Paper-6 Research Challenges and Security Issues in Cloud Computing

of 7
10 views
PDF
All materials on our website are shared by users. If you have any questions about copyright issues, please report us to resolve them. We are always happy to assist you.
Document Description
International Journal of Computational Intelligence and Information Security, March 2012 Vol. 3, No. 3 Research Challenges and Security Issues in Cloud Computing R. Kalaichelvi Chandrahasan, S Shanmuga Priya and Dr. L. Arockiam AMA International University, Kingdom of Bahrain M.I.E.T Engg College, Tiruchirappalli, India St. Joseph's College, Tiruchirappalli, India kalai_hasan@yahoo.com, shanmugapriyaraj@yahoo.com, larockiam@yahoo.co.in Abstract Cloud computing is a promising computing standard
Document Share
Document Tags
Document Transcript
  International Journal of Computational Intelligence and Information Security, March 2012 Vol. 3, No. 342 Research Challenges and Security Issues in Cloud   Computing   R. Kalaichelvi Chandrahasan, S Shanmuga Priya and Dr. L. Arockiam  AMA International University, Kingdom of BahrainM.I.E.T Engg College, Tiruchirappalli, IndiaSt. Joseph's College, Tiruchirappalli, Indiakalai_hasan@yahoo.com, shanmugapriyaraj@yahoo.com, larockiam@yahoo.co.in Abstract Cloud computing is a promising computing standard where computing resources in large data center aremade available as services over Internet. Cloud computing has become prominent IT by offering the businessenvironment data storage capacity. This new profitable paradigm for computing is an attractive, massive, large-scale investment that includes any subscription-based or pay-per-use service over the Internet. It is on-demandaccess to virtualized IT services and products. Salesforce, Amazon and Google are currently providing suchservices, charging clients using an on-demand policy. As the users deal their sensitive data to clouds i.e. publicdomains, the major hurdles for cloud adoption are lack of security and access control. The main setback is thatthe insecure information flows as service provider can access multiple virtual machines in clouds. So it isnecessary to build up proper security for cloud implementation. The aim of this paper is to provide an overallview of cloud computing with the aim to highlight the possible security issues and vulnerabilities connected withvirtualization infrastructure. Keywords: Cloud Computing; Virtualization; On-Demand Policy; Security; Service Provider; Public   Domains   1. Introduction Cloud computing takes virtual infrastructure and builds upon research in distributed computing, gridcomputing, utility computing, autonomic computing, networking, web services and software services. It hasshown tremendous potential to empowerment, agility, multi-tenancy, reliability, scalability, availability,performance, security and maintenance. Through Cloud environment Email, Instant messaging, businesssoftware, and web content management can be offered. It incorporates many existing technologies such asinformation and infrastructure consisting of pools of computers, networks, distributed services application,information and storage resources. The US National Institute of Standards and Technology (NIST) defines cloudas follows: “Cloud computing is a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidlyprovisioned and released with a minimal management effort or service provider interaction. This cloud modelpromotes availability and is composed of five essential characteristics, three delivery models, and fourdeployment models.” [1].Due to the ever growing interest in cloud computing, we focus on issues that are specific to cloudenvironment. The rest of this document is organized as follows. Section 2 describes an overview of Cloud thatembraces the characteristics of cloud computing, service models, deployment models and cloud scalability.   Section 3 presents the security challenges in cloud and the seven layers on the basis of CSA followed by theService Level Agreement and widely used languages for describing web services in Section 4. Finally, Section 5concludes the paper and discusses the future work. 2. Cloud: Overview 2.1   Characteristics of Cloud Computing The five characteristics of cloud computing embrace on-demand self-service, ubiquitous network access, location independent resource pooling, rapid elasticity, and measured service [6].   2.2 Service Models There are three layers referred as delivery models that provide the resources to the clients.  International Journal of Computational Intelligence and Information Security, March 2012 Vol. 3, No. 343 Cloud Software as a Service (SaaS): The top layer provides the customer with ready to use applicationrunning on the infrastructure of service provider. The applications are easily accessible from several clientdevices as on-demand services. As clients obtain software from different providers, ensuring the information bythese services is well secured becomes an issue. Salesforce, DocLanding, Zoho, Workday are instances of SaaSare used for different purposes such as email, billing, human resource management etc. Cloud Platform as a Service (PaaS): It is the middle layer that provides platform oriented service,controlling the installed applications and available hosting environment configuration. Services that theapplication can request from an OS can be a constraint in PaaS. Google App Engine, LoadStorm are the instancesof PaaS for running web applications and testing their performance. Cloud Infrastructure as a Service (IaaS): The bottom layer provides infrastructure services such asmemory, cpu and storage. The consumer can deploy and run software. It reduces hardware costs. License cost isreduced in all layers. Trusting virtual machines, setting hosts, acquiring inter host communication are significantareas to be considered in IaaS. Amazon S3 and FlexiScale are the best examples of IaaS for storage andmaintaining virtual servers. Figure 1: Cloud Computing Map [2] 2.3 Deployment Models The major factor to provide a secure cloud computing is the type of cloud to be implemented. The typesof cloud deployment models offered are: Private cloud : This cloud infrastructure is functioned only for particular organization. Community cloud : This cloud infrastructure is available to several specific groups of organizations. Public cloud : The purpose of this cloud infrastructure is to public or large industry group can serve multipletenants. Hybrid cloud : It is composite of two or more than two clouds. 