Table of Contents

Introduction......................................................................................................................................1

Literature Review............................................................................................................................2

Google Infrastructure Security Layers.........................................................................................3

Google Cloud Platform Compliance and Trust............................................................................7

Google Cloud Security – Trust Principles...................................................................................7

Independent Third-Party Certifications.......................................................................................8

Privacy and Compliance Standards..............................................................................................8

Conclusion.......................................................................................................................................8

References......................................................................................................................................10
Introduction

In today’s digitalized era, organizations are utilizing IT operations in order to develop applications
quicker and sustain innovations to preserve their competitive position in the modern digital world. As
indicated by many prestigious specialists from the IT industry, cloud computing is the third huge wave
in the Information Technology business, which became a vital aspect in different sectors and
areas[ CITATION Ali131 \l 1033 ].

The integration of cloud computing today is generating a change in the way organizations operate and
in general the way people live. The Cloud can offer convenient, ubiquitous and on demand network
access and application to resources like: storage services, networks, computing services, infrastructure
etc. without the need of any funds or expenditures. From an individual user to multi-national businesses
and corporations, can simply use any type of service from the Cloud[ CITATION Sri18 \l 1033 ].

Currently, there are many Cloud providers, but only few are the biggest players on the market. One of
the cloud pioneers and revolutionizers is Google, which today offers 90 products that belong to Google
Cloud. Therefore, Google provides these wide range of services for numerous organizations and
individuals globally. Google Cloud Platform is a part of Google Cloud, which provides Infrastructure
as a Service, Platform as a Service and serverless computing environments. Google Cloud Platform
delivers cost efficient architectures that support the transmission, storage and intensive computing of
data[CITATION Goo19 \l 1033 ].

Nevertheless, the main question is, all the data, private information, confidential possessions of
organizations or personal property of individuals are safe and secure? In today’s modern society,
information has become the most expensive commodity.

This research paper will examine Google Cloud Platform security infrastructure. It will be analyzed
how Google Cloud Platform security is designed, as well as the infrastructure features. The paper will
investigate how Google Cloud protect its data, including the organizational and technical controls,
followed by Google compliance regulatory requirements.

Literature Review
As previously stated, Cloud Security is very important aspect when it comes to organizations and
individuals. Security is the main retrain that is holding back the growth of cloud computing in the long
run. Nowadays, cloud providers main worry is forfeiting customer information or data to cyber
attackers. Google’s global network of users reaches billions of customers. Therefore, one of the main
challenges the company faces is persistent protection of its global network against cyber threats, which
are continuously growing. For the same reason, Google invests profoundly in securing its infrastructure
from the possible dangers. Consequently, Google Cloud Platform has become one of the most secure
Cloud providers and preferred platforms globally. This chapter will elaborate how GCP plays a vital
role in the Cloud industry and how it became the most secure platform[ CITATION Sha15 \l 1033 ].

Figure 1: Cloud security

Google Infrastructure Security Layers

From the picture bellow it can be seen that Google Infrastructure is consistent of 6 layers, which start
from physical security data centers lifting to hardware and software structure. Therefore, all the six
layers are properly situated in place in order to define all the processes involved in sequence to support
operational security[ CITATION Mit19 \l 1033 ].

Figure 2: Google Infrastructure Security Layers

Hardware Infrastructure
Hardware infrastructure or the lowest level infrastructure is basically consistent of three components:
1. Security of Physical Premises: Include data centers, which have numerous coatings of physical
security fortification. These data centers are secured with technologies as: biometric
identification, cameras, laser-based detection systems. Also, only limited specialized personnel
can access these data centers[ CITATION Mit19 \l 1033 ].

2. Hardware Design and Provenance: Google custom designed networking equipment that is
consistent of thousands of server machines. (Google custom chips, deployed on servers and
peripherals, used for security identification of Google devices at the hardware level)[ CITATION
Mit19 \l 1033 ].
 3. Secure Boot Stack and Machine Identity: Google server machines with specific identification
that are ensuring the security of hardware and software machine boots[ CITATION Mit19 \l 1033 ].

