Network Security and Its Main Aspects - Term Paper Example

Network Security Table of Contents Running head: NETWORK SECURITY Introduction 3 History 4 Theory 5 Characteristics of Cloud Computing 7 Analysis and Discussion of Cloud Computing Security 8 Diagrams 10 Summary 11 Conclusion 12 References 13 Bibliography 16 Introduction The notion ‘Cloud’ is generally considered to be a metaphor about the utilisation of internet sources on the basis of a computer network diagram. In this similar context, ‘Cloud Computing Security’ is fundamentally described as a set of standardized procedure that is designed to deliver utmost security as well as information assurance within the environment of cloud computing. Moreover, it is considered as a physical as well as a logical security concern throughout several software service models, infrastructures and platforms. It has been viewed that the idea i.e. ‘Cloud Computing Security’ brings about considerable restrictions for end users as well as different cloud service providers. In addition, it is a developing sub-domain that comprises a set of technologies, controls and policies with the intention of protecting data, softwares and infrastructures associated with the cloud computing service (Crawford & Johnstone, 2012). Most of the Information Technology (IT) related firms deal with accumulating and recovering of mass data in which various cloud computing services assist them to perform efficiently with incurring minimum amount of cost and time. Apart from the advantages that are derived from the cloud computing services, the IT related firms also face critical issues such as security problems which ultimately restrict them to maintain integrity, dependability and privacy of their different operational functions (Crawford & Johnstone, 2012). This paper intends to provide a detailed analysis or description and background about one of the significant conceptions i.e. ‘Cloud Computing Security’. Moreover, certain diagrams have also been portrayed in the discussion in order to acquire a better understanding about the important concept of ‘Cloud Computing Security’. History In the year 1961, the notion of ‘Cloud computing’ emerged at the time when a Professor of Michigan University named John McCarthy affirmed that ‘time-sharing’ technology would control various computing processes in future with the help of ‘utility-type’ sort of business model. However, in the mid-1970s, the aforementioned idea was not considered due to the fact that various IT related technologies were not able to maintain such type of futuristic business model. However, it has been apparently observed in the 21st century that the concept i.e. ‘cloud computing’ invigorated and emerged within technological sphere. In this similar context, the term ‘utility computing’ can be described as a stipulation model that emphasises upon controlling different computational as well as storage procedures that are linked with cloud computing services. This form of computing is broadly adopted by several organizations in order to extend their operational activities relating to cloud computing model so that they can easily access the various operational functions at large (Bohm, Leimeister, Riedl, & Krcmar, 2012). At present, a large portion of IT companies and related professionals anticipate that computing security is the next big issue within the technological arena. In October 2007, this idea i.e. cloud computing became quite renowned at the time when new technologies were introduced within various IT departments of the organisations. Contextually, ‘Cloud computing’ can be viewed as an innovative aspect from different viewpoints. For instance, from the standpoint of technological aspect, the notion i.e. ‘Cloud computing’ is regarded to be an advanced technology of computing which is utilized as a virtualization concept in order to utilize various hardware components more efficiently. Moreover, several IT departments consider ‘cloud computing’ as a whole new generation of advanced computing features that are quite necessary in every sphere of their business operations. It has been observed that this cloud computing concept originally emerged from telecommunication sector that created an essential shift from ‘point-to-point’ data circuit to ‘Virtual Private Network (VPN)’ services (Rittinghouse & Ransome, 2010). Theory Cloud Computing delivers several services which are typically based upon three basic models. These include software as a service (SaaS), infrastructure as a service (IaaS) and platform as a service (PaaS). In this regard, SaaS is a type of cloud service which is frequently utilized by most of the companies which is broadly accessible to the end-users through internet. PaaS is one kind of operational tool like Windows and Linux that is used by the creators for developing websites without installing any application on the computers along with any IT expertise. Finally, IaaS is regarded as an infrastructure which is controlled and upheld by the cloud providers that endorse several operational functions which include conducting smooth networking, controlling servers, effectively storing and efficiently controlling hardware components (Department of Defence Intelligence and Security, 2012). According to ‘National Institute of Standard Technology (NIST)’, there are four types of cloud computing models such as ‘Public Cloud’, ‘Private Cloud’, ‘Hybrid Cloud’ and ‘Community Cloud’. These models have