MITS5002 Software Engineering Methodology: Security Issues and Research Challenges Assessment 1 and 2 Answer
CLOUD COMPUTING: SECURITY ISSUE AND RESEARCH CHALLENGES
The purpose of reviewing the paper is to identify the security issues and challenges related to cloud computing. For this purpose, the paper written by Sanjay Kumar, R.S. Verma, and K. Mohan is chosen. The paper has been published on International Journal of Advanced Research In Computer Science in 2017. This paper elaborates the data security issues in cloud computing. The paper uses an observation method used by different organization and examines various techniques related to data security and privacy.
Intention and content of the article
Virtualization and cloud computing are two primary requirements required by industries global wide due to the growing number of data volume faced by industries nowadays. Despite different advantages provided by cloud computing, the cloud-computing environment is going through different security issues and challenges regarding data protection and security. The virtualization security problem can be mainly seen in the public domain and hybrid domain. The roots of the problem are no longer confined to the public domain only; rather the root has been penetrated to the public domain also. The paper reviewed these issues and the mitigation procedure by which a business model can deliver high-performance products with state-of-art security issues .
As identified by the article, a new series of non-traditional security threats have been identified by companies and these issues need immediate attention. The demand of information security thus becomes high and the article focuses on the procedure to increase the amount of information security required by the organizations .
Data security is related to the data accuracy and data loss and each of these vital factors has to be tackled properly. Most of the time, it is seen that by the implementation of security in a cloud environment becomes responsible for the loss of data. The research focuses on data security and safety in the cloud environment and designing of the system where data loss in minimum.
Cloud computing environment can be divided broadly into three domains, which are Public domain, Private domain, and Hybrid domain. However, in all these three computing environments, Application Programming Interface (API) of cloud computing still remains private. A uniform standard regarding the Application Programming Interface (API) has not been established and the research emphasizes the need for an international standard . It is therefore difficult for users to migrate programs and data from one device to another, and this is exactly why the number of users using cloud computing is considerably lower than the users use a computation device. Most of the Small and Medium Sized Enterprises do favor the considerable computing environment rather than a cloud environment for the same reason and high cost of the cloud-computing environment. However, both of the large-sized and SMEs that using cloud-computing have the same issues regarding auditability and security of data complaining about fishing and threats in cloud-computing.
Data security is therefore considered as primary thing considered by cloud-service providers. In a cloud environment, data are stored in a logical array, rather than any fixed memory location as in case of solid-state devices. The security protection of data is thus different from any conventional solid-state devices and extremely different. Sometime, data may have to be stored in an intranet server in a cloud-computing environment. With the increment in the volume of data, the requirement of the bandwidth of a server increases. With the development of internet technology, the limitation in bandwidth has been reduced considerably .
Virtualization is another matter associated with cloud computing. In virtualization, a parent machine can be divided into several machines depending upon the requirement and each of them can act independently from their parent system. The computation speed thus increases considerably, whenever computing is performed in a cloud environment. After computation is over, the completed data is sent back to the parent computer, however, during computation, no daughter computers able to change the settings of parent computer. The problem in the virtualization is the authentication problem. In general, a multifactor authentication protocol is used in the solid-state devices wherever implementation in such factor in case of cloud system is difficult . Most of the cloud-computing systems use single-factor authentication protocol, and at the most, implementation of two-factor authentication, the factor is possible in a cloud-computing system. This research paper emphasizes on Virtual Machine Security especially related to the Google Docs.
The security issues identified in the article related to the cloud-computing environment is divided into four layers similar to TCP/IP protocol suite. The uppermost layer is referred to as the application layer, following it, a Platform layer, Infrastructure layer and Hardware layer serially as indicated in the figure below:
Figure 1: Cloud-computing security architecture
An adequate amount of security is to be given to every layer as identified above. Data security and privacy protection issues are associated with the information life cycle. As per the article, data lifecycle or information life cycle can be divided into four phases as indicated below:
Figure 2: Data Life cycle
Phase 1: Data generation
The data generation process is the process by which a user process or store data in a cloud computing environment. An adequate amount of security is to be provided by the cloud service provider to keep personal data safe.
Phase 2: Transfer
This stage included the encryption process and the transmission of data. The transmission protocol needs to be designed in such a way that, it can be transferred accurately from the sender’s end to receiver’s end without any data leakage.
Phase 3: Use
This is the service provided by the cloud service providers. Some service providers provide SaaS, while some offer PaaS. Depending upon the service provided, encryption also differs.
Phase 4: Share
In this stage, the authentication protocol is used. Whenever a user goes to share data with another user, the cloud system requires authentication. This authentication is however based on single-factor authentication or most two-factor authentication, whereas multifactor authentication is desirable.
Phase 5: Storage
The main advantage of a cloud-based system is the possession of unlimited memory. A large volume of data can be stored in the cloud-memory system depending upon the service that the software offers
This research observes that the idea of data encryption and security is the same as defined by standard organizations. The researchers have observed that The Organization for Economic Cooperation and Development defines the data sensitivity refers to any recognizable or unidentified data. These data need to be protected in with end-to-end encryption.
Another definition is given by the American Institute of Certified Public Accountants (AICPA) and GICA, regarding Privacy principles. The federal organization has defined the Generally Accepted Privacy Principles (GAPP) regarding, storage, accumulation, protection and maintenance of data. The principle emphasizes on the ID of the data that can be provided. The standards safety protocols defined by each of the organization revolve around Data Life Cycle .
Problems and issues highlighted by the authors
As per the article, four layers of cloud system architecture have to provide appropriate security. The application layer has an issue in security regarding web service and presentation. The web services where the user directly interacts with the cloud services provided by the service provider. Examples of such services are Google Drive, Microsoft Azure, Amazon EC2 and Drop box. The interface of cloud systems is not secured as that of solid-state devices and any type of data leakage may happen in the cloud-based services. The issue can be mitigated if and only if cloud-computing systems provide security encryption in the interface of computing layer. An end-to-end encryption has to be provided for securing data transmission .
Next, the research identifies a software framework by which computation would be done. The security protocol involves the software packages also where computations are done. Therefore, the algorithm of the protocol needs to match with the algorithm of the software packages. A lack of synchronicity has created an issue. The infrastructure and hardware stand as the third and fourth layer respectively. A total modification in IT infrastructure is required in implementing cloud security and this incurs a great amount of cost . The cost related issue has thrown a significant challenge in the implementation of state-of-art security.
Findings and Result
From the article, it has been found that data utilization in s simple storage service is used global companies worldwide. The research has identified Amazon S3, in which data encryption is practical. In most of the cases, the static data encryption process is used regardless of whether the service provided is Saas, Iaa S or PaaS in nature.
Conclusion (article’s conclusion)
Reviewing the article, it can be said that, interest in cloud computing is increasing day by days although there are numerous issues that require attention. The fundamental elements of cloud computing emphasize the protection and safety of data. Conveyance model can be applied in the context of the data life cycle. The article also sheds light on risks of the security of data while sharing. In the future, a standard framework similar to the ISO framework has to be provided in data sharing in the cloud environment to ensure the security and safety of data.
In light of the above discussion, it can be concluded that owing to the growing volume of data, the importance of the cloud-computing environment is rising contagiously. With the growing volume of data, risks also emerge regarding the safety and security of data. The future of the cloud computing resides on the safety and security encryption provided by the service provider and authentication protocol has to be modified to the volume of data accordingly.