Preview

Security Implications of Cloud Computing

Powerful Essays
Open Document
Open Document
3242 Words
Grammar
Grammar
Plagiarism
Plagiarism
Writing
Writing
Score
Score
Security Implications of Cloud Computing
SECURITY IMPLICATIONS OF CLOUD COMPUTING

Narendran Calluru Rajasekar

November 30th, 2009

Supervised by

Dr Chris Imafidon

(formerly Queen Mary University of London)

MSC Internet Systems Engineering

University of East London,

Docklands.

Acknowledgements

Anne-Marie Imafidon

University of Oxford.

Table of Contents 1 Abstract
2 Cloud Computing
2.1 Definition
2.2 Understanding Cloud Computing
3 Security Implications
3.1 Security Components
3.1.1 Encryption
3.1.2 Intrusion Detection/Prevention Systems
3.1.3 Antivirus
3.1. 4Firewall
3.2 Security Threat
3.3 Authentication and Access
3.4 Data Security
3.5 Tempting Target for Cybercrime
3.6 Benefit to Risk Ratio
3.7 Legal Issues
4 Conclusion
5 Appendix - Glossary
6 References

1 Abstract

This paper is focussed on the security implications of cloud computing. Before analysing the security implications, the definition of cloud computing and brief discussion to under cloud computing is presented. The actual analysis of this paper focuses on the basic security components of cloud computing and security threats involved in various aspects of cloud computing.

There are many leading providers in the market like Google, Amazon, Microsoft, HP and IBM. They provide different services and call it with their own names. What exactly is cloud computing? It isn 't new; it already exists in different forms such as Virtualisation, Software as a Service, Utility Computing etc. The major aspect in cloud computing is that it is exploited based on the pay per usage charging model.

Though cloud provides many benefits one of which is moving the capital expense to operational expense, the security and legal issues are very high and an organisation can decide to adopt cloud only on based on benefits to risk ratio.

The security implications in cloud computing is discussed in detail in this paper.

Keywords: Cloud Computing, Cloud Security, Cloud Legal


References: [1] Kaufman, L. M. (2009)."Data Security in the World of Cloud Computing." IEEE Security andPrivacy 7(4): 61-64. [2] Kim, W. (2009). "Cloud Computing: Today and Tomorrow."Journal of object technology 8(1): 65-72. [3] Grossman, R. (2009). "The Case for Cloud Computing." ITPROFESSIONAL 11(2): 23-27. [4] Rash, W. (2009). Is cloud computing secure? Prove it. tech in-depth,eWeek. 2009: 8-10. [5] Computing, D. and M. Creeger (2009). "Cloud Computing: AnOverview." Distributed Computing 7(5). [6] Weiss, A. (2007). "Computing in the clouds." COMPUTING 16. [7] Saran, C. (2009). Cryptography breakthrough could secure cloudservices. Computer Weekly. 2009: 20. [8] Hawthorn, N. (2009). "Finding security in the cloud."Computer Fraud & Security 2009(10): 19-20. [9] Everett, C. (2009). "Cloud computing - A question oftrust." Computer Fraud & Security 2009(6): 5-7. [10] (2009). "Data in the cloud might be seized by governmentagencies without you knowing." Computer Fraud & Security 2009(8): 1. [11] (2009). "Industry to Google: encrypt your cloud." ComputerFraud & Security 2009(6): 3-20. [12] Hewitt, C. (2008). "ORGsfor scalable, robust, privacy-friendly client cloud computing." IEEEInternet Computing 12(5): 96-99. [13] Viega, J. (2009). "Cloud Computing and the Common Man."Computer 42(8): 106-108. [14] Vaquero, L., L. Rodero-Merino, et al. (2008). "A break in theclouds: towards a cloud definition." ACM SIGCOMM Computer CommunicationReview 39(1): 50-55. [15] Wang, C., Q. Wang, et al. (2009). Ensuring data storage security incloud computing. [16] Vieira, K., A. Schulter, et al. (2009). "Intrusion DetectionTechniques in Grid and Cloud Computing Environment." [17] Napper, J [18] Mowbray, M. and S. Pearson (2009). A client-based privacy managerfor cloud computing, ACM. [19] Herrick, D. (2009). Google this!: using Google apps forcollaboration and productivity, ACM. [20] de Assunao, M., A. di Costanzo, et al. (2009). Evaluating thecost-benefit of using cloud computing to extend the capacity of clusters, ACMNew York, NY, USA. [21] Cloud_Security_Alliance (2009, April). "Security Guidance forCritical Areas of Focus in Cloud Computing." Retrieved Nov 25, 2009, from http://www.cloudsecurityalliance.org/guidance/csaguide.pdf [22] Christensen, J [23] Dikaiakos, M., D. Katsaros, etal. (2009). "Cloud Computing: Distributed Internet Computing for IT andScientific Research." IEEE Internet Computing 13(5): 10-13. [24] Brantner, M., D. Florescu, et al. (2008). Building a database on S3,ACM. [25] Greene, T. (2009). "Cloudsecurity fears cast shadow at RSA." Network World 26(16). [26] Joint, A., E. Baker, et al.(2009). "Hey, you, get off of that cloud?" Computer Law and SecurityReview: The International Journal of Technology and Practice 25(3): 270-274. [27] Walsh, P. J. (2009). "Thebrightening future of cloud security." Network Security 2009(10): 7-10. [28] Sloan, K. (2009)."Security in a virtualised world." Network Security 2009(8): 15-18. [29] Mansfield-Devine, S. (2008)."Danger in the clouds." Network Security 2008(12): 9-11. [30] Abraham, D. (2009). "Why2FA in the cloud?" Network Security 2009(9): 4-5.
Continue Reading
View Writing Issues

