Security Issues For Cloud Computing

Download as pdf or txt
Download as pdf or txt
You are on page 1of 9

274

Security issues for Cloud Computing


Vikas Goyal[1], Dr. Chander Kant[2]
[1]

Research Scholar, [2] Assistant Professor

Deptt. of Comp. Sc. & Appl., Kurukshetra University, Kurukshetra, India. [email protected], [email protected]

Abstract: This paper gives a brief view of Cloud computing by giving its definition,
advantages, components, types, security issues & current security techniques. By reading this paper, an individual surely will have a clear idea about the introduction, Advantages & Security challenges of Cloud computing. Keywords: Private Cloud, Public Cloud, Hybrid Cloud.

1. Introduction Cloud computing is a latest emerging computing technology that uses the internet and central remote servers to maintain data and applications. In todays economic environment, organizations are focused on reducing costs and doing more with less while still trying to remain competitive. So that IT departments are facing greater problems to ensure that they match key business needs and deliver the desired results in the most efficient and cost-effective manner. To meet these challenges, IT organizations are increasingly moving away from device-centric views of IT, to one that is focused on applications, information, and people and more towards the new paradigm of Cloud Computing. Because Cloud computing allows consumers and businesses to use applications without installation and access their personal files at any computer with internet access.
2011 Journal Anu Books

Research Cell: An International Journal of Engineering Sciences ISSN: 2229-6913 Issue Sept 2011, Vol. 4

275

1.1 About Cloud Computing A model for enabling convenient, on-demand (pay per use) network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be easily updated & will be released to all the users with minimal management effort

Figure 1.1: The Cloud

In short, Cloud computing means using the Internet for all computer needs. Rather than having disc storage, software, and hardware of your own, all information can be on the Internet. Cloud Computing refers to both the applications delivered as services over the Internet and the hardware and systems software in the datacenters that provide those services. The datacenter hardware and software is what we will call a Cloud. Developers with the knowledge of new Internet paradigm, no longer require the large investment in hardware to deploy their service or the human expense to operate it. 1.2 Advantages of using Cloud Cloud computing has a lot of advantages over traditional computing. The benefits of deploying applications using cloud computing include reducing run time and response time, minimizing the risk of deploying

2011 Journal Anu Books

276

Vikas Goyal, Dr. Chander Kant

physical infrastructure, lowering the cost, and increasing the pace of innovation. Some other advantages of cloud computing are as following: Pay for what you use Acquiring & releasing of resources on demand Efficient & better resource utilization Location and Device independence Minimized investment Fast Application Deployment Hassle Free Maintenance Excellent service quality No need to install or update S/W or H/W

1.3 Cloud Computing Models Cloud computing offers both the software and hardware as a service over the internet. These services are classified into three categories: i. Software as a Service (SaaS) ii. Platform as a Service (PaaS) iii. Infrastructure as a Service (IaaS) i. Software as a Service (SaaS) Software as a Service is a software delivery model through which cloud computing make the availability of softwares as a service to its end user. These software services are delivered through a web browser to its user as a service on demand (user will have to pay for how much he use). To use software as a service through cloud computing, user just request for the service of a particular software to its vendor and the vendor will provide the services of the software to its user. The end user has not to worry about the

2011 Journal Anu Books

Research Cell: An International Journal of Engineering Sciences ISSN: 2229-6913 Issue Sept 2011, Vol. 4

277

software licensing and other issues related to the genuineness of the software that he is using. ii. Platform as a Service (PaaS) PaaS is like SaaS delivery model which deliver computing platform as a service over the web. Platform as a Service dramatically changed the scenario of development, deployment & run process of all business applications. As the core element of cloud computing, PaaS eliminates the costs and complexity of evaluating, buying, configuring, and managing the hardware and software needed for enterprise applications. PaaS provides all the facilities required to support the complete life cycle of building and delivering web applications entirely on the web.

Figure: 1.2 Platforms as a Service

iii. Infrastructure as a Service (IaaS) Infrastructure as a Service is a model in which an organization outsources the Infrastructure (equipments) required to support operations, including storage, hardware, servers and networking components. The service provider owns the equipment and is responsible for housing, running and maintaining it. The client typically pays on a per-use basis. Access to infrastructure stack includes Full OS access, Firewalls, Routers, Load

2011 Journal Anu Books

278

Vikas Goyal, Dr. Chander Kant

balancing etc. Cloud computing offers scalable, secure and robust Infrastructure-as-a-Service (IaaS). Infrastructure as a Service is sometimes referred to as Hardware as a Service (HaaS). 1.4 Types of Clouds The various types of clouds are: i) Public Cloud The cloud infrastructure is made available to the general public or a large industry group and owned by an organization selling cloud services. The organizations using public cloud do not control how those cloud services are operated, controlled, accessed or secured. Owned and managed by the enterprise Limits access to enterprise and partner network Retains high degree of control, privacy and security Accessed from inside the firewall

