IJRIT International Journal of Research in Information Technology, Volume 2, Issue 9, September 2014, Pg. 782-786

International Journal of Research in Information Technology (IJRIT)

www.ijrit.com

ISSN 2001-5569

Cloud Computing Security Lalit Kumar (16084), Gourav Agghi (16067), Nishant Malik (16104), Ajay Anand (16951) Department of Computer Science and Engineering Dronacharya College Of Engineering,Gurgoan

Abstract Cloud computing is the most significant milestone in history of computers. In previous years, clod computing has become fastest growing segment of IT industry from a business concept. Cloud computing provides a platform for sharing of resources which include software and infrastructure with the help of virtualization.In order to provide quality services; this makes every effort to be dynamic and more reliable. In most computers, security is a barrier for cloud computing. There are many option in security of cloud computing which deals with all positives and negatives of cloud computing. This paper is an attempt to investigate various threats in cloud computing and also to focus on the various security measures available which can made more benefited implementation of cloud computing.

I.

Introduction

Cloud computing is a model for allocating compute and storage resources demand. Cloud computing provide different ways to provide services by reducing the cost structure. These technical and pricing opportunities changes in the business operated ways. Cloud computing is combination of following capabilities: • • • • • •

Stable Platform Management support services Easily useable Low costing Easily accessible Dynamic infrastructure

Cloud computing services are divided into three categories: Infrastructure-as-a-service, Platform-as-a-service and software-as-a-service. Infrastructure-as-a-service saves computing and storage services. It is a newly adopted method for use of IT resources.Platform-as-a-service is higher level service than infrastructure service. Platform based services includes tools for designing, developing and applications. Software-as-a-services provide network access to commercially available software. This is software distribution model in which application are hosted by service provider.

II.

ADVANTAGES AND DISADVANTAGES OF CLOUD COMPUTING

A. Advantages Of Cloud Computing  The cloud computing environments are scalable.

Lalit Kumar, IJRIT

782

IJRIT International Journal of Research in Information Technology, Volume 2, Issue 9, September 2014, Pg. 782-786

 Back up recovery is very easy in Infrastructure as a service (IaaS) provider; hence there is efficient incident response whenever data need to be recovered.  Reduced setup costs can be considered as a major advantage for cloud computing ,Since the cost involved in setting up a data centre are not very high.  In addition to the IT industry, even small scale business can adopt this environment (model).  Considering cloud computing from the aspects of power management, it serves as a virtual server which is easy to implement as compare to physical servers.  Hardware management failure can also be localized and rectified with relative ease.  Various data centres are spread throughout the country and thus it make easy for business to Use preferred sites.  The assessment of data can be done an time and is highly beneficial for the IT industry in reducing the workloads.

B. Disadvantage of cloud computing    

III.

A major disadvantage in cloud computing is that it is under the maintenance and supervision of a thirdparty. Hence the confidentiality and security measures are less secured. In cloud environment the data is not specifically segregated. It is distributed throughout the cloud network and causes the problems when specific data needs to be segregated. Another major drawback is the dependence on network connectivity .Network failure can result in loss to the company by causing extensive time delays. The Quality of service is a key determining factor in the efficiency of a cloud network. A reliable service provider providing desired quality of service may be difficult to source and the process set-up could turn out to be time consuming.

Cloud Computing Challenges Cloud computing is a emerging technology with shared resources and lower cost. Due to many characteristics it has effect on IT budget and also impact on security, privacy and security issues. There are following challenges: • Privacy Issue: It is the human right to secure his private and sensitive information. In cloud context privacy occur according to the cloud deployment model. In Public cloud (accessed through the Internet and shared amongst different consumers) is one of the dominant architecture when cost reduction is concerned, but relying on a CSP to manage and hold customer information raises many privacy concerns. • Security: Public cloud not only increases the privacy issue but also security concern. • Trust: Trust is very necessary aspect in business. Still cloud is failed to make trust between customer and provider. So the vendor uses this marvellous application should make trust. Weak trust relationship and lack of customer trust cause many problems during deployment of cloud services • Mitigation steps: It provides guidelines to the companies that offer cloud services. It will helpful to them to make proper strategy before implementing cloud services. There is some alleviation to reduce the effect of security, trust and privacy issue in cloud environment. There are many adoption issues like user get privilege to control data cause low transaction performance, companies are worried from cybercrimes.

