Skip to Content (press Enter/Return)
preview

Cloud Computing Security

explanatory Essay
1601 words
Open Document
1601 words
  • Small
  • Normal
  • Large
  • Huge
bookmark

Cloud computing facilitates sharing of computing and storage resources with the aim of reducing computing expenses in organizations. Moreover, cloud computing facilitates information sharing among individuals within a cloud. Despite being advantageous, data stored in a cloud is usually prone to hacking and other security issues. This paper addresses the various mitigation measures that organizations are using to ensure that data stored in the cloud is secure.

Despite the numerous advantages offered by cloud computing, security is a big issue concerned with cloud computing. There are various security issues and concerns associated with cloud computing, among them being phishing, data loss and data privacy. There are different mitigation measures that cloud pioneers are currently using to ensure data stored in the cloud remain secure and confidential as intended. Encryption is one mitigation method used to ensure security in cloud computing. According to Krutz and Vines (2010), encryption involves coding of the data stored in the computing cloud such that hackers cannot gain access to the data. Data encryption seems to be the most effective method of ensuring security in computing (Krutz and Vines, 2010). However, it is of paramount importance to note that encrypted data is usually difficult to search or perform various calculations on it.

Google uses data encryption as a method of ensuring that data stored in its cloud is secured and confidential (Bradley, 2010). GovCloud is a special cloud established by Google for storing government related information and data (Bradley, 2010). Due to the sensitivity of the information stored in GovCloud, Google encrypts the data in such a way that the data is not availab...

... middle of paper ...

...USA: ACM.

IBTimes, (2011). Will iCloud be the Next Target of Hackers? Retrieved from:

http://newyork.ibtimes.com/articles/158777/20110607/apple-icloud-security-hack-threat-

Infosecurity, (2010). Google Assures Customers on Cloud Security Practices. Retrieved from:

http://www.infosecurity-us.com/view/10025/google-assures-customers-on-cloud-

security-practices/

Krutz, R and Vines, D, (2010). Cloud Security: a Comprehensive Guide to secure Cloud

Computing. Indianapolis, Indiana: Wiley Publishing Inc

Vormetric, (2011). Vormetric Data Security for Amazon Web Services: Securing and

Controlling Data in the Cloud. Retrieved from:

http://www.vormetric.com/products/vormetric_data_security_amazon_web_services.html

Wiki.mozilla, (2007). Phishing Protection. Retrieved from:

http://wiki.mozilla.org/Phishing_Protection:

target-sony-amazon-google.htm

In this essay, the author

  • Explains that cloud computing facilitates sharing of computing and storage resources with the aim of reducing computing expenses in organizations. however, data stored in a cloud is usually prone to hacking and other security issues.
  • Explains that encryption is one of the mitigation measures used to ensure security in cloud computing. however, encrypted data is difficult to search or perform calculations on.
  • Explains that google uses data encryption as a method of ensuring that data stored in its cloud is secured and confidential.
  • Explains that amazon employs the principle of data encryption to ensure data security in its cloud.
  • Explains that physical security at data storage centers is important to ensure that data stored in the cloud is secure and available even in cases of a data center breakdown.
  • Explains that phishing is one of the security issues commonly affecting cloud computing. google has been able to cope with the problem through using fishing detection tools.
  • Explains that google maintains a blacklist of phishing urls to curb attacks in its cloud, especially the firefox search engine.
  • Explains that cloud providers must establish and maintain good risk management procedures and practices. microsoft identifies and reports various vulnerabilities to clients to ensure security for the clients.
  • Explains that microsoft has established remedies for dealing with fraudulent e-mails used for phishing activities. microsoft outlook is equipped with same definition files as those found in vista and windows 7.
  • Explains that microsoft ensures that phishing detection tools are always updated and availed to its clients.
  • Explains that apple's cloud is the most secure because of its vertical nature and closed space. apple advises its clients on appropriate measures against data loss and unintended retrieval.
  • Explains that cloud computing, despite its great achievements, has been limited by security concerns associated with the data stored in the cloud.
  • Explains that cloud computing pioneers are using various mitigation measures against cloud security issues, such as data encryption, phishing detection tools, and security maintenance in storage centers.
  • Cites bradley, t, provos, n, chew, m, & rubin, d. google apps project delays highlight cloud security concerns.
  • Cites acm.ibtimes, measurement of phishing attacks and google assures customers on cloud security practices
  • Cites krutz, r, and vines, d. cloud security: a comprehensive guide to secure cloudcomputing.
Get Access
Check Writing Quality
Related
  • explanatory
  • opinion
  • Clouding Computing
    explanatory essay
    History of cloud computing The word "cloud" is used to represent the internet and other communications systems. Cloud computing is the result of an evolution of the widespread adoption of virtualization, service-oriented architecture, autonomic, and utility computing in the past, telecommunications companies mainly gave simply dedicated, point-to-point data circuits to their users. Starting from the 1990's, virtual private network services was included in their contributions. It made the telecommunication companies offer equally improved services whereby cutting down on cost as well as using resources effectively.