Figure 3: Hardware Infrastructure

Service Deployment
This layer of security confirms that a service is properly deployed on Google’s infrastructure from the
base hardware and software. The listed points below are briefly examining the Service
Deployment[ CITATION Goo17 \l 1033 ].

1. Service Identity, Integrity and Isolation: Through cryptographic verification and authorization,
this layer provides strong control and security.

2. Inter-Service Access Management: With assistance of Google engineers, this infrastructure

operates in a way that detects individual identities, so that services can accept or deny the
following access. Strong management systems are operating to provide approval of identities,
notifications and chains[ CITATION Goo17 \l 1033 ].

3. Encryption of Inter-Service Communication: With cryptographic authorization and

authentication the infrastructure is proficient to secure inter-service communication. This
ensures that any third party do not have access to the private network[ CITATION Goo17 \l 1033 ].

4. Access management of End User Data: The infrastructure is designed in a way to run central
user identity service that verifies the end user login. After the verification provides users
authorizations to the client’s device[ CITATION Goo17 \l 1033 ].
Secure Data Storage
The numerous Google storage services are designed to use keys from a central key management service
to encrypt the data in advance. In order to avoid possible threats, such as malicious disk firmware, the
infrastructure at the application layer is premeditated to preform encryption. Also, for further
protection, encryption is done at other layers, such as at the hardware layer[ CITATION Goo17 \l 1033 ].

Furthermore, deletion of data is performed. Most frequently Google develops specific data as
“Scheduled for Deletion” instead of completely eliminating the data. The data deletion permits easy
recovery from accidental deletions, whether its customer originated or just a bug[CITATION Goo15 \l
1033 ].

Secure Internet Communication

This layer covers the secure communication between Google and the internet. This is conducted
through private IP space which exposes subset of machines straight to outside internet traffic and
attacks. Google Front End (GFE) services guarantee that all the transportation layer security
connections are completed and in coordination with the accurate certificates[ CITATION Goo17 \l 1033 ].
The Google Front End ensures proper protection counter to DDoS attacks. Furthermore, the central
identity service, that consumers view as Google log in page which request username and password, and
evaluates risk factors, which may include whether the individual logged in from same device or
location[ CITATION Goo15 \l 1033 ].

Operational Security

This layer includes various technologies for measuring and improving security recognition and
response. Manual security reviews, as well as automated tools are included for security formation.
Google creates important outlays, specifically created for protection of user’s devices and credentials,
with usage of different technologies and regulations for physical, data, computers, access management,
network security etc.[ CITATION Goo12 \l 1033 ].
The operational security consists of four sections:

1. Intrusion Detection
2. Safe Software Development
3. Keeping Employee Devices and Credentials Safe
4. Reducing Insider Risk

Google Cloud Platform Compliance and Trust

Google Cloud Security – Trust Principles

Google Cloud Platform trust principles are constructed for thorough protection of customers privacy.
Consequently, GCP practice six different trust principles, which are going to be listed below:

1. The first and main principle Google use is customer safety. The platform is designed to provide
instant notification to users if a safety breach is crossed and customer data is in danger.
2. GCP security provides comprehensive control over customer’s data.
3. One of the trust principles include strict advertising principle. Google maintains rigorous
differentiation between the user’s Cloud data and the one used for business advertising.
4. Google’s data centers have the most advanced security systems, which locations are publicly
accessible. This allows users to have knowledge regarding their data storage and constant
availability.
5. Independent auditors evaluate, validate and certify GCP security practices. Accordingly,
international security and privacy regulations assure GCP security.
6. Last and most important, Google does not provide “backdoor” access to customer data to any
governmental agencies or units[ CITATION Fri19 \l 1033 ].

