Security Challenge in Cloud Computing - Literature review Example

Name: University: Instructor Date: A Security Challenge in Cloud Computing Executive Summary Cloud computing is defined as an IT services set that are offered to a customer through a network on a hired basis as well as with the capacity to scale down or up the requirements of their services. Normally cloud computing services are distributed by a third party source that possesses the infrastructure. Cloud computing has score of benefits such as suppleness, effectiveness, resilience, scalability, as well as outsourcing non-core activities. As discussed in the paper, cloud computing presents an innovative business paradigm for companies to espouse IT services devoid of upfront investment. In spite of the possible benefits realized from the cloud computing, most organisations are reluctant in acknowledging it owing to security challenges as well as issues related with it. Undoubtedly, security is one of the key challenges which slow down the advancement of cloud. The thought of passing on vital data to a different company is worrying; such that the end users must be watchful in comprehending the threats of data breaches in this novel setting. This essay brings in a comprehensive analysis of the security challenges in cloud computing security, by mainly concentrating on denial of service, and how the company’s research and development (R&D) can be used to alleviate the situation. Introduction Cloud computing according to Zissis and Lekkas (584) generates a fundamental keyword in hastening IT businesses, but also it own a disseminated architecture rooted in unfixed nodes, as well as security challenges drawn from cloud computing services. Fundamentally, the surfacing of cloud computing has hastily altered all and sundry’s insight of infrastructure structure, models for development, as well as software delivery. Faisal et al. (565) posit that following the makeover from CPU computers to models of server deployment, cloud computing encompass aspects from utility, automatic, as well as network computing into an resourceful deployment structural design. At present, cloud computing is attaining augmented recognition, but organisations are worried about the security challenges that it comes with it after its adoption. Significantly, implementation of cloud computing regularly encompasses a progressive security technology, mainly accessible due to centralization of data as well as widespread structure. In its epitome, Verbelen, Stevens and Turck (452) affirm that cloud computing can deal with many inadequacies faced by conventional architectures owing to its distinctive attribute. Furthermore, cloud computing lays bare a novel world of businesses opportunities, but accompanied with scores of security challenges that must be well thought-out and handled prior to executing the cloud computing strategy. For this reason, the essay analyses cloud security challenges by recognizing exceptional security countermeasures. Cloud Computing The 21st century according to Faisal, Azher and Ramzan (567) has been exemplified by a lot of changes in most means as well as facets of life. Intrinsically, E-technology and computerization are a number of the sectors that have accounted incredible growth. At the moment, Cloud computing is still attaining prominence at the heart of enormous businesses organisations as well as SMEs. Cloud computing, permits business organisations to run application online in what is widely acknowledged to as a cloud. The “cloud” according to Enslin (10569) enhances sharing of data outside and inside the business setting. Additionally, clouds bear a resemblance to a server where a business can amass its information needed by the company, but the key distinction between cloud computing as well as server based technology is that users in cloud computing are allowed to run applications online devoid of the necessity to install or download them in their PCs. This makes cloud computing suitable for both the service providers and users to benefit from the high speed of connection facilitated by cloud computing. Security Challenges At present, there are scores of challenges that require solution prior to deciding whether cloud computing is a feasible alternative for the organisation. According to Marston, Zhi Li and Zhang (178), it is justifiable why companies are wary of the data loss after information is keyed in to the cloud. Providers of cloud computing service as per Chang, Walters and Wills (526) are incorporating measures hastily with the intention of attempting to resolve this troublemaker. Some of the security challenges to cloud computing include; denial of service (DoS), data loss, data protection, user authentication, and data breaches, Data Breaches Fernando, Loke and Rahayu (89) argue that if a multitenant database for cloud service is not appropriately designed; one error in a customer's application might permit a hacker to get to both customers’ data with ease. Basically, the challenge in handling this risks of data leakage as well as data loss is that the measures introduce by the organisation to mitigate one security challenge can worsen the other challenge. Given that cloud serving is a single centralized warehouse for the organisation’s mission-vital information, the danger of the data being compromised because of a data breach or made inaccessible for a moment because of a natural catastrophe are bona fide concerns. A great deal of the legal responsibility for the data disruption in a cloud in the end rests squarely with the corporation whose mission-vital undertakings rely on that data, even though legal responsibility may and must be bargained in an agreement with the services provider before any commitment (Verbelen, Stevens and Turck 453).  