IV.

Security Model for Cloud Computing

After considering the issues the practical approach is needed. For this purpose the sample model is designed to implement in the cloud computing architecture. Model is reviewed and experimental results are observed. Cloud computing architecture is divided into bottom layer that includes virtualized resources and upper layer contains specific services to the user. The model is shown in Fig. 1. Lalit Kumar, IJRIT

783

IJRIT International Journal of Research in Information Technology, Volume 2, Issue 9, September 2014, Pg. 782-786

Infrastructure-as-a-service Platform-as-a-service Software-as-a-service Virtual-resource-layer Physical-resource-layer Figure 1: Cloud computing architecture In cloud computing environment, here we introduce the idea of Security Access Control Service (SACS), which represents the composition of system modules. The block diagram is shown in Fig. 2.

Figure 2: System module of SACS Lalit Kumar, IJRIT

784

IJRIT International Journal of Research in Information Technology, Volume 2, Issue 9, September 2014, Pg. 782-786

The Security Access Control Service (SACS) will helpful toward CSP in Pakistan to implement cloud services with secure data trust. SACS includes Access Authorization, Security API, cloud connection Security modules and are described as under: Access Authorization: used to authorize to users who want to request cloud service. Security API: keeps users use specific services safely after accessing to the cloud. Cloud connection security: This ensures that the safe resource of the upper service layer provided by the bottom resource layer.

V.

SECURITY ISSUES

When it comes to cloud computing, the focus should be on two differentenvironments in terms of its security issues. Both physical and virtual machine security has to be taken into consideration as there is a dependency between thesetwo servers. None of the servers security should be compromised as it could show a catastrophic impact on other virtual machines of the same host. i.

ii.

iii.

VI.

Data Isolation: There will be various instances running on the same physical machine and all these instances are isolated from one another. There are certain techniques like Instance Relocation, Server Farming, Address Relocation, Failover and Sandboxing, which are used for instance isolation. Multiple organizations have multiple virtualization systems. These are required to be collocated on the same physical resource. Even after implementing the basic required data security measures in protection for the virtual machines as the physical segregation and hard-ware based security cannot protect against these attacks. Due to the reason that administrative access is done through internet, rigorous inspection for changes in system control is required. Browser Security: SSL is used to encrypt the request that has been received from the client in web browser as SSL supports point to point communication means. Because of the presence of the third party in cloud, there is a possibility that the date can be decrypted by the intermediary host. If any of the sniffing packages are installed on the intermediary host, it will be an easier task for the hacker to get the credentials of the user and those credentials can be used as a valid user ones. Protection of DATA: Data is the most significant part of any company and utmost priority is given to protect it. Data protection is very important in cloud computing as in any system. It is the responsibility of the cloud supplier that he is protecting the data and supplying to the customer in a very secure and legal way. This is one of the most complicated problems in cloud computing as it has many customers using various virtual machines.

Conclusion

Cloud computing has been showing its impact on the industry for the past few years and it has heralded a revolutionary change giving new directions to how information technology resources can be best utilized and by reducing the cost and complexity for customers. In this paper, we have given a brief analysis of various security concerns of cloud computing. We will try to come forward with more innovative ideas and security measure in future. In this paper, we have made an attempt to analyze the various security concerns of cloud computing and has provided some security measures. Even though Cloud Computing offers a wide range of benefits and newer services, people express different opinions about the security aspects of it. Because of these security concerns, it is still not gaining its full momentum. Most of the organizations are stepping back as they don’t want to take the security risk. It is essential to have more standard security measures for cloud computing in order to gain.

Lalit Kumar, IJRIT

785

IJRIT International Journal of Research in Information Technology, Volume 2, Issue 9, September 2014, Pg. 782-786

VII.

