ISSN 2319-8133 (Online)
(An International Research Journal), www.compmath-journal.org
A Survey of Data Security and Other Issues in Cloud Computing
Vipan1 and Rajiv Sharma2
1,2Assistant Professor,
Department of Computer Science, A.S. College, Khanna, Punjab, INDIA.
(Received on: June 15, 2015) ABSTRACT
Cloud Computing is the next generation Architecture of the most IT enterprise. It made possible, the application to run without the burden of local hardware and software. It moved the data and the application software of the various enterprises to the centralized large data centre, where the security issue arises. As one who saves important information to those data centers in digital form, so one should be aware of the security aspects of the cloud environment. This work studies the cloud computing, in which the most acute obstacles with outsourced service are security issues. This paper details about the security issues by observing and studying various prior works.
Keywords: Cloud Computing, Security issues, Cloud security, Data Security.
INTRODUCTION
The clouds simplest definition of a user is the access to various next generation applications on rent basis. But this definition does not gives the whole views of many people, this may defer from person to person. A simple definition of cloud may state that “Cloud Computing is a model for enabling ubiquitous, convenient, on-demand network access to shared pool of configurable computing resources (network, server, storage, application and services) that can rapidly provisioned and released with minimum management effort or service provider interaction.” Cloud computing services benefits through divers use of resources, efficient working and specialization. The primary motivation to move towards the cloud provider is reducing cost, responsibilities to maintain the resources, but not the responsibility toward security and privacy. This paper specially looks on the security and privacy issues which may arise with public cloud and requires a special aid.
BACKGROUND
The effect of widespread technology and network has increased the challenges towards securing our digital assets. As the technology evolves we all are happy to have our
work done through mobile with in short span of time and with the help of few clicks. Which increased focus on securing data not only at data center but through the application layer which include the application that request and provide data distributed component and virtualized environment? Cloud computing as a service can be deployed any level of organization computing environment. Cloud computing provide various benefits for the individual as well as to the organization. It provides economic resources, specialization and other efficiencies. The cloud computing has its essential characteristics as on demand self service, broad network access, resource pooling, rapid elasticity, measured service. There are three service modal (XaaS, where X represent to any service) described accordingly as they are used over different deployment models. These three models are:
• Software as Services enables access to the software which is developed by the cloud service provider (CSP).
• Platform as a Service enables to develop custom applications on it by providing platform for deployment of user critical application
• Infrastructure as a Service enables one to provide with the on- demand hardware on rent basis which may be on or off premise as demanded by the cloud service consumer (CSC).
SECURITY ISSUES
The development of cloud computing is now at the beginning stage, so reaping about the critical areas of security can only be possible through the experience of early adopters and the researcher who examine experiments with currently available technologies. This section highlights the security related issue which are believed to be most important aspect of the cloud computing. The issues here are organized in different category such as SLA/QOS, IDaaS, governance, compliance, trust, architecture, data protection, n/w security, email security, web security, intrusion management, encryption, business continuity and disaster management. The cloud computing emerged from various technologies as virtualization, utility computing many of the security issue involved.
A. SLA/QOS
Service Level Agreements between a CSP and CSC decides the nature of the service.
Here nature of service reflects to the understanding between the both CSP and CSC about to be the expectation of the service that should be delivered, and in case if the provider fails to deliver that service, then the compensation will be given to CSC. SLA decides the terms of service, licensing, suspension and termination, privacy security and policies that have to be implement.
B. IDaaS
Identity and access management as security(IDaaS), as the security concerns with the identity of the consumer and the access of the data by its owner increases, the cloud has come up with the new group IDaaS which was the result of XaaS. As the SaaS cloud handle
large amount of data so to identification of the correct user was become a problem which raised the issues of the access management of the data, on other the IaaS has to handle the multiple VMs, which should be access by the correct user. The security issues which arise in IDaaS are different not just from the perspective of the SaaS, PaaS, IaaS but also depending on which type of identity is externalized to or managed within the cloud. The users to be managed by an IDaaS service may be either „internal‟ to an organization or “external‟ to an organization or the users may not be associated with any organization at all and simply be consumers of a service. The security issue of each scenario are absolutely different, and as a result impact different stakeholders within the organization, as often the “information owner”
for internal and external identities are different and external users may even exist across business units. The consumers face the problem of having their identity serviced in a cloud environment, which raise issues of reputation that must be considered by both CSPs and CSCs.
C. GOVERNANCE
Any service which has to start needs governance. Governing association has the responsibilities such as control over policies, procedure and standards for storage, application, also the monitoring of the deployed services. As there are many application and services available with the cloud computing, so proper governance is needed. Lack of such services may lead to some problem. Although the cloud computing provides the platform at different levels, but to manage those platforms requires a skilled workers.
D. TRUST
Any system in the earth requires trust. Customer always has to keep trust on the service provider, so this rule also true to cloud environment. As in the cloud environment the CSC hands over the entire digital asset in to hand of CSP, also it holds the direct control over many aspect of security confers CSC a level of trust.
• Insider access: Data is always stored to the CSP; its now CSP responsibility to store and process the data inside or outside. Anyhow there is a level of risk in spite of firewall and other security standards. The data always suffers from the risk of the insider access, that the data which is stored can be seen processed by employee. This may also be case that, not only the employee but the other parties who somehow has received access to a CSP network, system may carry out data. So moving data and application to cloud computing needs a high level of trust on CSP. Denial of service attack, and creation of 20 account and instance to each account launched a Vm for each and again process continued, to set the resource beyond the limit are some special cases of the malicious insider attack.
