Skip to main content

SECURITY IN CLOUD COMPUTING

Image
By On


DEB BISWAS

 Affiliation

(Department of Computer Science and Engineering, Siksha ‘O’ Anusandhan Deemed to be University, Bhubaneswar, Odisha, India)

1941012412.c.debbiswas@gmail.com

 

 

Abstract:

 

                                                           (image source: Nunatix)

                                                            

As the major technological organizations are shifting to store data on cloud the demand for cloud storage is rapidly increasing. Though there are major barriers in using the cloud as the primary storage the topmost is privacy and security. In today’s world data leak of users of some major applications have become a hot topic for discussion. This paper will cover various aspects of security breaches in cloud computing and how they can be avoided. Cloud Security is been starting to become a major topic in today's world as most of our internet consumption data are cloud-based and most of us has been storing our personal data and information in the cloud because data breaching is one of the most concerned topics in cloud storage. In the paper, I am going to present  important research  directions  in  cloud security  in  areas such  as  Trusted  Computing,  Information-Centric  Security  and Privacy-Preserving Models.

 

 

 

 

KEYWORDs:

Cloud Computing, Data Risks, Encryption,  Cryptography, Data in Rest, Data in Transit, Data Security

 

1.             INTRODUCTION:

As the Information and Technology Based Corporates are shifting to cloud-based storage for been more efficient at a reduced cost than others. The COVID -19 pandemic had made the enterprises continue to embrace multi-cloud and hybrid cloud strategies as the demand for cloud increases,  the concern of security also increases. Cloud computing security detects and looks after every physical and logical security issues that come with various service models.

 

One of the biggest advantages of cloud computing is data that can be shared among various groups which also invites the risk of leakage of data. To avoid the risk of a data breach, securing the repositories are a must. Sometimes data is too private for an to be stored on the cloud with the fear of data breach because of data leakage then is recommended to store data using internal organizational cloud, this helps the security by on-premises data policy, though it still not fully provide data security and privacy.

 

This paper studies the various data security methods and technology that be used to protect the data and enhance privacy in the cloud. The remainder of the paper consists of various Cloud Encryption, discussion and challenges.

 

 

2.      NECESSITY OF DATA SECURITY IN CLOUD COMPUTING AND STATES OF DATA

 

 

The data security depends upon the three services models SaaS,  PaaS and IaasS,

Generally the data at rest and data at transit are the two states which are prone to data insecurity: Data in rest generally means the data which is stored in the cloud and Data in transit  means in and out of data from the cloud.

 

·         Data at Rest

It generally refers to the data that is stored in the cloud. It is very difficult for the corporates to ensure data protection for this state if the corporate does not have its own private cloud as then they would not be having physical control over the data. But the problem can be resolved using a private cloud having a proper access guideline.

 

·         Data at Transit

It refers to the movement of data from and into the cloud.Whenever the data is been uploaded and been downloaded during the process of uploading and downloading is known as data at transit. As data at transit contains various private credentials such as passwords and user-details the encryption and protection is must in it.

 

Since data in transit is always in movement, it is more prone to the risk of data leakage and changes in data by certain software has the ability to eavesdrop on the data and sometimes have the ability to change the data.

 

 

3.                 3. PROTECTING DATA USING ENCRYPTION

Ways of encryption of data in rest and data in transit are different as the keys of encryption of data at rest last longer whereas the key of encryption for data in transit is short-lived. Various cryptographic methods are applied for encrypting the data nowadays. Cryptography had increased the level of data security and protection recently.

 

In the most basic cryptography technique the basic text is encrypted to ciphertext using the encryption key and then decrypted when needed. Basic encryption methods are as below.

·         BLOCK CIPHER

It is a method of encrypting where the cryptographic key and the algorithm are used to a block of data at once on a group rather than to one bit at an instance.

·         STEAM CIPHER

It is a symmetric cipher where the text is manipulated with a false random cipher digit stream. It is also called state cipher as the encryption of each digit is dependent on current state of the cipher

 

·         HASH FUNCTION

This mathematical hash function is considered for the encryption of the data. In this technique, the text is converted to an alphanumeric string. This technique makes sure that no two string has a same alphanumeric string as output. A hash function can be as simple as x=x mod 30 or may also be very complex. All the above methods are widely used in encryption techniques. It is also necessary to make sure it must be applied properly.