You May Also Find These Documents Helpful

  • Better Essays

    Cmgt 441 - Week 2 Individual
    • 1626 Words
    • 7 Pages

    Cmgt 441 - Week 2 Individual

    Cloud computing is a fast growing information technology trend that many companies including Google, Microsoft, and IBM are currently looking to get a stake in as demand for the service grows. Cloud computing is the concept of allowing both individuals and businesses to store data and applications on remote servers (owned and operated by a third party company), rather than on their own hard drives and data centers. The service boasts the ability to securely access data and applications from just about any device with an internet connection, allowing for such services as streaming music from a personal collection from multiple devices, and even to business development and storage of applications on remote servers. For the past few years, cloud computing has quickly grown in popularity, and as such, has come with its own set of risks and security concerns. As use of this service grows by both consumers and businesses, it will no doubt continue to attract the attention of hackers and cyber criminals, as it offers a central repository of data that can contain everything from financial statements, to company intellectual property. On 7/11/2011, eweek.com posted an article called “Cloud Computing Security: 10 Ways to Enforce It”, which attempts to give several suggestions on the best way to ensure that cloud computing is as safe as it is convenient.…

    • 1626 Words
    • 7 Pages
    Better Essays
    Read More
  • Best Essays

    Cgs 2060 Assignment Example
    • 1307 Words
    • 6 Pages

    Cgs 2060 Assignment Example

    With the unprecedented growth and spread of information, there is no wonder why large Information Technology companies have been investing in the “cloud”. To expand, when referring to Cloud Computing, this means to access and store information not stored with in your computer whether it be public, private, or hybrid cloud computing. In technological terms, the server you are accessing is somewhere else and therefore, the information and tools you are using are “up in the clouds” but more so stored in another server space. However, whether you are paying for services through software, total usage, or free usage (hence the types of cloud services) Cloud Computing seems to be everywhere. Yet, it is important to recognize what is to gain by using cloud computing from big businesses to individual users and what are some risky moves when utilizing cloud storage over the Internet. Hence, the content of this paper will discuss the pros and cons of cloud computing and where cloud computing is headed in todays online society.…

    • 1307 Words
    • 6 Pages
    Best Essays
    Read More
  • Better Essays

    Cis 500- Cloud Computing
    • 1078 Words
    • 5 Pages

    Cis 500- Cloud Computing

    Technology has taken great leaps of advancement. Some of the new technology that companies and consumers are taking advantage of to store and process data is cloud computing. Cloud computing was derived from virtualization. Virtualization allows companies to separate business applications from hardware. Doing this gives the company the capability of assigning applications as needed. The option to manage applications is a great benefit to companies. Resulting from the virtualization error, cloud computing has emerged to provide flexible IT infrastructures. This has not only enhanced the options companies now have, but it is also proven to be more cost efficient. This has increasingly become a preferred method of companies and consumers alike. (Turban, & Volonino, 2011, p.47)…

    • 1078 Words
    • 5 Pages
    Better Essays
    Read More
  • Satisfactory Essays

    Example Of Annotated Bibliography Essay
    • 659 Words
    • 3 Pages

    Example Of Annotated Bibliography Essay

    In this article, Patrick Thibodeau comments on Federal CIO Vivek Kundra’s claim that cloud computing concerns are exaggerated. Thibodeau explains clearly the claims made by Kundra about the overall security with cloud computing. Thibodeau blames the scare of cloud computing to IT developers belief of a status quo. Thibodeau concludes the article with a few success stories of basic cloud computing services working in the U.S. Government.…

