Green Cloud Computing

This chapter considers the data center site selection problem in cloud computing with extensive reviews on site selection decision models. The factors considered in the site selection include economic, environmental, and social issues. After discussing the environmental impact of data centers and its social implications, the authors present a nonlinear multiple criteria decision-making model with green computing criteria and solve the problem by using a variable neighborhood search heuristic. The proposed model and solution methodology can be applied to other site selection problems to address the environmental awareness, and the results illustrate both the robustness and attractiveness of this solution approach.

Organizational Control Related to Cloud

Cloud computing is touted as the next big thing in the Information Technology (IT) industry, which is going to impact the businesses of any size. Yet, the security issue continues to pose a big threat. Lack of transparency in the infrastructure and platforms causes distrust among users, and the users are reluctant to store information on the cloud. This undermines the potential of cloud computing and has proved to be a big barrier in the realization of the potential of cloud computing and its widespread adoption. The big paradigm shifts in the technology has not been reflected on the methods used to secure the technology. When an organization builds the infrastructure for cloud computing, security and privacy controls should be kept in mind from the holistic security perspective. It is also critical that the organization monitor and adapt controls to determine the success of cloud computing in dealing with the security and reliability issues relating to the cloud. From an organizational control perspective, the authors suggest an independent governing body to mediate between the cloud provider and the user, with the control framework that they have developed to fulfill their responsibilities of protecting the cloud environment.

Authentication and Identity Management for Secure Cloud Businesses and Services

Today, cloud-based services and applications are ubiquitous in many systems. The cloud provides undeniable potential benefits to the users by offering lower costs and simpler deployment. The users significantly reduce their system management responsibilities by outsourcing services to the cloud service providers. However, the management shift has posed significant security challenges to the cloud service providers. Security concerns are the main reasons that delay organizations from moving to the cloud. The security and efficiency of user identity management and access control in the cloud needs to be well addressed to realize the power of the cloud. In this chapter, the authors identify the key challenges and provide solutions to the authentication and identity management for secure cloud business and services. The authors first identify and discuss the challenges and requirements of the authentication and identity management system in the cloud. Several prevailing industry standards and protocols for authentication and access control in cloud environments are provided and discussed. The authors then present and discuss the latest advances in authentication and identity management in cloud, especially for mobile cloud computing and identity as a service. They further discuss how proximity-based access control can be applied for an effective and fine-grained data access control in the cloud.

Cloud Computing

Cloud Computing refers to providing computing and communications-related services with the aid of remotely located, network-based resources without a user of such resources having to own these resources. The network in question typically, though not necessarily, is the Internet. The resources provisioned encompass a range of services including data, software, storage, security, and so on. For example, when we use a mail service such as Gmail, watch a movie on YouTube, shop at Amazon.com, or store files using DropBox, we are using cloud-based resources (The Google Chrome Team, 2010). In this chapter, the authors examine the evolution of Cloud Computing from its early roots in mainframe-based computing to the present day and also explain the different services rendered by Cloud Computing in today’s business and personal computing contexts. This chapter provides a comprehensive view of the rapidly flourishing field of Cloud Computing and sets the stage for more in-depth discussions on its security, trust, and regulatory aspects elsewhere in this compendium.

Leveraging Cloud Technology for Rural Healthcare in India

Cloud technology is used for a variety of purposes in order to handle large volumes of data. This chapter explores a rural healthcare project in India in which cloud technology was introduced in order to store and share large volumes of data. This project benefits from cloud technology because of the ability to store patients’ full health history on the cloud and access them wherever services are provided. The impetus for this project originated with the fact that many hospitals maintained their proprietary information systems, and thus, patient history was unavailable to physicians outside of that system. The search engine used in this project is called Indexer, which can search a vast collection of records stored in the cloud and help with the diagnosis. The solution developed supports multi-tenancy of data and uses the Azure platform. The project has taken adequate precautions to protect the data. This project is not focused on privacy protection per se but on saving lives.

