The paper "Security Risks in Cloud Computing" is a good example of a term paper on information technology. The emergence and development of the cloud computing trend are associated with various advantages and potential benefits. On the other hand, the trend is associated with different types of risks that threaten the security of the data and the users of the technology. This report is about the possible security risks that are associated with cloud computing with reference to the CIA (confidentiality, integrity, and availability) triad. The report is divided into three sections.
In the first section, a brief history of cloud computing and its advantages and disadvantages are presented. The second section discusses the risks that are associated with cloud computing and the different ways in which they violate the three components of the CIA. The third section discusses cases of cloud computing security attacks. Cloud computing: History, advantages, and disadvantages Cloud computing is a method of computing in which users are allowed to use infrastructures, platforms, and resources through an on-demand service (Hashizume, Rosado, Fernandez-Medina & Fernandez, 2013, p. 2).
The infrastructure, platforms, and applications that are based on a network usually exist in a form that is virtualized, meaning that they can be accessed through an abstract interface called Application Programming Interface (API). The resources and platforms are also scalable in that they can be reconfigured by users to varying load sizes according to their needs. The entire process is based on the use of different types of resources and web technologies that have been developed over the course of time; an example being Google Drive. According to Baun, Kunze, Nimis, and Tai (2011, p.
3) several key characteristics of cloud computing emerge from this definition. The first one is that the services used in cloud computing are usually made available over a network and can be accessed in real-time using standardized processes. Secondly, resources are pooled together and can be shared by multiple users at the same time. The third point is that the resources usually exist in highly elastic modes that allow users to access them flexibly. Google Drive satisfies a number of these characteristics. The application is made up of word processor, spreadsheet, and presentation programs.
Users of Google can access programs, create documents, and share documents over the Internet. Furthermore, the ease with which users can share and edit documents using Google Drive represents the high degree of user flexibility that cloud computing services offer. The development of cloud computing has been marked with the emergence of technologies such as virtualization, web service and service-oriented architecture, service flow, and web 2.0 mash-up (Furht, 2010, p. 9). These technologies have shaped its development from the initial mainframe computing to the current status of cloud computing through the intermediate stages of network computing, Internet computing, and grid computing.
First, the development of virtualization has been an important aspect of the development of cloud computing, since it has allowed resources to be used by different applications; this has improved the overall level of utilization of services since fewer servers are required for different applications. Secondly, the development of web 2.0 allowed the use of different web technologies to improve the way in which users create and share information and collaborate with each other.
Thirdly, the emergence of web service and service-oriented architecture formed the foundation for the development of cloud computing.
Amazon Web Services. (2011). Summary of the Amazon EC2 and Amazon RDS service disruption in the US East region. Retrieved from http://aws.amazon.com/message/65648/
Albakri, S. H., Shanmugam, B., Samy, G. N., Idris, N. B., & Ahmed, A. (2014). Security risk assessment framework for cloud computing environments. Security and Communications Networks, 7, 2114-2124.
Baun, C., Kunze, M., Nimis, J., & Tai, S. (2011). Cloud computing: Web-based dynamic IT services. London: Springer.
Cummins, S. (2013). Pro SharePoint disaster recovery and high-quality availability. New York: Apress.
Fazil, M., & Firdhous, M. (2015). Cloud computing for rural ICT implementations: Methods, models, and architectures. In V. Chang, R. J. Walter & G. Wills (Eds.). Delivery and adoption of cloud computing services in contemporary organizations (pp. 166 – 198). New York: IGI Global.
Federal Bureau of Investigations. (2014). The U.S leads multi-national action against game over Zeus botnet and crypto locker ransomware charges botnet administrator. Retrieved from https://www.fbi.gov/news/pressrel/press-releases/u.s.-leads-multi-national-action-against-gameover-zeus-botnet-and-cryptolocker-ransomware-charges-botnet-administrator
Finkle, J. (2007, July 17). Hackers steal U.S. government, corporate data from PCs. Reuters. Retrieved from http://www.reuters.com/article/2007/07/17/us-internet-attack-idUSN1638118020070717
Furht, B. (2010). Cloud computing fundamentals. In B. Furht & A. Escalante (Eds.). Handbook of cloud computing (pp. 3 – 20). London: Springer.
Harkins, M. (2012). Managing risk and information security: Protect to enable. New York: Apress.
Hashizume, K., Rosado, D. G., Fernandez-Medina, E., & Fernandez, E. B. (2013). The analysis of security issues for cloud computing. Journal of Internet Services and Applications, 4(5), 1-13.
Jamsa, K. (2013). Cloud computing: SaaS, PaaS, IaaS, virtualization, business models, mobile security, and more. Burlington: Jones & Bartlett.
Muncaster, P. (2014, September 11). eBay under fire after cross-site scripting attack. InfoSecurity. Retrieved from http://www.infosecurity-magazine.com/news/ebay-under-fire-after-cross-site/
Oriyano, S. P., & Gregg, M. (2013). Hacker techniques, tools, and incident handling. London: Jones & Bartlett.
Stallings, W. (2013). Network security essentials: Applications and standards. London: Pearson Education.