SECURITY IN CLOUD COMPUTING
Cloud computing is an internet-based computing technology, where shared resourcessuch as software, platform, storage and information are provided to customers on demand. It isa computing platform for sharing resources that include infrastructures, software, applications,and business processes. Cloud computing is a virtual pool of computing resources.
Confidentiality, Integrity, Availability, Authenticity, and Privacy are essential concerns for both Cloud providers and consumers as well. Security concerns have given rise to emerging an active area of research due to the many security threats that many organizations have faced at present.This seminar provides a concise but all-round analysis on data security and privacy protection issues associated with cloud computing. Then this seminar discusses some current solutions and finally describes future research work about data security and privacy protection issues in cloud. Cloud computing promises to significantly change the way we use computers and access and store our personal and business information. With these new computing and communications paradigms arise new data security challenges.
Existing data protection mechanisms such as encryption have failed in preventing data theft attacks, especially those perpetrated by an insider to the cloud provider. We propose a different approach for securing data in the cloud using offensive decoy technology. We monitor data access in the cloud and detect abnormal data access patterns. When unauthorized access is suspected and then verified using challenge questions, we launch a disinformation attack by returning large amounts of decoy information to the attacker. This protects against the misuse of the user’s real data. Experiments conducted in a local file setting provide evidence that this approach may provide unprecedented levels of user data security in a Cloud environment.
CISCO recently delivered the vision of fog computing to enable applications on billions of connected devices, already connected in the Inter-net of Things (IoT), to run directly at the network edge.Customers can develop, manage and run software applications on Cisco IOx framework of networked devices, including hardened routers, switches and IP video cameras. Cisco brings the open source Linux and Cisco IOS network operating system together in a single networked device (initially in routers).The open application environment encourages more developers to bring their own applications and connectivity interfaces at the edge of the network. Regardless of Cisco’s practices, we first answer the questions of what the Fog computing is and what are the differences between Fog and Cloud. In Fog computing, services can be hosted at end devices such as set-top-boxes or access points. The infrastructure of this new distributed computing allows applications to run as close as possible to sensed actionable and massive data, coming out of people, processes and thing. Such Fog computing concept, actually a Cloud computing close to the ‘ground’, creates automated response that drives the value. Both Cloud and Fog provide data, computation, storage and application services to end-users. However, Fog can be distinguished from Cloud by its proximity to end-users, the dense geographical distribution and its support for mobility.
Cloud is growing and by 2020, nearly 75% businesses will be on Cloud. On the contrary, challenges do exist- cost, security, management, ops & automation, performance, and the biggest of these all-“skill gap”!. The future of cloud security will rely on intelligent automation. Security is everyone’s job and needs continuous monitoring, ensuring that all the best practices are aligned and keeps the business compliant on cloud. For those on AWS Cloud, it becomes a little more easier, as security stands first in AWS Cloud. A number of security threats are associated with cloud data services: not only traditional security threats, such as network eavesdropping, illegal invasion, and denial of service attacks, but also specific cloud computing threats, such as side channel attacks, virtualization vulnerabilities, and abuse of cloud services.
Businesses, especially startups, small and medium businesses (SMBs), are increasingly opting for outsourcing data and computation to the Cloud. This obviously supports better operational efficiency, but comes with greater risks, perhaps the most serious of which are data theft attacks. Data theft attacks are amplified if the attacker is a malicious insider. This is considered as one of the top threats to cloud computing by the Cloud Security Alliance [1].While most Cloud computing customers are well-aware of this threat, they are left only with trusting the service provider when it comes to protecting their data. The lack of transparency into, let alone control over, the Cloud provider’s authentication, authorization, and audit controls only exacerbates this threat. The Twitter incident is one example of a data theft at- tack from the Cloud.
Several Twitter corporate and personal documents were ex-filtrated to technological website TechCrunch and customers’ accounts, including the account of U.S. President Barack Obama, were illegally accessed . The attacker used a Twitter administrator’s password to gain access twitter’s corporate documents. The damage was significant both for Twitter and for its customers. While this particular attack was launched by an outsider, stealing a customer’s admin passwords is much easier if perpetrated by a malicious insider. Rocha and Correia out-line how easy passwords may be stolen by a malicious insider of the Cloud service provider. The authors also demonstrated how Cloud customers’ private keys might be stolen, and how their confidential data might be extracted from a hard disk. After stealing a customer’s pass-word and private key, the malicious insider get access to all customer data, while the customer has no means of detecting this unauthorized access. Much research in Cloud computing security has focused on ways of preventing the data should not attacked by the attackers and hackers.