Cloud Computing Security - Coursework Example

Table of Contents 1.0.Executive summary 2 2.0.Introduction 3 3.0.Cloud computing security 4 4.0.Cloud computing security taxonomy 10 5.0.Cloud computing and climate 11 6.0.Conclusion 13 7.0.References 15 1.0. Executive summary The increasing demand of internet in the recent past has been significant in making cloud computing to gain ground. As a result, majority of the companies that offer online related services have adapted to using more and more energy for their data centres. Cloud computing services development has speeded up the way in which the computational services are sourced by organizations and corporations for better delivery of services. However, migrating to the cloud remains a luring trend from a financial management perspective, though there are critical factors that must be considered by companies before they make an engagement. Of concern is the security; cloud computing security in most cases is inherited from the solutions that created such services, though new security concerns also arise particularly the manner in which the services are organized and the kind of services to be placed on the cloud. This paper, for a better understanding of the complexity of the security concern, will classify and identify the cloud computing security concern and solutions and ultimately propose recommendations to breach insecurity after giving an overview of the current security status in the computing technology. In addition, the report looks at how cloud computing has contributed to climate change from renewable energy policies. 2.0. Introduction Cloud computing as an evolving computer and network security refers to set of technologies, policies and controls meant to protect application and data of computing. The computing models including software (SaaS), platform (PaaS), infrastructure (IaaS)-SPI and deployment models list the vulnerabilities and risks and offers security guidance services by defining the security domains that congregates particular functional aspects from compliance and governance to virtualization (Broberg, 2011). Cloud computing enables the users to carry out tasks remotely as well as sharing of resources. As a result, more computing is centred and connected to purpose built data centres provided by IT centres. In cloud computing consolidation, security has been considered a key requirement as a feasible and robust multipurpose solution (Broberg, 2011). The same viewpoint is shared by Jensen (2009), which for government organizations, academia researchers, and business decision makers who rely on cloud computing, security issues has been in the forefront for their successes. Musthaler (2009) gives a wider perspective viewpoint in cloud computing, that the security concern is not only originating from the adopted technologies bur are also related to the cloud computing features including resource virtualization, scalability and resource sharing. Oleshchuk (2011) portrays a different notion that with the ever growing interest in cloud computing, there has been a constant and explicit effort to evaluate and consider current security trends for the technology taking into account the already existing problems. This paper in details gives the quantity of the main security concerns in cloud computing and the associated solutions and to pinpoint other related concerns that remained unanswered. In addition to the solutions, the paper gives taxonomy as a proposal to the security in computing technology as well as classifying the problems already identified. A deeper analysis of the cloud computing security taxonomy particularly the frameworks currently experienced The similar security concerns posited by many indicate a scenario in which legal and security obstacles for cloud computing, including data confidentiality, service availability, reputation fate sharing and provider lock-in are on the rise. 3.0. Cloud computing security Sharon (2011) gives an explicit viewpoint in helping in the understanding of the security issues. He proposes that the variety of cloud computing security related issues require a plethora of studies for such problems to be handled effectively to enhance technology adoption and acceptance. As a result, key references including the ENISA (European Network and Information Security Agency) and CSA’s (Cambridge Scientific Abstracts) security guidance have outlined the top threats that the computing definitions faces. Both the agencies argue the faster cloud computing growth as a double edge risk. In addition to the guidelines, Gonzalez et al (2012) outlines the differences between cloud services in the form of platform, software and infrastructure to be used as the guideline in the cloud computing classification. Even though the platform, software and infrastructure have widely been utilized for security purposes, there is no standardized method that has been adopted to organize the security in the cloud computing models (Oltsik, 2010). The computing classification, though irrelevant in certain circumstances is explained by Musthaler (2009) in his book Cost-effective data encryption in the cloud to be an explicit guide that with a deeper analysis, would lay the cloud services threats. The cloud computing security issues have been modelled organized and concentrated to information and grouped into the main problems and grouped into a model that analyses the problems. The problems have been categorized into interfaces, network security, virtualization, compliance, data security and legal issues. The categories encompass