In order to protect users applications, crucial data and many technologies, development of
associated techniques and a plan of action, so as to protect cloud can be referred as Cloud
Security. It is said to be part of computer security as well as Information Security and is
7
emerging as a big field in itself. Security is the main concern here in clouds according to
business decision makers. Many government agencies also agree to this . Here
revolving around factor across many agencies which are similar is security and
maintaining data confidentiality.
The involvement of thinking towards these issues are
the result not only of present problems, some with the technologies which are inherited
and also with the techniques that include virtualization, leakage of information, sharing of
resources and scalability etc. If studied carefully the characteristic feature of cloud
given by NIST , will give an idea to examine the differences between the classes of
security and privacy issues as mentioned earlier and identify them.
Cloud data can be accessed at any time by the service provider so working on cloud takes
the idea of maintaining privacy. The crucial data can be accidentally changed or even
removed. It is up to cloud providers that they are sharing any data with any third party, it
may happen for the purpose of law. Cloud Customers should have proper knowledge of
policies before they join cloud service providers.
Nowadays as there is no end to the
growing concern of people for cloud-based computing, there is more and more interest
growing up to examine the current works of privacy and security and analyze issues
already identified and solutions. ENISA which is European Network and Information
Security Agency has developed a risk assessment which provides an authoritative
reference in the area.
Legislation and privacy solutions include customers wish in which manner they want to
store data. So cloud customers have the option how they wish data to be stored and keep
for processing. Data may be encrypted, so as to prevent it from unauthorised access.
Hardware failure, data loss and Interface issues are top three harms to cloud.
8
As information for different cloud users may keep on the same cloud server so chances of
leaking of data arise during data distribution. Hackers also put the whole of efforts and
time in order to steal private data of companies.
Hyper jacking, a term used to describe
accessing of a large amount of information by means of single attack. October 2014, over
7 million drop-box users got passwords stolen. It was done by hackers in order to get the
economic benefit and they got access to public and private data.
Private cloud is said to be more secure than public cloud because in private cloud user
may gets access to physical control of data.
In terms of flexibility and less economical the public cloud seems to be comfortable for
the user than private cloud. Customers are able to store their data in various data- center
because of cloud computing storage technology provided. In the various deployment
models (Private, Public, Hybrid, and Community) and Service Models(SaaS, PaaS, and
IaaS), companies and units use cloud services.
Several problems are rising due to the safety of data in clouds. Two categories can be
made accordingly –
(a) Companies and units who make available the software, platform
and infrastructure as services, face the security problems.
(b) customers related problems (
units whose work is based on storing data in the cloud). Top threat analysis relating to
security and privacy are given.
No comments:
Post a Comment