Insights on Cloud Security Management

Journal of Computer Science and Technology

Cloud Computing has emerged as a new paradigm of computing, that builds on the foundations of Distributed Computing, Grid Computing, and Virtualization. Cloud computing is a business model with flexible resource allocation on demand, Internet-accessible, computing on a pay-per-use as utilities. Cloud computing has grown to provide a promising business concept for computing infrastructure, where concerns are beginning to grow about how safe an environment it is. Security is one of the major issues in cloud computing environment. The aim of this paper is, to address the security, privacy and trust challenges of cloud computing, and we proposed some solutions by analyzing the technological, operational and legal issues of cloud computing, taking into consideration of cloud customers.

Computers & Electrical Engineering, 2018

Cloud computing is an archetype that enables access to a shared pool of computing resources for cloud users in an on-demand or pay-per-use, fashion. Cloud computing offers several benefits to users and organizations, in terms of capital expenditure and savings in operational expenditure. Despite the existence of such benefits, there are some obstacles that place restrictions on the usage of cloud computing. Security is a major issue that is always considered. The lack of this vital feature results in the negative impact of the computing archetype thus resulting in personal, ethical, and financial harm. This paper will focus and explore the security challenges that are faced by cloud entities. These entities include Cloud Service Provider, the Data Owner and Cloud User. Focusing on the crypto-cloud that constitutes of different Communication, Computation, and Service Level Agreement. Studying the causes and effects of various cyber attacks it will provide the necessary upgrades. 1. Introduction Cloud computing creates a network-based environment vision to the users, which paves way for the sharing of calculations and resources regardless of location. The National Institute of Standards and Technology's (NIST) defines cloud computing [1] as, "A template for providing the suitable and when needed access to the internet, to a collective pool of programmable grids, storage, servers, software, and amenities that can be rapidly emancipated, with little communication and supervision from the provider". The characteristics of the type of processing are exhibited in Fig. 1 as On-demand self-service, High-performance network access, Rapid Elasticity, Resource Pooling and Measured Service. It also depicts four deployment models namely Hybrid, Community, Private and Public clouds. This is then coupled with the three service models, which are, PAAS (Platform as a Service), IAAS (Infrastructure as a Service), and SAAS (Software as a Service). NIST's cloud computing definition provides the needed framework and common characteristics depicted such as Virtualization, Homogeneity, Geographic Distribution and Service Orientation among others. With all the layers of the cloud service models depicted in Fig. 2, security issues need to be addressed. When the layers are to be compared the high dependence of the browser position's it at the top whereas, the bottom layers are more web services oriented. Overall, a decrease in investment and operational expenses is achieved this is also followed by an increase in efficiency and scalability through the layers The service model deployed can be private, public, hybrid or community cloud as per the user requirements. Organization: The next two sections that follow indicate the security challenges. Sections 4-7 address the security challenges in communication, computational, data level and Service Level Agreement (SLA) level. Finally, Section 8, provides the conclusion with a comparison of the author's survey with other pre-existing reviews

A new computational paradigm called cloud computing that offers an innovative business model for organizations to adopt IT. Cloud Computing provide a flexible IT architecture, accessible through network and world wide web from lightweight portable devices that allow multi-fold increase in the capacity and capabilities of the existing and new software. In a cloud computing environment, the entire data resides over a set of networked resources, enabling the data to be accessed through virtual machines. Despite the potential gains achieved from the cloud computing, the model security is still questionable which impacts the cloud model adoption.The security problem becomes more complicated under the cloud model as new dimensions have entered into the problem scope related to the model architecture, multi-tenancy, elasticity, and layers dependency stack. This paper, discussed security issues for cloud computing and the problems are investigated from the cloud architecture perspective, the cloud offered characteristics perspective, the cloud stakeholders' perspective, and the cloud service delivery and deployment model models perspective. Based on this analysis, we elaborate the numerous unresolved issues threatening the cloud computing adoption and diffusion affecting the various stake-holders associated with it.

2011 IEEE World Congress on Services, 2011

Cloud Computing is increasingly becoming popular as many enterprise applications and data are moving into cloud platforms. However, a major barrier for cloud adoption is real and perceived lack of security. In this paper, we take a holistic view of cloud computing security -spanning across the possible issues and vulnerabilities connected with virtualization infrastructure; software platform; identity management and access control; data integrity; confidentiality and privacy; physical and process security aspects; and legal compliance in cloud. We present our findings from the points of view of a cloud service provider, cloud consumer, and third-party authorities such as Govt. We also discuss important research directions in cloud security in areas such as Trusted Computing, Information Centric Security and Privacy Preserving Models. Finally, we sketch a set of steps that can be used, at a high level, to assess security preparedness for a business application to be migrated to cloud.

