Cloud is a term used to reflect a virtual network of resources for computing by which user find out resources to their applications. Working of cloud is a typical concept to understand for a new user. Cloud computing (CC) has been widely recognized as the next generation computing infrastructure. Cloud computing offers some advantages by allowing users to use infrastructure for example-servers, networks, storage, platforms, and software’s provided by various cloud providers including Amazon, Google, Microsoft, Cisco, IBM and Sales force etc., at low cost. The cloud is actually used as much more than a storage system, as the world adopts downloadable software and online business platforms. A few popular cloud models to offer facilities to customers are ready now to provide customer space on servers worldwide in which to store, manage, and access data at their leisure. Companies like Yahoo flicker, Dropbox and Google, who offer these services, are called cloud storage providers, and help to minimize the costs associated with data storage and access. The benefits of cloud storage include lower storage costs and higher accessibility, but it comes with concerns as well. There are a lot of security risks to be aware in between the use of cloud services provided by service provider, so cloud security is another typical concept to understand to use better cloud services. This paper reviews cloud security to understand working of cloud, however it is directly depends on availability of network, availability of internet connectivity to send or retrieve data from/ to cloud from anywhere. Although, concepts enlighten in this paper, is an oversimplification of how the cloud works; it does explain working in simple terms of cloud storage, security threats and issues.
Rest of the topic organizes as section 2 describes cloud deployment model including private cloud, public cloud, community cloud and hybrid cloud.
Section II. Cloud: Types and Architecture
As per requirement, in these days, various cloud deployment models are in use, out of which few important models including private, public, community and hybrid are elaborated here:
2.1.1 Private cloud
Private cloud is designed to provide facilities to their registered subscribers only. In this, the enterprise facilitates a subscriber who is only using their facilities. These kinds of facilities when provided by a party to both consumer and facilitators called third party. These clouds are generally hosted at an enterprise datacenter by the support of the company, by a cloud provider, or by a third party such as an outsourcing firm.
The Public cloud is open types of network which is used to facilitate public without any control due to few special customer requirements. It is mostly use used resource sharing that makes it vulnerable to various attacks. A public cloud provides services to multiple customers, and is typically deployed at a colocation facility.
2.1.3 Hybrid cloud
These are designed with the help of Public and Private Cloud, for example Public cloud is interacted/communicate of their customer with the use of Public network but all their data is secured through with the help of Private cloud network. Hybrid clouds combine both cloud models, and found particularly effective when both types of cloud are located for the same facility.
The Community cloud used to facilitate resources to share by target audience under a common policy, or agreement. Its infrastructure is depending upon the user needs and requirement for particular application. The data management concern, which types of community belong to a single country, and it is responsible, can be located in public & private cloud. Community clouds are managed by the third party or any other organizations.
2.2. Architectural framework of Cloud computing
Architectural framework of cloud computing having various security measures to be applied on every phase.
The Software as a Service (SaaS) is an independent service to provide the user for an application, but user or consumer are not authorized to control & manages it. The Service provider is not responsible for the customer application security.
2.2.2 Infrastructure as a Service (IaaS)
The Infrastructure as a Service (IaaS)is a virtual service offered by a cloud service provider in form of network, processor, memory, storage, communication and the including computation etc. Amazon Web Service (Amazon, 2015) is the best example of IaaS. It does not manage or control the running applications, but this is manages/controls for the operating system, storage and the deployed applications with the help of term and conditions.
2.2.3 Platform as a Service (PaaS)
The Platform as a Service (PaaS) application is a platform-oriented, which is based on a highly programmable platform for a cloud provider. It also does not manage or control the running applications, but this is manages/control for the application-hosting environment with the help of changes in configuration settings. Google App Engine is the best example of a Platform as a Service, which provides an extensible environment, in which developer develop and host web applications.
2.2.4 Anything as a Service (AaaS)
These are the fourth service models to provide storage, Database, Information, Process, Application, Integration, Security, and Management, testing as a Service.
Section III. Security: requirements, and Issues
The cloud security term is a basic work for some categorized security issues and solutions. In this, we present threats involved in mishappening for the attacks, misconfiguration, fault, damage and weakness in security reasons. Security is required to be considered at different level of functions, including:
3.1.1 At Cloud Storage
The cloud storage is an important features in IT sectors, not only for a single requirement type of user but for different. Various users who are using smart techniques/gadgets in current environment may be a customer of a same kind of storage facilities. Companies are handling and watching use, percentage of amount in use by comparison with allotted space .Â The cloud storage is necessary for every device is in use due to variation in need. Few service providers provide cloud storage in free space with allocating login id to the user. This is a point to make a doubt on cloud provider about the privacy of userâ€™s data stored in the cloud even when user having User id & Password.Some challenges to use a cloud:
- Network and latency;
- Data security, resolution and storage cost;
- The different types of user’s may use different type of IoT device which are already vulnerable with security issue.
- Network is just vulnerable due to heterogeneous nature of devices involved in process.