a multitude of security problems, with the sub-division of the problems allowing for the proper analysis and diagnosis. Network security problems are related with network configuration and communication with respect to the infrastructure in cloud computing. Oltsik (2010) posits that the solution for an ideal network security is to have customers included for in the services for the existing networks, with adoption of the same measures as a protective mechanism. Further, Berl et al. (2010) points out that for the feasibility in the process, the security mechanisms should be extended to the local strategies to any remote process. Oleshchuk (2011) vividly explains the security breach in cloud computing- transfer security breaches has been a source of cloud computing since the virtual machine, distributed architectures, massive resource and virtual machine synchronization at times imply more data in transit in the cloud, which ultimately will need mechanisms for shielding the system from spoofing, sniffing and the side channel attacks. In addition, firewalling has been a major problem to be controlled in cloud computing-the main aim is to protect the cloud infrastructure from any internal and external attacks. Firewalling is also vital in virtual machine isolation, shielding of denial of service (DoS), fine grained filtering for ports and addresses and detection of external security procedures. Firewalling has presented numerous problems in cloud computing especially in coming up with the same security measures for particular environments will always expose the need for adapting existing remedies for the computing paradigms. The protocol configuration, technologies and systems is upgraded to provide the acceptable levels of privacy and security without taking down efficiency and performance. The interface issues are user related, programming interfaces and administrative interfaces for particularly controlling and using the cloud. In accepting the virtualized systems and resource, the programming interfaces must be protected to avoid the malicious users from taking control of all the cloud computing interfaces and services. From the administrative perspective, the remote control of the resources like the case in the virtual machine management in the infrastructure, development of the platform and the configuration of the access control is a vital component in offering protection from the unintended users. Moreover, the user interface encompassing the end user interface need to adopt measures for protecting the environment by exploring the available tools and resources before allowing the users to execute any service in cloud computing. The mechanisms that allows for authentication of the services need to be streamlined to the regular accounts ultimately to avoid the exposure to an array of attacks which can be prevented by the use of resource sharing and multi-tenancy. Data security has been a problem in terms of the confidentiality, integrity and availability which multi-dimensional as it can be applied not only in the cloud computing but also in other solutions that need the adoption of the basic security level. Gonzalez et al. (2012) explain that to secure data, Cryptography has been utilized by many organizations to security the breaches experienced in the cloud computing services. In addition, redundancy has been also utilized to avoid the loss of data. For the core processes and functionalities of variety of businesses, there has been reliance on the information technology which ensures that data availability and integrity is guaranteed. Many users have realized the technique behind disposal, since the elementary techniques of disposing data has been found to be insufficient. In cloud computing therefore, the need for complete destruction of data, including the back-up registries and log references to help in adding up to the security levels. Virtualization technologies have been a main component to creation of vulnerabilities in the cloud computing as the isolation between the hypervisor and virtual management are always problematic in handling the security breach. The isolation failure posits a significant level of insecurity where memory routing and install age servers are under threat of attack by the hijackers (Oltsik, 2010). In addition, in spite of the logical isolation, the virtual management still present numerous problems owed to the fact that as similar hardware and ultimately the same resources which can allows the entry of malicious users to cause attack leaks by accessing the information. In more fine grained assets, the isolation concept can be applicable in the storage and computational resources. Hypervisor vulnerabilities involve attacking the main software in the virtualization component where majority of counterfeit software developers have been victimised. The technological advancement in the in the computing sector has allowed an increase in the criminal activities including hacking and cyber crimes that threatens the security in the computing technological era. Despite the fact that the security vulnerabilities for hypervisors have been in the rise, solutions to help in curbing the cyber crime have been scanty, in most cases propriety, and further a demand in enhancing studies as a quest to control the vulnerability has been initiated. Chadwick (2011) asserts that “Data leakage in the computing field is a major threat to many organizations as majority of organizations and business sector are ever under the threat of facing the attack” (p. 796). Poor isolation techniques has exposed