    In this essay, the author

    • Describes the benefits of the cloud, stating that it is cost-effective, easy to maintain and upgrade, and scalable.
    • Explains that users in different time zones and geographic locations can have easy access to information once they register in the cloud via internet.
    • Explains that the cloud makes it easy to store, backup and restore data. cloud providers offer reliable and flexible backup solutions to various cases.
    • Explains that the cloud provides unlimited storage capacity. running out of storage space is no issue.
    • Explains that cloud computing can be up and running in a short while giving you the advantage of quick deployment.
    • Opines that security issues are another major issue while in the cloud. third party cloud service providers must be careful because sensitive information will be available to them.
    • Opines that data and information stored on the cloud may become vulnerable to external hackers and threats.
    • Describes cloud computing as the evolution of virtualization, service-oriented architecture, autonomic, and utility computing.
    • Explains that the resources can be used at anywhere, anyplace and at any time via a global network. cloud services, microsoft, ibm, salesforce.com, whiles, new york times and nasdaq use aws.
    • Explains that the data and information on the cloud is not accessible anywhere due to system and technical difficulties. a good internet connection is needed to log on to the severs at all times.
    873 words
    Read More
  • Cloud Computing
    explanatory essay
    Introduction Over the past several years the term cloud computing has become common in homes and organizations alike. Cloud computing can be defined as a pooled set of computing resources that are furnished via the internet. There are three types of cloud services typically available, these services are Platform as a Service (PaaS), Infrastructure as a Service (IaaS), and Software as a Service (SaaS). Organizations can benefit greatly from cloud services because they eliminate the need to buy and manage physical resources. Although such an action cuts cost it leaves organization victim to the vulnerabilities and threats that exist in cloud computing.

    In this essay, the author

    • Defines cloud computing as a pooled set of computing resources furnished via the internet. organizations can benefit greatly from cloud services because they eliminate the need to buy and manage physical resources.
    • Explains that the abuse and nefarious use of cloud computing is a threat to any organization.
    • Explains that cloud service providers are responsible for ensuring the confidentiality, integrity, and availability of data belonging to their customers. providers with lapse practices and controls create an opening for attackers.
    • Explains that phishing and person-in-the-middle attacks can result in an attacker gaining access to a cloud service account.
    • Explains that cloud technologies revolve heavily around virtual machines that reside on physical servers. attackers can use exploits in hypervisors to perpetrate these attacks on the physical system.
    • Explains the importance of software interfaces and apis in the security and availability of data outsourced to cloud service providers.
    • Explains that cloud computing data is spread across countries, continents, or regions. laws governing computer data vary from country to country, while some countries possess strong laws regarding data protection.
    • Explains that the president's administration is planning to finalize a security standard that can apply to all cloud services. fedramp calls for joint authorizations and continuous security monitoring services for government and commercial cloud systems for multiagency use.
    • Explains that fedramp is not alone in the effort to create standards regarding cloud computing. the national institute of standards & technology (nist) has published two draft publications specifically related to clouds.
    • Describes cloud computing as enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services).
    1112 words
    Read More
  • Cloud Computing Security
    explanatory essay
    Managing the security of an Electronic Medical Record (EMR) system in a cloud computing environment can be challenging. Even without the addition of the cloud computing environment, the EMR system is vulnerable to the compromise of login information, unauthorized viewing or editing of medical records, and denial of service attacks. First of all, the data contained within the Electronic Medical Record (EMR) itself is sensitive. Inside the structure of an EMR, one is potentially looking to find patient data that pertains to identity, billing information, dentistry, cardiology, dermatology, mental health, and physical attributes among other forms of data. In many EMR systems, tools to provide security and privacy are implemented. In these systems however, the security is managed by the health care provider. This means that the patient has no say on who can view their medical information. When cloud computing is introduced to this scenario, privacy and security becomes more of an issue because data that is stored in a cloud could potentially end up in being dispersed throughout many geographic locations. Additionally, this data could be viewed during transit to the cloud servers, and the data could be viewed after storage on the cloud server (Narayan, Gagne, & Naini, 2010, p.47).