Figure 1.3: Types of Cloud

ii) Private Cloud The cloud infrastructure is operated separately & solely for a single organization. It may be managed by the organization or a third party and may exist on or off-premises. While the organization does not need to physically own or operate all the assets, the key is that a shared pool of

2011 Journal Anu Books

Research Cell: An International Journal of Engineering Sciences ISSN: 2229-6913 Issue Sept 2011, Vol. 4

279

computing resources can be rapidly provisioned, dynamically allocated and operated for the benefit of a single organization. Owned and managed by service provider Delivers selected set of business process, application or infrastructure services. Accessed from outside the firewall iii) Hybrid Cloud The cloud infrastructure is a composition of two or more clouds (private or public) that remain unique entities but are bound together by standardized or proprietary technology that enables data and application portability (e.g., cloud bursting for load-balancing between clouds). It is beneficial to have Hybrid clouds because by using this we can have more control on our data. A hybrid infrastructure takes advantage of both public and private clouds: 1.5 Current Security Techniques i) Isolation from Cloud Infrastructure User Isolation from Cloud Infrastructure Users only have access to APIs and Dashboards o No user direct access to Cloud infrastructure

Project-based separation o o A project is a set of compute resources accessible by one or more users Each project has separate: VLAN for project instances VPN for project users to launch, terminate, and access instances

2011 Journal Anu Books

280

Liladhar R. Rewatkar, Ujwal A. Lanjewar

Figure 1.4: Isolation in Cloud

ii) Firewalls Multiple levels of firewalling o o o Hardware firewall at site border Firewall on cluster network head-ends Host-based firewalls on key hosts

iii) Remote User Access Remote access is only through VPN (openVPN) Separate administrative VPN and user VPNs Each project has own VPN server

iii) Intrusion Detection Monitoring and analyzing both user and system activities Assessing system and file integrity Analysis of abnormal activity patterns Tracking user policy violations

2011 Journal Anu Books

Research Cell: An International Journal of Engineering Sciences ISSN: 2229-6913 Issue Sept 2011, Vol. 4

281

i)

Data Scrubbing

This is an in-house process where system removes any client related information (personally identifiable) from the data before sending it to cloud. Some examples are Name, Address, Salary, Birth-Date, SSN etc. So once the data gets to cloud its just list of numbers with only way to track back is some Proprietary ID (which system controls) ii) Selective data transportation This is little involved and goes case by case, in this scenario system sends data in small chunks and only with one or two bits of information so security risks are minimized. Combined with 1, this gives added security. iii) End-to-End encryption In this scenario, whole channel to cloud communication is encrypted (VPN, IP level security). Also, once in the cloud data is never stored or passed without encryption. iv) Public-Private hybrid solution You do the sensitive work in private cloud and send non-sensitive work to public cloud. Also, you can move data once it becomes less sensitive to public cloud. 2. Conclusion Computing clouds are changing the whole IT, service industry, and global economy. Clearly, cloud computing demands efficiency, security, and trustworthiness. Cloud computing has become a common practice in business, government, education, and entertainment leveraging 50 millions of servers globally installed at thousands of datacenters today. Private clouds will become widespread in addition to using a few public clouds that are under heavy competition among Google, MS, Amazon, Intel, EMC, IBM, SGI, VMware, Saleforce.com, etc. Effective trust management, guaranteed security, user privacy, data integrity, mobility support, and copyright protection are crucial to the universal acceptance of cloud as a ubiquitous service.
2011 Journal Anu Books

282

References [1] [2] [3] [4] [5] [6] Erdognus, Cloud Computing, IEEE Software, vol. 26, no. 2, pp. 46, March/April, 2009 Aymerich, An approach to a cloud computing, web technologies, AYM ,2008. Buyya Cloud Computing, IEEE High Performance of Grid Computing, BUV 2008. Dell. Cloud Computing Sections www. Del.com, DELL 2008 Atanu, Cloud Security Issues Processdings of the 40th Hawali International Conference on System Science, ATA, 2009. Gartner, Cloud Computing will be as influential as e- business, Gartner, Tech. Rep., 2008. [Online]. Available: http://www.gartner.com/it/page.jsp?id=707508 [7] [8] [9] [10] [11] [12] [13] [14] Greg, Cloud Computing Harold Hall, GRE, 2007. Liange, Business Cloud Computing, IEEE International conference on services Computing ,SCC, LIA 2008. Livpeng, Features of cloud computing, www. China cloud, LIU 2009. Nomadic, Cloud Computing Example ACM, 2008. Oracle, Cloud Computing Amazon. Com. 2009. SAAS/Cloud Computing, IEEE Conference 2008. Shu Wang research in cloud computing, at University California, 2000. Five cloud computing questions. Networkworld.com. ht tp :/ /ww w. net wo rk wor ld .co m/ co lum ni sts/2 00 8/0 80 50 8dzubeck.html. [15] G. Gruman and E. Knorr, What Cloud means, InfoWorldInc., Tech. Rep., 2008.
2011 Journal Anu Books

Computing really

You might also like