ITECH 2201 Cloud Computing

School of Science, Information Technology & Engineering

Week 9 Tutorials
In this tutorial you will search and find the following interesting research paper on cloud security from
IEEE Xplore digital library, and answer the questions that follow:

 Waqas, A; Yusof, Z.M.; Shah, A, "A Security-Based Survey and Classification of Cloud
Architectures, State of Art and Future Directions," Advanced Computer Science
Applications and Technologies (ACSAT), 2013 International Conference on , vol., no.,
pp.284,289, 23-24 Dec. 2013.

Questions

1. Why data security is significant in cloud?

Answer: The data security is very important in cloud as it as like
 The security loopholes in public or private clouds are actually caused by the
infrastructure of cloud computing because as it depends on the virtualization.
 As the most important cloud security issues are identity and access management,
privacy of contents, securing data during the transmission, auditing the security in
regular intervals.
 As the data security in cloud is threatened with the attacks from SQL injection and
distributed denial of service attack (DDOS).
 As there some other new forms of attacks as they can mentioned as the poisoned virtual
machines , abuse of billing systems , data leakage through the uniformed resource link.

2. Mention and briefly describe (1 or 2 lines) different types of data storage and data security
surveyed in this paper?
The greater part is distributed in computing is identified with the information storage and
information security and to recognize the substances who are in charge of information from the
cloud environment. Numerous exploration gatherings are as yet researching the proficient
component for capacity, security and protection to the trust of cloud clients. A case is a structure
proposed by called Cloud data tracker. The point of Cloud data tracker is to review the information
and following information that leaves cloud limit. They utilized the "Information Tracker"
application that contains an executable document called viewer.exe. This document gives the review
of Data-Tracker. At whatever point a document leaves the cloud limit, regardless of whatever the
reason is, this viewer.exe document will be joined to that information record. The motivation behind
viewer.exe is to log occasions on information record and send the temper-verification occasion logs
back to the server. This Overview of Data Tracker Administration is to Auditing Level Cloud
Between cloud Inspects the directors to screen the fact that it is to create the review trails. These
review trails can be observed for reviewing utilizing hidden guideline based observing frameworks,

CRICOS Provider No. 00103D Insert file name here Page 1 of 2

 A Monitoring and Audit Logging Architecture for Data Area Compliance in Federated Cloud
Infrastructures proposed by reviews the area of information. The cloud may compasses more than a
few nations. The review logs needed for consistence examining can be made with the observing data
of the administration supplier. The cloud in data storage identifies about issues with information
consistence in cloud.

3. What are the different measures, mentioned in the paper, to secure and audit malicious
acts in cloud data?
Security and Auditing of Malicious Acts

The substances are hazardous for processing particularly distributed computing as cloud contains
valuable and assets and elements can assets was traded off by the malignant clients and
Microsoft cloud clients lost their information because of lots of measures have been taken by
analysts and cloud suppliers to secure cloud from malicious acts arranged by the current
malicious insider, assaults to distributed computing. A malicious Insider is an Insider who
deliberately abused that influenced the classification, or accessibility of the association data or
data frameworks. They exhibited the nature and conduct of malicious insiders regarding cloud
community. These insiders can get to cloud resources for instance database, passwords or keys,
IPs and system foundation examined the regular thought of three particular points of view. The
cloud supplier manager who is a trusted individual designated. This can happen as a result of the
cloud or virtualization and so on.

4. Briefly explain the machine learning technique used to detect the malicious attack.
Machine learning technique

They further recommend system to secure cloud against these malignant insiders utilizes the
machine learning technique’s for pro-active the cloud registering intending to recognize the
assault advise cloud clients about assault when it is covered up by cloud supplier demonstrates
the configuration for utilizing machine learning procedure inside of single cloud environment
Information accumulation that is gathered in view of the way of information is the major process
to detect from them alicious attacks.

Complete the above questions and upload your work on Moodle. Please note your final exam will have
questions from the tutorials as well. You are encouraged to discuss your answer with your Tutor before
uploading your work.

CRICOS Provider No. 00103D Insert file name here Page 2 of 2