    In this essay, the author

    • Explains that managing the security of an electronic medical record (emr) system in a cloud computing environment can be challenging.
    • Explains that an emr system's primary focus should be to protect patient data from compromise, and hipaa compliance in mind.
    • Cites the proceedings of the 2010 icse workshop on software engineering in health care (sehc '10).
    • Presents the proceedings of the 2010 acm workshop on cloud computing security workshop (ccsw '10).
    • Cites the special issue of ijcct, vol.2, issue 5, 57-62, which focuses on securing data in the cloud.
    • Cites proceedings of the 3rd workshop on software engineering in health care (sehc '11), acm, new york, ny, usa.
    • Explains that the concept of cloud computing is still a relatively new phenomenon, so it is important to realize the potential issues associated with it.
    • Opines that an organization must be diligent about maximizing its security to the fullest extent possible.
    • Explains that required certification can leave common vulnerabilities undetected, in proceedings of the second annual workshop on security and privacy in medical and home-care systems.
    1119 words
    Read More
  • Nt1310 Unit 3.1 Research Paper
    explanatory essay
    Data Integrity: Sensitive data stored in cloud computing environment emerges as a major issue with regard to security in a cloud based system. Since anyone can access data from the cloud as the data may be public, private or sensitive. So concurrently, many cloud computing users and providers access and modify data. Thus there is a need of some mechanism to ensure data integrity in cloud computing.

    In this essay, the author

    • Explains sql injections: hackers inject malicious code to gain unauthorized access to databases to manipulate the contents, retrieve confidential data, or even take control of the web server.
    • Explains cross-site scripting: hackers inject malicious scripts, such as javascript, vbscript and activex, into a web page to execute them on the victim’s web browser.
    • Explains how man in the middle attacks a cloud server and client to insert false information and access information about important data being transferred between them.
    • Explains that packet sniffing is listening to the network for packets which are important.
    • Explains that denial of service attacks (dos) aim to make sure that targets computer resources become unavailable. the attacker floods the victim with a large number of packets to consume the entire bandwidth and resources of the target computer.
    • Explains that sensitive data stored in cloud computing environment is a major issue with regard to security in the cloud based system.
    • Explains that data loss is a common problem in cloud computing. data can be lost or damaged due to miss happening, natural disaster, and fire.
    • Explains that data confidentiality means that only authorized and intended users are given permission to access the data. cloud computing system offers applications and infrastructures which operate on public networks.
    • Explains that exporting data means losing significant control over data. large organizations don’t want to run a software delivered in the cloud that risks their data through interaction with other software.
    • Explains that multi-tenancy allows storing data by multiple users on cloud servers, so there is a possibility of intrusion by an attacker.
    • Explains that the cloud service provider must take measures to ensure that customer information is isolated from other customers and users.
    • Explains the use of malicious applications to spread spam and malware. intruders can access a public cloud and upload malware to computers in the cloud.
    • Explains that an api is used as an interface to interact with cloud services. they must have extremely secure authorization, access control, encryption and logging mechanism.
    • Opines that the malicious insider is an important threat as many providers don't disclose how they recruit people, grant them access to sensitive data, or control them. transparency is vital to create a secure cloud.
    660 words
    Read More
  • Cloud Computing and the Computer Scare
    opinion essay
    Once you login to your computer you are bound to use an application that is related to the cloud computing infrastructure. For example, when any service needs an internet connection it immediately uses what is known as a “cloud” network, which is a broad term for the use of a device or application that is not physically present. The computer user is then accessing a network in the cloud, which stores personal information and allows for multiple tasks to be completed in an efficient manner rather than just using a single personal computer. Computer Scientists do find an importance for expanding the cloud network since it not only helps them create projects using multiple computers linked on the cloud but it also helps deliver applications to any computer user. Unfortunately, there are some deficiencies that computer science majors should be aware of; the biggest default the risk of cloud security issues constantly. These issues include vulnerability to data loss and hackers overtaking the system; computer scientists should be aware of the structure’s defaults and be able to use cloud services efficiently. Cloud computing is a highly useful and quickly growing aspect of technology, and although the security issues are a risk, it is a useful service that should be used with the proper prior knowledge.

