Home >>Cloud Computing Tutorial >Cloud Computing Security

Cloud Computing Security

Cloud Computing Security

Cloud computing stability is a huge concern. Data can be processed in encoded form in the cloud. Proxy and brokerage software can be used to prevent clients from accessing the shared data directly.

Security Planning

Until deploying a specific resource to the cloud, many elements of the resource should be analysed, such as:

  • Choose an utility that wants to move into the cloud and evaluate its risk sensitivity.
  • Find types of cloud service, such as IaaS , PaaS, and SaaS. These models demand that customers be responsible for protection at varying service levels.
  • Consider the sort of cloud you choose to use such as public, private, community or hybrid.
  • Understand the structure of the cloud service provider about data storage and its transfer to and from the cloud.

The risk of cloud deployment depends primarily on the business models and the forms of storage.

Understanding Security of Cloud

Security Boundaries

A defined business model determines the distinction between service provider and customer responsibilities. The stack model of the Cloud Security Alliance (CSA) describes the distinctions between each service model and shows how the various functional units contribute to each other.

Key Points to CSA Model

  • IaaS is the most common level of service with PaaS and SaaS, with the next two service tiers above.
  • Going upward, each unit inherits the model underneath capability and safety issues.
  • IaaS provides the infrastructure, PaaS provides the framework for application development and SaaS provides operating environment.
  • IaaS has the least combined features and protection standard while SaaS has the most.
  • This model defines the protection limits at which the duties of cloud service providers cease and the obligations of the users begin.
  • Any security feature below the security limit must be incorporated into the system, and the customer can retain it.

While each business model has a security function, it also depends on the position of these systems in the private, public, hybrid or community cloud.

Understanding Data Security

Data protection is of major concern in the cloud, since all data is transmitted across the Internet. Here are important data privacy mechanisms.

  • Access Control
  • Auditing
  • Authentication
  • Authorization

All the business models should integrate security mechanisms that work in all of the above fields.

Isolated Access to Data

Given that data stored in the cloud can be viewed from anywhere, we need a mechanism to separate data and protect it from direct access by the client.

Brokered Cloud Data Access is a data-insulated solution to storage. Two services are generated through this approach:

  • A broker with complete storage access but no customer access.
  • A proxy with no storage access but client and broker data.

Working Of Brokered Cloud Storage Access System

Upon request by the client to access data:

  • The search for client data goes to the external proxy server interface.
  • The proxy forward the request to the broker.
  • Cloud storage device requests the data from the broker.
  • The cloud computing system transfers the data back to the broker.
  • The broker sends the data back to proxy.
  • The proxy finally transfers the data to the client.

Encryption

Encryption helps protect against damaging data. It preserves shared data, as well as data that is stored in the cloud. Although encryption helps shield data to unauthorized entry, it does not avoid data loss.