2.4 Scalable Web Architectures In terms of scalability of cloud computing, it has two dimensions, namely horizontal cloud scalabilityand vertical cloud scalability [15]. Horizontal cloud scalability : It is the facility in which multiple clouds can be integrated and connectedto have one logical cloud. For instance a calculation cloud can be integrated with storage cloud or twocalculation clouds can integrate into a larger calculation cloud. Vertical cloud scalability : It is the facility in which the capacity of a cloud can be developed byenhancing individual existing nodes in the cloud. For example providing a server with more physical memory or  International Journal of Computational Intelligence and Information Security, March 2012 Vol. 3, No. 344improving the bandwidth that connects two nodes. Additionally, a node can be gradually upgraded from a singlepower machine to a data center.Users can store their data in the cloud without they need to know where it keeps the data or how itaccesses the data. 3. Security Challenges In Cloud  As promising as it is, cloud computing is also facing many security issues including sensitive dataaccess, data segregation, privacy, authentication and identity management, policy integration, bug exploitation,recovery, accountability, visibility under virtualization, malicious insiders, management console security, accountcontrol, and multi-tenancy issues[3], [4]. Solutions to various cloud security issues include cryptography, publickey infrastructure, standardization of APIs, and improving virtual machine support and legal support. Publicclouds clutch the highest risk of data exposure and hence it must be managed with the proper caution. Henceunderstanding the challenges and security risks in cloud environment and developing solutions are essential tothe success of this evolving paradigm [6].A survey was conducted by International Data Corporation (IDC) IT group to rate the cloud servicesand its issues in 2008. The Figure 2 shows the respondents rating. It shows that security is the major concern incloud computing paradigm. Figure 2: Cloud Challenges/Issues survey [17]. 3.1 Data Security Cloud vendors face major issues in confidentiality, integrity and availability in data security.Confidentiality refers to who stores the encryption keys. Integrity refers to no common policies that exist for datatransfer. Lastly, the most problematic issue is availability i.e. it is very hard to make applications and resources.Data security includes Privileged user access, Regulatory compliance, Data location, Data segregation, Recovery,Investigative Support, Long-term viability [5], [10]. 3.2 Key security challenges3.2.1 Authentication As cloud users store their information to various services across the Internet, it can be accessible byunauthorized people. Henceforth for authenticating users and services cloud should have identity managementsystem. 3.2.2 Access Control To identify and allow only authorized users, cloud should have a fine access control policies. Suchservices should be flexible, easily manageable and their privilege distribution is administered efficiently. Also theaccess control services should be incorporated based on Service Level Agreement (SLA).  International Journal of Computational Intelligence and Information Security, March 2012 Vol. 3, No. 345 3.2.3 Policy Integration The end users may access many cloud providers such as Amazon, Google, LoadStorm and otherproviders. They may have their own policies and approaches and hence there might be conflicts among theirpolicies. Hence we need to have a mechanism to detect these inconsistencies among their policies and to havesolutions for them. 3.2.4 Service Management To meet customers' needs, many cloud providers together form a new composed service and provides apackaged service to customers. At this scenario, there should be a service integrator to get the finest interoperableservices.   3.2.5 Trust Management As the cloud environment is service oriented, a trust management approach should be developed. Itshould include trust negotiation factors for the cloud providers and cloud users. The idea is, the providers need tohave some level of trust on the users to release their services to, and their users should have some level of truston the providers to choose their service from [11], [12], [13]. 3.3 Seven   Layers   in   Cloud : A cloud is structured in seven layers on the basis of Cloud Security Alliance: 1) Facility Layer, 2)Network Layer, 3) Hardware Layer, 4) OS Layer, 5) Middleware Layer, 6) Application Layer and 7)The UserLayer [7], [8] [14]. 3.3.1 The Facility Layer The facility layer provides physical security. A high priority should be considered in controlling andmonitoring physical access to the hardware. Closed-circuit cameras and patrolling security guards, alarm system,administrator logging, authentication, confidentiality agreements, background checks, and visitor access shouldbe incorporated into surveillance of physical security. Also an architectural security should be adequate to guardthe data center from any kind of physical attack. 3.3.2 The Network Layer The provider furnishes the network access to the users to access the customer data across the Internet incloud. Hence the network defense devices should collect information about security events on the networks. Theprovider should maintain, monitor and audit network flow data. Also the customer should request these audits forverification. 3.3.3 The Hardware Layer As the customer access services from virtual machines, the provider should maintain and monitor thehardware that the hardware is tamper-free. The provider should have appropriate protocols to monitor theconnection topology, memory use, bus speeds, processor loads, and disk storage and so on. 3.3.4 The OS Layer The vital important factor to be considered in cloud environment is securing the host OS. If it can beaccessed by the illegal users, the customer data would be compromised. The provider should deploy an OS thatmanages to identify where the security policy or configuration might be lacking and prevent future inventions. 3.3.5 The Middleware Layer Middleware involves virtualization management tools, data format conversion, performing securityfunctions, and managing access controls. The middleware mediates between the applications and the OS. Itshould monitor and secure communication between various systems. So, the provider should make sure that allmiddleware will accept and transmit only encrypted data and protect it against malicious manipulation.
We Need Your Support
Thank you for visiting our website and your interest in our free products and services. We are nonprofit website to share and download documents. To the running of this website, we need your help to support us.

Thanks to everyone for your continued support.

No, Thanks
SAVE OUR EARTH

We need your sign to support Project to invent "SMART AND CONTROLLABLE REFLECTIVE BALLOONS" to cover the Sun and Save Our Earth.

More details...

Sign Now!

We are very appreciated for your Prompt Action!

x