computing services of many corporate under attack as a result of the leaked data from the virtualized infrastructures, the ultimate end extending to the customers. Sensitive and confidential information and data from the sensitive customers are then leaked into by the cyber pilferages. The lack of controls for the virtual machine identification cannot allow the execution of specific process. Apart from data leakage, cross virtual management attacks, those include the stealing of the cryptographic keys, rise in the chances of placement attacks and increase in the traffic in the services. The overlapping memory, in the end would increase the isolation-related attacks. Governance in the cloud computing services has never been strengthened to the exclusion of the security breaches in the administrative controls. A case in hand is the control of data, which would result to redundancy cases if the data is moved to the cloud and the file systems configurations tampered with (Jensen, 2009). Lack of governance would expose organizations under threat as the security policies and mechanisms leads to security gaps. The service legal agreements in the cloud computing services has been increasingly on the breach as most of the end user agreements have considered a breach by majority of the providers and users. Particularly the users therefore are capable of infringing such agreements by engaging in activities that constitute a cadre of cyber crime. The provider privileges are under threat to confidentiality since the data information and processes might be exposed to attacks. According to Rabkin et al. (2009), the data formats and protocols disengage the standards in avoiding the pilferages that may arise owing to attack by people whose aim is to create a state of imbalance in the cloud computing services. Compliance in the cloud computing sector has also been a security threat to the corporate using the service. Mechanisms to ensure that the service level agreements are adhered to have lacked and that the basic level security is maintained to avoid the breaches that have experienced in this sector. In many areas, many reports of service loss in cloud computing have been reported and mitigations that have been employed in controlling the problem have not been sufficient. The service outages have presented numerous problems to the users in a facet of organization in the verge of taking off. Ibrahim (2010) further explains how the inclusion of the services in cloud computing environments have threatened the success in the use of the services but the level of seriousness have been noticed in the interconnections where virtualized infrastructures have been used regularly and large scale. This would demand a strong recovery policy to aid in the revitalization of the customers’ redundancy that in most organization has been realized to be lacking. However, auditing in security that is the feedback given by the customers has provided to some extent the capability to help in preventing the problems that arise as a result of the cloud computing as an interface that organizations use in proper delivery of services. In addition, efficient and transparent methodologies are vital for making a continuous analysis of the status of the services, their conditions and the legal and contracts regulations. The usefulness of the functionalities in the cloud computing have prompted the development of solutions to address the security breaches that ultimately will be detrimental to the confidentiality status of the organizations. The conformity to the services has been another issue that has been another problem as most of the organizations do not comply with the regulations that finally yield in to the problems of legal agreements. 4.0. Cloud computing security taxonomy The impeccable analysis of every security aspects in cloud computing show the varied impacts on the distinct assets. With the aim of creating a model meant for the analysis of the aspects of security in such situations and to help in proper decision making, the security risks experienced in the cloud computing would be harmonised in a taxonomy for ease of understanding and interpretation. The architecture dimensions are categorized into interfaces, virtualization issues and network security, with the composition of the administrative and user interfaces to be aligned to access the cloud (Mather, 2009). The taxonomy comprises of the security transferences of virtual machines and data, as well as the cross virtual machine and isolation of the virtualization related issues. The division of responsibilities between the customers and providers results from the architecture group with regards to the analysis of the roles of security depending on the services offered. As a result of providing the best firewalling capabilities, technology requirements and access control features, the security mechanism upgrade to a level of eliminating the security breaches. The compliance dimension comes with real responsibilities in response to providers and services so as to help the shielding of frivolous acts of hijacking people’s accounts. The loss of services is in particular based on chain failures and outages, transparency and auditing capabilities. Transparency may encompass loss of data as well as security configurations and policies. Cybercrime has been reported, to be growing rapidly in most parts of the world. “Cybercrime is one of the computer security concerns in the current world” (Wallom, 2011, p.41). Further, Gonzalez et al. (2012) point out that computer viruses, cybercrime and