Welcome to Scribd, the world's digital library. Read, publish, and share books and documents. See more
Download
Standard view
Full view
of .
Look up keyword
Like this
1Activity
0 of .
Results for:
No results containing your search query
P. 1
Security Issues Analysis for Cloud Computing

Security Issues Analysis for Cloud Computing

Ratings: (0)|Views: 28|Likes:
Published by ijcsis
Cloud computing is a new emerging concept recently introduced in the world. Cloud services on the first hand provides many advantages like pay-as-u-go nature, faster deployment of IT resources and the way of future but on the other hand challenges/ issues of cloud overweight the advantages of cloud. Among all the challenges of cloud, the upmost challenge that the world is facing with cloud is “Security” as clients outsource their personal, sensitive data to the cloud over the internet which can be very dangerous if not secured properly. In this paper we have analyzed security issues of cloud from different aspects along with some implemented solutions. Security of cloud can be categorized by service models provided by service providers, data life cycle security issues and it can be categorized by data security, virtualization security and software/application security. We have also analyzed some implemented solution model based on cryptography and shamir’s secret sharing algorithm to some of the security issues.
Cloud computing is a new emerging concept recently introduced in the world. Cloud services on the first hand provides many advantages like pay-as-u-go nature, faster deployment of IT resources and the way of future but on the other hand challenges/ issues of cloud overweight the advantages of cloud. Among all the challenges of cloud, the upmost challenge that the world is facing with cloud is “Security” as clients outsource their personal, sensitive data to the cloud over the internet which can be very dangerous if not secured properly. In this paper we have analyzed security issues of cloud from different aspects along with some implemented solutions. Security of cloud can be categorized by service models provided by service providers, data life cycle security issues and it can be categorized by data security, virtualization security and software/application security. We have also analyzed some implemented solution model based on cryptography and shamir’s secret sharing algorithm to some of the security issues.

More info:

Published by: ijcsis on Oct 17, 2013
Copyright:Attribution Non-commercial

Availability:

Read on Scribd mobile: iPhone, iPad and Android.
download as PDF, TXT or read online from Scribd
See more
See less

02/10/2014

pdf

text

original

 
(IJCSIS) International Journal of Computer Science and Information Security,Vol. 11, No. 9, September 2013
Security Issues Analysis for cloud computing
Bashir Alam
1
, M.N Doja
1
, Mansaf Alam
2
and Shweta Malhotra
1
 
1
Department of Computer Engineering Jamia Millia Islamia , New Delhi, India
2
Department of Computer Science Jamia Millia Islamia , New Delhi, India
Abstract 
 — 
Cloud computing is a new emerging concept recently introduced in the world. Cloud services on the first hand providesmany advantages like pay-as-u-go nature, faster deployment of IT resources and the way of future but on the other hand challenges/issues of cloud overweight the advantages of cloud. Among all the challenges of cloud, the upmost challenge that the world is facing with
cloud is “Security” as clients outsource their personal, sensitive data to the cloud over the internet which can be very da
ngerous if notsecured properly. In this paper we have analyzed security issues of cloud from different aspects along with some implemented solutions.Security of cloud can be categorized by service models provided by service providers, data life cycle security issues and it can becategorized by data security, virtualization security and software/application security. We have also analyzed some implemented
solution model based on cryptography and shamir’s secret sharing algorithm to some of the security i
ssues.
 
Keywords- Software as a service (SAAS) Platform as a service (PAAS); Infrastructure as a service (IAAS); Service level agreement (SLA),Multi cloud Database model (MCDB), NetDB2-Multi Share(NetDB2-MS).
I.
 
I
NTRODUCTION
A.
 
Cloud Computin
The most widely used definition made by National Institute of Standard and Technology (NIST) for cloud computing says thatCloud computing is a model that enable convenient network access on demand to a shared pool of configurable computingresources (e.g. networks, servers, storage, applications and services) that can be rapidly provisioned and released with minimalmanagement effort or service provider 
’s interaction
[1]. It has five essential characteristics, three service model and four deployment model. Essential Cloud Characteristics includes (i)on demand self-service (ii) elasticity (iii) scalability (iv) measuredservice and (v) multitenancy . Its three service models are (i) Software as service (ii) Platform as a service and (iii)Infrastructureas a service. Its deployment models are (i) public (ii) private (iii)hybrid (iv) community. As per IDC, the total cloud servicesmarket will grow from $884.4 million in 2012 to $2,671.9 million in 2017 at a compound annual growth rate of 24.7 percent [12].
B.
 