• Composite service: This issue includes the nesting of two or more than two CSP. It means that one SaaS provider may build the application upon the service of PaaS provider and the PaaS provider has used a third party IaaS. Thus the multi level of hiring or renting process is done. Now here as cloud service is contracted or outsourced by the third party would involve a security issue over the third party. In this composite service
type model each service provider has to trust over the other, but the issue arise is the performance and security issue.
• Visibility: This paper entitle as the transparent view, just to realize that each security issues should be transparent to CSC. Visibility reflects to the transparency provided by the CSP who operates vital ingredients for effective oversight over system security and privacy. The detailed network and system, network and storage level monitoring should be implemented.
E. DATA PROTECTION
In cloud on-premise application deployment model, the sensitive data of each enterprise continues to reside within the enterprise boundary and is subject to its physical, logical and personnel security and access control policies. However, in some cloud model such as public cloud, the enterprise data is stored outside the enterprise boundary, by the CSP. Consequently, the CSP must adopt additional security checks to ensure data security and prevent breaches due to security vulnerabilities in the application or through malicious employees. This involves the use of strong encryption techniques for the protection of data.
Data protection techniques should be implemented in order to protect data from the following insecurities.
• Data loss: Data loss refers to the permanently unavailability of the data. This may be due to Data stolen from the data centre virtually or even physically, which no doubt leads to permanently unavailable for use. There could be the issues like data could be misused by the employee the same as insider access threat, So a compliance mechanism required certifying cloud stack at all levels repeatedly. While implementing the security polices the performance when analysing and monitoring heavily accessed data sets should be considered. There is a Lack of data classification standards which may ensure customer data segregation when multiple tenants present. These are the current security areas related with data loss that should need a special attention.
• Data breaches: as there are many users which access the same storage in the cloud environment thus the possibility of data breach increases. A security breach has been caught is Epsilon data breach which highlighted cloud-computing security concerns, in which the company estimated that the attack affected 2 percent of its approximately 2,500 clients. Another concerned raised with the Amazon EC2 cloud where the hacker has hacked the EC2 cloud hacking the EC2 customer database as well as sony co- corporations play station databases.
• Data locality: In cloud environment, the consumers use the applications provided by the CSP and process their business data. But in this scenario, the customer does not know where the data is getting stored. In many a cases, this can be an issue. Due to compliance and data privacy laws in various countries, locality of data is of utmost importance in many enterprise architecture (Softlayer, 2009). For example, in many EU and South America countries, certain types of data cannot leave the country because of potentially sensitive information. In addition to the issue of local laws, there’s also the question of
whose jurisdiction the data falls under, when an investigation occurs. A secure SaaS model must be capable of providing reliability to the customer on the location of the data of the consumer.
F. BACKUP AND RECOVERY
Backup and recovery should be act as a service model in cloud and should be recognized as (BRaaS). As up till now we have seen that are many issue arises with each service model. So lets have first look at how the disaster recovery and backup DR/BC works in the cloud and how it is helpful, then we find the loop holes or security issues. Large enterprises are fairly well covered when it comes to DR/BC, but for smaller organizations, these vital functions and platforms may be the first to go in tough economic times. The good news is that the general trend in IT and telecom for a class of service providers to spring up to provide enterprise-grade services to smaller customers is alive and well in the DR/BC sector.
Cloud computing, in the form of virtual machines with expandable computing capacity, together with cloud storage have the potential for lowering the cost of business computing by removing or lowering the cost of resizing computing needs or migrating platforms. Cloud storage, for example, empowers the small business to keep its most current data in the cloud (with appropriate security precautions, of course) so that all employees have instant and accurate information anywhere, any time and on any computer or device they are carrying.
CONCLUSION
Growing need of the cutting down the resource and to cut down the cost expenditure the cloud benefits are endless. But in order to achieve the best while spending less, have some security problems which are unresolved. This paper describes the various aspects of the cloud and its security. Though this paper has covered almost the security issues in the cloud environment, but maybe there are some areas which are untouched. Although the cloud is the cheapest and the easiest way to use the resources, still it needs a security architecture which covers all the service models as well as the cloud architecture. There should be a architecture designed keeping in mind the access management and the identity of the user as well as resource should be preserved. Also we look at current scenario the audit has to take place at different cloud site to introduce transparency to cloud.
REFERENCES
1. Wayne Jansen, Timothy Grance, “Guidelines for security and privacy in pubic cloud”, Draft Special Publication 800-144.
2. Brin Hay, Kara Nance, Matt Bishop “Storm cloud rising: security challenges for IaaS cloud computing”, proceedings of the 44th Hawaii international conference on system science.
3. Abhay Kumar, ”Information security policy and regulation issue”.
4. S. Subashini n, V. Kavitha “A survey on security issues in-service delivery models of cloudcomputing”.
5. S. Subashini, V. Kavitha “A survey on security issues inservice delivery models of cloudcomputing”.
6. Rabi Prasad Padhy, Manas Ranjan Patra, Suresh Chandra Satapathy, “Cloud Computing:
Security Issues and Research Challenges”, (IJCSITS) Vol. 1, No. 2, December (2011).
7. A. Kundu, C. D. Banerjee, P. Saha, “Introducing New Services in Cloud Computing Environment”, International Journal of Digital Content Technology and its Applications, ICIT, Vol. 4, No. 5, pp. 143-152, (2010).
