Skip to main content

SECURITY IN CLOUD COMPUTING

Image
By On


DEB BISWAS

 Affiliation

(Department of Computer Science and Engineering, Siksha ‘O’ Anusandhan Deemed to be University, Bhubaneswar, Odisha, India)

1941012412.c.debbiswas@gmail.com

 

 

Abstract:

 

                                                           (image source: Nunatix)

                                                            

As the major technological organizations are shifting to store data on cloud the demand for cloud storage is rapidly increasing. Though there are major barriers in using the cloud as the primary storage the topmost is privacy and security. In today’s world data leak of users of some major applications have become a hot topic for discussion. This paper will cover various aspects of security breaches in cloud computing and how they can be avoided. Cloud Security is been starting to become a major topic in today's world as most of our internet consumption data are cloud-based and most of us has been storing our personal data and information in the cloud because data breaching is one of the most concerned topics in cloud storage. In the paper, I am going to present  important research  directions  in  cloud security  in  areas such  as  Trusted  Computing,  Information-Centric  Security  and Privacy-Preserving Models.

 

 

 

 

KEYWORDs:

Cloud Computing, Data Risks, Encryption,  Cryptography, Data in Rest, Data in Transit, Data Security

 

1.             INTRODUCTION:

As the Information and Technology Based Corporates are shifting to cloud-based storage for been more efficient at a reduced cost than others. The COVID -19 pandemic had made the enterprises continue to embrace multi-cloud and hybrid cloud strategies as the demand for cloud increases,  the concern of security also increases. Cloud computing security detects and looks after every physical and logical security issues that come with various service models.

 

One of the biggest advantages of cloud computing is data that can be shared among various groups which also invites the risk of leakage of data. To avoid the risk of a data breach, securing the repositories are a must. Sometimes data is too private for an to be stored on the cloud with the fear of data breach because of data leakage then is recommended to store data using internal organizational cloud, this helps the security by on-premises data policy, though it still not fully provide data security and privacy.

 

This paper studies the various data security methods and technology that be used to protect the data and enhance privacy in the cloud. The remainder of the paper consists of various Cloud Encryption, discussion and challenges.

 

 

2.      NECESSITY OF DATA SECURITY IN CLOUD COMPUTING AND STATES OF DATA

 

 

The data security depends upon the three services models SaaS,  PaaS and IaasS,

Generally the data at rest and data at transit are the two states which are prone to data insecurity: Data in rest generally means the data which is stored in the cloud and Data in transit  means in and out of data from the cloud.

 

·         Data at Rest

It generally refers to the data that is stored in the cloud. It is very difficult for the corporates to ensure data protection for this state if the corporate does not have its own private cloud as then they would not be having physical control over the data. But the problem can be resolved using a private cloud having a proper access guideline.

 

·         Data at Transit

It refers to the movement of data from and into the cloud.Whenever the data is been uploaded and been downloaded during the process of uploading and downloading is known as data at transit. As data at transit contains various private credentials such as passwords and user-details the encryption and protection is must in it.

 

Since data in transit is always in movement, it is more prone to the risk of data leakage and changes in data by certain software has the ability to eavesdrop on the data and sometimes have the ability to change the data.

 

 

3.                 3. PROTECTING DATA USING ENCRYPTION

Ways of encryption of data in rest and data in transit are different as the keys of encryption of data at rest last longer whereas the key of encryption for data in transit is short-lived. Various cryptographic methods are applied for encrypting the data nowadays. Cryptography had increased the level of data security and protection recently.

 

In the most basic cryptography technique the basic text is encrypted to ciphertext using the encryption key and then decrypted when needed. Basic encryption methods are as below.

·         BLOCK CIPHER

It is a method of encrypting where the cryptographic key and the algorithm are used to a block of data at once on a group rather than to one bit at an instance.

·         STEAM CIPHER

It is a symmetric cipher where the text is manipulated with a false random cipher digit stream. It is also called state cipher as the encryption of each digit is dependent on current state of the cipher

 

·         HASH FUNCTION

This mathematical hash function is considered for the encryption of the data. In this technique, the text is converted to an alphanumeric string. This technique makes sure that no two string has a same alphanumeric string as output. A hash function can be as simple as x=x mod 30 or may also be very complex. All the above methods are widely used in encryption techniques. It is also necessary to make sure it must be applied properly.

 

 

4.      CHALLENGES IN SECURITY

There are various challenges and barriers in obtaining a perfect cloud computing environment Some of the challenges are listed below.

