Introduction Over the past several years the term cloud computing has become common in homes and organizations alike. Cloud computing can be defined as a pooled set of computing resources that are furnished via the internet. There are three types of cloud services typically available, these services are Platform as a Service (PaaS), Infrastructure as a Service (IaaS), and Software as a Service (SaaS). Organizations can benefit greatly from cloud services because they eliminate the need to buy and manage physical resources. Although such an action cuts cost it leaves organization victim to the vulnerabilities and threats that exist in cloud computing. Throughout this paper I will discuss the vulnerabilities and threats that come …show more content…
The Cloud Security Alliance reported that providers lack to offer much insight on their hiring practices and standards and for potential employees and access controls and audit techniques being used within their firm (Cloud Security Alliance, 2011). Providers with lapse practices and controls create an opening for attackers; they can simply gain employment with providers and attack the infrastructure from within. A cloud service account is very similar to most web-based account; access to the account requires a username and password for authentication. Threat such as phishing and person-in-the-middle attacks used to gain access to passwords can result in an attacker gaining access to a cloud service account. Once the attacker gains access to the account steal data, manipulate data, redirect traffic, or carry out attacks from your allocated resource which can devastate an organizations reputation (Cloud Security Alliance, 2011). Cloud technologies revolve heavily around virtual machines that reside on physical servers (Talbot, 2009). One physical server could be the home of a slew of virtual machines; should an attacker interrupt the normal operations of a physical server it could result in the inoperability of the virtual machines also. One of the techniques can be used is an attacker implanting a virtual machine on a physical server (Talbot, 2009). Once the
Click here to unlock this and over one million essaysGet Access
The security concerns for IaaS and PaaS models are described collectively because of their reliance over each other. The attacks on these two layers are of three types: attacks on the cloud services, attacks on virtualization and attacks on utility computing. Hardware virtualization, software virtualization, cloud software, utilitycomputing and Service Level Agreement (SLA) are considered some of the common security concerns for IaaS and PaaS.
Cloud computing security or, more simply, cloud security is an evolving sub-domain of computer security, network security, and, more broadly, information security. It refers to a broad set of policies, technologies, and controls deployed to protect data, applications, and the associated infrastructure of cloud computing.
The economic case for cloud computing is compelling and at the same time there are striking challenges in its security. The concepts of cloud computing security issues are fundamentally new and intractable. What appears new is only relative to traditional computing that has been practiced since several years. Many such security problems have been giving attention since the time-sharing era. Cloud computing providers have and can build datacenters as large due to their expertise in organizing and provisioning computational resources at
This journal examines the various types of threats that a cloud-based company has to defend against. The authors recognize that the cloud has the potential to be a disruptive force in technology, and it examines the concerns that a business has for migrating to the cloud through the use of surveys. The benefits and risks are examined and the article provides statics and charts to illustrate the findings. The most interesting point of this article is it highlights the concerns customers have listing security as the number one reason preventing a business from migrating to the cloud. I plan to use this article to explain the challenges developers face in securing data on the cloud, not only with application development but also with educating businesses to alleviate misconceptions on cloud computing.
Everyone has an opinion on what is cloud computing. It can be the ability to rent a server or a thousand servers. It can be the ability to rent a virtual server, load software on it, turn it on and off at will. It can be storing and securing large amounts of data that is accessible only by authorized applications and users.
Cloud computing is revolutionizing many ecosystems by providing organizations with computing resources featuring easy deployment, connectivity, configuration, automation and scalability. This paradigm shift raises a broad range of security and privacy issues that must be taken into consideration. Loss of control, and trust are key challenges in cloud computing environments. This paper will be describing and focusing on cloud security and privacy. In addition to cloud security, the general model of cloud computing is also described where the cloud security and privacy issues can be approached. To preserve such issues, some propositions for cloud security for reference are also proposed along with a brief description for deployment in cloud computing.
