AL AIN UNIVERSITY

College of Engineering (CoE)

Secure Systems Architectures and Mechanisms -

0112 306
Student Name Abdullah Osman
Student ID 202010075
Due Date November 22, 2023, 11:59 PM

Course Learning
Total Mark Student Mark
Outcomes (CLO)

Assignment 2, 3 10

Note:
Any assessment with plagiarism higher than 19% or text written
using AI tools of more than 10% will be awarded 0 marks.
Cloud computing completely changed how businesses function in the digital age by offering
them incredibly flexible and affordable options. It provides access to data and services anytime,
anywhere, but also presents risks and difficulties for businesses to protect sensitive data. This
paper aims to highlight the practical challenges faced by businesses in using cloud environments,
emphasizing the importance of authentication and access control in safeguarding data moreover
services.[1]

Cloud computing infrastructures are vulnerable to many dangers and hazards, including identity
theft, service disruptions, data breaches, and legal and compliance problems. Data breaches
happen when cyberattacks or lax security allow unauthorised people to access confidential data.
Strong encryption and routine access log checks are two components of mitigation strategies.
Because service interruptions cause delays in operations and production, businesses should select
a dependable supplier and create contingency plans. Choosing a supplier who upholds local laws
and data sovereignty can help with compliance and legal concerns. [2]

Cloud Service models:

Google and Gmail are examples of Software as a Service (SAAS) services, offering cloud-based
application software through a simple web browser interface. (PaaS) platforms, such as App-
Engine and Force.com, allow customers to run their applications on the cloud infrastructure,
providing software building blocks and development tools. Infrastructure as a Service (IaaS)
allows customers to access resources of the underlying cloud infrastructure without managing or
controlling them, resulting in highly adaptable computer systems EX. Compute Cloud, Microsoft
Windows Azure,

Data breaches in cloud environments are a major concern due to weak security measures or
targeted cyber attacks. To mitigate this risk, organizations should prioritize strong encryption
protocols and regularly check access logs. Proactively addressing vulnerabilities can enhance
security measures and reduce the risk of data breaches in cloud computing environments,
especially due to improper access control.[2]

The operations and productivity of enterprises can be greatly impacted by service interruptions in
cloud computing. Select a dependable supplier with a strong infrastructure and little downtime to
reduce risk. For business continuity, put backup plans and redundancies into practice.[2]
 Because cloud computing systems are worldwide in scope and have differing legal
…

requirements, they provide special compliance and legal problems. Selecting a cloud provider
that upholds local regulations and data sovereignty is crucial for organizations to guarantee
.

compliance, minimize risks, and secure data in cloud environments. Reducing hazards may be
accomplished by collaborating with a supplier who complies with local regulations.[5]

Poor identity management in cloud settings poses a serious risk to security and data integrity as it
can result in unauthorized access to resources and private data. Organizations should update to
more sophisticated identity management systems, such as those that use biometrics or unique
authentication codes, verify access rights often, and have strong identity management procedures
in place to reduce these risks. Data security requires both authentication and access control, with
multi-factor authentication preventing unwanted access and ongoing monitoring identifying
questionable activities.[5]
Cloud computing relies on improved identity verification methods to prevent unauthorized
access and ensure data security. Multi-factor authentication is a strong security measure that
reduces the risk of unwanted access by requiring multiple types of identity. This strong barrier
restricts access to sensitive information and resources. It is crucial to continuously monitor
access logs and authentication to detect irregularities and take prompt action to prevent any
malicious or unauthorized activity. Timely identification and action can help organisations
reduce risks in cloud computing environments and maintain a strong security posture. [3]

In the cloud environment, data security requires secure protocols and encryption. They create a
secure route for data transfer, guarding against illegal access or interception. Sensitive
information, such as customer or intellectual property information, is protected by encryption,
which guarantees that data remains unreadable and incomprehensible even if intercepted. In
order to further prevent data breaches and illegal access, security procedures also guarantee safe
cloud data storage. Organizations may protect their data in cloud computing environments during
transmission and storage by putting strong encryption and secure protocols in place. [4]
In conclusion, cloud computing poses a lot of hazards and difficulties for businesses, such as
poor identity management, service interruptions, data breaches, and compliance problems.
Granular access control, which enables stringent control over data and resource access, can be
used to assist in reducing these risks. Organisations may mitigate the risk of security breaches or
unauthorised access in cloud environments by effectively controlling access rights and ensuring
that only authorised persons possess the relevant permissions. For cloud operations to be secure,
strong control over data and resource access must be maintained.
 References

1. Mehar, A. (2023, October 13). Why is Cloud Computing Important? Definition and
Benefits. AlmaBetter. https://www.almabetter.com/bytes/articles/why-cloud-computing-
is-important#
2. Shea, S. (2021, February 2). Top 11 cloud security challenges and how to combat
them. Security. https://www.techtarget.com/searchsecurity/tip/Top-11-cloud-
security-challenges-and-how-to-combat-them
3. What Is Cloud Security Monitoring? (2023, February 27). Exabeam.
https://www.exabeam.com/explainers/cloud-security/what-is-cloud-security-monitoring/
#:~:text=Benefits%20of%20Cloud%20Security%20Monitoring,these%20regulations
%20and%20avoid%20penalties.
4. Loshin, P., & Cobb, M. (2022, June 28). encryption. Security.
https://www.techtarget.com/searchsecurity/definition/encryption
5. Solutions, B. T. (2023, January 27). 8 Cloud Computing Security Challenges - Biz
Technology Solutions. Biz Technology Solutions.
https://biztechnologysolutions.com/cloud-computing-security-challenges/