    In this essay, the author

    • Opines that computer science majors should be aware of cloud security issues and be able to use cloud services efficiently.
    • Explains that users should be aware of possible data loss, high hijack rates, and less control over the total process.
    • Explains the basic structure of the cloud system, which includes infrastructure, platform, and software as a service.
    • Concludes that cloud computing is a relatively new and fast-paced source of storing, accessing, and developing data in virtual networks.
    • Describes the issues and research activities related to both information security and cloud computing.
    1410 words
    Read More
  • Cloud Computing Essay
    explanatory essay
    With computers and technology rapidly evolving, staying relevant is becoming more and more difficult to companies in the information technology industry. Cloud computing is a rising technology that could possibly be a great help or a burden to the IT infrastructure. With many new technologies, businesses wonder whether it is profitable enough to invest in such a technology and whether the company will benefit greatly from it. Although cloud computing is an emerging technology, it will come with risks such as security vulnerabilities, but could also be a great cost effective measure that will help out an organization’s infrastructure. Although a new technology, cloud computing is very advantageous for organizations and companies.

    In this essay, the author

    • Explains that cloud computing is an emerging technology that could be a great help or burden to the it infrastructure.
    • Explains that cloud computing will allow better development of software to relieve setbacks. the technology eliminates tedious tasks of maintenance and upgrading servers.
    • Opines that cloud computing will gain the organization’s competitive advantage over the competition. with cuts in cost and efficiency, companies will triple their profit growth.
    • Opines that saving money and profit is critical to an organization's success. providing convenience of information and relieving setbacks will improve the organization and improve every fellow employee in many ways.
    • Explains how cloud computing reduces costs for an organization by eliminating the need for many servers and lowering the electrical power and people costs.
    • Explains that cloud computing increases convenience by accommodating to each individual by adapting to their workflow. the flexibility of this feature will allow work to be completed at anytime, anywhere.
    • Explains how increasing the functionality of disaster recovery is one of the major ways to improve an organization’s recovery from setbacks.
    • Cites columbus, louis, and dix, john. "cloud computing causing rethinking of disaster recovery."
    • Explains that cloud computing rains cost savings, productivity benefits. webroot inc., 6 june 2013. ross, asher, tsai, and mike azzi.
    1180 words
    Read More
  • Regulation on Cloud to Protect User Privacy
    opinion essay
    Regulation on Cloud to Protect User Privacy This essay discusses regulation that rules cloud provider to protect privacy of data citizens within country. This essay will describe about what cloud services and its wide range of service In the second section, it will explain more about the security threat of cloud services and going more specific into privacy issue. The next section, I will discuss about the extent of technical regulation that porposed from case given by taking model from exist country regulation. In the Fourth section, this essay will discuss about evaluation and another policy as alternative of the previous policy.