 

 

4.      CHALLENGES IN SECURITY

There are various challenges and barriers in obtaining a perfect cloud computing environment Some of the challenges are listed below.

                                    

o ensure providing safe and secure data record and transmission through the cloud.This challenges can be very dangerous from the security point of view some of them are as follows

1.      Storage of data in the public cloud: Its another security concern in cloud computing. As in general the clouds are implemented in a centralized way it is at high-risk exposure to hackers if a security breach occurs. In order to avoid this, it is always recommended to have a private cloud for sensitive data.

2.       Data interception: The data in the cloud computing is segmented and poses threat and vulnerability of sniffing and spoofing and third party attacks

3.       Attacks from internal management: Sometimes the managers and employees of the service providers act as the agent of malicious attacks from internal they may put the data of the customers at risk at certain rare cases but this must be taken into consideration by proper governance internally.

4.      Insecure Data Deletion: Insecure data deletion can have traces of data left over possessing the threat of data recovery by a hacker,

5.      Lock-In: The incompatible standards of data format shortage of encryption tools among operators as the result  customers have to depend completely on the vendor.

6.     Compromise of management interface: As the cloud computing services are delivered over the internet the third party malicious attacks are quite possible. As a result the vulnerability of security and data is amplified.

 

 

CONCLUSION

 As the use of cloud storage is increasing the need of ensuring the security of the cloud needs to be improved. Data and credentials are at high potential risk if not protected in a good manner. 

In this paper, it has been tried to cover the basics of different states of data and how it may be protected from data breaches. Different techniques of encryption like block cipher, steam cipher and hash function are discussed for securing the data . Some of the most frequent security challenges are also been discussed here like lock-in, internal security threats. Since the various industries are shifting to cloud-based storage they must ensure proper data protection policy and infrastructure to ensure their consumers a better security experience in the cloud.

 

 

REFERENCES

·         Scott R. Ellis, in Computer and Information Security Handbook https://www.sciencedirect.com/topics/computer-science/block-ciphers [Accessed 12th April 2021]

·         https://www.geeksforgeeks.org/cloud-computing/  [Accessed 12th April 2021]

 

 

 

Comments

Post a Comment

Popular posts from this blog

Life in rural areas

By On
Life in rural areas   Far away from hustle and bustle, there are places where people still prefer living in the simplest way that disconnects them from all the distractions of the urban areas. The greenery of the rural suburbs is the ultimate beauty of the villages which sets them apart from other inhabitable places. Not only are the rural neighbourhoods quieter and more picturesque, but they also provide a better and improved quality of life. It has also been found that being more connected to the countryside can have a very positive impact on wellbeing, helping to improve the quality of life as the residents have nature and wildlife all around them. Wildlife is more frequently found in rural areas than in cities because of the absence of people and buildings.     The view of the herd of cattles grazing over the fields, the fishes swimming in the distinct ponds having lotuses protruding from t...
Post a Comment
Read more

Dream’s End

By On
 I had a fever dream, of a utopian state A town with no slaves A city with no plagues A flawless place Somewhere I can feel free Where I can be the real me Where the crooks don't steal Where dreams aren't killed Where every obligation is fulfilled And lives are more than just red and blue pills Where the birds don't have to sing inside cages And love isn't just some ink on torn pages Where colors don't fade And we're not divided by borders or races And we don't have to read between the spaces And we're not forced to sing each other's praises Where the world is at peace Where heaven and earth meet A place where a perfect society could be. -Ayush Tripathi
Post a Comment
Read more

12 Angry Men (Analysis of Underlying Themes)

By On
Sidney Lumet's 12 Angry Men tells the story of a jury of 12 men in charge of deciding the fate of a poor, young boy who had killed his father. The film opens in a courtroom with the defence and the prosecution presenting their evidence before the judge. After the oral pleadings, the jurors are instructed by the judge to retreat and determine the verdict. The judge also says that the jurors must return a 'not guilty' verdict if they find any reasonable doubt. From the beginning of the film, we can see that the jury room is split into two opposing sides: 'guilty' and 'not guilty'. Juror 8 and Juror 3 are the most significant characters as they are the only ones who vote not guilty and guilty respectively at the beginning of the film, thereby initiating the conflict. In a way, Juror 8 represents the boy's innocence while Juror 3 represents the boy's guilt. Although Juror 3 says that he is merely stating the facts of the case, which undoubtedly point to ...
Post a Comment
Read more