List and describe the security challenges, which are threatening the cloud computing environment.

-

 CLOUD SECURITY CHALLENGES AND RISKS 

Although virtualization and cloud computing can help businesses achieve more by breaking down the physical barriers that exist between an IT infrastructure and its customers, increased security dangers must be faced to fully benefit from this new computing paradigm. This is especially true for SaaS providers. Some security issues merit further consideration. For example, in the cloud, you lose some control over assets, thus your security approach must be re-evaluated.

Enterprise security is only as good as its most untrustworthy partner, department, or vendor. Can you put your data in the hands of your service provider? Physical security is lost while using the cloud approach You share computer resources with other businesses in a public cloud. You have no information or control over where the resources run in a common pool outside the organization. Exposing your data in a shared environment with other businesses may provide the authorities with "reasonable cause" to confiscate your assets because another firm broke the law. Simply because you share the cloud environment puts your data in danger of confiscation.

As more mission-critical activities are shifted to the cloud, SaaS providers will be required to offer to log data in a real-time, simple manner, most likely for their administrators as well as their customers. Someone must be in charge of monitoring for security and compliance, and they will be unable to do so until the application and data are in the control of end-users. Will consumers have enough faith in the cloud provider to move mission-critical apps to the cloud? Monitoring is difficult since the SaaS provider's logs are internal and not always accessible externally or by clients or investigators.

Closed apps are constantly updated with new features, and users must stay up to current on program updates to ensure their security. The rate at which apps evolve on the cloud will have an impact on both the SDLC and security. For example-  Microsoft SDLC believe that mission crtical software would not change significantly for one to five year, but the cloud may necessitate a change in the program every few weeks. Worse, a secure SDLC will not be able to provide a security cycle that keeps up with the rapid changes. This implies that users must regularly upgrade since an older version may not perform properly or adequately safeguard data.

While surrendering significant control over data is not a smart idea from a security standpoint, business simplicity and financial saving will continue to encourage the use of these services. Security managers will need to collaborate with their company's legal team to ensure that suitable contract conditions are in place to secure corporate data while also providing acceptable service-level agreements. Because of cloud-based services, any mobile IT users will be able to access company data and services without having to connect to the corporate network. This will heighten the requirement for businesses to implement security controls have been mobile users and cloud-based services. Placing enormous volumes of sensitive data in a globally accessible cloud expose firms to enormous and dispersed threats- attackers no longer need to come on-site to steal data, and they can find it all in a single " virtual" place.

The dynamic and fluid nature of virtual machines will make it difficult to maintain security consistency and assure record audibility. The ease with which physical servers may be cloned and distributed may result in the spread of configuration problems and other vulnerabilities. IT will be difficult to demonstrate a system's security condition and locate an unsecured virtual machine. Regardless of where the virtual machine is located inside the virtual environment, intrusion detection and prevention systems must be able to identify malicious behavior at the virtual environment machine level. the co-location of numerous machines expands the attack surfaces and raises the danger of virtual machine-to -virtual -machine compromises.

Ina cloud server environment, localized virtual machines, and physical servers share the same operating systems as well as corporate and online applications, rising the risk of an attack or malware remotely exploiting weaknesses in these systems and applications. Virtual machines are susceptible when they transition between the private and public clouds. A complete or partially shared cloud environment is predicted to have a larger attack surface and hence to be more vulnerable than a dedicated resources environment.

Many organizations are likely rushing into cloud computing without giving any attention to the security application to reap the benefits of cloud computing, not the least of which is significant cost reduction. To create trust zones in the cloud, virtual machines must be self-defending, thereby shifting the boundary to the virtual machines themselves. Enterprises' perimeter security(firewalls, demilitarized ones, network segmentation, intrusion detection, and prevention systems, monitoring tools, and related securing policies) solely controls data that resides and travels behind the perimeter. The cloud computing provider is responsible for client data security and privacy in the cloud computing industry.



Comments

Post a Comment

Popular posts from this blog

What are different steps used in JDBC? Write down a small program showing all steps.

-
 T he fundamental steps involved in the process of connecting to a database and executing a query consist of the following: Import JDBC packages. Load and register the JDBC driver. Open a connection to the database. Create a statement object to perform a query. Execute the statement object and return a query resultset. Process the resultset. Close the resultset and statement objects. Close the connection. These steps are described in detail in the sections that follow. 1. Import JDBC Packages This is for making the JDBC API classes immediately available to the application program. The following import statement should be included in the program irrespective of the JDBC driver being used: import java.sql.*; Additionally, depending on the features being used, Oracle-supplied JDBC packages might need to be imported. For example, the following packages might need to be imported while using the Oracle extensions to JDBC such as using advanced data types such as BLOB, and so on. import o...
Read more

Discuss classification or taxonomy of virtualization at different levels.

-
Image
Taxonomy of virtualization Virtualization is mainly used to emulate the execution environment, storage, and networks. The execution environment is classified into two: – Process-level – implemented on top of an existing operating system.  – System-level – implemented directly on hardware and does not or minimum requirement of the existing operating system. OR,  Virtualization covers a wide range of emulation techniques that are applied to different areas of computing. A classification of these techniques helps us better understand their characteristics and use  V irtualization is mainly used to emulate  ● Execution Environments: To provide support for the execution of the programs eg. OS, and Application.  ○ Process Level: Implemented on top of an existing OS that has full control of the hardware  ○ System Level: Implemented directly on Hardware and do not require support from existing OS.  ● Storage: Storage vi...
Read more

Pure Versus Partial EC

-
Image
Pure Versus Partial EC EC takes several forms depending on the degree of digitization (the transformation from physical to digital). Companies utilizing pure EC conduct all of their business online. Businesses utilizing partial EC conduct a portion of their business online and a portion of their business off-line OR,    Pure E-electronic commerce refers to a situation where a business transacts its business activities PURELY online. that is, the goods or services sold do not have any physical presence. take a business that sells software, for example, you just pay and download, or one that sells music files online. Partial E-Commerce on the other hand refers to a slightly opposite situation where a business has an online presence, but still has a physical location for the goods and services it sells. For example, Amazon, Walmart, and any other you can think of. you buy the goods online but receive them physically.                   ...
Read more