Cloud computing is an example of an easy and requested network access to a shared pool of customizable computer resources that can be delivered quickly and efficiently with minimal administrative effort. In simple terms, cloud computing is a combination of technology that provides a platform for providing online hosting and storage services. The main purpose of cloud computing is to provide scalable and affordable computer infrastructure with a good range of services. Many companies develop and offer cloud computing products and services, but have not yet fully evaluated the results of data processing, storage and access in a shared and personalized environment. In fact, many developers of cloud-based applications are trying to establish security. In some cases, engineers still cannot provide real security with cheap technical skills. Cloud computing shares great costs at great cost and in private space. Filter resources can be used by the client and sent by the seller to Amazon, Google, IBM, Zoho, Microsoft, etc. It shares the necessary software tools and requirements with various software industries. The benefits of cloud computing are enormous. Most importantly, customers do not need to buy the service from a third-party vendor, instead they can use that service and pay for it as a service, thus saving the customer time and money. As cloud computing continues to gain popularity not only for international companies but also for small and medium enterprises, there are concerns about the security issues that may arise from adopting this new model. Because the feature of this new distribution model is very different from traditional buildings, the efficiency and effectiveness of traditional security systems are considered. In this study we attempt to highlight the different security challenges installed in cloud space and clarify issues with the security perspective.
Elements Are Causing the Security Problems to Cloud Computing
A lot can be done about cloud security whenever it is discussed. The cloud service provider for the cloud looks after the customer without encountering issues such as data loss or data theft. The malicious user has the potential to infiltrate the cloud by disguising himself as a legitimate user, affecting the entire cloud. It affects many users who share the infected cloud. When discussing cloud security, four types of issues arise: data problems, privacy problems, malicious application and other security issues.
Sensitivity data in the cloud computing environment has emerged as a major security issue in the cloud-based system. First, when data is in the cloud, anyone can access data from the cloud at any time because the data can be public, private, and sensitive to the cloud. As a result, many cloud computing service clients and providers can access and modify data. So, cloud computing requires some data integration method. Second, data styling is a serious problem in the cloud computing environment. Most cloud service providers do not provide their own server, but rather obtain the server from other service providers because it is less costly and flexible for the cloud provider to operate. So, the risk of data being stolen from an external server is very high. Third, data loss is a common problem in cloud computing. If the cloud computing service provider shuts down its services due to some financial or legal issues, the user will lose data. Also, data can be lost, damaged or corrupted due to natural disasters and fires. Data may not be available to users due to the above conditions. Fourth, data location is one of the issues to be considered in the cloud computing environment. The location of the data storage location is very important and vital. It needs to be transparent to consumers and consumers. The seller does not disclose where all the data is stored.
The cloud computing service provider must ensure that the customer’s personal information is securely protected from both the customer and the user. Since most servers are external, the cloud service provider must confirm who accesses the data and who maintains the server, thereby allowing the provider to protect the customer’s personal information.
The cloud computing service provider must have full access to the server with all rights to monitor and manage the server. It therefore prevents any malicious user from uploading any infected application to the cloud, which will severely affect the customer and cloud computing service.
Other Security issues
Cloud computing security should be done in two stages. One at the provider level and the other at the user level. The cloud computing service provider must ensure that the server is well protected from all external threats. Although the cloud computing service provider provides better security for the customer and the user, the user must ensure that the data is not stolen or misleading to other users using the same platform. Its performance. The cloud is only good when the user has the best protection provided by the service provider.
Solutions and Tips
Low and High Level Confidentiality on Cloud Servers
Securing data travel through the network is a very difficult and complex issue, with the threat of data update and data interruptions increasing. The cloud environment increases this complexity because it protects traffic to the cloud, but there is no traditional physical connection between the cloud hosts. Allows PKI IPsec or SSL implementation for secure communication. IPsec is an IP layer protocol that allows you to send cryptographically protected packets (TCP, UDP, ICMP, etc.) without modification. IPsec offers two types of cryptographic services. IPS provides privacy and authenticity as required, or can be authenticated. Since only credentials (s) need to be forwarded, IPsec users will be able to authenticate themselves to peer entity, enhancing their scalability with PKI certificates. The SSL protocol generates end-to-end encryption by interfering with applications and TCPIP protocols to provide an encrypted communication channel between client-server authentication and client-server. Because cloud environments are unique, communications between users and hosts need to be protected, as well as host-to-host.
