Recent security challenges in cloud computing☆
Introduction
Cloud computing creates a network-based environment vision to the users, which paves way for the sharing of calculations and resources regardless of location. The National Institute of Standards and Technology's (NIST) defines cloud computing [1] as, “A template for providing the suitable and when needed access to the internet, to a collective pool of programmable grids, storage, servers, software, and amenities that can be rapidly emancipated, with little communication and supervision from the provider”. The characteristics of the type of processing are exhibited in Fig. 1 as On-demand self-service, High-performance network access, Rapid Elasticity, Resource Pooling and Measured Service. It also depicts four deployment models namely Hybrid, Community, Private and Public clouds. This is then coupled with the three service models, which are, PAAS (Platform as a Service), IAAS (Infrastructure as a Service), and SAAS (Software as a Service). NIST's cloud computing definition provides the needed framework and common characteristics depicted such as Virtualization, Homogeneity, Geographic Distribution and Service Orientation among others.
With all the layers of the cloud service models depicted in Fig. 2, security issues need to be addressed. When the layers are to be compared the high dependence of the browser position's it at the top whereas, the bottom layers are more web services oriented. Overall, a decrease in investment and operational expenses is achieved this is also followed by an increase in efficiency and scalability through the layers
The service model deployed can be private, public, hybrid or community cloud as per the user requirements.
Organization: The next two sections that follow indicate the security challenges. Sections 4–7 address the security challenges in communication, computational, data level and Service Level Agreement (SLA) level. Finally, Section 8, provides the conclusion with a comparison of the author's survey with other pre-existing reviews
Section snippets
Security challenges
In cloud computing, the users are unaware of the exact location of their sensitive data, because the Cloud Service Providers(CSP's) maintain data centers in geographically distributed locations resulting in several security challenges and threats. The traditional security techniques such as firewalls, host-based antivirus software and intrusion detection systems do not offer adequate security in virtualized systems due to the rapid spread of the threats via virtualized environments.
Security challenges faced by the entities in cloud
Besides legal security requirements, it is necessary to address some basic security requirements like authentication, integrity, transparency, confidentiality, availability and audits as stated in Rebollo [4]. The security tree in Fig. 4 illustrates the importance of basic security requirements. The challenges specified at the root have to be addressed properly, just as the root secure the tree in the soil. When these basic requirements are met appropriately, the security tree ensures yields of
Communication level
Communication level issues arise as a result of the sharing of common resources, infrastructure, etc., among the Virtual Machines (VM's) becoming the target of attack. Bhadauria [5] has classified this into network level, host level and application level. Attacks are identified on the basis of these three levels in communication.
Computational level
Implementation of the concept of virtualization in the cloud is one of the biggest computational level challenges.
Data level challenges
Data is the heart and the source of the entities of any crypto-cloud system. Data breach was identified as the most serious threat by CSA in Table 1. Prior to moving on to the new computing technology, there is an imperative need to have a knowledge of the number of levels of security that the technology provides to the data envisaged by this author, considering hacking capabilities are also well versed. The storage of data in some remote place (out-of-our-control) and achieving multi-tenancy
Service level agreements (SLA's)
Services are to be offered by providers, to consumers with proper SLAs. Basic entities of crypto-cloud have the responsibility of maintaining the SLAs. Resource provisioning at any time depends on the bandwidth required, CPU, memory and key management amongst others. Different levels of SLA's exist and they are customer-based, service-based and multi-level SLA. There should not be any over/underestimation in the provision of the required resources.
The non-pervasive nature of SLA relates to
Conclusion
The various security issues in communication, computational and Service Level Agreement are explored. In the computational level, both virtualization and data related security issues are considered to be the most vulnerable entity. Virtualization is a basic element of cloud computing and increases the value of it. The challenges related to it in all the three layers, Virtual layer, Virtualization Layer, and Physical layer are addressed. Data related security issues are classified as issues on
Ms. Nalini Subramanian is a Research Scholar in Sathyabama Institute of Science and Technology. She received her M.E degree in Computer Science & Engineering from Sathyabama University, Chennai, India in 2006. She has 15 years of teaching experience. She is currently working in Jeppiaar Maamallan Engineering College, India. Her area of research interest includes cloud computing, network security and machine learning.
References (30)
- et al.
Empirical evaluation of a cloud computing information security governance framework
Inf Software Technol
(2015) - et al.
Security and privacy for storage and computation in cloud computing
Inf Sci
(2014) - et al.
Addressing cloud computing security issues
Future Gener Comput Syst
(2012) - et al.(2009)
Cloud security alliance(CSA)
The treacherous 12: cloud computing top threats in 2016
(2016)- et al.
Cryptographic cloud storage
(January 2010) - et al.
Survey on security issues in Cloud Computing and Associated Mitigation Techniques
Int J Comput Appl (0975-888)
(June 2012) - Laniepce S, Lacoste M, Kassi-Lahlou M, Bignon F, Lazri K, Wailly A. Engineering intrusion prevention services for iaas...
Secure virtualization for cloud environment using hypervisor-based technology
Int J Mach Learn Comput
(February 2012)- et al.
A SecureHypervisor-based technology create a secure cloud enivronment
Int J Emerg Res Manage Technol
(February 2015)
State-of-the-art virtualization security in cloud computing
J Inf Comput Sci
Deep-diving into an easily- overlooked threat: inter-VM attacks
Virtual machine introspection: towards bridging the semantic gap
J Cloud Comput
A cloud architecture of virtual trusted platform module, Embedded and Ubiquitous Computing (EUC)
Cited by (195)
Addressing IoT storage constraints: A hybrid architecture for decentralized data storage and centralized management
2024, Internet of Things (Netherlands)An extended hesitant fuzzy set for modeling multi-source uncertainty and its applications in multiple-attribute decision-making
2024, Expert Systems with ApplicationsApplication of MADM methods in Industry 4.0: A literature review
2023, Computers and Industrial EngineeringDigital Innovation of Cloud Computing in Amazon
2024, Lecture Notes in Electrical EngineeringAssessment of the status and factors influencing the adoption of cloud computing in knowledge-based companies Case Study: Kerman Science and Technology Park
2024, International Journal of Information Science and ManagementLeveraging chaos for enhancing encryption and compression in large cloud data transfers
2024, Journal of Supercomputing
Ms. Nalini Subramanian is a Research Scholar in Sathyabama Institute of Science and Technology. She received her M.E degree in Computer Science & Engineering from Sathyabama University, Chennai, India in 2006. She has 15 years of teaching experience. She is currently working in Jeppiaar Maamallan Engineering College, India. Her area of research interest includes cloud computing, network security and machine learning.
Dr. Andrews Jeyaraj received Ph.D degree in 2014 from Sathyabama University in the area of code optimization. He has published more than 40 research papers in referred international and national journals. His research interest includes machine learning, compiler design, operating system and Deep learning networks. He works currently as a Professor in the Department of School of Computing at Sathyabama Institute of Science and Technology, Chennai and has more than 15 years of teaching experience.
- ☆
Reviews processed and recommended for publication to the Editor-in-Chief by Associate Editor Dr. Hong Shen.