Security in Cloud Computing

2012 ◽  
pp. 208-221
Author(s):  
Alpana M. Desai ◽  
Kenrick Mock
Keyword(s):  
Cloud Computing ◽  
Service Providers ◽  
Cloud Service ◽  
Cloud Services ◽  
Security Threats ◽  
Security Risks ◽  
Cloud Service Providers ◽  
International Data ◽  
It Executives ◽  
Privacy Issues

Cloud computing has recently emerged in prominence and is being rapidly adopted by organizations because of its potential and perceived benefits of flexibility and affordability. According to surveys conducted in 2008 and 2009 by International Data Corporation (IDC) of IT executives and CIOs, security was cited as the top concern for the adoption of cloud computing. Enterprises that plan to utilize cloud services for their infrastructure, platform, and/or software needs must understand the security risks and privacy issues related to cloud computing. This chapter discusses the technical, legal, and policy/organizational security risks of cloud computing, and reviews recommendations/strategies for managing and mitigating security threats in cloud computing. It also presents vendor-specific solutions and strategies that cloud service providers are implementing for mitigating security risks in cloud computing.

Security in Cloud Computing

2015 ◽  
pp. 1450-1463
Author(s):  
Alpana M. Desai ◽  
Kenrick Mock
Keyword(s):  
Cloud Computing ◽  
Service Providers ◽  
Cloud Service ◽  
Cloud Services ◽  
Security Threats ◽  
Security Risks ◽  
Cloud Service Providers ◽  
International Data ◽  
It Executives ◽  
Privacy Issues

Cloud computing has recently emerged in prominence and is being rapidly adopted by organizations because of its potential and perceived benefits of flexibility and affordability. According to surveys conducted in 2008 and 2009 by International Data Corporation (IDC) of IT executives and CIOs, security was cited as the top concern for the adoption of cloud computing. Enterprises that plan to utilize cloud services for their infrastructure, platform, and/or software needs must understand the security risks and privacy issues related to cloud computing. This chapter discusses the technical, legal, and policy/organizational security risks of cloud computing, and reviews recommendations/strategies for managing and mitigating security threats in cloud computing. It also presents vendor-specific solutions and strategies that cloud service providers are implementing for mitigating security risks in cloud computing.

scholarly journals АНАЛИЗ ПОДХОДОВ К ОБЕСПЕЧЕНИЮ БЕЗОПАСНОСТИ ОБЛАЧНЫХ СЕРВИСОВ

2020 ◽  
pp. 70-82
Author(s):  
Вячеслав Вікторович Фролов
Keyword(s):  
Cloud Computing ◽  
Service Providers ◽  
Geographical Location ◽  
Cloud Service ◽  
Cloud Services ◽  
Cloud Infrastructure ◽  
Critical System ◽  
Cloud Service Providers ◽  
Safety And Reliability ◽  
Cloud Resources

The article is devoted to the analysis of modern approaches that ensure the security of cloud services. Since cloud computing is one of the fastest growing areas among information technology, it is extremely important to ensure the safety and reliability of processes occurring in the clouds and to secure the interaction between the client and the provider of cloud services. Given that fears about data loss and their compromise are one of the main reasons that some companies do not transfer their calculations to the clouds. The object of research and analysis of this work are cloud services, which are provided by various cloud service providers. The aim of the study of this work is to compare existing approaches that provide information security for cloud services, as well as offer a new approach based on the principle of diversity. There are many approaches that ensure their safety, using both traditional and cloud-specific. The multi-cloud approach is one of the most promising strategies for improving reliability by reserving cloud resources on the servers of various cloud service providers. It is shown that it is necessary to use diversity to ensure the reliability and safety of critical system components. The principle of diversity is to use a unique version of each resource thanks to a special combination of a cloud computing provider, the geographical location of data centers, cloud service presentation models, and cloud infrastructure deployment models. The differences between cloud providers and which combination of services are preferable to others in terms of productivity are discussed in detail. In addition, best practices for securing cloud resources are reviewed. As a result, this paper concludes that there is a problem of insufficient security and reliability of cloud computing and how to reduce threats in order to avoid a common cause failure and, as a result, loss of confidential data or system downtime using diversity of cloud services.