Independent Third-Party Certifications

Google Cloud Platform implements various security controls in order to ensure its customers with high
protection and security. Therefore, GCP is implementing independent third-party audits and
regulations, which not only comply with data security, but they have been certified. Google Cloud
Platform has certifications such as: ISO 27001, ISO 27017, ISO 27018, AICPA, SOC 2 and 3, PCI
DSS, CSA Star and FedRAMP[ CITATION Tua20 \l 1033 ].

Privacy and Compliance Standards

Google Cloud Platform follows European Union’s General Data Protection Regulations (GDPR).
These laws and regulations stand for fortification of European user’s data privacy and protection.
Moreover, Google Cloud Platform follows Australian Privacy Principles (APPs), Australian Prudential
Regulations Authority (APRA), Multi-Tier Cloud Security (MTCS), Singapore Standard (SS), Japan
Center for Financial Industry Information Systems (FISC) and UK NCSC Cloud Security
Principles[ CITATION Goo \l 1033 ].

Nevertheless, Google Cloud Platform for having the most secure payment services follows ISO/IEC
27001 and Payment Card Industry Data Security Standards (PCI DSS). With pioneering encryption
credit card details, storage and personal information of clients, Google has achieved radical
security[ CITATION Goo \l 1033 ].

Conclusion

Google’s cloud platform is considered as a major secrecy cloud provider and more secured and safer
than the other Cloud companies on the market. They are a go to shop for cloud computing work and
they have proven track record on anything they touched turned to gold. Consequently, companies can
rest assured and continue with Google Cloud Platforms as their preferred cloud service providers.

Google Cloud Platform main objective is protection of customers data and its security, this became a
part of the company’s initiatives and vital focus. Google Cloud Platform is a major leader on the
market for data protection and innovation of security and encryption systems. The company considers
that data protection is more than security, for the same reasons, with all possible efforts and innovation
investments, Google earns trust with today’s most valuable asset – information.
 References

[1] M. Ali and M. H. Miraz, "Cloud Computing Applications," in Proceedings of the International Conference on
Cloud Computing and eGovernance, Wales, 2013.

[2] P. Srivastava and R. Khan, "A Review Paper on Cloud Computing," International Journals of Advanced
Research in Computer Science and Software Engineering , vol. 8, no. 6, 2018.

[3] Google, "Google Cloud," 2019. [Online]. Available: https://cloud.google.com/security/. [Accessed 2 4

2020].

[4] I. Shabani and A. Dika, "The Benefits of Using Google Cloud Computing for Developing Distributed
Applications," Journal of Mathematics and System Science, vol. 5, pp. 156-164, 2015.

[5] N. . J. Mitchell and K. Zunnurhain, "Google cloud platform security," in the 4th ACM/IEEE Symposium,
2019.

[6] Google, "Google Infrastructure Security Design Overview," Google Cloud, 2017.

[7] G. C. P. Whitepaper, "Screenleap," 26 5 2015. [Online]. Available:

https://www.screenleap.com/doc/Google_Cloud_Platform_Security_Whitepaper.pdf. [Accessed 2 4
2020].

[8] Google, "Google’s Approach to IT Security. A Google White Paper," Google , 2012.

[9] K. Fritchen, "Managed Methods," 2019. [Online]. Available: https://managedmethods.com/blog/google-

cloud-platform-security-features/. [Accessed 3 4 2020].

[10] S. V. Tuan , . K. Heydemann, A. d. Grandmaison and A. Cohen, "Secure Delivery of Program Properties
Through Optimizing Compilation," in ACM International Conference on Compiler Construction, 2020.

[11] Google, "Google Cloud’s Approach to Security," Google Cloud .

[12] Google, "Security, compliance and GDPR Google Cloud," [Online]. Available:
file:///C:/Users/Ena/Downloads/Security,%20compliance%20and%20GDPR%20and%20Google%20Cloud
%20(2).pdf. [Accessed 2 4 2020].