Cloud Challenge
There are many challenges of the cloud computing like Availability of a service, Security, Shared Nothing Architecture,application parallelism, Interoperability etc. [4]. Security is one of the important issues that should be considered primarily and being taken care of.As per 
IDC survey on “IDC cloud services survey: top benefits and challenges” in November 2009, conducted by IDC
Enterprise panel by IT executives and their Line of Business Colleagues, it has been concluded that 87 percent point out thesecurity concern, 83 percent point out availability concern, 82 percent point out performance concern, 80 percent point out lack of interoperability concern. As it can be seen in Fig. 1, among all the challenges like availability, performance, lack of interoperability, security is of major concern [13].
Figure 1: IDC Cloud Services Survey [13].
117 http://sites.google.com/site/ijcsis/ISSN 1947-5500
 
(IJCSIS) International Journal of Computer Science and Information Security,Vol. 11, No. 9, September 2013
The paper is summarized as follows: Section II describes various cloud security issues from different aspects and alsoimplemented solution models to some of the security concerns. Section III summarizes these issues and the implemented solutionsin tabular form. Section IV outlines the conclusion.
II.
 
C
LOUD
S
ECURITY ISSUES FROM DIFFERENT
A
SPECTS
 
Cloud security issues are categorized by many ways. In this section we have analyzed various security issues from differentaspects. Formerly security issues like Privileged user access, Regulatory compliance, location of Data, segregation of Data,Recovery, Investigative support, Long term viability were enlisted for the SLA [2]. Cloud service provider provides different kindof services that includes software as a service (SAAS), Infrastructure as a service (IAAS), Platform as a service (PAAS),according to S. Subashini, V. Kavitha [3] the security issues related to these service models were analyzed. Pengfei you et al. [8]described the cloud security issues related to Data security, virtualization security and application security. Data is particularlyimportant to the cloud, Deyan Chen and Hong Zhao [9] described the cloud issues with respect to Data cycle related issues in [9].In this paper analysis of some of the implemented solution models provided for some of the security issues has also been done.Cryptography keys and poilicy related solution model has been described by Yang Tang, john C.S. Lui [11], the solution model
 based on shamir’s secret sharing algorithms and multi cloud
s are described in [5][6][7][10]. Different security issues fromdifferent aspects are described as follows:
A.
 
SLA Cloud Security Issues
B. Reddy Kandukuri et al [2] described the meaning of SLA (Service Level Agreement). SLA is the legal agreement betweenthe two communicating parties mainly Client and service provider. Firstly they explained about the contents of typical SLA like itmust include what will be the service measuring parameters, what will be done in case of any disaster or problem occurs withinthe system, it includes what are the customer duties and responsibilities and it must also include how the termination of servicestakes place. Authors suggested some security issues that should also be included in typical SLA. According to them aStandardized SLA must include Privileged user access, Regulatory compliance, location of Data, segregation of Data, Recovery,Investigative support, Long term viability as shown in Fig 2.
Figure 2: SLA includes these cloud security issues: Privileged user access, Regulatory compliance, Data location, Data segregation, Recovery, Investigativesupport, Long term viability.
Cloud provider must go through security certifications i.e. regulatory compliance. According to them data location is wherethe data is stored as customers do not know where there data is getting stored and how the data is being processed in cloud, cloud provider must obey so
me legal privacy laws requirement of customer’s data. They explained data segregation as: cloud consists of 
many customers, it contains data of many clients at the same storage place so it must include some boundaries they suggestedencryption as one of the solution for data segregation. From their point of view, recovery is a method by which in case of disaster clients data can be recovered it includes replication of data, data backup of data. At last they accounted that the cloud services aremandatory for long term viability.
B.
 
