0% found this document useful (0 votes)
23 views4 pages

Basic Security Challenges in Cloud Computing: Abstract

Uploaded by

A o
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
0% found this document useful (0 votes)
23 views4 pages

Basic Security Challenges in Cloud Computing: Abstract

Uploaded by

A o
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 4

Basic Security Challenges in Cloud Computing

Syed Rizwan Muhammad Zubair


Department of Computer Science Department of Computer Science
IQRA UNIVERSITY IQRA UNIVERSITY
Karachi, Pakistan Karachi, Pakistan
[email protected] [email protected]

Abstract—With the advancement in information technology, The rest of the paper is organized as follows: section 2
everyone moves towards pleasure, ease, and luxury. From which introduces the cloud service delivery models and the
the most advanced and usable field is Cloud Computing which limitations on deliver models are identified in section 3. In
uses the internet and gives access to storing the data to the user. section 4 different deployment models of cloud computing are
It has many characteristics like elasticity, extensibility, presented. Section 5 and 6 highlights the security issues of
smartness and lower cost, which causes companies to address cloud computing and their solutions.
the clients’ requirements. In spite of this, associations are
delayed in accommodating it because of security issues and
difficulties related with it. The development of cloud is affected Front End
by the security. This paper gives ongoing advances in cloud
computing and highlights on some challenges, security issues,
and solutions. It also incorporates the basics of cloud computing
to make itself contained so that pursuers can have a reasonable Network
comprehension of the subject and cloud computing security.

Keywords—cloud computing, challenges, security, challenges,


solution, effects.

I. INTRODUCTION
Application
Over the years, as the technology increases, the world
trade has expanded significantly. Due to this, online business
also has been increased which needs on demand computing Mangement Security

resources to manage their data in a good manner. By which


Platform
cloud computing field comes in our mind. Cloud computing is
a field that provides the model for empowering on-demand,
universal, advantageous web access to a shared computing
resources rather than having personal devices or local servers. Infrastructure
It minimizes the management work of user. Mostly
organizations use on-demand shared computing resources to
deploy their work in an adaptive way, whenever, anyplace and Fig. 1. Cloud computing architecture
on any gadget. Cloud computing has five vital attributes of
cloud services: on-demand self-administration, quick II. CLOUD SERVICE MODELS
versatility, wide range of web access, sharing of resources, Cloud computing provides three service models to cloud
and service monitoring. The architecture of cloud computing Consumers: Infrastructure-as-a-Service (IaaS), Platform-as-a-
is shown in figure 1. Service (PaaS) and Software-as-a-Service (SaaS).
According to the research, 3.4 billion people use the cloud A. Infrastructure-as-a-Service(IaaS)
computing which shows the exponentially growth as cloud IaaS is a most flexible model which is utilized as self-
computing impacts the global performance of a company as service for acquiring and observing network, storage,
well as local especially in IT sector. computer and other fundamental resources. It provides the
Cloud computing gives a model to individuals or infrastructure to the cloud computing through virtualization
organizations by which they significantly save the cost in both technology. The individual maintain the control over the
terms: capital and operational. But customers are still feeling infrastructure.
hesitate to move their business data in the cloud as the data
has a big role in any business. Due to this, security and privacy B. Plateform-as-a-Service(PaaS)
are cross-cutting concern in cloud computing since both of PaaS provides a model where software engineer can create
them are concerned with all the layers of cloud computing their customized applications without installing any tool. It
architecture. gives freedom to deploy their application from operating
The main objective of this paper is to: system, updates and infrastructure. It also integrates the
• Identify the need of cloud computing. database and services of web. The main advantage of this
model is to be easily conversion to hybrid.
• Discuss different security issues and challenges that
damages the entire system. C. Software-as-a-Service(SaaS)
Cloud application service is also known as SaaS. It utilizes
• Provide the solutions associated with it. the web to provide the third party applications to users. By

978-1-7281-5149-6/19/$31.00 ©2019 IEEE

Authorized licensed use limited to: Consortium - Saudi Arabia SDL. Downloaded on January 19,2021 at 20:41:26 UTC from IEEE Xplore. Restrictions apply.
using this service, clients don’t have to install and download because only organization or nominated participants have an
the application, it runs directly on the web. It is managed from access.
a central location and hosted on a remote server.
C. Hybrid cloud
III. LIMITATIONS ON DELIVERY MODELS One of the most useable IT solution is known as Hybrid
cloud which is the combination of public and private which
A. Infrastructure-as-a-Service(IaaS)
uses their services depend on their purpose.
IaaS model includes particular limitations:
• Accounts and workload are not visible to IT because
they are create on the web.
• User don’t have a complete control on the sensitive
data because malicious actor can attack on hosted
server.
• User cannot prevent the misuse of the data. Public Cloud

• It needs a trained staff to secure the cloud infrastructure


so that infrastructure is effectively managed.
B. Plateform-as-a-Service(PaaS)
PaaS model includes particular limitations:
• As the data resides in third party hosted server, so you
cannot rely on the data security.
• Integration with the customized services and
Fig. 2. Public cloud
infrastructure may be a challenge as the complexity of
connecting data is increasing.
• It does not have an optimized solution for each
languages and tools which you choice.
• Automation of workflow may effect on operation.
C. Software-as-a-Service(SaaS)
SaaS model includes particular limitations:
Private Cloud
• The integration is a major concerned between an app
and services.
• Dependency on vendors.
• When the volume of data is extended, it exchange the
data to backend public data center.
• Mostly SaaS solutions are control over the third party
vendors.
• Less customization properties. Fig. 3. Private cloud

