Explain Cloud Privacy, Security, Trust.

-

 CLOUD PRIVACY, SECURITY, AND TRUST

Cloud computing refers to the underlying infrastructure enabling a new form of service delivery that has the benefit of lowering costs by sharing computer and storage resources, in conjunction with an on-demand provisioning mechanism based on a pay-per-use business model. These new characteristics have an immediate impact on IT spending, but they also influence conventional security, trust, and privacy processes. The benefits of cloud computing, such as its capacity to grow quickly, store data remotely, and share services in a dynamic environment, can become drawbacks in maintaining a degree of assurance necessary to preserve potential consumers' confidence. Some basic old mechanisms for managing privacy are no longer flexible or dynamic enough, necessitating the development of new ways to meet this new paradigm.

Privacy

  • For clients, privacy means the preservation and responsible use of their personal information, as well as matching their expectations regarding its usage. For enterprises, privacy comprises the implementation of laws, rules, standards, and practices for managing personal information. What is appropriate will be determined by the applicable laws, and individuals' expectations regarding the collection, use, and disclosure of their personal information, and other contextual information; thus, one way to think about privacy is simply as "the appropriate use of personal information under the circumstances." Personal information refers to facts, messages, or ideas about a person that would be fair to expect him or her to perceive as intimate or sensitive, and hence concerning which he or she would desire to limit collection, use, or dissemination. The phrases 'personal information and 'personal data are sometimes used interchangeably.
  • Name, address, phone number, social security or national identity number, credit card number, email address, passwords, date of birth, religion or race, political beliefs, health, sexual orientation, trade-union membership, driver's license numbers, personal financial information, and medical records are all examples of important personal data.

Security

  • Security is defined as the preservation of information confidentiality, integrity, and availability; other attributes such as authenticity, accountability, non-repudiation, and dependability may also be included. Confidentiality is a security feature that ensures information is not made available or given to unauthorized people, companies, or processes. The total correctness, completeness, and consistency of data, entities, or processes throughout its lifecycle is referred to as integrity. The process of ensuring that data is available to end-users and applications when they need it is known as availability.
  •  Security is a required but insufficient prerequisite for privacy. Security is, in fact, one of the fundamental foundations of privacy. Any entity that creates, maintains, uses, or disseminates data must guarantee that the records have not been tampered with and must take safeguards to prevent the information from being misused. To be more specific, to maintain the security of such information processing, data controllers must establish suitable technological and organizational safeguards to protect it against unauthorized access or disclosure, destruction, modification, and unauthorized use. Mechanisms for doing his include risk assessment, implementation of an information security program, and the implementation of effective, reasonable, and appropriate measures covering physical, administrative, and technological components of security.


Trust

  • Trust is a complicated term with no commonly recognized definition. Trust is a psychological condition that consists of the decision to accept vulnerability based on favorable expectations of another's intentions or behavior. As trust is consisting of subjective criteria and experience, it is a larger concept than security. Similarly, there exists both hard (security-oriented) and soft (i.e., confidence that is not based on security) trust. 'Hard' trust entails elements including authenticity, encryption, and transaction security, whereas 'soft' trust entails human psychology, brand loyalty, and user-friendliness. People generally find it more difficult to trust internet services than offline services since there are no tangible indicators in the digital realm and there may not be an established centralized authority. The distrust of Internet services can even have a damaging impact on the amount of confidence provided to firms that have long been regarded as trustworthy.
  • Online trust may be developed in a variety of ways, the most significant of which is security. People are more inclined to engage in e-commerce if they are convinced that their credit card information and personal data are cryptographically secure, which is an example of enhanced security leading to higher confidence. Building trust, a stable trust relationship, and declining trust are all possible stages in a partnership. Trust is difficult to establish and quick to destroy: a single breach of trust may demolish years of patiently acquired reputation.
  • When evaluating trust in the context of cloud computing, it may be useful to distinguish between social and technological ways of establishing persistent and dynamic trust. Trust in long-term underlying infrastructure originates through relatively unchanging social and technical factors. Dynamic trust refers to a trust that is specific to certain conditions, settings, or short-term or variable knowledge; it can occur as a result of context-based social and technical systems. Persistent social-based trust in a hardware or software component or system is an indication of confidence in technological-based trust since it assures the implementation and functioning of that component or system.


Comments

Post a Comment

Popular posts from this blog

Legislations and IT in Nepal MCQ IT Officer(PSC)

-
  1. A genetic term that is concerned to the legal and regulatory aspects of Internet and computer technology. a. Copyright law b. Cyber law c. Computer Crime d. None of them Correct Answer: b Explanation: Cyber law encompasses the legal and regulatory aspects of internet and computer technology. The correct answer is "b". 2. "The Electronic Transaction and Digital Signature Act Ordinance" is Known as: a. Intellectual Property Law b. Cyber Law c. Telecommunication Law d. Data Protection Law Correct Answer: b Explanation: This act is commonly referred to as Cyber Law in Nepal, governing electronic transactions and digital signatures. The correct answer is "b". 3. A criminal activity within the information technology infrastructure. a. Digital crime b. Intellectual property c. Cybercrime d. All of them Correct Answer: c Explanation: Cybercrime specifically refers to criminal activities conducted within IT infrastructure. The correct ...
Read more

Discuss classification or taxonomy of virtualization at different levels.

-
Image
Taxonomy of virtualization Virtualization is mainly used to emulate the execution environment, storage, and networks. The execution environment is classified into two: – Process-level – implemented on top of an existing operating system.  – System-level – implemented directly on hardware and does not or minimum requirement of the existing operating system. OR,  Virtualization covers a wide range of emulation techniques that are applied to different areas of computing. A classification of these techniques helps us better understand their characteristics and use  V irtualization is mainly used to emulate  ● Execution Environments: To provide support for the execution of the programs eg. OS, and Application.  ○ Process Level: Implemented on top of an existing OS that has full control of the hardware  ○ System Level: Implemented directly on Hardware and do not require support from existing OS.  ● Storage: Storage vi...
Read more

Suppose that a data warehouse consists of the three dimensions time, doctor, and patient, and the two measures count and charge, where a charge is the fee that a doctor charges a patient for a visit. a) Draw a schema diagram for the above data warehouse using one of the schemas. [star, snowflake, fact constellation] b) Starting with the base cuboid [day, doctor, patient], what specific OLAP operations should be performed in order to list the total fee collected by each doctor in 2004? c) To obtain the same list, write an SQL query assuming the data are stored in a relational database with the schema fee (day, month, year, doctor, hospital, patient, count, charge)

-
Image
Solution: a) Star Schema is shown in the figure below: b) First, we should use the roll-up operation to get the year 2004(rolling-up from the day then month to a year). After getting that, we need to use the slice operation to select (2004). Second, we should use roll-up operation again to get all patients. Then, we need to use the slice operation to select (all). Finally, we get a list of the total fee collected by each doctor in 2004. So, 1. roll up from day to month to year 2. slice for year = “2004” 3. roll up on patient from the individual patient to all 4. slice for patient = “all” 5. get the list of the total fees collected by each doctor in 2004 c) Select doctor, Sum(charge) From fee Where year = 2004 Group by doctor
Read more