Basic Security Challenges in Cloud Computing: Abstract
Basic Security Challenges in Cloud Computing: Abstract
Abstract—With the advancement in information technology, The rest of the paper is organized as follows: section 2
everyone moves towards pleasure, ease, and luxury. From which introduces the cloud service delivery models and the
the most advanced and usable field is Cloud Computing which limitations on deliver models are identified in section 3. In
uses the internet and gives access to storing the data to the user. section 4 different deployment models of cloud computing are
It has many characteristics like elasticity, extensibility, presented. Section 5 and 6 highlights the security issues of
smartness and lower cost, which causes companies to address cloud computing and their solutions.
the clients’ requirements. In spite of this, associations are
delayed in accommodating it because of security issues and
difficulties related with it. The development of cloud is affected Front End
by the security. This paper gives ongoing advances in cloud
computing and highlights on some challenges, security issues,
and solutions. It also incorporates the basics of cloud computing
to make itself contained so that pursuers can have a reasonable Network
comprehension of the subject and cloud computing security.
I. INTRODUCTION
Application
Over the years, as the technology increases, the world
trade has expanded significantly. Due to this, online business
also has been increased which needs on demand computing Mangement Security
Authorized licensed use limited to: Consortium - Saudi Arabia SDL. Downloaded on January 19,2021 at 20:41:26 UTC from IEEE Xplore. Restrictions apply.
using this service, clients don’t have to install and download because only organization or nominated participants have an
the application, it runs directly on the web. It is managed from access.
a central location and hosted on a remote server.
C. Hybrid cloud
III. LIMITATIONS ON DELIVERY MODELS One of the most useable IT solution is known as Hybrid
cloud which is the combination of public and private which
A. Infrastructure-as-a-Service(IaaS)
uses their services depend on their purpose.
IaaS model includes particular limitations:
• Accounts and workload are not visible to IT because
they are create on the web.
• User don’t have a complete control on the sensitive
data because malicious actor can attack on hosted
server.
• User cannot prevent the misuse of the data. Public Cloud
Authorized licensed use limited to: Consortium - Saudi Arabia SDL. Downloaded on January 19,2021 at 20:41:26 UTC from IEEE Xplore. Restrictions apply.
V. SECURITY ISSUES IN CLOUD COMPUTING
When organizations pushes their data on the cloud, they
Performance on differnt loads
face the different challenges. 2.5
A. Data breach 2
Data breach is one of the major issue by which mostly
people feel hesitate to put their data on cloud. Because the data 1.5
has the most important role in business and nobody wants to 1
loss or share with any one.
0.5
B. Malware injection
Attacker can inject the malware code in to the cloud 0
service which run as an instance. Due to this attacker eaves 1 2 3 4 5 6 7 8 9 10
drop and steal data.
Unsecure Performance Secure Performance
C. Insecure APIs
In cloud, user can create the customized application by Fig. 5. Performance on diiferent loads
which a threat can be occurred because of vary nature.
D. DDoS attacks Delay
Distributed Daniel of Service attack usually occur in cloud
computing. It disrupt the normal traffic of targeted server. In 0.6
it multiple system overflow the bandwidth of targeted server. 0.5
E. System vulnerabilities 0.4
Cloud can contain vulnerability mostly in complex 0.3
network which if imposed then it can be used against the 0.2
enterprise. 0.1
F. Phishing Attack 0
1 2 3 4 5
Due to its openness, phishing attack become very
common. A malicious attacker can break a system easily. Unsecure Delay Secure Delay
G. Unawareness
Fig. 6. Delays in clouds
Mostly employees login into the cloud on mobiles or
tablets and leave their system by which an attacker can harm VIII. CONCLUSION
the system.
Cloud computing is an enhanced and advanced field that
VI. SOLUTIONS TO OVERCOE THESE ISSUES has received a lot of popularity in few years. Mostly
organizations or individuals run their applications on cloud
A. Use Encryption Technique because as it is easy to afford. However the security issues also
To prevent the data, one of the best technique is to use an slow down it. This paper gives ongoing advances in cloud
encryption method on a local server before uploading the data computing and highlights on some challenges, security issues,
on cloud. After using encryption method, if it is hacked then and solutions. It also incorporates the basics of cloud
no one can harm the organization. computing to make itself contained so that pursuers can have
a reasonable comprehension of the subject and cloud
B. Alternate Backup
computing security.
Organization has to back up their data on the local server
on a regular basis so that if cloud is hacked then organization ACKNOWLEDGMENT
don’t have to face problem. This research work was supported by Muhammad Zubair,
C. Utilize the Security Service the Associate Dean of Engineering in IQRA University,
Karachi.
In market there are some service providers who provide
the security as a service to ensure their data and privacy. BLIOGRAPHY
D. Block sharing with unknown Users [1] Klyuev Vitaly, Oleshchuk Vladimir. Semantic retrieval: an approach
to representing, searching and summarising text documents. Int J
To secure the system, you can give the access to login to Inform Technol Commun Converg 2011;1(2):221–34.
particular persons and prevent the unknown users. [2] Nyre Åsmund Ahlmann, Jaatun Martin Gilje. A probabilistic approach
to information control. J Internet Technol 2010;11(3):407–16.
VII. RESULTS
[3] Ling Amy Poh Ai, Masao Mukaidono. Selection of model in
Due to adding the security layer, the performance of developing information security criteria for smart grid security system.
cloud network increases as shown in figure 4 and demand will J Converg 2011;2(1):39–46.
also increase because the vendors who provides the security [4] National Institute of Standards and Technology. The NIST definition
of cloud computing; 2011.
services, takes the cost as per requirement of services. But as
[5] Baek Sung-Jin, Park Sun-Mi, Yang Su-Hyun, Song Eun-Ha, Jeong
the security layer is not available by default, the time of delay Young-Sik. Efficient server virtualization using grid service
is more than unsecured as shown in figure 5. infrastructure. J Inform Process Syst 2010;6(4):553–62.
Authorized licensed use limited to: Consortium - Saudi Arabia SDL. Downloaded on January 19,2021 at 20:41:26 UTC from IEEE Xplore. Restrictions apply.
[6] Gartner: Seven cloud-computing security risks. InfoWorld. 2008-07- [9] http://www.cloudsecurityalliance.org.(Cloud Security Alliance.)
02. [10] Cloud Security Alliance, Security Guidance for Critical Areas of Focus
[7] Cloud Security Front and Center. Forrester Research. 2009-11-18. in Cloud Computing, V2.1.
[8] http://blogs.forrester.com/srm/2009/11/cloud-security-front-
andcenter.html.
Authorized licensed use limited to: Consortium - Saudi Arabia SDL. Downloaded on January 19,2021 at 20:41:26 UTC from IEEE Xplore. Restrictions apply.