Cloud Computing: Overview and Risk Analysis - Literature review Example

Cloud Computing By Name Course Instructor Institution City/State Date Table of Contents Cloud Computing 1 Table of Contents 2 Cloud Computing 2 1.0 Introduction 2 2.0 Benefits of Cloud Computing to Present Businesses 4 3.0 Cloud Computing Security Threats 6 3.1 Threats Security Identification 7 3.2 Integrity 8 3.3 Secrecy and Privacy 9 4.0 Incorporating Entrusted Third Party 10 5.0 Conclusion 11 6.0 References 12 Cloud Computing 1.0 Introduction Cloud computing develops a crucial keyword in accelerating information technology businesses, but it possess a distributed architecture established on unfixed nodes, and safety issues outlined in services based on cloud computing (Zissis & Lekkas, 2012, p. 584). Essentially, emergence of cloud computing has rapidly changed everyone’s intuition of infrastructure structure, development paradigms, and software delivery. According to Fernando, et al. (2013), pursuing the transformation from mainframe computers to server deployment paradigms, cloud computing contains elements from automatic, utility, and grid computing into an inventive deployment architecture. Presently, cloud computing is achieving heightened popularity, worry are being raised about the security challenges introduced after adopting the novel paradigm (Fernando, et al., 2013, p. 84). Consequently, Cloud computing, which is a recent development in the IT sector, allows organizations to run application online in what is otherwise referred to as a cloud. The “cloud” promotes sharing of resources within and outside the business setting (Thomas, 2011, p. 216). In addition, cloud acts like a server where an organization can stockpile resources required by the company (Lin & Chen, 2012, p. 533). However, the main difference between cloud computing and server based technology is that cloud computing permits users to run applications online without the need to download or install them in their computers. Therefore, this makes it appropriate for both users and the service industries to benefit from the high connection speed promoted by cloud computing (Alali & Yeh, 2012, p. 29). Fig 1: Cloud Computing (source: en.wikipedia.org) 2.0 Benefits of Cloud Computing to Present Businesses Business experts hold the opinion that businesses should start using cloud computing since using cloud computing ensures that the business is utilizing the latest technological advancements; thus, ensuring its performance is boosted (Zissis & Lekkas, 2012, p. 588). In addition, the business can manage to change with changing times more efficiently bearing in mind the fact that almost everything in the modern world has pursued the digital and electronic track. According to Yoo (2011), businesses that utilize cloud-computing technology are well positioned to handle technological tasks contrary to businesses using the old system, which are regarded as out dated or obsolete. In this regard, businesses using cloud computing can cope more efficiently to competition in the global platform as compared to their obsolete counterparts. Fig 2: Cloud computing benefits (source: shebytes.com) Cloud computing also ensures that an organization is updated with the latest developments in terms of technology, considering that it is a technology by itself, it opens many more avenues for the company (Garrison et al., 2012, p. 62). Furthermore, cloud computing also heightens flexibility in that employees from an organization can work from any location, even from the comfort of their houses. For instance, the company can recruit staff from other companies without having to travel to the country, and if used along with other technology forms, the company can conduct interviews using webcams and can hire workers who can work from mother countries: thus. Saving additional cost that could be incurred if the interview was conducted manually (Zissis & Lekkas, 2012, p. 591). Fig 3: Benefits of Cloud Computing (source: talkcloudcomputing.com) 3.0 Cloud Computing Security Threats Critically, cloud implementation frequently contains progressive safety technologies, mostly available because of information centralization and universal structure. In its quintessence, cloud computing can address numerous shortcomings endured by traditional architectures due to its unique attributes (Lin & Chen, 2012, p. 533). Fig 4: Categorization of threats (Zissis & Lekkas, 2012) 3.1 Threats Security Identification Fundamentally, safeguarding an information system (IS), entails recognizing unique threats and problems, which require to be addressed by incorporating suitable countermeasures. Eventually, the recognized security needs and chosen security controls are incorporated to the standard engineering process, to connect the security measures with information system operational and functional needs (Thomas, 2011, p. 220). Cloud computing based on its architectural attributes and design imposes several security advantages, such as security centralization process and information segmentation, and redundancy availability. Yoo, (2011) posit that cloud computing has unique characteristics that need risk assessment in issues such as reliability and availability, auditing and privacy, integrity, and recovery. According to Zissis and Lekkas (2012), security is associated to the crucial aspects of availability, confidentiality, and integrity; therefore, they become building blocks to be utilized in developing security systems. In addition, these crucial aspects of security, enforce to the three wide categories of assets, which are vital to be safeguarded, 3.2 Integrity Integrity is the fundamental aspect of information security, and it posits that assets can be altered only through authorized channels based on data, hardware, and software. According to Alali and Yeh (2012), data integrity refers to safeguarding information from unauthorized obliteration, fabrication, or modification. Administering an entity’s rights and admittance to certain business resources, guarantees that valuable information and services are not