The Central Remote Servers Of Cloud Computing Information Technology Essay
Cloud Computing is technology that uses the internet and central remote servers to maintain data and applications. Customer and businesses are allows to use applications without installation and access their personal files at any computer with internet access from anytime and anywhere. More efficient computing by centralizing storage, memory, processing and bandwidth are allows in cloud computing. The characteristic of cloud services is sold on demand; typically by the minute or the hour. A user can have as much or as little of a service as they want at any given time (elastic). And the service is fully managed by the provider. The advantages of cloud computing in customer perspective is it is economic, simpler, faster, cheaper to use cloud application, no upfront capital required for servers and storage, no ongoing operational expenses for running data center and any applications can be accessed from anytime and anywhere. In vendor perspective it is include economics, easier for application vendors to get new customers, ability to use commodity server and storage hardware and ability to drive down data center operational costs and lowest cost way of delivering and supporting applications. Its drawback in customer perspective is data security which many users don’t wish to trust their data to the cloud, in latency it is cannot switch from existing legacy applications and also not suitable for real time applications. Yahoo email or Gmail, online backup and any software-as-a-service is a simple example of cloud computing.
Figure 1: Typical cloud computing systemcloudcomp.jpg
Cloud computing is not just distributed computing but it is also the cluster of computers acting to perform one big task, computationally intensive applications, hosting infrastructure, web hosting, packaging of resources as metered service, application hosting and shared instant application. Clouds often appear as single points of access for all consumers’ computing needs. The major cloud service providers include Microsoft, IBM, Salesforce, Amazon and Google.
SECURITY ISSUES IN CLOUD COMPUTING
Figure 2: Issues in Cloud Computing
When you move your information into the cloud, you lose to control of it, it is one of the biggest security concerns about cloud computing. The cloud gives user access to the data, but user has no way to ensure no one else has access to the data. Security is a critical issue because both customer data and program are residing in Provider Premises. The relative security of cloud computing services is a contentious issue which may be delaying its adoption process. Some argue that customer data is more secure when managed internally, while others argue that cloud providers have a strong to maintain trust and as such employ a higher level of security. There is a number of security issues associated with cloud computing but these issues fall into two broad categories: Security issues faced by their customers and by cloud providers (organizations providing Software-, Platform-, or Infrastructure-as-a-Service via the cloud). In most cases, the provider must ensure that their infrastructure is secure and that their consumers’ data and applications are protected while the user must ensure that the provider has taken the proper security measures to protect their information especially personal information.
The meaning of security in cloud computing is to save data and program from bad attacks such as theft of information, disrupts services, loss of privacy damage information, hostile program and hostile people giving instructions to good programs.
Security has many levels to concern such as Server access security, Internet access security, Database access security, Data privacy security and Program access Security
Ensuring that information held in a system is a proper representation of the information intended and that it has not been modified by an unauthorized person.
Ensuring that information processing resources are not made unavailable by malicious attack.
Ensuring that agreements made electronically can be proven to have been made.
Ensuring that any information provided by consumer is not disclosed from an unauthorized person.
Figure 3: Common security requirement
Host Security Issues:
Figure 4: From malicious users
The task may well be a virus which can damage the system when the host in running.
Solution that problem: A trusted set of users is defined through of digital certification such as passwords key and then the access control allows the trusted users to access the resources of the host.
Information Security Issues:
Figure 5: Information Security in Cloud
The information exchanged between hosts and users to secure communication, authentication, single sign on and delegation is related with information security. Secure communication of security occurs during the communication between two entities. These include confidentiality and integrity. Confidentiality issue is all data sent by users should be accessible to only authenticate receivers, while integrity issue is that all data received should only be sent and also can modified by only authenticate senders.
Solution: Secure Sockets Layer (SSL), Public key encryption and X.509 certificates enables secure communication and authentication over computer networks.
Network Security Issues:
It is include Denial-of-Service (DoS attack) is where networks and servers are brought down by a big amount of network traffic and users are denied the access to a certain Internet based service such as DNS Hacking, Routing Table “Poisoning”, XDoS attacks. QoS Violation through congestion, resource hacking or dropping packets. Man in the Middle Attack is to overcome it always use Secure Socket Layer. IP Spoofing is the creation of TCP/IP packets using somebody else’s IP address.
So the solution: Infrastructure will not permit an instance to send traffic with a source IP or MAC address other than its own.
To ensure that data is cannot be accessed by unauthorized users or simply lost and that data privacy is maintained, cloud providers attend to the following category:
Every organization will have its own identity management system to control access to resources and information. Cloud providers either integrates the customer’s identity management system into their own infrastructure with provide an identity management solution of their own.
Data from a customer must be properly separated from another; it must be stored securely when “at rest” and it must be able to move securely from one location to another. Cloud providers have systems in place to prevent data accessed by third parties. Proper separation of duties should ensure that auditing and/or monitoring cannot be defeated, even by privileged users at the cloud provider.
Cloud providers ensure that applications available as a service via the cloud are secure by implementing testing and acceptance procedures for outsourced or packaged application code. It also requires application security measures (application-level firewalls) are in place in the production environment.
Data centre is Security?
Professional Security staff utilizing video surveillance, state of the art intrusion detection systems etc. The status to access datacenter with his/her privileges should be immediately revoked when an employee no longer has a business. All physical and electronic access to data centers by employees should be logged and audited routinely. Users can easily determine how their data is stored, protected, used, and verify policy enforcement with Audit tools.
Sanitization is the process of removing sensitive data from a storage device. What happens to data stored in a cloud computing environment once it has passed its user’s “use by date”. What data sanitization practices does the cloud computing service provider propose to implement for redundant data storage devices as and when these devices are retired or taken out of service.
When user uses the cloud, user probably won’t know exactly where the data is stored, near @ far away? Only in specific jurisdictions as define by user the data should be stored and processed. Provider should also make a contractual commitment to obey local privacy requirements on behalf of their customers. Data-centered policies are generated when a user provides personal information that travels with that information throughout its lifetime to ensure that the information is used only in accordance with the policy
Backups of Data
Control by only the administrator on databases. Data store in database of provider should be redundantly store in multiple physical locations (backup server). Data that is generated during running of program on instances is all customer data and therefore provider should not perform backups.
OTHER ISSUES IN CLOUD COMPUTING:
Open Source: Nowadays, Open Source software (free software) for many cloud computing implementations and security issues will be increased.
Privacy: Providers ensure that all critical data are masked and only authorized users have access to data. The digital identities and credentials must be protected as should any data that the provider collects and produces about customer activity in the cloud.
Availability and performance: Critical issue about acceptable levels of availability and performance of applications hosted in the cloud. A cloud provider shutting down for financial or legal reasons, which has happened in a number of cases. Cloud providers also assure users that they will have regular and predictable access to their data and applications.
Cloud computing might be more accurately described as “sky computing” with many isolated clouds of services which IT customers must plug into individually. On the other hand, as virtualization and SOA permeate the enterprise, the idea of loosely coupled services running on an agile, scalable infrastructure should eventually make every enterprise a node in the cloud. It’s a long-running trend with a far-out horizon. Among big IT communication issues, cloud computing is the hardest one to argue with in the long term.Order Now