Cloud Service Model related Security issues
S. Subashini, V. Kavitha [3] analyzed different security issues related to nature of service delivery models of cloud computingas shown in the figure 3. According to them, the main security issues related to the software as a service models are as follows:Security of Data, Security of Network, Locality of Data, Integrity of Data, Data segregation, Data Access, Authentication andauthorization, Data Confidentiality,
 
Data breaches, Virtualization vulnerability, backup of data. They explained data security as
Security of client’s personnel sensitive data
on the cloud, so cloud provider must provide additional security features apart fromdefault one that is used in traditional systems; it involves strong encryption techniques for data security.
SLA must include these security issues:Privileged user accessRegulatorycomplianceData locationDatasegregationRecoveryInvestigativesupportLong termviability
118 http://sites.google.com/site/ijcsis/ISSN 1947-5500
 
(IJCSIS) International Journal of Computer Science and Information Security,Vol. 11, No. 9, September 2013
They described network security as securing communication over the internet as all the communication between cloud service provider and customer is done through internet, it involves the use of strong network traffic encryption techniques such asTransport layer security, secure socket layer. Data locality, Data segregation and data recovery security issues are alreadyexpressed by B. Reddy Kandukuri et al [2].According to them, Data integrity means that protecting data from any unauthorized deletion, modification and prevarication,maintaining data integrity become very difficult because of the fact that most of the web applications do not support transactionmanagement and transactions should ensure that data should follow ACID property. They illustrate Data Access as onlyauthorized parties can access the outsourced data on the cloud, depending upon cloud deployment and service models, specifiedusers must firstly be established and predefined access properties and permissions should be granted accordingly. Theydeliberated Data Confidentiality as to ensure that user data which resides on the cloud cannot be accessed by unauthorized party,Confidentiality can be achieved through proper encryption techniques along with the proper key management. Another solutionfor confidentiality is to split up attributes between several data servers using customized threshold secret sharing scheme. Data breaches, according to them are possible due to two types of attacks: insider attack or some outsider external factor like hackerscan cause the attack. Lastly they accounted the most important issue of cloud computing i.e. Virtualization vulnerability, the main problem occurs in virtualization is to isolate the different instances of VMs from each other.They summarized the security issues of platform as a service (PAAS) as Host and network intrusion prevention: which meansdata should remain inaccessible between applications as, in PAAS, customers build their own applications on cloud platform provided by cloud provider. Here in PAAS hackers can attack the visible code of application, they can attack infrastructure. InPAAS Vulnerabilities are not limited to the web applications but also with machine to machine service oriented architecture.Lastly, they discussed about the Security issues related to Infrastructure as a service (IAAS) model, in IAAS the provider  providers the artificial developing environment like virtual machine, storage, network bandwidth etc. According to them the mainsecurity issue is related to virtualization and there are many security related problems like reliability of data that is stored within
the provider’s hardware. They considered
Security is the responsibility of both client and provider which differs like security up tohypervisor like physical security, environmental security, virtualization security comes under the control of provider and securityof application OS that comes under the control of customers.
Figure 3: Model of Cloud Security based on services models
C.
 
Cloud data, virtualization, and application related security issues
Above paper discussed the security related issues of service models provided by cloud computing. Pengfei you et al. [8],analyzed the cloud computing security issues with respect to three aspects i.e. Data Security, Application security andvirtualization security as can be seen in the Fig. 4 and they also gave some current solutions for these issues. Firstly, theyexplained the following Data Security related issues as Data Breach, Data Lockin, Data Remanence, Data recovery, Data locality.According to them Data Breach concerned with two security aspects of data: data integrity and data confidentiality the solutionfor both issues are to use the strong encryption mechanism like AES & DES under the proper management of keys. Data Lockinis another issue of migrating data from one SAAS or IAAS vendor to another vendor but while migrating, data may get lost.Solution for this issue is to have the standardized cloud Application Programming Interface (API). Data recovery and Datalocality security issues are already expressed by B. Reddy Kandukuri et al [2]. Lastly Data Remanence issue explained as Data isnot permanently erased after deletion so malicious hacker can extract the sensitive data which could be very dangerous. Possiblesolution for this issue is to encrypt the data along with the proper key management.
Cloud Security issues based on services ModelsSoftware as a service issuesPlatform as a service issues Infrastructure as a service issuesData security, Network Security, Datasecurity, Network security, Data locality,Data integrity, Data segregation, DataAccess, Authentication and authorization,Data Confidentiality,
 
Data breaches,Virtualization vulnerability, backup of data.Host and network intrusion prevention,Virtualization, hypervisor security, VMsecurity issues
119 http://sites.google.com/site/ijcsis/ISSN 1947-5500

You're Reading a Free Preview

Download
scribd
/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->