    • 659 Words
    • 3 Pages
    Satisfactory Essays
    Read More
  • Powerful Essays

    Cloud Security Report
    • 9993 Words
    • 40 Pages

    Cloud Security Report

    Cloud Computing is the result of a rapid evolution of computing technologies and a response to the new world business requirements. The adoption of the technology is widely accepted and its future is promising. However the cloud computing phenomena does not come without a risk. There are many issues of concerns that might slow the adoption of the cloud computing; most notably are the security concerns which come as a result of the complexity of cloud technologies and the wide parties involved with them. Issues such as cloud computing compliance and governance, cloud computing deployment and architectural models, virtualization, cloud computing applications, cloud operations, standards, guidelines, frameworks and contracting for cloud service provisioning are all necessary for any business to understand before adopting the technology. This report will explain the top security risks of using cloud service providers for essential business applications and how they can be identified using the cloud risk assessment process. It will also explore various topics related to cloud computing, including concepts and terminologies of cloud security, risk assessment, frameworks and standards. It will conclude with a scenario of a case study to explain the process of analyzing a cloud service provider services security; and to show some of the most common cloud computing risks that exist in the world.…

    • 9993 Words
    • 40 Pages
    Powerful Essays
    Read More
  • Better Essays

    Business Value of Cloud Computing
    • 1023 Words
    • 5 Pages

    Business Value of Cloud Computing

    Cloud computing offers software and hardware resources and in some cases human services over a distributed environment that can be shared and utilized on demand through internet. Business owners can use these resources as per their requirement even if that is for few hours a day or few days a month and have to pay only for that actual use. Thus this relatively new concept is becoming highly popular among IT organizations because of its flexibility and cost effectiveness. It is highly scalable and also can span quickly according to the requirements of individual organization yet still sharing the same resources.…

    • 1023 Words
    • 5 Pages
    Better Essays
    Read More
  • Powerful Essays

    Overview and Issues for Implementation of the Federal Cloud Computing
    • 13907 Words
    • 56 Pages

    Overview and Issues for Implementation of the Federal Cloud Computing

    Cloud computing is a new name for an old concept: the delivery of computing services from a remote location, analogous to the way electricity, water, and other utilities are provided to most customers. Cloud computing services are delivered through a network, usually the Internet. Some cloud services are adaptations of familiar applications, such as e-mail and word processing. Others are new applications that never existed as a local application, such as online maps and social networks. Since 2009, the federal government has been shifting its data storage needs to cloud-based services and away from agency-owned data centers. This shift is intended to reduce the total investment by the federal government in information technology (IT) (data centers), as well as realize other stated advantages of cloud adoption: efficiency, accessibility, collaboration, rapidity of innovation, reliability, and security. In December 2010, the U.S. Chief Information Officer (CIO) released “A 25-Point Implementation Plan to Reform Federal IT Management” as part of a comprehensive effort to increase the operational efficiency of federal technology assets. One element of the 25-Point Plan is for agencies to shift to a “Cloud First” policy, which is being implemented through the Federal Cloud Computing Strategy. The Cloud First policy means that federal agencies must (1) implement cloud-based solutions whenever a secure, reliable, and cost-effective cloud option…

    • 13907 Words
    • 56 Pages
    Powerful Essays
    Read More
  • Powerful Essays

    Business Trend Memo
    • 1299 Words
    • 6 Pages

    Business Trend Memo

    Hayes, B. (2008, March), “Cloud computing”, Communications of the ACM, 51, 9-11. Retrieved from http://cacm.acm.org/magazines/2008/7/5368-cloud-computing/fulltext…

    • 1299 Words
    • 6 Pages
    Powerful Essays
    Read More
  • Best Essays

    Cloud Computing Security Threats
    • 3527 Words
    • 15 Pages

    Cloud Computing Security Threats

    Cloud Computing Security Threats and Responses Farzad Sabahi Faculty of Computer Engineering Azad University Iran fsabahi@ieee.org Abstract-Cloud Hybrid clouds. A public cloud is standard model which providers make several resources, such as applications and storage, available to the public.…