Server and Client Authentication in Real Time
In a cloud environment, verification authority is required to verify organizations involved in interventions, including physical infrastructure servers, virtual servers, environmental users, and network devices. In other words, the authentication authority builds the strong clues needed for all physical or virtual entities in the cloud, thus creating a security domain with specific boundaries within the cloud’s vague set of entities. Implement digital signatures in conjunction with SSO and LDOP to ensure the most robust authentication process available in the distribution environment, ensuring user mobility and flexibility. You can use the signature private key to authenticate authentically and transparently to other servers and devices on the network whenever you want to establish a connection with the user. As the cloud becomes a standard operating platform, every service requires a secure authentication and authentication process. As the conceptual boundary between the organization’s own service and the services rendered by our resource has become ‘blurred’, the need to adopt a single-sign-on solution is very important. Users are required to use applications embedded in their virtual ‘office’ without having to repeat the authentication process or maintain multiple passwords for each service (application) provider, but use the same powerful authentication process that authorizes the use of the services. From trusted parties: “Eight years ago, it’s about storing applications in the enterprise through identity management. Today we’re talking about storing applications in the cloud with identities coming from within the enterprise”.
Creation of Security Domains with SSL
The presentation of the federations, in collaboration with PKI and Ledop Technology, will lead to an effective trust relationship between the participating organizations. The federation is a group of legal entities that share a set of agreed policies and regulations for access to online resources. The federation provides a structure and legal framework that allows accreditation and recognition in various organizations. Cloud infrastructure can be managed as separate security domains enabled by ‘federated CLDS’ (collection of applications or applications that trust a public security token publicly available for authentication, authorization, or session management). Federated clouds are a collection of single clouds that can interact with each other, i.e. transfer data and computing resources through defined interfaces. According to basic federal principles, each cloud in the cloud is independent, but interacts with other clouds in the cloud through standard interfaces. The federation provides a structure and legal framework that allows accreditation and recognition in various organizations.
Cryptographic Security on Data
The protection of personal information and / or sensitive data within the framework of the cloud environment is critical to the successful deployment of SAS and AAS models. Cryptographic segmentation processes, calculations and conceals data that is invisible to outsiders. Encryption protects not only the privacy and integrity of the data but also the privacy of the data. Using a combination of asymmetry and symmetric cryptography (often called hybrid cryptography), symmetry provides the capability of cryptography, while preserving the security of asymmetric cryptography.
Cloud service provider and customer must ensure that the cloud is secure from all external threats so that there is a strong and mutual understanding between the customer and the cloud service provider. The biggest gap between cloud security training and cloud-security research theory is that research platform covers leave the most important differences between real cloud security and virtual machine security. These gaps and differences should be the focus of research to eliminate them. One part of the framework creates cloud management software monitoring system, the other creates unique processing for specific client applications. It can monitor and monitor people’s behavior, for example, allowing people to run auto-paste software or updating anti-virus software definitions or how people want to tighten their virtual machines in the cloud.
- K. Stanoevska-Slabeva, T. Wozniak, Grid and Cloud Computing-A Business Perspective on Technology and Applications, Springer-Verlag, Berlin, Heidelberg, 2010.
- National Institute of Standards and Technology, The NIST Definition of Cloud Computing, Information Technology Laboratory, 2009.
- E. Naone, Technology overview, conjuring clouds, MIT Technology Review, July–August, 2009.
- VeriSign. Directories and public—key infrastructure (PKI), Directories and Public—Key Infrastructure, PKI.
- A. Alshamsi, T. Saito, A technical comparison of IPSec and SSL, Cryptology (2004).
- Cloud Identity Summit, Secure the cloud now, Cloud identity summit, Retrieved on 10/11/2010 from: http://www.cloudidentitysummit.com/.
- Internet 2, Shibboleth [Online] 2007, Retrieved on 10/11/2010 from: http://shibboleth.internet2.edu/.