Risk Management in the Cloud and Cloud Outages

Cloud computing is facilitated often through the open Internet, which is not designed for secure communications. From the cloud user perspective, access to the cloud through a Virtual Private Network (VPN) is a possibility, but this is not the default access method for all cloud users. Given this reality, the cloud service users must be prepared for risk management because they do not control the cloud hardware or the communication channels. Added to this uncertainty is the potential for cloud service outage for risk management planning. In this chapter, the authors discuss the various aspects of risk management from the cloud user perspective. In addition, they analyze some of the major cloud outages over the past five years that have resulted in loss of trust. This list includes the outages in Amazon Web Services, Google, Windows, and Rackspace.

A Framework for Compliance and Security Coverage Estimation for Cloud Services

Many organizations are adopting cloud services to reduce their computing cost and increase the flexibility of their IT infrastructure. As cloud services are moving to the mainstream to meet major computing needs, the issues of ownership and chain of custody of customer data are becoming primary responsibilities of providers. Therefore, security requirements are essential for all service models (while the degree of defensive measures may vary) along with satisfying industry standard compliances. The authors develop an insurance framework called MEGHNAD for estimating the security coverage based on the type of cloud service and the level of security assurance required. This security coverage estimator may be useful to cloud providers (offering Security as a Service), cloud adopters, and cloud insurers who want to incorporate or market cloud security insurance. This framework allows the user/operator to choose a cloud service (such as Saas, Paas, IaaS) and other pertinent information in order to determine the appropriate level of security insurance coverage. This chapter describes an extension to the MEGHNAD (version 2.0) framework by incorporating security-related compliances. The compliance for each sector requires specific protection for online data such as transparency, respect for context, security, focused collection, accountability, access, and accuracy. The MEGHNAD tool can also generate a SLA document that can be used for monitoring by a certified Third-Party Assessment Organization (3PAO).

Different Perspectives of Cloud Security

Cloud storage systems can be considered to be a network of distributed datacenters that typically use cloud computing technology like virtualization and offer some kind of interface for storing data. To increase the availability of the data, it may be redundantly stored at different locations. Basic cloud storage is generally not designed to be accessed directly by users but rather incorporated into custom software using API. Cloud computing involves other processes besides storage. In this chapter, the authors discuss different viewpoints for cloud computing from the user, legal, security, and service provider perspectives. From the user viewpoint, the stored data creates a mirror of currently available local data. The backup feature allows users to recover any version of a previously stored data. Synchronization is the process of establishing consistency among the stored data. From the legal viewpoint, provisions regulating the user processing and storage of the data must have to be constant from when the data is stored in the cloud. The security viewpoint requires interaction with the Web application, data storage, and transmission. The service provider viewpoint requires the maximum level of cloud storage service at the minimum cost.

Cloud Computing Forensics

As computer technology evolved over the last 30 years, so did the opportunity to use computers to break the law. Out of necessity, digital forensics was birthed. Computer forensics is the practice of extracting information from the digital media in order to prosecute the individuals that carried out the crime. Forensic challenges presented by cloud computing are vast and complex. If a company becomes the target of a digital criminal investigation and they are using cloud computing, some unique challenges are faced by a digital forensics examiner. The data in the cloud only represents a “snapshot” of when it was sent to the cloud. Establishing a chain of custody for the data would become difficult or impossible if its integrity and authenticity cannot be fully determined. There are also potential forensic issues when the customer or user exits a cloud application. Items subject to forensic analysis, such as registry entries, temporary files, and other artifacts are lost, making malicious activity difficult to prove. The challenges of applying forensics to a cloud environment are tied to cloud security. This chapter discusses securing a cloud environment and how that would help with the forensic analysis.

Regulatory Aspects of Cloud Computing in Business Environments

Cloud computing allows us to solve problems of information on a global scale and of a full range of tasks. Cloud computing has many advantages, but the reliability of data protection is a major concern of provider-client, industry, and governmental regulation. These information systems must comply with existing standards and anticipate new standards of information security. The legal process must distinguish who is responsible for what within a dynamically changing infrastructure significantly different from traditional models. The authors first examine the models and substance of regulation as established by service-level agreements between cloud providers, their clients, and their clients' customers. The authors discuss industry self-regulation and government regulations regarding data protection, privacy, criminal and tort law, and intellectual property law complicated by the inherent cross-jurisdictional nature of cloud computing.