In addition, research shows that 56% of employee frequently stored sensitive data in their laptop or tablets; which increase the risk that confidential information can land in the wrong hands. In the case of the cloud environment, enterprise applications and data are no longer on their local servers; providing a situation in which data is protected from employee negligence and errors. In addition, physical security is of paramount importance. Cloud providers such as Google spend more and more money on IT security than any other enterprise. They have designed the need for security in every layer of their architecture. Unlike the majority of companies, the reliability and security of IT infrastructure is important requirement for any cloud provider. If they fail to achieve it, they will out of business. Conclusion: Data security, in particular data protection from unauthorized access, is becoming more crucial as an increasing number of enterprise trust their database systems. It is obvious that cloud computing helps IT organizations use deferent techniques to optimize application performance; these benefits create a new set of challenges and security issues that make it hard to decide on moving to cloud. However, cloud computing is getting better at security as time goes on. In my opinion, enterprises can take advantage of cloud capability and at the same time secure its use of the cloud by identifying their requirement and their optional exposures at the earliest stages; making them understand the related risks and avoid them during and after the migration. Works Cited Fu, Xie, Liu Fangai, and Guo Xuexue. "Research On Security Issues Of Privacy Data Under The Cloud." Journal Of Chemical & Pharmaceutical Research 6.7 (2014): 738-743. Academic Search Complete. Web. 24 Sept. 2014. Kang, An, et al. "A Strengthening Plan For Enterprise Information Security Based On Cloud Computing." Cluster Computing 17.3 (2014): 703-710. Academic Search Complete. Web. 24 Sept. 2014. Nanavati, Mihir, et al. "Cloud Security: A Gathering Storm." Communications Of The ACM 57.5 (2014): 70-79. Academic Search Complete. Web. 24 Sept. 2014. Read More