Future Work

Cloud computing is the most modern technology so lots of issues are remained to consider. It has many open issues some are technical that includes scalability, elasticity ,data handling mechanism, reliability, license software, ownership, performance, system development and management and non-technical issues like legalistic and economic aspect. Cloud computing still unknown “killer application” will establish so many challenges and solutions must develop to make this technology work in practice. So the research is not stop here much work can be done in future. The model presented in this paper is the initial step and needs more modifications; however it can provide the basis for the deeper research on security deployment of cloud computing for the research community working in the field of Cloud Computing.

VIII. 1. 2.

3. 4. 5.

References

Dikaiakos, M.D; Katsaros, D. Mehra, P. Pallis, G.Vakali, A.; (2010), “Cloud Computing Distributed Internet Computing for IT and Scientific Research”.Vol.13, pp 10, Sept.-Oct. 2009. D. Wentzlaff, C. Gruenwald III, N. Beckmann, K. Modzelewski, A. Belay, L. Youssef, J. Miller and A. Agarwal. FOS: A Unified Operating System for Clouds and Manycore. Computer Science and Artificial Intelligence Laboratory TR, Nov. 20, 2009. R. Maggiani; (2009), "Cloud computing is changing how we communicate," 2009 IEEE International Professional Communication Conference, IPCC 2009,Waikiki, HI, United states ,pp. 1, 19-22 July. Geng L; David; Jinzy Z; Glenn D (2009), “Cloud computing: IT as Service, “IEEE computer society IT Professional”, Vol. 11, pp.10-13, March-April 2009. Anderson, C. 2009. Free: The Future of a Radical Price. New York: Hyperion. Brunette, G. And R. Mogull (ed). 2009. Security Guidance for Critical Areas of Focus in Cloud Computing V2.1. Cloud Security Alliance, December 2009.Cloud Computing: The Evolution of Software-as-a-Science.

Lalit Kumar, IJRIT

786

Cloud Computing Security - International Journal of Research in ...

The Security Access Control Service (SACS) will helpful toward CSP in Pakistan to implement cloud services with secure data trust. SACS includes Access Authorization, Security API, cloud connection Security modules and are described as under: Access Authorization: used to authorize to users who want to request cloud ...

336KB Sizes 1 Downloads 265 Views

Recommend Documents

Cloud Computing Security - International Journal of Research in ...
sharing of resources which include software and infrastructure with the help of virtualization.In order to provide quality services ... Platform-as-a-service is higher level service than infrastructure service. Platform based services includes .... F

Pervasive Computing - International Journal of Research in ...
These techniques can be digital cookbook embedded on your microwave, video-on-demand services available on you home screen or shopping list stockpiled on your refrigerator even when you are miles away. Information .... Schilit introduced context awar

8085 Microprocessors - International Journal of Research in ...
including CRRES, Polar, FAST, Cluster, HESSI, the Sojourner Mars Rover, and THEMIS. The Swiss company. SAIA used the 8085 and the 8085-2 as the CPUs of their PCA1 line of programmable logic controllers during the 1980s. Pro-Log Corp. put the 8085 and

nanofiltration - International Journal of Research in Information ...
Abstract- The term “membrane filtration” describes a family of separation methods.The basic principle is to use semi-permeable membranes to separate fluids, Gases, particles and solutes. Membranes are usually shaped as a thin film, which allows t

Software - International Journal of Research in Information ...
approach incorporates the elements of specification-driven, prototype-driven process methods, ... A prototype is produced at the end of the risk analysis phase.

vampire attacks research paper - International Journal of Research in ...
A wireless sensor network are spatially distributed autonomous sensors to monitor physical or environmental conditions, such as temperature, sound, pressure, etc. and to cooperatively pass their data through the network to a main location. Denial of

vampire attacks research paper - International Journal of Research in ...
initial connection state onto the client, or cryptographic puzzles. These solutions place minimal load on legitimate clients who only initiate a small number of connections, but deter malicious entities who will attempt a large number. Note that this

Evolving Methods of Data Security in Cloud Computing - IJRIT
TPA makes task of client easy by verifying integrity of data stored on behalf of client. In cloud, there is support for data dynamics means clients can insert, delete or can update data so there should be security mechanism which ensure integrity for

NETWORK SECURITY & CRYPTOGRAPHY - International Journal of ...
IJRIT International Journal of Research in Information Technology, Volume 2 .... These security breaches could also result in monetary losses of a large degree.