been described hereunder. Public Cloud: This type of cloud service is generally made for public where resources, web application and web services are delivered through internet. Subsequently, public sector related organizations assist the end users to deliver effective infrastructures regarding the implementation of public cloud service (Hamlen, Kantarcioglu, Khan, & Thuraisingham, 2010). Private Cloud: It is essentially utilized by the organizations for their internal online operations where any member within the organizations can only access the data or any web service application. However, any member outside the organization cannot access this cloud service. Infrastructures regarding private cloud are generally managed and completely upheld by an organization itself (Hamlen, Kantarcioglu, Khan, & Thuraisingham, 2010). . Hybrid Cloud: This type of cloud is generally considered as a combination of two or more clouds i.e. private, public or community. Moreover, it is an environment where more than one external as well as internal service providers of cloud services are taken into concern. It has been viewed that this cloud service typically is used by a few of the leading service providers such as IBM and Google among others (Hamlen, Kantarcioglu, Khan, & Thuraisingham, 2010). Community Cloud: This kind of cloud model is fundamentally regarded to be a mixture of one or in excess of one private, public or hybrid clouds which are distributed by several organizations and mostly preferred for enhancing online security. Infrastructure of this cloud is shared by various organizations within a particular community. Moreover, it is essentially managed by third party or through conducting internal procedures of an organization. The expenses associated with this cloud service are quite less than the public cloud but more as compared to private cloud services (Hamlen, Kantarcioglu, Khan, & Thuraisingham, 2010). There are certain significant benefits that are associated with the utilization of different cloud models. In this regard, it has been viewed that the end-users normally face much problems regarding obtaining cloud computing infrastructure as they remain quite worried about the capital expenses as well as consuming valuable equipments that are required for executing smooth cloud computing services. In relation to the benefits, through the execution of various cloud models computing processes are shared within various end-users in an effective as well as in a favourable manner. From the viewpoint of cloud computing services, it minimizes the infrastructure costs effectively and subsequently increases the procedural functions relating to software development. Furthermore, one of the imperative benefits of this model is that it increases the storage as well as the processing functions of the computers along with the networks by a greater extent. Another significant benefit of cloud computing model is that it automatically recovers the overall application process at the time of any emergency. By obtaining cloud computing service, an organization can be facilitated with the enhancement of high-speed bandwidth (Centre for the Protection of National Infrastructure, 2010). Characteristics of Cloud Computing There exists the presence of various significant attributes that should be taken into concern by an organization or the end-users during the implementation of cloud computing service. Moreover, it has been observed that the small firms as well as the end-users are considerably benefited from the use of cloud computing services as their capital expenditure tends to be minimized by a greater extent. Another feature of cloud computing service is that it makes effective centralization of data by which the cloud service providers frequently protect consumers’ resources in a favourable manner. In this similar context, cloud service providers also substantially invest in forming reliable as well as efficient security staff in order to assure the customers’ that their data is protected. Cloud computing process needs a huge amount of energy in order to manage data centralization, control different computer applications and its overall infrastructures. In the year 2007, leading organizations like IBM and Google among others initiated working on an extensive scale research project regarding the implementation of cloud computing services (Rittinghouse & Ransome, 2010). Analysis and Discussion of Cloud Computing Security There are several network issues which are faced by the organizations as well as the end-users during the implementation of cloud computing service. It is in this context that most of the organizations and the end-users strongly believe that it is quite easy to initiate cloud services without comprehending the risks linked with cloud securities. In relation to the analysis of cloud computing security, it can be affirmed that there are several ways to determine the security risks that are related with cloud computing services. At present, various firms as well as end-users recognize three categories of risks relating to cloud computing security which include ‘conventional security threats’, ‘risks associated with system availability’ and ‘threats connected with data-control of third party’ (Cloud Security Alliance, 2010). Conventional risks are those risks which generally arise at certain situations when a system is connected with any online source along with other cloud specific services. The