    In this essay, the author

    • Analyzes how the essay discusses regulation that rules cloud provider to protect privacy of data citizens within country.
    • Explains that cloud services are widely used by people around the world in purpose of business, government, and personal use. cloud service offers a large-scale service where users only pay for what they use (on-demand).
    • Explains that cloud services provide flexible, elastic, and dynamic platform. cloud services gain money from advertising or user list sales.
    • Opines that maintaining security in the cloud is like safeguarding the jungle because every weakness in network link are adversary’s opportunity to harm our properties.
    • Explains that the term "cloud" gives us potrait like we deal with something behind the cloud that we don't know.
    • Opines that the threat should be handled by a cloud company to avoid data leaks from using cloud services.
    • Explains that security issues come from poor authorization, limited monitoring, clear-text authentication, and account or services hijacking. amazon ec2 was hijacked by zeus botnet.
    • Opines that regulation that urges cloud company to store local citizens' data within country could be guarantee users’ data, but this may result refusing from giant company providers.
    • Explains that privacy is about the right of individual to control their environment regarding to three aspects — confidentiality, control, and freedom to participate. cloud users share resources between vendor, cloud provider and other costumers.
    • Explains that cloud computing has many threats from wide ranges of adversary capability to violate its users privacy. location affects vulnerability of users' privacy because regulation applies to their data.
    • Explains that location of data storage is really matter for users privacy regarding of the local regulation that applied to data. storing data within country could be applied depending on the country itself.
    • Argues that localized data in local country with sufficient regulation might be the best solution for protecting users' citizents.
    2708 words
    Read More
  • Egovernment And The Benefits Of The E-Government
    opinion essay
    Second: Protect data from damage and loss: The philosophy of cloud computing includes the importance of keeping information, the statement and the file of loss first and damage. Second, the use of cloud computing reduces the risk in both directions.

    In this essay, the author

    • Explains that e-government benefits citizens, traders, government departments, and local and international companies.
    • Opines that providing better government services around the clock throughout the year means that some services may be available to citizens or companies even during the holidays.
    • Explains that the yemeni government is actively seeking to activate the principles of e-government. many scientific conferences have been hosted, but obstacles have slowed the electronic transformation in many government departments.
    • Explains the weakness of the telecommunications infrastructure that will enable the service provider (in this case, the government service) to be connected with the user (citizen, government department or civil society).
    • Explains the difficulty of persuading the performance of work electronically in government departments because of the old habits favored by decision-makers.
    • Opines that it consultants should act as information providers and supervisors of all steps of work, and their views are very important.
    • Explains that several challenges have been developed in various aspects of data and information processing for cloud computing as emerging technology.
    • Explains that the transition to cloud computing technology requires a major change in the business culture of an organization or establishment.
    • Explains that technical support, emergency problem solving, additions and changes to improve the situation is one of the challenges to the success of cloud computing.
    • Opines that cloud computing does not have a rapid return on investment unless there is good planning and implementation.
    • Argues that reliance on cloud computing requires a deeper, more extensive, and wider dependence on the provider. a deeper and closer partnership and alliance are required.
    • Opines that it is imperative for all to cooperate and participate in the successful implementation of the e-government project.
    • Explains the benefits of using cloud computing in e-government.
    • Explains that the main objective of e-government implementation is to facilitate services and provide them, reduce costs, and work to connect government services to all users.
    929 words
    Read More
  • Difference Between Encryption And Symmetric Encryption
    explanatory essay
    In the world, where security breaches and information stealing occurs more frequently, a service offering a secure data storage is a significant factor of a security arrangement. Encryption is simply stated as the practice of systematic information scrambling, so that it can be unscrambled later [10]. Data encryption interprets data into a different form, or cryptograph, so that a person holding a secret key (i.e. a decryption key) or password can access that data. The encrypted data is known as cipher text, whereas the unencrypted data is termed as plaintext. Presently, encryption is considered as one of the most effective data security technique and is widely used by a number of organizations for the purpose of secure and reliable transmission of data containing secret information. Asymmetric encryption and Symmetric encryption are two main types of encryption techniques.

