Recent security challenges in cloud computing

https://doi.org/10.1016/j.compeleceng.2018.06.006Get rights and content

Abstract

Cloud computing is an archetype that enables access to a shared pool of computing resources for cloud users in an on-demand or pay-per-use, fashion. Cloud computing offers several benefits to users and organizations, in terms of capital expenditure and savings in operational expenditure. Despite the existence of such benefits, there are some obstacles that place restrictions on the usage of cloud computing. Security is a major issue that is always considered. The lack of this vital feature results in the negative impact of the computing archetype thus resulting in personal, ethical, and financial harm. This paper will focus and explore the security challenges that are faced by cloud entities. These entities include Cloud Service Provider, the Data Owner and Cloud User. Focusing on the crypto-cloud that constitutes of different Communication, Computation, and Service Level Agreement. Studying the causes and effects of various cyber attacks it will provide the necessary upgrades.

Introduction

Cloud computing creates a network-based environment vision to the users, which paves way for the sharing of calculations and resources regardless of location. The National Institute of Standards and Technology's (NIST) defines cloud computing [1] as, “A template for providing the suitable and when needed access to the internet, to a collective pool of programmable grids, storage, servers, software, and amenities that can be rapidly emancipated, with little communication and supervision from the provider”. The characteristics of the type of processing are exhibited in Fig. 1 as On-demand self-service, High-performance network access, Rapid Elasticity, Resource Pooling and Measured Service. It also depicts four deployment models namely Hybrid, Community, Private and Public clouds. This is then coupled with the three service models, which are, PAAS (Platform as a Service), IAAS (Infrastructure as a Service), and SAAS (Software as a Service). NIST's cloud computing definition provides the needed framework and common characteristics depicted such as Virtualization, Homogeneity, Geographic Distribution and Service Orientation among others.

With all the layers of the cloud service models depicted in Fig. 2, security issues need to be addressed. When the layers are to be compared the high dependence of the browser position's it at the top whereas, the bottom layers are more web services oriented. Overall, a decrease in investment and operational expenses is achieved this is also followed by an increase in efficiency and scalability through the layers

The service model deployed can be private, public, hybrid or community cloud as per the user requirements.

Organization: The next two sections that follow indicate the security challenges. Sections 4–7 address the security challenges in communication, computational, data level and Service Level Agreement (SLA) level. Finally, Section 8, provides the conclusion with a comparison of the author's survey with other pre-existing reviews

Section snippets

Security challenges

In cloud computing, the users are unaware of the exact location of their sensitive data, because the Cloud Service Providers(CSP's) maintain data centers in geographically distributed locations resulting in several security challenges and threats. The traditional security techniques such as firewalls, host-based antivirus software and intrusion detection systems do not offer adequate security in virtualized systems due to the rapid spread of the threats via virtualized environments.

Security challenges faced by the entities in cloud

Besides legal security requirements, it is necessary to address some basic security requirements like authentication, integrity, transparency, confidentiality, availability and audits as stated in Rebollo [4]. The security tree in Fig. 4 illustrates the importance of basic security requirements. The challenges specified at the root have to be addressed properly, just as the root secure the tree in the soil. When these basic requirements are met appropriately, the security tree ensures yields of

Communication level

Communication level issues arise as a result of the sharing of common resources, infrastructure, etc., among the Virtual Machines (VM's) becoming the target of attack. Bhadauria [5] has classified this into network level, host level and application level. Attacks are identified on the basis of these three levels in communication.

Computational level

Implementation of the concept of virtualization in the cloud is one of the biggest computational level challenges.

Data level challenges

Data is the heart and the source of the entities of any crypto-cloud system. Data breach was identified as the most serious threat by CSA in Table 1. Prior to moving on to the new computing technology, there is an imperative need to have a knowledge of the number of levels of security that the technology provides to the data envisaged by this author, considering hacking capabilities are also well versed. The storage of data in some remote place (out-of-our-control) and achieving multi-tenancy

Service level agreements (SLA's)

Services are to be offered by providers, to consumers with proper SLAs. Basic entities of crypto-cloud have the responsibility of maintaining the SLAs. Resource provisioning at any time depends on the bandwidth required, CPU, memory and key management amongst others. Different levels of SLA's exist and they are customer-based, service-based and multi-level SLA. There should not be any over/underestimation in the provision of the required resources.