intrusion into cloud networks have undermined confidence in the economic sector. In addition, the lock-in problems that may result from lack of service terminations, standards and migrations. Rimal (2009) points out that the security problem in cloud computing is not limited to the confidentiality but also the privacy issues which particularly the data security that may be threatened by data loss to redundancy and disposal. On the other hand Oleshchuk (2011), give a different dimensions of the privacy; the legal issue which guides the hosting of data. The information lifecycle involving transfer, use, storage and destruction has pointed a lot of loopholes within the provider perimeter in the privacy component of the legal issue. An alternative is pointed by Youseff et al. (2008) that the intrinsic connection to the data and information lifecycles should be ensured to avoid the security issues that arise in the cloud computing services. As a result, the security is oriented more towards the manner in which the software and the infrastructural elements are shielded from the malicious attacks. 5.0. Cloud computing and climate Cloud computing have allowed organizations to be energy efficient in comparison to the individual servers hence the friendliness in climate change. Rochwerger et al. (2006) explains the need to improve even though the many companies are striving. In addition, in cloud computing, there has been growing evidence that emissions and energy can be reliable be saved and a positive impact on the environment. According to the report released by Bowen (2011), it was found out that the adoption of cloud computing by organizations would result to reduction in the worldwide energy expenditure by close to 40% by 20220 compared to what would be the case if the individual servers would continue to be used. Doelitzscher et al. (2011) also gives a similar explanation that derived from the Carbon Disclosure Project that (CDP), which extrapolate friendly figures that would allow USA to save up to 85.7 million metric tonnes of carbon (IV) oxide emissions annually. A report published on the international dimensions of climate change in regards to cloud computing identifies the vulnerabilities that cloud computing can be exposed to as a result from climate change. In the expansive world of the information technology, more data centres are required at different parts of the world, therefore more are going offshore, which ,makes them vulnerable to the changes in climate. In most of the parts with intense rain, flooding has created more problems in the cloud computing services. A case in hand in Taiwan is put forward by George (2010), where rainfall from the Typhoon Morakot caused flooding which led to a lot of sediments flushed into the ocean leading to the breakage of the communication cables (pg 1283). This resulted to the disruption of telecommunications and internet services in the Eastern side of the world including China, Hong Kong and Taiwan. In addition, Gonzalez et al (2012) also gives a case of the rising sea levels to the detriment of cloud computing. It can be noted that close to 95% of global communications traffic is handled by fibre optic laid under the sea. Rising sea levels therefore would disrupt the coastal cables thus rendering them vulnerable to hijacking by the malicious individuals. This may expose the confidential data of organizations under threat from the hijackers. Majority of IT companies, for instance Google, which is the largest consumer of electricity for most of the modern centres and operations in different parts of the world, has resorted to ways of conserving energy and adopting the renewable source of energy that are less detrimental to the environment. The company in the recent years has resorted to using the wind powers in majority of the data centres across the operations and data centres. Climate is directly responsible for the sustaining electricity from the wind power. The wind power and its related contributions may impact positively in determining the climate of regions where such plants are located. In addition, Google also partner with university scientists by donating the new ultra-high resolution global terrain that would help in making proper analysis of flooding trends across different parts of the world. Cloud computing has offered solutions to this by offering the climate data push which are in the forefront in the development of coastal flooding tools. 6.0. Conclusion Protection of the critical infrastructures forms the basic core in sharing information on the security vulnerabilities without causing much threat to the users (Catteddu, 2009). In an effort that the world is struggling with ways of minimizing the climate change, the impacts have been inevitable. However, the irony that one of the technological advancement that would reliably be used to reduce the greenhouse effects –cloud computing-is a victim of the global warming effect. As a result, phasing out the dirty energy sources to help in addressing the negative effects of climate change would help in realizing the benefits of cloud computing. The tendency for the cloud computing operators to be silent about the locality and the services, do not allow for the good practices in controlling the amount of carbon. The reason being to help continue upholding the confidentiality pact between them and their customers- a move which in the end has led to uncontrollable build up in the amount of carbon. Even though this would continue to lead to pile pressure on the organizations to give better explanation that