International Journal of Computer Trends and Technology (IJCTT) – volume 4 Issue 8–August 2013

ISSN: 2231-2803 http://www.ijcttjournal.org Page 2680



Abstract-Network security has become more important to
personal computer users, organizations, and the military. But
still many companies are not ready to implement cloud
computing technology due to lack of proper security control
policy and weakness in protection which lead to many
challenge in cloud computing. Cloud computing is a
virtualization technology that uses the internet and central
remote servers to offer the sharing of resources such as
software, infrastructures, business and applications processes
to the market environment to fulfill the elastic demand. To
prevent Data from unauthorized access, it propose a
distributed scheme for providing security of the data in cloud.
This paper presents a survey of the network security of Cloud
Computing. This includes a discussion of the evolution process
in cloud computing and current technologies adopted in cloud
computing. This survey paper also presents a comparative
study of cloud computing platforms (Amazon, Google and
Microsoft).

Keywords–Cloud computing, Cloud computing service models
(SAAS,IAAS,PAAS), Types of Cloud computing, Network
issues, Security issues.

I. INTRODUCTION
The technology uses the Internet and central remote servers to
maintain data and applications. Cloud computing that allows
businesses to use applications without installation and access their
personal files at any computer with internet access. This computing
technology allows for more efficient computing by centralizing
storage, memory, processing and bandwidth. In 2005, the term
cloud computing became popular and the sub classification of
IAAS, PAAS & SAAS got formalized. The termCloud Computing
refers to both the applications delivered as services over the
Internet and the servers and systemsoftware in the data centers
that provide those services. Cloud computing really is accessing
resources and services needed to perform functions with
dynamically changing needs. An application developer requests
access fromthe cloud rather than a specific endpoint or named
resource. This paper describes the cloud computing, cloud
computing models, and a comparative study of cloud computing
systems.


II. CLOUD COMPUTING SERVICE MODELS

A. SOFTWARE AS A SERVICE (SAAS)
SAAS is the most common formof cloud computing for small
businesses. SAAS is the online delivery of software functionality
and capability without the need for locally running software.
SAAS runs on a Web browser. Gmail and Sales force are two
popular SAAS products. Direct benefits of SAAS include
reduced hardware costs, reduced software licensing costs,
and more flexible IT resources that can be dialed up or
down quickly on demand. SAAS applications allow users to
access and manipulate their data anywhere they have a data
connection fromany device –an important consideration in
a world where nearly everyone has several compute platforms
(mobile, laptop, tablet).The software application host is responsible
for controlling and maintaining the application, software updates
and settings. Example of a SAAS is a web-based mail service or
customer relationship management system.

B. INFRASTRUCTURE AS A SERVICE (IAAS)
IAAS is the delivery model which provides computer
Infrastructure as a service. The service provider maintains the
physical computer hardware consist of CPU processing, memory,
data storage and network connection. This entails the rental of a
complete computing resources for running applications, hosting
data and company’s entire computing environment. Examples of
an IAAS include Amazon EC2, Rack space and Windows Azure.

C. PLATFORM AS A SERVICE (PAAS)
PAAS can be described as a crossover of both SAAS and
IAAS. Using a PAAS companies can produce new
applications more quickly and with a greater degree of
flexibility than with older development platforms tied
directly to hardware resources. Application development on
a PAAS has a number of key benefits. Programmers
especially appreciate that the cloud provider handles all the
care and maintenance of the underlying operating systems,
servers, storage, and application containers. PAAS
environments can be much useful when development teams
are widespread geographically or when partner companies or
divisions share development efforts. Traditionally, hardware and
software is fully contained on a user´s computer. This means that
you access your data and programs exclusively within your own
computer. Cloud computing allows you to access your data and
programs outside of your own computing environment. Instead of
storing your data and software on your personal computer or
server, it is stored in 'the cloud'. This could include applications,
databases, email and file services. A common analogy to describe
cloud computing is renting versus buying. Essentially, you rent
capacity (server space or access to software) froma cloud service
provider and connect over the internet.

III. TYPES OF CLOUD COMPUTING

A. PUBLIC CLOUD COMPUTING
A public cloud provides all of the infrastructure and services
through the Internet. It is cost effective because the cost is spread
out and shared across a very large group of individuals and
businesses. Some of the service providers are Google, Amazon,
Survey of the network security in cloud computing
M.usha devi
#1
Research Scholar

Mr. B.Loganathan*
2

#
Assi st ant pr of essor
Depar t ment of Comput er Sci ence
Gover nment Ar t s col l ege( Aut onomous) , Coi mbat or e- 18, Tami l nadu, I ndi a.