An Analysis on the Terms and Conditions of the Clickwrap Agreement and the Benefits of Maintaining the Click Wrap Agreement in Cloud Computing

2022 ◽  
pp. 205-224
Author(s):  
Dhiviya Ram
Keyword(s):  
Cloud Computing ◽  
Service Provider ◽  
Service Providers ◽  
Cloud Service ◽  
Cloud Services ◽  
End User ◽  
Cloud Service Provider ◽  
Novel Approach ◽  
Cloud Service Providers ◽  
Provider Perspective

One of the most unique forms of contracting is apparent in cloud computing. Cloud computing, unlike other conventional methods, has adopted a different approach in the formation of binding contract that will be used for the governance of the cloud. This method is namely the clickwrap agreement. Click wrap agreement follows a take it or leave it basis in which the end users are provided with limited to no option in terms of having a say on the contract that binds them during the use of cloud services. The terms found in the contract are often cloud service provider friendly and will be less favourable to the end user. In this article, the authors examine the terms that are often found in the cloud computing agreement as well as study the benefit that is entailed in adopting this contracting method. This chapter has undertaken a qualitative study that comprises interviews of cloud service providers in Malaysia. Hence, this study is a novel approach that also provides insight in terms of the cloud service provider perspective regarding the click wrap agreement.

SLA (Service Level Agreement) Driven Orchestration Based New Methodology for Cloud Computing Services

2013 ◽  
Vol 660 ◽  
pp. 196-201 ◽  
Author(s):  
Muhammad Irfan ◽  
Zhu Hong ◽  
Nueraimaiti Aimaier ◽  
Zhu Guo Li
Keyword(s):  
Cloud Computing ◽  
Computer Science ◽  
Service Providers ◽  
Service Level Agreement ◽  
Cloud Service ◽  
Service Level ◽  
Cloud Services ◽  
Computing Services ◽  
Cloud Service Providers ◽  
Cloud Computing Services

Cloud Computing is not a revolution; it’s an evolution of computer science and technology emerging by leaps and bounds, in order to merge all computer science tools and technologies. Cloud Computing technology is hottest to do research and explore new horizons of next generations of Computer Science. There are number of cloud services providers (Amazon EC2), Rackspace Cloud, Terremark and Google Compute Engine) but still enterprises and common users have a number of concerns over cloud service providers. Still there is lot of weakness, challenges and issues are barrier for cloud service providers in order to provide cloud services according to SLA (Service Level agreement). Especially, service provisioning according to SLAs is core objective of each cloud service provider with maximum performance as per SLA. We have identified those challenges issues, as well as proposed new methodology as “SLA (Service Level Agreement) Driven Orchestration Based New Methodology for Cloud Computing Services”. Currently, cloud service providers are using “orchestrations” fully or partially to automate service provisioning but we are trying to integrate and drive orchestration flows from SLAs. It would be new approach to provision cloud service and deliver cloud service as per SLA, satisfying QoS standards.

scholarly journals Threats and Vulnerabilities Affecting the Adoption of Cloud Computing in Iraq

2018 ◽  
pp. 599-606
Author(s):  
Omar Adil Dheyab ◽  
Ahmed Ibrahim Turki ◽  
B. Rahmatullah B. Rahmatullah
Keyword(s):  
Cloud Computing ◽  
Service Providers ◽  
Cloud Service ◽  
Capital Expenditures ◽  
Security Threats ◽  
Descriptive Research ◽  
Cloud Computing Adoption ◽  
Cloud Service Providers ◽  
Software Updates ◽  
Automatic Software

Cloud computing offers many benefits including enhanced flexibility, disaster recovery, free capital expenditures, automatic software updates, sustainability, and work anytime, anywhere. In addition, many other features and services can be offered to customers. However, cloud computing still suffers many threats which may cause vulnerabilities. Therefore, today many organizations are still hesitant to adopt cloud computing because of fear for privacy of their data and confidentiality. Understanding and addressing security threats are a prerequisite for unleashing the huge potential of cloud computing. In this study, a survey is conducted on some cloud service providers and users to explore security threats and vulnerabilities in cloud computing experienced by many organizations in Iraq. Consequently, many countermeasures are proposed. Descriptive research methodology is adopted in this research. The results of the study showed that privacy, confidentiality, control of data are the main obstacle to cloud computing adoption.