The non-pervasive nature of SLA relates to

Conclusion

The various security issues in communication, computational and Service Level Agreement are explored. In the computational level, both virtualization and data related security issues are considered to be the most vulnerable entity. Virtualization is a basic element of cloud computing and increases the value of it. The challenges related to it in all the three layers, Virtual layer, Virtualization Layer, and Physical layer are addressed. Data related security issues are classified as issues on

Ms. Nalini Subramanian is a Research Scholar in Sathyabama Institute of Science and Technology. She received her M.E degree in Computer Science & Engineering from Sathyabama University, Chennai, India in 2006. She has 15 years of teaching experience. She is currently working in Jeppiaar Maamallan Engineering College, India. Her area of research interest includes cloud computing, network security and machine learning.

References (30)

  • O. Rebollo et al.

    Empirical evaluation of a cloud computing information security governance framework

    Inf Software Technol

    (2015)
  • L. Wei et al.

    Security and privacy for storage and computation in cloud computing

    Inf Sci

    (2014)
  • D. Zissis et al.

    Addressing cloud computing security issues

    Future Gener Comput Syst

    (2012)
  • P. Mell et al.
    (2009)
  • K. Walker

    Cloud security alliance(CSA)

    The treacherous 12: cloud computing top threats in 2016

    (2016)
  • S. Kamara et al.

    Cryptographic cloud storage

    (January 2010)
  • R. Bhadauria et al.

    Survey on security issues in Cloud Computing and Associated Mitigation Techniques

    Int J Comput Appl (0975-888)

    (June 2012)
  • Laniepce S, Lacoste M, Kassi-Lahlou M, Bignon F, Lazri K, Wailly A. Engineering intrusion prevention services for iaas...
  • F. Sabahi

    Secure virtualization for cloud environment using hypervisor-based technology

    Int J Mach Learn Comput

    (February 2012)
  • R. Bose et al.

    A SecureHypervisor-based technology create a secure cloud enivronment

    Int J Emerg Res Manage Technol

    (February 2015)
  • Z. Qin et al.

    State-of-the-art virtualization security in cloud computing

    J Inf Comput Sci

    (2012)
  • Nawaz Brohi S, Adib Bamiah M, Nawaz Brohi M, Kamran R. Identifying and analyzing security threats to virtualized cloud...
  • S. Zhang

    Deep-diving into an easily- overlooked threat: inter-VM attacks

  • A. More et al.

    Virtual machine introspection: towards bridging the semantic gap

    J Cloud Comput

    (Dec 2014)
  • L. Dongxi

    A cloud architecture of virtual trusted platform module, Embedded and Ubiquitous Computing (EUC)

  • Cited by (195)

    • Digital Innovation of Cloud Computing in Amazon

      2024, Lecture Notes in Electrical Engineering
    View all citing articles on Scopus

    Ms. Nalini Subramanian is a Research Scholar in Sathyabama Institute of Science and Technology. She received her M.E degree in Computer Science & Engineering from Sathyabama University, Chennai, India in 2006. She has 15 years of teaching experience. She is currently working in Jeppiaar Maamallan Engineering College, India. Her area of research interest includes cloud computing, network security and machine learning.

    Dr. Andrews Jeyaraj received Ph.D degree in 2014 from Sathyabama University in the area of code optimization. He has published more than 40 research papers in referred international and national journals. His research interest includes machine learning, compiler design, operating system and Deep learning networks. He works currently as a Professor in the Department of School of Computing at Sathyabama Institute of Science and Technology, Chennai and has more than 15 years of teaching experience.

    Reviews processed and recommended for publication to the Editor-in-Chief by Associate Editor Dr. Hong Shen.

    View full text