Security is additionally one of the significant worries of the cloud computing innovation and is evident through the prior investigations. There exist a few dangers included which will limit the organizations in partaking and actualizing these cool administrations. There exist significant odds of dangers like losing of information, information ruptures, in security to the secret information which can affect the organizations. In this manner, the vast majority of the organizations introduce in the market fears to render their private information helpless against the uncertainties of unapproved access and they were in that by embracing the cloud benefits, their information might be more presented to dangers and likely of getting assaulted or
However, with all the benefits, the rapid development of information and communication technology (ICT) involves certain security challenges as well. The associated challenges and issues of Cloud computing must be considered prior to the ubiquitous adoption of the technology . The paper presents the analysis of the cloud computing model in terms of the deployment of its service models, along with the security issues associated with it. The paper also presents the possible techniques of eliminating the security concerns of the cloud computing.
Cloud services: The organizations have been highly dependent on the cloud services. The cybercriminals have been seeking ways to exploit corporate security policies for protecting cloud services. The cloud services have been providing immense risk of data being disclosed deliberately or accidentally. The hosting companies have a greater ease of control over the private data and information and can even communicate between the end user and access his user data even without his permission. Therefore this threat has to be placed at the highest priority. Additionally, the cloud providers have the authority to the share information with any of the third parties even without any warrant. All these activities poses privacy concerns as the data can be access on the cloud anywhere and anytime where the information can be deleted, or even altered. All these activities have further left a room for potential unwanted disclosure of data and information on the cloud. Thus using cloud services in an organization poses a threat to exploitation and stealing of confidential data by their competitors, cybercriminals and vigilante justice seekers (Shaikh, F. B., & Haider, S., 2011).
Cloud computing provides a flexible, collaboration and cost efficient way for business to manage computing resource online. However, while cloud services provide potential benefits to business, it also come with increased security risks.
Cloud computing is a shared resource that holds valuable data from masses of people and organisations and is therefore an easy target for hackers. Security within cloud computing involves a set of control-based technologies, polices, processes and standards to protect information, data applications and infrastructures related to cloud computing usage. Security within this area addresses the physical and logical security issues across the different service models as well as how these services are delivered ie.via the public, private or hybrid model. There are many points of entry for an attacker in the cloud environment and people are more exposed to data breaches than they think e.g. using an insecure website on your mobile phone or if a database administrator shares a password, personal details can be accessed.
When we speak cloud computing, we are about multi-tenancy and a server host; so, the service is always never really owned by clients who want to rent it. All cloud computing(CC) platforms and infrastructures-as-service operates on a
Security is the most prioritized aspect for any form of computing, making it an obvious expectation that security issues are crucial for cloud environment as well. As the cloud computing approach could be associated with having users’ sensitive data stored both at clients’ end as well as in cloud servers, identity management and authentication are very crucial in cloud computing. Verification of eligible users’ credentials and protecting such credentials are part of main security issues in the cloud - violation in these areas could lead to undetected security breach at least to some extent for some period. A possible authentication scenario for a cloud infrastructure is illustrated in figure 4.
V. However, the question to switch to cloud services is not always a no brainer. If a company or organization does not consider the potential risks associated with going to the cloud, there could be serious implications as a result of this oversight. The first and most threatening risk is data leakage. “The cloud offers a rich target for hackers, criminals, terrorists, and rogue nations. With cyber-espionage affecting every sector of our economy, aggregating important information in one location is a legitimate security concern. You
Most of us have been heard about the most cloud security failures in which all the cloud technology companies are continued to mature, they still suffer the same type of issues in-house infrastructure’s. Cloud computing has become a biggest market in today’s technology. In a report of 2016, analysts at Gartner predicted that transferring to cloud is going to affect $1 Trillion in Information technology in the next five years. Cloud services market has grown to an extent level that it was not a notable percentage of total it is spending, which was helping to generate new technologies and start-ups which are born in the cloud. When cloud services are going offline or software and websites will fail it can always results in huge business