scholarly journals A Proposition of Modifications and Extensions of Cloud Computing Standards for Trust Characteristics Measures

2019 ◽  
Vol 12 (3) ◽  
pp. 27
Author(s):  
Sara Moazzezi Eftekhar ◽  
Witold Suryn
Keyword(s):  
Cloud Computing ◽  
Service Providers ◽  
Cloud Service ◽  
Trust Model ◽  
Cloud Services ◽  
Marked Rise ◽  
Cloud Service Provider ◽  
Ongoing Research ◽  
Platform As A Service ◽  
Cloud Service Providers

In recent years, we have witnessed a marked rise in the number of cloud service providers with each offering a plethora of cloud services with different objectives. Gaining confidence for cloud technology adoption as well as selecting a suitable cloud service provider, both require a proper evaluation of cloud service trust characteristics. Hence, the evaluation of cloud services before used by the customer is of utmost importance. In this article, we adapt the extracted trust characteristics from both system and software quality standards and cloud computing standards, for evaluating cloud services. Moreover, we derive measures for each trust characteristics to evaluate the trustworthiness of different cloud service providers, and generalize these trust measures for any type of cloud services (e.g. Software as a Service, Platform as a Service, and Infrastructure as a Service). Our work thereby demonstrates a way to apply generalized trust measures for cloud services and therefore contributes to a better understanding of cloud services to evaluate their quality characteristics. As part of our ongoing research, the results of this study will be used to develop a comprehensive cloud trust model.

scholarly journals A Research on Cloud Computing Adoption Practices in the Context of Online Business SMEs in Sri Lanka

2019 ◽  
Vol 8 (4) ◽  
pp. 12522-12528
Keyword(s):  
Cloud Computing ◽  
Sri Lanka ◽  
Service Providers ◽  
Cloud Service ◽  
Cloud Services ◽  
Computing Services ◽  
Cloud Computing Adoption ◽  
Cloud Service Providers ◽  
Online Business ◽  
Cloud Computing Services

The purpose of the study was to explore the Cloud computing Practicing level, Cloud computing Satisfaction level and the Preferred Cloud service provider among the Online Business SMEs (OBSMEs) in Sri Lanka that have adopted Cloud services. Prior studies have shown that SMEs significantly benefit due to the adoption of Cloud computing services. The study was conducted among 260 randomly selected OBSMEs using self-administered questionnaires from managerial and ICT professionals who were capable of making ICT decision at OBSMEs under this study. However only 247 questionnaires were returned with complete data required for the purpose of analysis. A descriptive analysis was used to analyse the data. The findings have revealed that 31% of the OBSMEs are frequently Practicing Cloud computing for their ICT needs, while 69% of them relies on Cloud computing for their different ICT needs usually. Findings reveals that 35% of the OBSMEs are moderately Satisfied in this study, while 61% of OBSMEs have been reported that they are very Satisfied with Cloud computing services, at the same time 4% of the OBSMEs are reported that they have extremely Satisfied with Cloud computing services. In the context of OBSMEs it has been reported that 78% of the Cloud service providers are rendering reliability of services and OBSMEs are very satisfied, while 12% of the OBSMEs are moderately satisfied with the reliability of services and other 10% of the OBSMEs are extremely satisfied with the reliability of services provided by Cloud Service Providers in Sri Lanka. This study extends the existing body of knowledge by providing empirical support for explaining cloud computing adoption by OBSME in Sri Lanka. The study add value for various parties engaging in promoting the adoption of cloud computing among various business industries in Sri Lanka. Therefore, the researchers are able to recommend that cloud computing technology is playing a significant role for the improvement of business industries in Sri Lanka and the software vendors, policy makers and technological service providers should consider the findings of this study if they have intention to adopt this technology in future. Moreover, the findings of this research would assist and enhance service providers to consider their investment in information technology when adopting and implementing Cloud computing in Sri Lanka.