Security is one of the biggest obstacles that prevent the adoption of cloud computing [1]. Businesses and research are reluctant in shifting the control of digital assets to the third?party service providers [2].Organizations does not enjoy administrative control of cloud services and infrastructure [3]. The security measures taken by the cloud service providers (CSP) are transparent to the organization [4].The presence of large number of users from different organizations aggravates the situation further [2]; the users might be trusted by the CSP but may not trust each other [4]. The above reasons increase the customers? uncertainty about their digital assets on the cloud resulting in reluctance to adopt cloud computing [2].This paper exploits certain information security risks namely data, user identity and access control and contractual and legal issues. Moreover, the manuscript presents a comprehensive solution in literature to cater for all security risks. A critical evaluation of the solution by comparing it with other solutions that exist in literature is provided. The analysis proves the thoroughness and outperformance of the comprehensive solution compared to the other solutions that exist in literature.

Cloud computing is still in its infancy in spite of gaining tremendous momentum recently, high security is one of the major obstacles for opening up the new era of the long dreamed vision of computing as a utility. As the sensitive applications and data are moved into the cloud data centers, run on virtual computing resources in the form of virtual machine. This unique attributes, however, poses many novel tangible and intangible security challenges. It might be difficult to track the security issue in cloud computing environments. So this paper primarily aims to highlight the major security, privacy and trust issues in current existing cloud computing environments and help users recognize the tangible and intangible threats associated with their uses, which includes: (a) surveying the most relevant security, privacy and trust issues that pose threats in current existing cloud computing environments; and (b) analyzing the way that may be addressed to eliminate these potential privacy, security and trust threats, and providing a high secure, trustworthy, and dependable cloud computing environment. In the near future, we will further analysis and evaluate privacy, security and trust issues in cloud computing environment by a quantifiable approach, further develop and deploy a complete security, privacy trust evaluation, management framework on really cloud computing environments.

International Conference on Information Engineering, Management and Security 2014, 2014

Cloud computing is a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources such as networks, servers, storage, applications, and services that can be rapidly provisioned and released with minimal management effort or service provider Interaction. Despite the potential gains achieved from the cloud computing, the organizations are slow in accepting it due to security issues and challenges associated with it. Security is one of the major issues which hamper the growth of cloud. The idea of handing over important data to another company is worrisome; such that the consumers need to be vigilant in understanding the risks of data breaches in this new environment. This paper introduces a detailed analysis of the cloud computing security issues and challenges focusing on the cloud computing types and the service delivery types.

Given the world's current situation with the COVID-19 pandemic, several businesses have recently encouraged remote working from home. A variety of benefits are provided by cloud computing, including simplified IT and management, secure Internet-based remote access from practically anywhere, and cost savings. As a result, more people use the cloud, but there are also increasing cyber-attacks on cloud networks. However, several companies and organizations, who do not know the security threats that Cloud systems pose, are still worried about using the cloud. Reports previously released by researchers from academia, business, and standard organizations proposed solutions to these problems. This paper examines state-of-the-art papers on topics, challenges to requirements, and identified security system vulnerabilities. In addition, we will review the different components and the security and privacy concerns of current cloud computing systems. Finally, we present a variety of security threats targeting and addressing cloud storage services. In particular, we raise awareness on security issues that cloud organizations including cloud service providers, data owners and cloud users face and address them.

2011

The development of cloud computing services is speeding up the rate in which the organizations outsource their computational services or sell their idle computational resources. Even though migrating to the cloud remains a tempting trend from a financial perspective, there are several other aspects that must be taken into account by companies before they decide to do so. One of the most important aspect refers to security: while some cloud computing security issues are inherited from the solutions adopted to create such services, many new security questions that are particular to these solutions also arise, including those related to how the services are organized and which kind of service/data can be placed in the cloud. Aiming to give a better understanding of this complex scenario, in this article we identify and classify the main security concerns and solutions in cloud computing, and propose a taxonomy of security in cloud computing, giving an overview of the current status of security in this emerging technology.

—Cloud computing is a new development of grid, parallel, and distributed computing with visualization techniques. It is changing the IT industry in a prominent way. Cloud computing has grown due to its advantages like storage capacity, resources pooling and multi-tenancy. On the other hand, the cloud is an open environment and since all the services are offered over the Internet, there is a great deal of uncertainty about security and privacy at various levels. This paper aims to address security and privacy issues threatening the cloud computing adoption by end users. Cloud providers are mindful of cloud security and privacy issues and are working hardly to address them. Few of these threats have been addressed, but many more threats still unsolved. This paper focused on cloud computing security and privacy threats, challenges, and issues. Furthermore, some of the countermeasures to these threats will be discussed and synthesized. Finally, possible solutions for each type of threats will be introduced before we end with conclusions and future work.