    In this essay, the author

    • Explains that encryption algorithms are used to ensure the encryption of the data that is transmitted while the communication process.
    • Explains that the key size used for an aes cipher specifies the number of repetitions of transformation rounds that convert the input, called the plaintext, into the final output.
    • Explains that the first transformation in the aes encryption cipher is substitution of data using a substitution table; the second transformation shifts data rows, the third mixes columns; and the last transformation is an exclusive or (xor) operation performed on each column.
    • Explains that the decryption process of an aes cipher-text is quite the same as the encryption process in the reverse order.
    • Explains that since sub-processes in each round are in reverse manner, encryption and decryption algorithms need to be separately implemented, although they are closely related.
    • Explains that encryption is the most effective data security technique and is widely used by organizations for the purpose of secure and reliable transmission of secret information.
    • Explains that the complexity finder is a powerful algorithm that provides estimations of data complexity and helps to find out the selection of encryption algorithm to secure the data during the transmission.
    • Describes the advanced encryption standard (aes), a subset of the rijndael cipher designed by two belgian cryptographers.
    • Explains that the 16 input bytes are substituted by looking up a fixed table (s-box) given in design. the matrix of four rows and four columns is shifted to the left.
    • Explains how the matrix is transformed into a new matrix consisting of the same 16 bytes but shifted with respect to each other.
    1277 words
    Read More
  • Cloud Computing Essay
    explanatory essay
    The dark side of Cloud Computing The inception of Cloud Computing could be traced back to 1950s when large scale mainframe computers were being utilised for only communication purposes with no processing capacities. Within a short span of time, the proliferation of technology has taken Cloud Computing into a new era where no one has ever thought or imagined before. It seems to be limitless, some even says addictive. It is like taking steroid to enhance your personnel well-being, corporate performance, productivity and growth depending on which perspective that you are coming from.

    In this essay, the author

    • Explains the dark side of cloud computing. it's a new era where no one has ever thought or imagined before.
    • Explains that tech giants like google, microsoft, amazon, apple, samsung and ibm have invested billions of resources to provide their client it services that are hosted on the internet. this paradigm shift has raised concerns in the loss of control over data as well as privacy and security.
    • Describes the risks associated with cloud computing, such as loss of control over data and dependency on service providers.
    • Opines that most clients are aware of losing control of their data when storing them with an outside computing service provider. these data could be compromised by the service provider as there is a lack of transparency.
    • Explains that service providers are capable of performing data mining techniques to analyse their client data. this is a sensitive function and could put clients in risk when it fall into wrong hands.
    • Explains that mobile devices allow clients to access, process, transfer, and store data on the move. users can access their data remotely and their connection may not be adequately protected.
    • Explains that traditional risk management and compliance issues are split between the service provider and the client. data recovery could be a problem if the legislative compliance is not properly defined.
    • Opines that it is critical to enforce this mandatory of deletion of data act in regulations in cloud computing services.
    • Explains that cloud computing is highly dependable on a reliable network that ensures and guarantees the operations of the client of services provided in the cloud by service provider.
    • Explains that cloud service providers depend on availability, which could affect business continuity. some services lack a contract between the client and the service provider.
    • Explains that cloud computing is a form of green computing, but there is no way to measure it. users are staying connected longer than before, which has led to an explosion of urge in the energy usage that could lock in polluting energy sources.
    • Opines that there is also a risk of monopoly and privatisation of the cyberspace.
    • Opines that the future of cloud computing is unpredictable as it is still evolving. if those concerns mentioned earlier are not managed early, it may manifest to something that may adversely impact mankind.
    • Opines that as responsible services providers and users, an independent body has to be formed to look at the penitent issues and sieve out the potential risks.
    772 words
    Read More
Get Access