International Journal of Computer Trends and Technology (IJCTT) – volume 4 Issue 8–August 2013
ISSN: 2231-2803 http://www.ijcttjournal.org Page 2681

Microsoft. Here a user does not have a control on the management
of the resources. All the thing is managed by the third party and
it’s their responsibility to apply software updates, security patches
etc . This means that IT systems are shared by various users to a
very high degree and since the networks are not separated, the user
does not really know where his data is stored. A Public Cloud
provide the best potential in terms of cost-effectiveness, so it only
offers nominal data protection and specific availability. Service
providers manage the infrastructure and pool resources into
capacity that any customer can claim. The main benefits of using a
public cloud are easy and inexpensive set-up because application,
hardware and bandwidth costs are covered by the provider. Some
issues related to public clouds are the user of public clouds have no
control where their data is saved. Security and data protection is of
nominal type.

B. PRIVATE CLOUD COMPUTING
In private clouds, the infrastructure and services are maintained on
a private network. This type of cloud must be set up and
maintained by personnel, so it is not ideal for a company that
wants to operate with as few employees as possible. It still allows a
company to maintain a smaller staff because it’s simpler to
maintain once it is created. No other parties are involved with a
private cloud. Private cloud otherwise called as internal cloud or
corporate cloud that provides hosted services to a limited number
of people behind a firewall. Private Clouds emulate cloud
computing on private networks. Private Clouds represents an
enterprise-specific environment with dedicated IT systems as well
as private access and sharing. The rules can be defined and
implemented individually. When Private Clouds are enhanced and
hosted on the premises of the organization consuming it, they are
also called as to On-Premise Private Clouds. The storage is
typically not shared outside the enterprise and full control is
retained by the organization. Cloud is as simple as adding another
server to the pool and the self-managing architecture expands the
cloud by adding performance and capacity.

The main benefits of using private cloud are an enhanced security
and data protection and one can raise it as much level as one
wishes. The user has total control of where the data is being saved
and easily recover fromfailure. Easy monitoring of demand for
service and accordingly manage the cloud by scaling up or down.
Very useful for Enterprise IT organizations use their own private
cloud(s) for mission critical and other operational systems to
protect critical infrastructures. Hence the cost of operation is high
compared to Public Clouds.

C. COMMUNITY CLOUD COMPUTING
A community cloud exists where several organizations share
access to a private cloud, with the same security considerations.
For example that a series of franchises have their own public
clouds and they are hosted remotely in a private environment.

D. HYBRID CLOUD COMPUTING
A hybrid cloud model takes advantages of both public and private
cloud services. The hybrid cloud is the ideal way to effectively
meet the needs of various parts of a business. For example, you
could use a public cloud for your emails to save on large storage
costs and keep your highly sensitive data safe and secure behind
your firewall in a private cloud. . Hybrid Cloud provides
applications and data in a secure manner so that many
organizations prefer to keep sensitive data under their own control
to ensure security.

IV. NETWORK ISSUES IN CLOUD COMPUTING

A. ATTACK OF NETWORK SNIFFING
Another type of attack is network sniffer, it is a more difficult
issue of network security in which unencrypted data are hacked
through network for example an attacker can hack passwords that
are not properly encrypted during communication. If the
communicator is not used encryption techniques for data security
then attacker can capture the data during transmission as a third
party. For this attack, the parties should use encryption methods
for securing there data.

B. MIDDLE ATTACK
This is another issue of network security that will happen if secure
socket layer (SSL) is not configured properly. For example, if two
parties are communicating with one other and SSL is not properly
installed then all the data communication between two parties
could be hack by the middle party. For this attack, SSL must
properly install and it should check before communication with
other authorized parties.
C. DENIAL OF SERVICE
When hackers overflows a network server or web server with
frequent request of services to damaging network, the denial of
service can’t keep up with them, server couldn’t legitimate client
regular requests. In cloud computing, hacker attack on the server
by sending thousands of requests to the server that server is unable
to respond to the regular clients in this way server will not work
properly. For this attack is to reduce the privileges of the user that
connected to a server and this will help to reduce the DOS attack.

