Wednesday, December 11, 2019
Analysis of Security Issues for Cloud Computing - MyAssignmenthelp
Question: Discuss about the Analysis of Security Issues for Cloud Computing. Answer: Introduction: The network security is important to overcome the issues in the cloud computing which includes the privacy procedure and the provisions. The transfer security using VPN (Virtual Private Network) mechanism to protect the distributed architecture from any of the possible threats like the sniffing and the spoofing, man-in-the-middle and side channel attacks. The use of the firewalling will isolate the virtual machines with filtering the addresses and the ports. Along with this, the data security is also important for the redundancy, cryptography which includes the data encryption in the secured and sensitive manner (Mell et al., 2011). The feature helps in avoiding the problems that are related to loss of data. With this, it is easy to take hold of the security configuration with the protocols, systems and the technology. The transferring of the security with the increased use of the distributed architecture is mainly for the resource that is shared in the larger number of the virtual m achines that involve the large amount of the data that is transferred to the cloud. Part b: For the Webb Store, it is important to focus on the network security which includes the protection of the data, preventing from any kind of the cyber-attack and handling the level of access. It also includes the centrally controlled measures which are prone to the worms or the cyber-attacks (Hashizume et al., 2013). The major issues are related to the costly setup of the network security system. It is important for Webb to focus on the time consumer with the purchase of the software, installation and then handling the storage of the massive data for the company. The time-consuming factors are related to how the passwords need to be set which are unique for the different special characters and the alphabets. It is important that the skilled staff can manage the large networks and then work with the high skilled technicians to meet the requirements. The carelessness in the installation and then checking the logs for the malicious users is important for protecting the data from the loss. For the database: The risks are related to the database injection attacks where the target is big data, malware and the stealing of all the sensitive information through the legitimate users who tend to make use of the infected devices. The storage of the media exposure with the exploitation of the vulnerable database leads to the issues which include the higher wok loads and the mounting of the backlogs which are associated to the database administrators with time consuming requirements. For the database, the exploitation of the system vulnerabilities as well as the sharing of the memory mainly attacks the system, with creating new and bigger attack surfaces (Krutz et al., 2010). For IaaS: The unauthorised access to the customer and the data of the business which includes the pushing of the security risks to the larger organisation. The security risks are mainly at the vendor with the issues related to the accessing and handling the integrity problems. The lack of control with the hosting of services locally. The unauthorised access to the customer and the access to the business data, the availability risks and the lack of control are found to be major issues with cloud computing. The malicious insiders are the people who are the system administrator where the possibility is that they destroy the entire IaaS cloud computing setup and manipulate the data. There are different points which include the spear phishing and the direct attacks, USB drivers are pre-loaded with the malware and the other networks which includes the training of the users for the phishing techniques. For Webb and IaaS communication: The risks are related to the breach of the data where the cloud environment tends to face the major issues. The severity of the potential damage is depending upon the data sensitivity. The data breach occurs with the compromised credentials and the broken authentication as well, with weak passwords and poor key or certification management (Subashini et al, 2011). The organisation tends to struggle with the identity management when one tries to allocate the permissions to the job role of the user. The multifactor authentication like the OTP and the other smartcard cloud services are only helpful for Webb Store and the IaaS cloud computing. The hacked interfaces and the APIs are mainly to manage the interaction with the cloud provisioning, monitoring and the orchestration. The security standards are set to take hold from the authentication and access control to encryption and the monitoring of the activities. The lack of the standardisation of the data where the cloud solutions are not built in the same way, when it comes to take hold of the development of the tools. The seeding date and size limitations lead to the issues with the backup strategies. With this, there are discontinuation of the services with termination or the withdrawal of the fees, data extraction and non-existent SLA (Service Level Agreements). The issues are that there is no control over the data where there is a possibility of the leakage and not able to handle the privacy setting which are beyond the enterprise control (Mell et al., 2011). The issues are also with the BYOD (Bring Your Own Device) that brings more virus and the possibility of the leakage of the data. Any unauthorised access to the data or the SLAs need to make sure of the restoration and working for the sound key management. The backup system at LAN speed is limited by the throughput. Hence, there is a need to restore the windows which is too small. The use of the hybrid technology will be able to handle the key management with the encryption. It is important to make sure of the loss of data could easily be handled through consulting the service providers to maintain the previous versions of the files. The backup and the web store strategy for Webb Store is best as the operations through the hybrid cloud will help in completely taking the full back up on the cloud. It is easy to login to the system from anywhere, irrespective of any spacing. There is a need to take care of the security standards as well as the cost of maintaining the ICT infrastructure (Jensen et al., 2009). This is important for the efficiency and the reliability, scalability that is set with the capital savings. The organisations can easily handle the leverage based on improving the time for recovery for the small data sets with the accessibility that is mainly due to the disaster recovery infrastructure. It will provide the better access to the connected devices and the location and then providing the insurance of the events related to saving of time and then eliminating the structure as well. The cloud storage is important for the acquiring of the cloud infrastructure which is based on the pairing with the open source setup with Amazon cloud storage. This will help in offering the services from different consumer desktops. The consideration is also about the backup technology approach which is important and convenient for the management, searching, retrieving and then transferring of the data. References Hashizume, K., Rosado, D. G., Fernndez-Medina, E., Fernandez, E. B. (2013). An analysis of security issues for cloud computing.Journal of Internet Services and Applications,4(1), 5. Jensen, M., Schwenk, J., Gruschka, N., Iacono, L. L. (2009, September). On technical security issues in cloud computing. InCloud Computing, 2009. CLOUD'09. IEEE International Conference on(pp. 109-116). IEEE. Krutz, R. L., Vines, R. D. (2010).Cloud security: A comprehensive guide to secure cloud computing. Wiley Publishing. Mell, P., Grance, T. (2011). The NIST definition of cloud computing. Subashini, S., Kavitha, V. (2011). A survey on security issues in service delivery models of cloud computing.Journal of network and computer applications,34(1), 1-11.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.