Taking a step towards cloud is a big challenge but it is a great start to modernize the organization. The entire software framework of the system will be affected by this change. It’s not simple as said, it involves numerous unexpected complexities which are to be dealt with. It would also take significant development effort in terms of software development. With such big changes in hand system security and integrity cannot be compromised and issues in privacy and security are a major concern. Like mentioned above many questions arise when security and privacy of the system is considered. A strong security framework is essential to perform operations like authorization, restriction, identity management, etc.
The Open Data Center Alliance (ODCA) Cloud Provider Assurance model proposed a year ago suggested four different usage levels: basic security requirements (bronze), enterprise security equivalent (silver), financial organization security equivalent (gold) and military organization security equivalent (platinum).Perhaps it looks ambitiously simple but these frameworks could serve as a good platform to build a security system that would suit UMBC cloud.
To reduce the risk of imposters or masquerade or eavesdropping during the data transfer in a network, we also would have to implement Secure Sockets Layer (SSL) certificates are here to stand up to the risks. Using SSL encryption and authentication, SSL certificates have long been established as a primary security standard of computing and the Internet, and a no-brainer for securely transferring information between parties online. SSL offers encryption that prevents prying eyes from reading data traversing the cloud, as well as authentication to verify the identity of any server or endpoint receiving that data, it’s well-suited to address a host of cloud security challenges.
To address the problem of unauthorized access of static data, it is recommended to encrypt the...