V. SECURITY ISSUES IN CLOUD COMPUTING

A. BROWSER SECURITY
The first issue is Browser security. As a client sent request to the
server by web browser the web browser have to make use of SSL
to encrypt the credentials to authenticate the user.SSL support
point to point communication means if there is third party and then
middle host can decrypt the data and if the hacker installs sniffing
packages on host, the middle attacker may get the credentials of
the user and use in these credentials in the cloud systemas a valid
user. For this attack, Vendor should use WS-security concept on
web browsers because WS-security works in message level that
use XML encryption for continuous encryption of SOAP messages
which does not have to be decrypted at mediator hosts

B. XML SIGNATURE ELEMENTWRAPPING
Attacker targets the component by operating the SOAP messages
and putting anything that attacker like. For this attack, used the
digital certificate. For example, X.509 authorized by third party
such as certificate authorities and also uses the mixture of WS-
security with XML signature to a particular component. XML
should have the list of components so that it can reject the
messages which have malicious file and also reject the unexpected
messages fromthe client.
.
C. CLOUDMALWARE INJ ECTION ATTACK
Cloud Malware Injection Attack, which tries to damage a service,
application. An interloper is obligatory to generate his personal
spiteful application, service request and put it into the cloud
structure. Once the spiteful software is entered into the cloud
structure, the attacker care for the software as legitimate request. If
successful user ask for the service then malicious is implemented.
Attacker can upload virus programinto the cloud structure. Once
cloud structure care for as a legitimate service the virus is
implemented which spoils the cloud structure. For this case
hardware damages and attacker aimis to damage the user. Once if
user asks for the programrequest the cloud throws the virus to the
client over the internet. The client machine is affected by virus.
International Journal of Computer Trends and Technology (IJCTT) – volume 4 Issue 8–August 2013
ISSN: 2231-2803 http://www.ijcttjournal.org Page 2682

Counter measure for this attack is authenticity check for received
messages. Storing the original image file of the request by using
hash function and compare it with the hash value of all upcoming
service requests. In this, attacker create a legitimate hash value to
deal with cloud systemor to enter into the cloud system.





D. FLOODING ATTACK
Cloud systemrepeatedly increase its size when there is further
requests from clients cloud systeminitialize new service request in
order to maintain client requirements. Flooding attack is
distributing a great amount of non-sense requests to a certain
service. Once if the attacker throw a lot of requests by providing
more recourses cloud systemwill attempt to work against the
requests, then systemconsume all recourses and not capable to
supply service to normal requests fromuser. Attacker attacks the
service server. DOS attacks cost provide extra fees to the consumer
for usage of recourses. In this situation the owner of the service has
to compensate additional money. To stop from attacking the
server, Intrusion detection systemthen filter the malicious requests
and installing firewall. Intrusion detection systemprovides fake
alerts and could mislead administrator.

E. DATA PROTECTION
Data protection in cloud computing is very important factor it
could be complicated for the cloud customer to efficiently check
the behavior of the cloud supplier and as a result he is confident
that data is not handled in proper way, then it does not like that this
problem is intensify in case of different transformation of data. For
this attack, that a consumer of cloud computing should check data
handle either it is handled lawfully or not.

VII. CLOUD COMPUTING CHARACTERISTICS

A. ON DEMAND SELF SERVICE
Computer services such as applications, email, network service can
be provided without requiring human interaction with each service
provider. Cloud service providers that providing on demand self
services include Amazon Web Services (AWS), Microsoft,
Google, IBM and Salesforce.com. New York Times and NASDA
are examples of companies using AWS.

B. RESOURCE POOLING
The provider’s computing resources are pooled together to serve
multiple consumers using multiple-tenant model with different
physical and virtual resources dynamically assigned and reassigned
according to consumer demand. The resources include others
storage, memory, processing, network bandwidth, and email
services. The pooling of the resource builds economies of scale.

C. RABID ELASTICITY
Cloud services can be rapidly and automatically to scale out
quickly and rapidly released to quickly scale in. For the consumer,
the capabilities are available for provisioning often appear to be
unlimited and can be purchased in any quantity at any time.

D. MEASURED SERVICE
Cloud computing resource usage can be controlled, measured, and
reported for providing transparency to both provider and
consumer of the utilized service. Cloud computing services that
used a metering capability that enables to control and optimize
resource use and implies that just like air time, municipality water
IT services, or electricity are charged per usage metrics pay per
use. The more which you utilize the higher bill. Like this utility
companies sell power to subscribers and telephone companies and
sell voice and data services. IT services such as network and
security management, data center hosting or departmental billing
can now be easily delivered as a contractual service.