impact of conventional threats is augmented due to the presence of a large amount of cloud resources as well as a huge number of end-users which make servers busy and facilitate other users to hack that particular server. This threat generally initiates from the end-users site itself and in order to mitigate this risk, the users should protect the infrastructures that are connected with the cloud computing services. Another risk linked with this security threat is about authentication as well as authorization procedure of cloud computing (Hamlen, Kantarcioglu, Khan, & Thuraisingham, 2010). System availability is also considered to be another major risk that is related with cloud computing security and must be considered during the utilization of cloud computing services. Due to certain factors such as power failure, system outages and other catastrophic events that might shut down cloud services for long period of time, the entire data of an organization business model can get locked inside cloud components which might hamper the business operations by a considerable level. Conversely, third party data control risks generally occur due to the lack of simplicity and limited control of cloud computing services that can impose adverse impact upon the security of the computers as well as the networks by a significant level (Wang, Wang, Ren, & Lou, 2012). Specially mentioning, ‘XML Signature Element Wrapping’ is regarded as one of the popular threats particularly for the web services. In this regard, XML signature as a type of security model is used to protect different cloud service components along with its features by a greater extent (Qaisar & Khawaja, 2012). Diagrams Figure 1: Cloud Computing Deployment and Service Models Source: (Sriram & Hosseini, 2012) Figure 2: Security Threats within Cloud Computing Environment Source: (Marinescu, 2012) Figure 3: Different Aspects Forming a Cloud System Source: (CORDIS, 2010) Summary In recent times, cloud computing security has significantly grown from a promising business perception to one of the significant emerging segments particularly in the IT industry. It has been apparently observed that the various IT related organisations and the governments are quite interested to employ the important concept of cloud computing security for the motive of enhancing information along with network security and privacy. Conclusion Cloud Computing is considered as an innovative concept which had been recently introduced within the IT linked business environment. The significant concern of Cloud Computing Security is associated with cloud computing services. This particular concern i.e. Cloud Computing Security intends to enhance the data protection, privacy and network along with information security by lessening IT costs at large. Due to this particular reason, the notion of Cloud Computing Security would gain immense importance in the upcoming years by a significant level. References Bohm, M., Leimeister, S., Riedl, C., & Krcmar, H. (2012). Cloud computing and computing evolution. Retrieved from http://www.theseus.joint-research.org/wp-content/uploads/2011/07/BoehmEtAl2009c.pdf Cloud Security Alliance. (2010). Top threats to cloud computing V1.0. Retrieved from https://cloudsecurityalliance.org/topthreats/csathreats.v1.0.pdf Centre for the Protection of National Infrastructure. (2010). Information security briefing 01/2010: cloud computing. Retrieved fromhttp://www.cpni.gov.uk/Documents/Publications/2010/2010007-ISB_cloud_computing.pdf CORDIS. (2010). The future of cloud computing. Retrieved fromhttp://cordis.europa.eu/fp7/ict/ssai/docs/cloud-report-final.pdf Crawford, A. & Johnstone, B. (2012). Cloud computing. Retrieved fromhttp://meseec.ce.rit.edu/756-projects/spring2012/2-6.pdf Department of Defence Intelligence and Security. (2012). Cloud computing security considerations. Retrieved from http://www.dsd.gov.au/infosec/cloud/cloud02.htm Hamlen, K., Kantarcioglu, M., Khan, L. & Thuraisingham, B. (2010). Security issues for cloud computing. Retrieved from http://www.utdallas.edu/~bxt043000/Publications/Technical-Reports/UTDCS-02-10.pdf Marinescu, D. C. (2012). Cloud computing: theory and practice. Retrieved from http://www.cs.ucf.edu/~dcm/LectureNotes.pdf Qaisar, S., & Khawaja, K. F. (2012). Cloud Computing: Network/Security Threats and Countermeasures. Interdisciplinary Journal of Contemporary Research in Business 3(9), pp. 1323-1329. Rittinghouse, J. W. & Ransome, J. F. (2010). Cloud computing: implementation, management and security. Retrieved from http://www.ittelkom.ac.id/staf/faz/kuliah/kamsis/references/Cloud_Computing__Implementation__Management__and_Security.pdf Sriram, L. & Hosseini, A. K. (2012). Research agenda in cloud technologies. Retrieved from http://arxiv.org/ftp/arxiv/papers/1001/1001.3259.pdf Wang, C., Wang, Q., Ren, K., & Lou, W. (2012). Ensuring data storage security in cloud computing. Retrieved from http://www.ece.iit.edu/~ubisec/IWQoS09.pdf Bibliography Furht, B. & Escalante, A. (2010). Handbook of cloud computing. United States: Springer. Hanna, S. (2012). Cloud computing: finding the silver lining. Retrieved from http://www.ists.dartmouth.edu/docs/HannaCloudComputingv2.pdf Krutz, R. L. & Vines, R. D. (2010). Cloud security: a comprehensive guide to secure cloud computing. United States: John Wiley & Sons. Stamos, A. (2009). Cloud computing security. Retrieved from https://www.owasp.org/images/5/58/Cloud_Computing_Security.pdf Read More