A wide-ranging security evaluation from an unbiased third-party is firmly suggested also, and companies must recognize how their data is being protected as well as what measures are used by the service provider. Data Loss Data loss is prospect of the company’s important data vanishing into the air with no a trace, wherein a malicious attacker could delete the aimed data because of malevolence. Still, a company can lose its data to a cloud service provider who is not careful or a catastrophe, like an earthquake, flood, or fire. Encrypting of the company’s data to protect against theft can go wrong in case the company lose its encryption key; thus intensifying the security challenge. Data loss according to Zissis and Lekkas (588) is not just challenging with regard to affecting the customers relationships, since the company might as well get into trouble with the federal government if the company is lawfully needed to amass certain data to remain compliant with particular laws, like HIPAA. Data Protection Executing a cloud computing strategy signifies placing important information in the third party’s care, so making sure that the data is protected both at rest and when being delivered is of vital significance. Data must always be encrypted, with evidently clear roles when deciding who will be dealing with the encryption keys. In nearly all instances, the just means to actually guarantee encrypted data confidentiality that dwells on storage servers of the cloud provider is for the user to own as well as administer the data encryption keys. User Authentication Enslin (10569) maintain that data resting in the cloud must be available just to the authorized users; hence, making it vital to both limit and supervise who will be accessing the data of the company by means of the cloud.  So as to guarantee the user authentication integrity, companies must be in a position to observe access logs of the data as well as review trails to confirm that users who are only authorized do access the data.  Such audit trails and access logs also must be protected and preserved for as long as it is needed by for legal purposes or company needs.  Based on security challenges of cloud computing, Enslin (10570) thinks it is the user responsibility to make sure that the cloud provider has taken into consideration all vital security measures to protect access to that data as well as customer's data. Denial of service Denial of service (DoS) is ranked as the greatest cloud computing security threat. Having been an Internet threat for ages, DoS has turned out to be more challenging in the epoch of cloud computing when companies are reliant on the continuous accessibility of several cloud computing services. Undoubtedly, outages of DoS can heavily cost service providers as well as attest to be costly to users who are charged based on disk space used as well as compute cycles. Even though a hacker may not be successful in pulling down the cloud computing service completely, he/she can still make cloud computing to use so much processing time that ultimately turns out to be too costly for the company to run and hence leading to the collapse of the system. Presently, Cloud services are turning out to be more and more well-liked, both in the midst of the business enterprises and the public in general. Armbrust, Fox and Griffith (58) posit that Cloud services while convenient can be tremendously susceptible to DoS attacks. As other companies are depending on cloud computing technology for operations in their companies, DoS attacks, the most prevalent form of attack on the cloud, can become exceedingly destructive. Actually, a DoS attack makes the company’s machine or network inaccessible to the aimed users by swamping them with requests for connection. According to Verbelen, Stevens and Turck (452) cloud services heighten the attacks threat. In their study they highlighted that over 90 percent of operators at the data centre reported security attacks on cloud services, and based on the reported attacks, 76 percent had experienced Distributed Denial of Service Attack (DDoS) towards their users, whilst only 43 percent had total or partial infrastructure break downs because of DDoS (Verbelen, Stevens and Turck 456). DoS attacks can in effect put the company’s computer or network out of action, and this relies on business nature of the company. A number of DoS attacks can be carried out with inadequate resources against an enormous, complicated website, and this form of attack is from time to time acknowledged as asymmetric attack. For instance, a hacker with a 20th century computer along with a slow modem can manage