stolen, abused or misappropriated. Lin and Chen (2012) believe that by preventing unlicensed access, companies can attain enormous confidence in the system and information integrity. Furthermore, such mechanisms provide enormous visibility into deciding who or what may have changed system or data information, possibly influencing their accountability. In this regard, a cloud-computing provider is entrusted to sustain data integrity and precision, but the cloud paradigm on its part presents several threats entailing complicated insider attacks on these data characteristics (Fernando et al., 2013, p. 589). On the other hand, software integrity refers to safeguarding software from unlicensed obliteration, fabrication, or theft, which can be either intentional or unintentional. In this regard, cloud-computing providers incorporate a set of application programming interface (APIs) that customers utilize to administer and communicate with cloud services. Based on this perspective, Garrison et al. (2012) assert that the security of cloud services relies heavily on interfaces security as unlicensed user gaining access to them could fabricate or alters them. Furthermore, in cloud computing, accountability for software’s integrity protection is conveyed to the owner of the software. Hardware integrity is a supplemental challenge that requires the cloud provider to address since he is weighed down with protecting hardware from fabrication, theft, or modification (Zissis & Lekkas, 2012, p. 100). 3.3 Secrecy and Privacy Fernando et al. (2013) defines confidentiality as permission to authorized parties to gain access to protected information/data. However, cloud provides a platform for infringement of data due to heightened number of devices, parties, and applications, which will lead to an increased number of access points. Arguably, Lin and Chen (2012) claim that authorizing data control to the cloud, conversely leads to a rise in the risk based on data infringement as the data becomes attainable to an increased number of parties, which give rise to issues such as multi-tenancy, application privacy and security, and data remanence. On its part, multi-tenancy refers to cloud attributes of resource sharing such as programs, memory, and data. Essentially, cloud computing is established on business paradigm in which resources are divided at the host level, network level, and application level (Thomas, 2011, p. 223). On the other hand, multi-tenancy refers to an operating system multitasking, which is a technique through which diverse processes or tasks share similar processing resources such as system unit. According to Zissis and Lekkas (2012), multi-tasking presents numerous confidentiality and privacy threats such as object reusability, which is a vital attribute in cloud infrastructure, and can generate a serious vulnerability. Data remanence refers to the sediments presentation of information that has been erased because of lack of hardware separation amid several users on a single infrastructure (Zissis & Lekkas, 2012, p. 591). Fig 5: Cloud Computing Threats (source: cloud-basedlms-etec522.weebly.com) 4.0 Incorporating Entrusted Third Party According to Yoo (2011), employing trusted third party in the cloud computing, will help to establish the required trust level and offer ideal resolution to maintain the integrity, confidentiality, and authenticity of information and communication. In addition, trusted third party promotes secure communication between two parties that trust the third party. Zissis and Lekkas (2012) assert that trusted third party supplies legally and technically dependable ways of conducting, promoting, and creating independent evidence concerning arbitration on electronic services. In addition, trusted third party can be trusted for low and high level confidentiality, generation of security domains, certificate –founded authorization, client and server authentication, and information cryptographic separation (Zissis & Lekkas, 2012, p. 586). 5.0 Conclusion Conclusively, Cloud computing is one of the latest technological developments in the IT field and has revolutionized many businesses in the twenty first century cloud computing brace information systems as the advantages outnumber its deficiency. In addition, cloud computing provides deployment architecture that can address shortcoming identified in traditional information system, but its dynamic attributes can prevent the effectiveness of traditional measures. Consequently, employing trusted third party in the cloud computing assists to establish the required trust level and offer ideal resolution to maintain the integrity, confidentiality, and authenticity of information systems. Cloud computing improves predictability, optimizes operations by minimizing manual work, and improves cross discipline collaboration and communication. Going by the arguments put forward, cloud computing is undoubtedly the future for businesses in the 21st century, and in the technology world cloud computing is changing rapidly changing. In this regard, cloud computing may seem to be the feature at the current technology. 6.0 References Fernando, N., Loke, S. W. & Rahayu, W., 2013. Mobile cloud computing: A survey. Future Generation Computer Systems, 29(1), pp. 84-106. Zissis, D. & Lekkas, D., 2012. Addressing cloud computing security issues. Future Generation Computer Systems, 28(3), p. 583–592. Alali, F. A. & Yeh, C.-L., 2012. Cloud Computing: Overview and Risk Analysis. Journal of Information Systems, 26(2), pp. 13-33. Garrison, G., Kim, S. & Wakefield, R. L., 2012. Success Factors for Deploying Cloud Computing. Association for Computing Machinery. Communications of the ACM, 55(9), p. 62. Lin, A. & Chen, N.-C., 2012. Cloud computing as an innovation: Percepetion, attitude, and adoption. International Journal of Information Management, 32(6), p. 533. Thomas, P. Y., 2011. Cloud computing. The Electronic Library, 29(2), pp. 214-224. Yoo, C. S., 2011. Cloud Computing: Architectural and Policy Implications. Review of Industrial Organization, 38(4), pp. 405-421. Read More