The Cloud Security Allience ( Csa )

In as much as cloud computing is attractive; it poses concerns over trustworthiness and security of cloud infrastructure. Just like the traditional computing services, the cloud can also be a victim of attack or even exploited as a tool for malicious activity. Malicious individuals can make use of the power of cloud resources to attack other machines from within the cloud. Cloud services can also be used as tool for illegal or even criminal active such as communicating via cloud email services like Google Mail and also storage of

Data systems such as the web application and data servers are faced by a number of threats, some of these threats are discussed below:

Over the past several years the term cloud computing has become common in homes and organizations alike. Cloud computing can be defined as a pooled set of computing resources that are furnished via the internet. There are three types of cloud services typically available, these services are Platform as a Service (PaaS), Infrastructure as a Service (IaaS), and Software as a Service (SaaS). Organizations can benefit greatly from cloud services because they eliminate the need to buy and manage physical resources. Although such an action cuts cost it leaves organization victim to the vulnerabilities and threats that exist in cloud computing. Throughout this paper I will discuss the vulnerabilities and threats that come

Cloud computing is vast and so are the security threats. When a company opts for cloud computing, it will consider the advantages, but some of the companies fail to consider the vulnerabilities that might lead to data lost and misuse.

Cloud computing has become so famous; there is much widespread news about the cloud these days. This is mainly because of the exponential shift of the business applications from traditional models of software towards the Internet, and now through mobile devices. Cloud computing is a model that uses the network of remote servers that has been hosted on the internet rather than on a specific hardware. This would enable a better shared pool for storing, accessing and processing of data. With the huge information being available in the internet, the security for cloud computing has been challenging and this paper would elucidates the security threats of cloud computing also stating the possible countermeasures for them.

What is often missed is the reality that the increased use of cloud services is driving further breaches of unauthorized access of sensitive information in the cloud,

According to [3], there are so many security risks of the user of the cloud computing services, for handling these hazards the possible types of attacks must be categorized so that the solution of that can be found [4]. The author has proposed the idea of attacks possible in the cloud computing. The organizations are providing cloud services according to the cloud computing categorization. The cloud computing is still not matured in terms of security, and most of the researchers in published literature focused on security and new categorization of the attack surface. The paper focused on the initial attacks and hacking efforts linked to cloud computing organizations and their systems. In the cloud computing, there are three different contributor classes as a user, the cloud, and service. In cloud computing, two contributors must involve in the communication. The attacks can be launched on any of these three contributors during communication. The contributor classes must be secured with a security interface or a channel between the communicating parties, which depends on the service model that the cloud have like IaaS, PaaS, and SaaS.

Cloud computing infrastructure is based on the client server architecture and is thus subjected to threats that standard service infrastructure is, such as XSS, SQL Injection, machine code injection etc. But some attacks are specific just to the cloud based infrastructure,

Normally a third party, who creates and owns the infrastructure, provides cloud computing services to the clients. Cost effectiveness, flexibility, resource pooling and broad network access are salient features of the cloud computing. The risks to cloud computing are data security, authentication, data breaching, access control and virtual exploits.

security threats we describe, i) how it can be used to exploit cloud components and its effect on

Cloud computing security is a set of control based technologies and policies that must follow certain rules in order to protect applications, data and any information associated with cloud computing. It is known to provide excellent services but is still not supported by organizations due to privacy issues that includes security and privacy protection. As they obstruct the managers as well as the

Cloud computing security is combination of control-based technologies like network security, pc security, info security and policies designed to bind the restrictive compliance rules. It 's primarily wont to shield info, knowledge applications and infrastructure related to cloud computing use. The zoom in field of “cloud computing” has multiplied severe security issues like securing knowledge, and examining the use of cloud by the cloud computing vendors. the most plan is to spot the foremost dangerous security threats in cloud computing, which is able to alter each finish users and vendors to grasp concerning the key security threats related to cloud computing and to resolve the safety problems victimization totally different security models.

Security Issues : There are many challenges in the area of cloud computing and security is one of them. Increasing the level of security is required for improving the quality of cloud based services. Location of data is a important factor in the security of cloud based computing. Transparency of the data location provides the flexibility for cloud based computing, but this is also a threat related to security. For cloud users, to maintain their personal data is a major issue related to cloud computing security. Technical security and policies for cloud users plays a vital role in the cloud security. To build trust and establish it for customers who want to use cloud services, is another issue related to the cloud based computing. Security attacks is another issue related

Cloud computing is a shared resource that holds valuable data from masses of people and organisations and is therefore an easy target for hackers. Security within cloud computing involves a set of control-based technologies, polices, processes and standards to protect information, data applications and infrastructures related to cloud computing usage. Security within this area addresses the physical and logical security issues across the different service models as well as how these services are delivered ie.via the public, private or hybrid model. There are many points of entry for an attacker in the cloud environment and people are more exposed to data breaches than they think e.g. using an insecure website on your mobile phone or if a database administrator shares a password, personal details can be accessed.

For example, Facebook and Google docs are system that store data in the cloud (Demir 2012, 31), and users do not have total control or knowledge of where or how long time the data is stored. The second category of risk, tradition security threats, is the one that most of systems are subjected and in cloud system have their consequence in a larger amount of users (Marinescu 2013, p. 274). Generally, tradition security threats are related to disorder in the system integrity that can occur through intentional attacks, such as phishing, SQL insertion, and cross-site scripting (NIST 2012; Marinescu 2013, p. 274). One example of this type of attack is the one that occurred in Akamai on 2004 that affected google, yahoo and other major companies (Marinescu 2013, p. 15). The last classification of risk, system availability, can be caused by unexpected events as system failures and power outages; for instance, the interruption of Amazon servers in 2009 that was caused by a lightning (Marinescu 2013, p. 15). Cloud systems are vulnerable to a series of different risks and a trustable system should be capable to avoid and rapidly recover from this failures.