                                    

o ensure providing safe and secure data record and transmission through the cloud.This challenges can be very dangerous from the security point of view some of them are as follows

1.      Storage of data in the public cloud: Its another security concern in cloud computing. As in general the clouds are implemented in a centralized way it is at high-risk exposure to hackers if a security breach occurs. In order to avoid this, it is always recommended to have a private cloud for sensitive data.

2.       Data interception: The data in the cloud computing is segmented and poses threat and vulnerability of sniffing and spoofing and third party attacks

3.       Attacks from internal management: Sometimes the managers and employees of the service providers act as the agent of malicious attacks from internal they may put the data of the customers at risk at certain rare cases but this must be taken into consideration by proper governance internally.

4.      Insecure Data Deletion: Insecure data deletion can have traces of data left over possessing the threat of data recovery by a hacker,

5.      Lock-In: The incompatible standards of data format shortage of encryption tools among operators as the result  customers have to depend completely on the vendor.

6.     Compromise of management interface: As the cloud computing services are delivered over the internet the third party malicious attacks are quite possible. As a result the vulnerability of security and data is amplified.

 

 

CONCLUSION

 As the use of cloud storage is increasing the need of ensuring the security of the cloud needs to be improved. Data and credentials are at high potential risk if not protected in a good manner. 

In this paper, it has been tried to cover the basics of different states of data and how it may be protected from data breaches. Different techniques of encryption like block cipher, steam cipher and hash function are discussed for securing the data . Some of the most frequent security challenges are also been discussed here like lock-in, internal security threats. Since the various industries are shifting to cloud-based storage they must ensure proper data protection policy and infrastructure to ensure their consumers a better security experience in the cloud.

 

 

REFERENCES

·         Scott R. Ellis, in Computer and Information Security Handbook https://www.sciencedirect.com/topics/computer-science/block-ciphers [Accessed 12th April 2021]

·         https://www.geeksforgeeks.org/cloud-computing/  [Accessed 12th April 2021]

 

 

 

Comments

Post a Comment

Popular posts from this blog

Actuality behind being a Devil

By On
Picture Source: Pinterest At least for once in a person's lifespan, they rebel, don’t they? Well, the cycle of rebellion comes accompanied by retaliation and realization, which can be traced back to the creation of the universe as we know it. Since the upbringing of a child, they are taught a deeper sense of what’s right or wrong so they won’t get trapped in guilt and vilification of their deeds, but the laws of nature aren’t so simple, I guess. The one above all had something different planned for us as the boon of will was bestowed upon us, but some things are better understood the hard way. If we look into our past, every source of guidance was handed to us by the Way of Mystics which creates a major impression overall, guiding us to the right path. Stories that have been shared of God’s favorite son known as Samael The Light Bringer,  the wisest and charming among all, got so wonderstruck of his fruition that he dared to question the actions of The Almighty . Hereby...
7 comments
Read more

DE-CLASSIFIED: A look into Netaji's death mystery

By On
NETAJI SUBHAS CHANDRA BOSE   Netaji Bose was an eminent leader and a man of action. His praises are endless. Bose was a man great visionary, a revolutionary, and a charismatic orator. He wasn’t afraid of using stringent methods to achieve justice. From a very young age, Bose began to serve his motherland and with time, grew into an influential personality. Some glimpses at his personality are as follows: Subhas Chandra Bose 1.       1.An Inspiration When the country shuddered with the fear of raising weapons against British powers, it was this man that said built his own army and shouted with the fire in his belly,”It is blood alone that can pay the price of freedom…Give me blood, and I shall give you freedom.” Bose believed,”Freedom is not given. It is taken” For his valour and determination, he was praised by people of all age and gender. For his incomparable leadership, he was called “Netaji” by his admirers. 2.      2.A humble human ...
5 comments
Read more

Dream’s End

By On
 I had a fever dream, of a utopian state A town with no slaves A city with no plagues A flawless place Somewhere I can feel free Where I can be the real me Where the crooks don't steal Where dreams aren't killed Where every obligation is fulfilled And lives are more than just red and blue pills Where the birds don't have to sing inside cages And love isn't just some ink on torn pages Where colors don't fade And we're not divided by borders or races And we don't have to read between the spaces And we're not forced to sing each other's praises Where the world is at peace Where heaven and earth meet A place where a perfect society could be. -Ayush Tripathi
Post a Comment
Read more