IV. DEPLOYMENT MODELS IN CLOUD COMPUTING


In cloud computing, the deployment of resources varies on
deployment of model and each deployment model has its own Private Cloud
security issues. There are three main deployment models in
cloud computing. Hybrid Cloud
A. Public cloud
Public cloud is a deployment model in which the
infrastructure is located on the premises of cloud computing
company that offers the cloud services. Customer does not
have control over the infrastructure. Public clouds do work on
the performance but they are not sufficient for sensitive data
because of vulnerable attacks. Public Cloud
B. Private cloud
Private cloud refers to a deployment model in which the
Fig. 4. Hybrid cloud
infrastructure is deployed within the organization. It means, it
is not shared with others as like public, but it is also accessed
remotely. Private cloud is much more secure than public

Authorized licensed use limited to: Consortium - Saudi Arabia SDL. Downloaded on January 19,2021 at 20:41:26 UTC from IEEE Xplore. Restrictions apply.
V. SECURITY ISSUES IN CLOUD COMPUTING
When organizations pushes their data on the cloud, they
Performance on differnt loads
face the different challenges. 2.5
A. Data breach 2
Data breach is one of the major issue by which mostly
people feel hesitate to put their data on cloud. Because the data 1.5
has the most important role in business and nobody wants to 1
loss or share with any one.
0.5
B. Malware injection
Attacker can inject the malware code in to the cloud 0
service which run as an instance. Due to this attacker eaves 1 2 3 4 5 6 7 8 9 10
drop and steal data.
Unsecure Performance Secure Performance
C. Insecure APIs
In cloud, user can create the customized application by Fig. 5. Performance on diiferent loads
which a threat can be occurred because of vary nature.
D. DDoS attacks Delay
Distributed Daniel of Service attack usually occur in cloud
computing. It disrupt the normal traffic of targeted server. In 0.6
it multiple system overflow the bandwidth of targeted server. 0.5
E. System vulnerabilities 0.4
Cloud can contain vulnerability mostly in complex 0.3
network which if imposed then it can be used against the 0.2
enterprise. 0.1
F. Phishing Attack 0
1 2 3 4 5
Due to its openness, phishing attack become very
common. A malicious attacker can break a system easily. Unsecure Delay Secure Delay
G. Unawareness
Fig. 6. Delays in clouds
Mostly employees login into the cloud on mobiles or
tablets and leave their system by which an attacker can harm VIII. CONCLUSION
the system.
Cloud computing is an enhanced and advanced field that
VI. SOLUTIONS TO OVERCOE THESE ISSUES has received a lot of popularity in few years. Mostly
organizations or individuals run their applications on cloud
A. Use Encryption Technique because as it is easy to afford. However the security issues also
To prevent the data, one of the best technique is to use an slow down it. This paper gives ongoing advances in cloud
encryption method on a local server before uploading the data computing and highlights on some challenges, security issues,
on cloud. After using encryption method, if it is hacked then and solutions. It also incorporates the basics of cloud
no one can harm the organization. computing to make itself contained so that pursuers can have
a reasonable comprehension of the subject and cloud
B. Alternate Backup
computing security.
Organization has to back up their data on the local server
on a regular basis so that if cloud is hacked then organization ACKNOWLEDGMENT
don’t have to face problem. This research work was supported by Muhammad Zubair,
C. Utilize the Security Service the Associate Dean of Engineering in IQRA University,
Karachi.
In market there are some service providers who provide
the security as a service to ensure their data and privacy. BLIOGRAPHY
D. Block sharing with unknown Users [1] Klyuev Vitaly, Oleshchuk Vladimir. Semantic retrieval: an approach
to representing, searching and summarising text documents. Int J
To secure the system, you can give the access to login to Inform Technol Commun Converg 2011;1(2):221–34.
particular persons and prevent the unknown users. [2] Nyre Åsmund Ahlmann, Jaatun Martin Gilje. A probabilistic approach
to information control. J Internet Technol 2010;11(3):407–16.
VII. RESULTS
[3] Ling Amy Poh Ai, Masao Mukaidono. Selection of model in
Due to adding the security layer, the performance of developing information security criteria for smart grid security system.
cloud network increases as shown in figure 4 and demand will J Converg 2011;2(1):39–46.
also increase because the vendors who provides the security [4] National Institute of Standards and Technology. The NIST definition
of cloud computing; 2011.
services, takes the cost as per requirement of services. But as
[5] Baek Sung-Jin, Park Sun-Mi, Yang Su-Hyun, Song Eun-Ha, Jeong
the security layer is not available by default, the time of delay Young-Sik. Efficient server virtualization using grid service
is more than unsecured as shown in figure 5. infrastructure. J Inform Process Syst 2010;6(4):553–62.

Authorized licensed use limited to: Consortium - Saudi Arabia SDL. Downloaded on January 19,2021 at 20:41:26 UTC from IEEE Xplore. Restrictions apply.
[6] Gartner: Seven cloud-computing security risks. InfoWorld. 2008-07- [9] http://www.cloudsecurityalliance.org.(Cloud Security Alliance.)
02. [10] Cloud Security Alliance, Security Guidance for Critical Areas of Focus
[7] Cloud Security Front and Center. Forrester Research. 2009-11-18. in Cloud Computing, V2.1.
[8] http://blogs.forrester.com/srm/2009/11/cloud-security-front-
andcenter.html.

Authorized licensed use limited to: Consortium - Saudi Arabia SDL. Downloaded on January 19,2021 at 20:41:26 UTC from IEEE Xplore. Restrictions apply.

You might also like