NETWORK SECURITY & CRYPTOGRAPHY - International Journal of ...
knowledge of the internet, its vulnerabilities, attack methods through the internet, and security ... Current development in network security hardware and software.

Heat Recycling Of Data Centers - International Journal of Research in ...
When outside temperatures are high, the exchangers are sprinkled with water to ... (V) is proportional to the temperature difference (∆T) via the Seebeck ...

Download PDF - International Journal of Advanced Research
It is described and illustrated here based on recent collection from Wayanad (E.S. Santhosh Kumar 56416, TBGT) to facilitate its easy identification. Thottea dalzellii (Hook.f.) Karthik. & Moorthy, Fl. Pl. India 156. 2009. Bragantia dalzellii Hook.f.

Download PDF - International Journal of Advanced Research
Distribution and Ecology:— Lasianthus idukkianus grows in a shola forest at ... Deb, D.B. and Gangopadhyay, M. (1991): Taxonomic study of the genus ...

Download PDF - International Journal of Advanced Research
695562, Kerala, India. Manuscript ... In India, it is represented by 14 species which include 10 endemics confined to .... Forest Department for the logistic support.

cyborgs - International Journal of Research in Information Technology ...
Bioelectronics is already a real and recognized ... biological systems at a more basic level; nanotechnology and nano-machines may be able to effect biological changes at the intracellular level ... recombinant DNA research, much of the public showed

Uzma Ijrit Paper - International Journal of Research in Information ...
Auto Trip computer, engine control, air bag, ABS, instrumentation, security system, transmission control ... GSM also pioneered low-cost implementation of the short message service (SMS), also called ... Frequency: 900 MHz or 1800 MHz (Some countries

Web Based IDE - International Journal of Research in Information ...
B.E computer engineering, Institute of Knowledge College of engineering, pune .... Cloud computing is usage of computer resources (both hardware and ...

Compiler Design - International Journal of Research in Information ...
The final result of this paper is to provide a general knowledge about compiler design and implementation and to serve as a springboard to more advanced courses. Although this paper concentrates on the implementation of a compiler, an outline for an

Compiler Design - International Journal of Research in Information ...
... be regarded as an 'add-on' feature of acompiler. Its inuence upon the overall design is pervasive, and it is a necessary debugging tool during construction of.

(OLSR) Protocol - International Journal of Research in Information ...
2Assistant Professer, 2Punjabi University Regional Centre for IT & Mgmt., Mohali, India. Mohali, Punjab, India [email protected]. Abstract. OLSR is a leading proactive protocol used in MANET. Due to its low latency for route determination it has be

Bluetooth and Its Configuration - International Journal of Research in ...
IJRIT International Journal of Research in Information Technology, Volume 2, Issue 6, ... Bluetooth is a packet-based protocol with a master-slave structure [1] ... Frequency hopping has two significant benefits: .... technology introduced a new netw

review paper - International Journal of Research in Information ...
[email protected] , [email protected] , [email protected]. Abstract. Iris recognition has been finished by numerous scientists in a decade ago. Iris recognition assumes a important part to enhance effectiveness in biometric identific

data hiding using watermarking - International Journal of Research in ...
Asst.Professor, Dr. Babasaheb Ambedkar College of Engg. and research, ECE department,. R.T.M. Nagpur University, Nagpur,. Maharashtra, India. Samruddhi Pande1, Aishwarya Iyer2, Parvati Atalkar3 ,Chetna Sorte4 ,Bhagyashree Gardalwar 5,. Student, Dr. B

(STBC) OFDM Systems - International Journal of Research in ...
2 Department of Electronics Engineering, Sri Guru Granth Sahib World University, Fatehgarh Sahib, Punjab,. India. 4 Department of Electronics and communication Engineering, CTIEMT, Jalandhar city. Abstract. In this paper, performance analysis of inte