VIII. BENEFITS OF CLOUD COMPUTING

Cloud computing which produces a lot of benefits. It allows you
to set up what is essentially a virtual office to give you the
flexibility of connecting to your business anywhere and any time.
The number of web-enabled devices used in today's business
environment (e.g. smart phones, tablets), access to your data is
even easier.
A. REDUCED IT COSTS
Moving to cloud computing may reduce the cost of managing and
maintaining your Information technology systems. Instead of
purchasing expensive systems and equipment for your business, so
that you can reduce your costs by using the resources of your cloud
computing service provider. You can able to reduce your operating
costs because the cost of system upgrades, hardware and software
may be included in your contract. you no longer need to pay wages
for expert staff your energy consumption costs may be reduced
there are fewer time delays.
B. SCALABILITY
Your business can scale up or scale down your operation and
storage needs quickly to suitable for your situation, allowing the
flexibility as you needed to change. Purchasing and installing
expensive upgrades yourself and your cloud computer service
provider can handle this for you. With this, the cloud frees up your
time so you can get on with running your business.

C. BUSINESS CONTINUITY
Protecting your data and systems is an important part of business
continuity for planning. If you may experience a natural disaster,
power failure and having your data stored in the cloud ensures it is
backed up and protected in a secure and safe location. You can
able to access your data again quickly allows you to conduct
business as usual and minimising any downtime and loss of
productivity.

D.COLLABORATION EFFICIENCY
Collaboration in a cloud environment gives your business the
ability to communicate and share more easily to outside of the
traditional methods. And if you are working on a project across
different locations, you could use the cloud computing to give
employees, contractors and third parties accessing the same files.
You may also choose a cloud computing model that makes it easy
for you to share your records with your advisers (e.g. a quick and
secure way to share accounting records with your accountant or
financial adviser).

E. FLEXIBILITY OF WORK PRACITICES
Cloud computing allows employees to be more flexible in their
work practices. For example, if you have the ability to access data
fromon holiday, home or via the commute to and fromwork. If
you need to access your data while you are in an off-site, you can
connect to your virtual office, quickly and easily. Access to
automatic updates for your IT requirements may be included in
your service. If you depending on your cloud computing service
provider and your system will be regularly updated with the
International Journal of Computer Trends and Technology (IJCTT) – volume 4 Issue 8–August 2013
ISSN: 2231-2803 http://www.ijcttjournal.org Page 2683

present technology. It include up to date versions of software and
also upgrades to servers and computer processing power.






IX. CLOUD COMPUTING ARCHITECTURE
Cloud computing Architectures are designs of software
applications that use Internet access on-demand services.
Applications built on a Cloud Architectures are such that the
underlying computing infrastructure is used only when it is needed
and also draw the necessary resources on demand and performa
particular job and then relinquish the unneeded resources and often
dispose themselves after the job is done .While in operation the
application scales up or down elastically based on resource needs.
The rapid growth of cloud computing is largely based on the
effective implementation of its architecture. In cloud computing
architecture, it is not just based on how the application will work
with the users. Cloud computing requires an interaction with the
hardware which is very essential to ensure uptime of the
application.
Applications build on Cloud Architectures run in the cloud where
the physical location of the infrastructure is determined by the
provider. Advantage of simple API’s of Internet accessible
services that scale on demand and that are industrial strength where
the complex reliability and scalability logic of the underlying
services remains implemented and hidden inside the cloud. The
uses of resources in Cloud Architecture is as needed, thereby
providing the highest utilization with optimumcost.

X. COMPARATIVE STUDY OF CLOUD COMPUTING

Comparative studies of cloud computing systems is done which
basically includes Amazon EC2, Google App Engine and
Microsoft Azure based on the three parameters such as Technology
benefits, business benefits and future trends.

A. AMAZON EC2
One or more instances of a virtual machine can be created for
processing and for storage. Payment is made based on time the
instances are running. Hourly charge vary from$0.020 (US East-
Virginia) to $3.200 (South It is America-Sao Paulo) possible to
have a reserve instance for an initial payment and discounted rate
of usage. Data storage can be both relational and non relational.
Virtual machine can be a different capacity Standard (Small,
Large, Extra Large), High-Memory (Double Extra Large,
Quadruple Extra Large) High-CPU (Medium, Extra Large). Both
Linux and Windows machine instances are supported.
Application written in Python or J ava can directly be deployed. We
are charged on the actual normalized CPU cycles used and storage
is only non relational. Charge which is calculated on these
parameters – bandwidth, CPU, storage, emails send. Bandwidth
usage charges are $0.12 per GB, CPU cycles usage charges are
from$0.08 to $0.64 per hour depending upon the capacity, storage
charges are $0.13 to $0.64 per GB per month.