to disable more sophisticated as well as much faster networks or systems. Some time ago, scores of websites like Yahoo, CNN, in addition to eBay have happened to DoS attack victims. If only one aimed DoS attack can take a lot of people across the world offline, just picture the level of damage these attacks bring to a business. Lately, an enormous DoS attack occurred at CloudFlare, with attackers taking advantage of the Network Time Protocol Servers (NTP) vulnerabilities (Chang, Walters and Wills 528). This form of DoS attack is somewhat novel, utilising a method acknowledged as NTP reflection attacks. In NTP reflection attacks, the hacker sends requests to the NTP servers with spoofed Internet Protocol addresses (IP addresses). In this regard, the intention of sending the requests is to make the server take more lengthily time to respond to such requests, and consequently, fail to serve the intended clients. This attack had an effect to data centres across the world, leading to short-term jamming on the network of the company. Akin to NTP, other protocols namely, Simple Mail Transfer Protocol (SMTP) as well as Domain Name System (DNS) can as well be used to increase DoS attacks. In this case, Fernando, Loke and Rahayu (92) suggest that companies must frequently monitor and scan and NTP servers to identify and amend vulnerabilities. Besides, a tool such as Open NTP Project may be utilised for scanning NTP servers. Moreover, NTP servers must be update since the older versions could have a number of security flaws. An additional example of a cloud service DoS attack took place on Amazon cloud some years ago. Bitbucket, a web-based hosting service suffered almost a 24 hours of downtime owing to an enormous distributed denial of service attack on Amazon.com, and scores of developers did not manage to access their codes for some time for the reason that of the DDoS attack. Besides that, UDP packets flooded the Amazon website, in essence using all its bandwidth, and also making Amazon services inaccessible to the clients. Marston, Zhi Li and Zhang (183) posit that one of the key reasons behind this enormous attack was because Amazon did not have security controls ready to detect as well as battle DoS attacks. Having no suitable protection mechanisms in position is the underlying principle why scores of companies fall prey of DoS attacks. Technology development as well as research and development (R&D) with regard to DoS has been facilitated in line with the security measures for cloud computing services. Still a novel R&D Strategy has been developed with latest trends as well as environmental changes across the world considered (Verbelen, Stevens and Turck 453). Given that the R&D strategies are long-term as well as medium subjects, R&D Strategy in essence embraces traditional concepts of promotion. Even though the objective of conventional technology development as well as R&D has been to enact a novel architecture for getting rid of online security threats in the long-term, both defenders as well as attackers have turn out to be asymmetric in recent cloud computing security state of affairs. The most distinguishing aspect of R&D is to concentrate on innovation that can help overcome security challenges like DoS attacks in cloud computing. In other words, research and development about data security can generally be divided into the defensive field as well as offensive field (to reduce harm caused by DoS attacks). Marston, Zhi Li and Zhang (182) posit that this R&D Strategy concentrates on the offensive (to nullify DoS attacks and to heighten the attackers financial burden), as well as to support R&D to achieve a secure and protected cloud computing system that can generate novel value and has the ability to offer society support. For the R&D the promotion, it is imperative to generate a virtuous primary R&D circle, support sophisticated data security HR development, as well as motivate the data security industry. Basically, the R&D Strategy concentrates on increasing the attacker financial burden of the attacker by taking hard line steps, like by voiding DoS attacks, and promoting R&D to achieve a safe and secure cloud computing. Therefore, the R&D subjects are generally grouped into cloud, surrounding infrastructure, users, as well as attackers, and essential technologies are accordingly outlined. Additionally, data security meant for the cloud from DoS attacks is being integrated with a novel perspective of backing the next-generation Internet setting. R&D in this case is needed to ensure: new dependability on the clouding computing, and also to help the users to enhance their user control techniques of confidential information. Given that one purpose of the R&D Strategy is to encourage studies with regard to data security, Verbelen, Stevens and Turck (457) claim that setting up an infrastructure for encouraging R&D is also a crucial concept. Countermeasures For companies to overcome DoS attacks, they must at first establish vulnerabilities in their system by scanning, and then using vulnerability scanning paraphernalia like Qualysguard or Nessus to find out flaws that can be used to instigate DoS attacks. Afterwards, the company must put security