    • 3527 Words
    • 15 Pages
    Best Essays
    Read More
  • Powerful Essays

    Security Risks in Cloud Computing
    • 5810 Words
    • 24 Pages

    Security Risks in Cloud Computing

    Cloud computing is an incredible resource that allows a user to store data over a network. This network is usually accessed over the internet and stored on a server. The cloud creates one location for all the users’ information to be stored and easily accessed. Storing data over the internet on a server brings up a huge security risk to all users. Since it is on a server connected to the internet it is susceptible to internet hackers and foreign countries. Using the cloud presents a major security risk to companies or individual users. Since it is easy for them to access their data from one central location it also lets the hackers do that same thing. The cloud creates a single point of failure if it gets hacked by an individual or another country. A single point of failure is one of the worst security measures to be used. A good security system has multiple different layers incorporated into it so it becomes more difficult to break into. Leaving all information on one central location gives the hacker an easy target with only one account to hack to gain information on multiple different data files and user accounts. Another problem with the cloud technology is that the server the data is stored on could be located in a different country. This causes a major security risk for the companies and individual user’s since different countries have different laws dealing with…

    • 5810 Words
    • 24 Pages
    Powerful Essays
    Read More
  • Powerful Essays

    “Box Analysis” – Data Remnants on User Machines
    • 8046 Words
    • 32 Pages

    “Box Analysis” – Data Remnants on User Machines

    6) [6]. T. Ristenpart, E. Tromer, H. Shacham, and S. Savage, “Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds,” in Proceedings of the 16th ACM conference on Computer and communications security. ACM, 2009, pp. 199–212.…

    • 8046 Words
    • 32 Pages
    Powerful Essays
    Read More
  • Powerful Essays

    Data Integrity Proofs in Cloud Computing
    • 3120 Words
    • 13 Pages

    Data Integrity Proofs in Cloud Computing

    among many firms and users owing to its economic advantages. This essentially means that the owner (client) of the…

    • 3120 Words
    • 13 Pages
    Powerful Essays
    Read More
  • Good Essays

    Is Data Stored in the Cloud Free from Prying Eyes?
    • 668 Words
    • 3 Pages

    Is Data Stored in the Cloud Free from Prying Eyes?

    Data theft is the primary and most serious risk of cloud computing. It’s not that cloud-computing providers are sloppy about security. They’re more conscientious about it than many large enterprises and most small users. But as more companies deposit their top-secret data in cloud-computing providers’ castles, more hackers turn their efforts to breaching those high walls. This situation can be seen when it comes to…

    • 668 Words
    • 3 Pages
    Good Essays
    Read More
  • Good Essays

    Trusted Cloud Computing
    • 557 Words
    • 3 Pages

    Trusted Cloud Computing

    Cloud service providers offer services at various layers in software stack. At lower layer, Infrastructure as a Service (IaaS) providers are giving their customers access to the entire virtual machine (VM). At higher layers, Software as a Service (SaaS) systems like Google Docs software. This report is talking about securing IaaS implementations as it is more manageable.…

    • 557 Words
    • 3 Pages
    Good Essays
    Read More
  • Satisfactory Essays

    Security for Cloud Infrastructure and Trusted Virtual Data Center
    • 290 Words
    • 2 Pages

    Security for Cloud Infrastructure and Trusted Virtual Data Center

    Cloud computing is a term that describes the development of many existing technologies and approaches to computing into something different. “Clouds are a large pool of easily usable and accessible virtualized resources ( hardware, development platforms and/or services). Cloud service delivery is divided among three models. “SPI Model,”where ‘SPI’ refers to Software, Platform or Infrastructure (as a Service),. The trusted virtual data center (TVDc) is a technology developed to address the need for strong isolation and integrity guarantees in virtualized environments. TVDc by implementing controlled access to networked storage based on security labels and by implementing management prototypes that demonstrate the enforcement of isolation constraints and integrity checking. For intrusion detection in cloud computing the solution consists of two kinds of analysis behavioral and knowledge analysis. In behavioral analysis, data mining techniques were used and in knowledge analysis security policy violations and attack patterns were analyzed to detect or prevent intrusion. There are different authentication mechanisms for different services. The most commonly used mechanisms are Open Id, Open Auth, and User Request Token. The organizations using cloud computing should maintain their own data backups to continuous access to their data even at the extreme situations such as disaster at data center etc ( M. and S. Pearson (2009) has proposed client based privacy manager to eliminate the fear of data leakage and loss of privacy in cloud computing. Benefit is that communication between the cloud and local machine is encrypted so that man in middle cannot intercept the traffic. This would be a huge cost saving for the company. Keywords-Cloud Computing,virtulized,prototypes,integrity checking,intrusion detection,database backups,request…

    • 290 Words
    • 2 Pages
    Satisfactory Essays
    Read More

Related Topics