ultimately may lead to a security breach as their data may be leaked into. As a mitigation issue, Berl et al (2010) explains the importance of collaboration where the operators need to be proactive in the advancement of carbon transparency in reporting the carbon levels to help in controlling the greenhouse effects. As a recommendation there is need by ENISA to improve the use of the laws governing the use of cyberspace to help in shielding the private users of cloud services from hijacking the accounts of corporations and organizations. In cloud computing, the human rights depend on the services provided and therefore better services by the providers and utilization by the users are relevant. In a case posited by Wallom et al. (2011), cloud computing is making significant steps in providing solutions in energy and the climatic aspects. He explains an anticipation of how the cloud computing would reduce the emissions of the greenhouse by 2020. With this in effect, it can be able to place the world on a more sustainable path and put the global temperature at sustainable levels. For reasons that would realize the best management practices of the environment, the industrialised countries that are in the forefront in the cloud computing services should pay for the emission permits to generate adequate funding to help in the mitigation activities and clean energy. In the future, for phasing out the dirty sources of energy in controlling the climate change, more cloud infrastructures need to be constructed in places where the demand of the dirty energy sources like dirty coal; renewable energy is on the increase. In addition to the construction of cloud infrastructures, Gonzalez et al. (2012) gives a different remedy to controlling the cloud computing related problems that encompasses the proper disposal of the emission related gadgets. The unrestricted geographical boundaries and the physical processes, is yet to give cloud computing services a lifeline as the question of where to locate the real physical presence. However, cloud services are not only security threatening, they also have positive attributes, including the reduced risks arising from the natural calamities with greater allocation of distributed denial of service (Chadwick, 2011). 7.0. References Berl, A et al (2010). Energy-Efficient Cloud Computing. The Computer journal pg 456-676 Bowen, J (2011). Cloud Computing issues in Data Privacy and Commercial Considerations. Computer and Internet Lawyer Trade Journal 28-104 Broberg, J (2011). Introduction to Cloud Computing. Journal of Cloud Computing Principles and Paradigms pg 1-44 Catteddu, D and Hogben, G (2009) Benefits, risks and recommendations for information security. Journal of European Network and Information Security Agency pp 234-456 Chadwick, D, Casenove, M (2011) Security APIs for My Private Cloud. In: Third IEEE International Conference on Cloud Computing Technology and Science, Cloud Com 2011, CPS. pp 792–798 Doelitzscher, F et al (2011) An autonomous agent based incident detection system for cloud environments. In: Third IEEE International Conference on Cloud Computing Technology and Science, Cloud Computing, CPS. pp 197–204. George, K and Tommaso, C (2010). The effects of Scheduling, Workload Type and Consolidation Scenarios on Virtual Machine Perfomance and their Predictions Sthrough Optimized Networks. The Journal of Systems and Software pp 1270-1291 Elsevier Gonzalez, E et al (2012) A quantitative analysis of current security concerns and solutions for cloud computing. Journal of Cloud Computing: Advances, Systems and Applications 276-300. Ibrahim, S and Grundy, J (2010) Emerging Security Challenges of Cloud Virtual Infrastructure. In: Proceedings of APSEC 2010 Cloud Workshop, APSEC ’10, pg 45-78 Jensen, M, Schwenk J, Gruschka, N, (2009) On Technical Security Issues in Cloud Computing. In: IEEE Internation Conference on Cloud Computing. pp 109–116 Mather, T, Kumaraswamy, S (2009) Cloud Security and privacy: An Enterprise Perspective on Risks and Compliance. 1st edition. O’Reilly Media Musthaler, L (2009) Cost-effective data encryption in the cloud. Network World Inc Oleshchuk, V, Køien, M (2011) Security and Privacy in the Cloud – A Long-Term View. In: 2nd International Conference on Wireless Communications, Vehicular Technology, Information Theory and Aerospace and Electronic Systems Technology (Wireless VITAE), WIRELESS VITAE ’11. pp 1–5. Oltsik J (2010) Information security, virtualization, and the journey to the cloud. Journal on Cloud Security Alliance.pg 243-345 Rochwerger, B et al (2006). The reservoir model and architecture for open Federated Cloud Computing. IBM journal of Research and Development 53-87 Rabkin A, Stoica I, Zaharia M (2009) Above the Clouds: A Berkeley View of Cloud Computing. Technical Report UCB/EECS-2009-28, University of California at Berkeley, Rimal, P, Choi, E, Lumb, I (2009) A Taxonomy and, Survey of Cloud Computing Systems. In: Fifth International Joint Conference on INC, IMS and IDC, NCM ’09, CPS. pp 44–51 Sharon, D and Nelson, J (2011) Virtualization and Cloud Computing: benefits and e-discovery implications. Journal of Cloud Computing. Pg 678-713 Wallom, D et al (2011) My Trusted Cloud: Trusted Cloud Infrastructure for Security-critical Computation and Data Managment. In: Third IEEE International Conference on Cloud Computing Technology and Science, Cloud Com 2011, CPS. pp 247–254 Youseff, L, Butrico, M, Silva, D (2008) Toward a Unified Ontology of Cloud Computing. Journal on Grid Computing Environments Workshop, 2008. GCE ’08. pp 10, Read More