B. MICROSOFT AZURE
Offering has 3 main parts which are Windows Azure, SQL Azure
and App Fabric. It is used Hyper-V for virtualizes. It works more
like an Amazon than like Google. There is an offer where the
service can be avail for free. Payment is made for the resources
used. For one instance of Virtual Machine usage charges vary
from$15.00 per month (Extra Small Instance) to $720.00 per
month (Extra Large Instance).

Data storage charges are $4.995 per month up to 100MB and $9.99
per month for greater than 100MB up to1GB. Additional
charges are and Europe regions and $0.19 per GB for Asia Pacific
Region. The developing environment Visual Studio is applicable
for additional usage more than 1GB. Bandwidth usage charges are
$0.12per GB for North America through an SDK.
C. FINDINGS
Amazon has been one of the first service providers that provide
sharing of resources (storage space and computing) to create a
very scalable and flexible platform and resizable compute capacity
in the cloud computing. Amazon EC2 which changes the
economics of computing by allowing paying only for capacity that
is actually used. The survey findings articulate that Amazon bested
Google and Microsoft and Amazon is recognized as the leader.

XI. CONCLUSION
Cloud Computing provides computing services in today’s
competitive environment in a highly scalable way. The
environments provided by the cloud strives to be reliable, dynamic,
customizable robust and elastic with a guaranteed Quality of
Service. This survey will provide an idea on the current trends in
the cloud systems and security, comparison studies of Amazon
EC2, Microsoft Azure and Google App Engine is made based on
technology benefits, business benefits and future trends. In this
paper initialize the challenges which are currently faced in the
cloud computing industry are highlighted and summarized the
dominance of the Cloud Computing.

XII. REFERENCE

[1] "Cloud Computing: Clash of the clouds".
2009-10-15.
[2] "Defining "Cloud Services" and "Cloud Computing""
IDC. 2008-09-23. Retrieved 2010-08-22.
[3] Mel P. and Grance G., “The NIST Definition of Cloud
Computing (Draft),” in Proceedings of the National Institute of
Standards and Technology, Gaithersburg.
[4] Chandran S. and M. Angepat . “Cloud computing and analyzing.
the risks specified in cloud computing environments” in the
Proceeding of Natural Sciences and Engineering Sweden,
pp. 2-4- 2010.
[5] Pfleeger C. and Pfleeger S., Security in Computing, 2nd ed,
Prentice Hall, New J ersey, 1997.
[6] Metri P. and Sarote G., “Privacy Issues and Challenges in
Cloud computing,” International J ournal of Advanced
Engineering Sciences and Technologies. 5-6- 2011.

[7] Vouk, M.A. Cloud Computing -Issues, research and
implementations, IEEE Information Technology Interfaces
30th International Conference.
[8] Klems, M. Lenk, , J . Sandholm, A. Nimis
‘What’s Inside the Cloud? And ‘ An Architectural Map of Cloud
the Landscape’, IEEE Explore, pp 23-31, viewed 21 (2009).
[9] L. Wang etal. “Scientific Cloud” and ” cloud Computing: early
International Journal of Computer Trends and Technology (IJCTT) – volume 4 Issue 8–August 2013
ISSN: 2231-2803 http://www.ijcttjournal.org Page 2684

definition and experience”.
[10] , ZHENG Wei Min, CHEN Kang, Cloud Computing
SystemInstances and current Research”.
[11] D. Dikaiakos, D. Katsaros , P. Mehra , A..Vakali , ‘Cloud
computing in distributed internet computing for IT and
Scientific Research’, IEEE explore, pp 23-31, viewed 22 (2009).
[12] S. Singh, “Different Cloud Computing 4. Putting Standards a
Huge Challenge,” The Economic Times, 4J une2009;
http://economictimes.india times.com/Infotech/Different –
cloud-computing-standards/articleshow/4614446.cm.
Computing.WorkshoponCryptographyandSecurity
Cloud.Zurich.Catteddu,D.(2010).