controls into practice to repair the identified security challenges. The company can as well utilise Intrusion detection and prevention systems (IDPS): set up IDS/IPS systems to endlessly supervise the company networks for denial of service attacks. The company can configure IDS systems to identify and transmit alerts to security administrators in case of a DoS attack. Furthermore, IDS systems can as well be tailored to detect a security threat to the company’s cloud and take counteractive actions to overcome it. Evidently, older software versions are normally susceptible to DoS attacks, and so the company must test for security updates as well as install them on firewalls, network hosts, and routers. To improve security safety measures against DoS attacks, R&D for generating an attack-resistant data as well as Cloud with regard to data security must be promoted. To thoroughly solve the security challenges on the cloud computing, collaboration with innovative R&D, the next-generation Internet that acknowledges an ICT model shift, for instance, must be developed. According to Chang, Walters and Wills (528) posit that R&D relating to cloud computing security must be promoted so as to expand the world’s information security industry. Every company should carry out strategic R&D with regard to cloud computing security in a platform wherein data is exchanged across boundaries, and unresolved security challenges are progressively increasing; therefore companies must invest heavily on R&D, to counter the financial ability of attackers. Future Solutions While preparing for future DoS attacks, it is extremely imperative according to Fernando, Loke and Rahayu (101) to take use cloud computing to backup information as well as to decentralize them. Subsequent to the enormous DoS attacks, decentralization as well as backup measures through novel technologies, like cloud computing has to be examined. Cloud computing as a technique for backing up as well as espousing decentralization cheaply will in the future gain a lot of attention, but still, security challenge is believed to be a serious future hurdle in cloud computing. Endeavors to overcome this worry in terms of R&D must be hastened in the future. Besides that, in case the system is decentralized, DoS attacks in the future will create the need to study remote authentication. Furthermore, measures for preventing the threat of unserviceable systems must as well be taken into account. In the future, R&D for stopping the state of affairs advantageous for launching DoS attacks will be carried out as a pressing undertaking (Zissis and Lekkas 589).More particularly; there will be need for R&D into cloud computing that can foresee the probability and impact of a DoS attack as well as ways to optimize measures. Conclusion In conclusion, it has been argued that implementation of cloud computing comes along with score of benefits to the organisation, but the security challenges can surpass the benefits and lead to the collapse of the organisation. In its essence, cloud computing can handle scores of inadequacies endured by conventional architectures owing to its exceptional traits. Cloud computing also provides architecture for deployment that can handle shortcoming detected in conventional information system, but its dynamic characteristics can thwart the efficacy of conventional measures. Some of the challenges discussed include data loss, denial of service attacks, data protection, data breaches, and user authenticity. The essay has mainly concentrated on denial of services, which has become more exigent in the cloud computing age. Importantly, a company that heavily invests on R&D can overcome this form of security challenge since through R&D a company can increase attackers’ financial burden; thus reducing the scale of attacks. Work Cited Armbrust, Michael, et al. "A View of Cloud Computing." Association for Computing Machinery. Communications of the ACM 53.5 (2010): 50-63. Chang, Victor, Robert John Walters and Gary Wills. "The development that leads to the Cloud Computing Business Framework." International Journal of Information Management 33.3 (2013): 524-538. Enslin, Zacharias. "Introduction to cloud computing and control objectives for information and related technologies (COBIT) - mapped benefits of cloud computing adoption." African Journal of Business Management 6.41 (2012): 10568-10577. Faisal, Chaudhry Muhammad Nadeem, et al. "Cloud Computing: SMEs Issues and UGI based Integrated Collaborative Information System to Support Pakistani Textile SMEs." Interdisciplinary Journal of Contemporary Research In Business 3.1 (2011): 564-573. Fernando, Niroshinie, Seng W. Loke and Wenny Rahayu. "Mobile cloud computing: A survey ." Future Generation Computer Systems 29.1 (2013): 84-106. Marston, Sean, et al. "Cloud computing — The business perspective." Decision Support Systems 51.1 (2011): 176-189. Verbelen, Tim, et al. "Graph partitioning algorithms for optimizing software deployment in mobile cloud computing." Future Generation Computer Systems 29.2 (2013): 451-459. Zissis, Dimitrios and Dimitrios Lekkas. "Addressing cloud computing security issues." Future Generation Computer Systems 28.3 (2012): 583–592. Read More