scholarly journals Next-generation Blockchain-Enabled Virtualized Cloud Security Solutions: Review and Open Challenges

2020 ◽  
Author(s):  
Mueen Uddin ◽  
Anjum Khalique ◽  
Awais Khan Jumani
Keyword(s):  
Cloud Computing ◽  
Service Providers ◽  
Cloud Service ◽  
End Users ◽  
Resource Provisioning ◽  
Cloud Services ◽  
Security And Privacy ◽  
Computing Platform ◽  
Cloud Service Providers ◽  
Cloud Computing Platform

This paper reviews, discusses, and highlights some of the standard cloud computing vulnerabilities primarily related to virtualization platforms and their implementations while outsourcing services and resources to different end-users and business enterprises. Furthermore, we provide Blockchain-enabled solutions for virtualized cloud computing platform involving both the end-users as well as cloud service providers (CSP) to address and solve different security and privacy-related vulnerabilities using blockchain-enabled solutions to improve their cloud services and resource provisioning facilities.

Choosing Clouds for an Enterprise

2013 ◽  
Vol 4 (2) ◽  
pp. 38-53
Author(s):  
Ruay-Shiung Chang ◽  
Chih-Shan Liao ◽  
Chuan-Yu Liu
Keyword(s):  
Cloud Computing ◽  
Dynamic Characteristics ◽  
Service Provider ◽  
Service Providers ◽  
Evaluation Model ◽  
Cloud Service ◽  
Cloud Services ◽  
Web Based ◽  
The Past ◽  
Cloud Service Providers

The development of cloud computing has advanced rapidly over the past few years. Benefiting from the dynamic characteristics of cloud computing, enterprises can purchase cloud services based on different aspects in order to save operating expenses. Many companies have seen the opportunities and changes in either cloud service providers or cloud service consumers. For the latter, with so many cloud providers to choose from, there is a need for an evaluation of standards to help find the most suitable service provider. In this paper, the essential factors of enterprise clouds are discussed. An evaluation model is defined, and a web-based enterprise cloud selection application is implemented.

scholarly journals Next-Generation Blockchain-Enabled Virtualized Cloud Security Solutions: Review and Open Challenges

Electronics ◽  
2021 ◽  
Vol 10 (20) ◽  
pp. 2493
Author(s):  
Mueen Uddin ◽  
Anjum Khalique ◽  
Awais Khan Jumani ◽  
Syed Sajid Ullah ◽  
Saddam Hussain
Keyword(s):  
Cloud Computing ◽  
Multinational Corporations ◽  
Service Providers ◽  
Cloud Service ◽  
End Users ◽  
Resource Provisioning ◽  
Cloud Services ◽  
Security And Privacy ◽  
Cloud Service Providers ◽  
Data Centres

Cloud computing is a well-known technology that provides flexible, efficient, and cost-effective IT solutions for multinationals to offer improved and enhanced quality of business services to end-users. The cloud computing paradigm is instigated from the grid and parallel computing models. It uses virtualization, server consolidation, utility computing, and other computing technologies and models for providing better IT solutions for large-scale computational data centres. It encompasses different services for supporting data storage, networking, and computing for facilities and amenities for businesses and multinational corporations. The enormous elastic on-demand cloud provisioning resources and services and datasets are processed and stored in tier-level virtualized cloud data centres operated by third-party service providers called cloud owners. The primary issue with these cloud service providers is to provide and maintain data security, privacy, and confidentiality and service availability and data support for end-users. This paper reviews, highlights, and discusses some of the common cloud computing vulnerabilities primarily related to virtualization platforms and their implementations while outsourcing services and resources to different end-users and business enterprises. We then provided blockchain-enabled solutions for virtualized cloud platforms involving both the end-users and cloud service providers (CSP) to address and solve various security and privacy-related vulnerabilities. These solutions will help the data centre industry to improve its virtualized cloud services and resource provisioning facilities. Finally, we discussed different blockchain-related implementation challenges in cloud infrastructures.

Sign in / Sign up

Export Citation Format

Share Document