3.1.2 At Data center operation
The Data center is used to store cloud data, if it is not possible at a single center then it may be distributed in nature. All the functions of performed by data center may be processed by different data centers of cloud for a single application, these functions can be understood as a data center operation. Distributed data centers provide help to perform storage efficiently. In case of natural disaster, the cloud provider facilitates users with the help of other center while few may have problem of data loss or unavailability.
3.1.3 At Cloud Data
Cloud data has several security issues as well as issues of CIA system i.e. Confidentiality, Integrity and Availability. Other than CIA, cloud data having issues at data center operation such as privacy, integrity and availability. Sometimes storage and loss of control may be an issue in cloud computing model due to not providing full control over the data that makes it harder to check its data integrity and confidentiality. In this model the location of the server pool is unknown, and it may be controlled and managed by a non-reliable cloud service provider; in other words, a data center may be situated in the other country that may be not reliable to store particular type of sensible data. The data redundancy provides a mechanism in which data is back up to another cloud server for ensuring high availability of data. In case of one data center is completely failure, provider use backup data server. Google and Amazon have different data servers in different countries. These organizations store their data on the basis of multi-location feature that can bring new security threats and legal problems, as the data stored across the world have different policies.
Issues to provide cloud security have been considered here. The cloud security considered here as issues on data recycling, on backup and recovery stage, data breaches, permanent data loss, and problems by leakage.
3.2.1 Data recycling
The data sanitization is a process of disposal and selection of data to be sent into garbage. The improper sanitization results in data leakage and data losses. In this process, user changes the permission setting of their account; they will be able for updating data with connecting it to the network. At this stage, user can change data and setting of account.
3.2.2 Data backup & recovery stage
User wants to keep every information under their reach, anybody does not want unavailability of data. Regular data backup automatically saves the user’s data. Backup is a process of data protection from deletion or unavailability by networks failure or natural or Accidental disasters.
3.2.3 Data Breaches
Data Breach is a sensitive portion of data Security which is a most used medium to cybercrime in these days. Every user having data wishes to protect it from attacker and other users, i.e. every cloud storage user may require a password for access that he wish to save from others. The genuine users are required to change password time to time. India found fourth ranked country for online security breaches, with 5% by according to Symantec survey study reports (2016), and the global threat detections. In this list, the US and China are top two positions with 34%, followed by Brazil and then India.
3.2.4 Permanent Data Loss
Permanent data loss generally not comes in cloud environment, but it is a sensitive issue in cloud storage. Every user can save and protect his / her data for future use, but sometimes it may be tough due to cyber hackers or disasters.
3.2.5 Data leakage problems phased in cloud:
Following are some security breaches along with their sources which impose need of cloud security:
- The Facebook are sending a data-use/breaches notice to the Cambridge Analytica for the all affected Facebook user:
- Source:- https://cio.economictimes.indiatimes.com/news/digital-security/india-ranks-4th-in-online-security-breaches/58410067
- Due to security reason for Azure Cloud, McAfee is launched a security platform
- Source:- https://www.securityweek.com/mcafee-launches-security-platform-azure-cloud
- Due to misconfigurations, thousands more personal records are exposed
- Source:- https://www.securityweek.com/thousands-more-personal-records-exposed-misconfigurations
So, ultimately the issue makes few challenges to design a secure and efficient cloud is discussed below including confidentiality, Integrity, Availability, Privacy and service availability.
The above reasons are not enough to protect our cloud challenges. In this term Security, Locality, Integrity, Access, Confidentiality, Breach, Segregation, Storage etc. is also important role play in this future challenges.
Section – IV: Discussion and conclusion
Few users are unaware about the cloud security, which is the soft target of hackers, who performs the activities of cyber-crime or web crime. When user is not perfectly well known to secure their application and data of cloud, hackers waits for this moment and targeted these users. The lack of security educational is responsible for these type problems. In other words, we can say, irresponsible behavior of users is responsible to make him a target of hackers. The Cloud Security Alliance (Cloud Computing Alliance, 2010) presented few threats by their research are attacks by unknown users; Legal and Regulatory Issues, Cloud provider security failure, Availability and Reliability Issues, Data breaches, Vulnerabilities in common technology, Data storage issue, Perimeter security model broken, User security systems and Data integrating provider, Malicious insiders, Account, Traffic Hijacking & Service. In this review paper, we are study many types of cloud environment topics and the conclusion is the every cloud user is much more require for cloud data security, but the security was not fully guaranteed here.
Because the reason is in this environment time to time increasing users and the network area is too short in this comparison. In this area we have two lots of work introduced for the secure data protection and privacy for the user trust gain like these sectors (Privacy, Confidentiality, Integrity and Availability) then the users are believed in this cloud environment. Otherwise, we have to move in reverse direction, use in previous methods for (example data storage device in hard format). The reason was different types like that Data breaches, Data privacy and Data security. Is time to do many researchers are main focused to improve cloud computing security, we give many techniques are providing to secure in this cloud network. But based on some critical analysis in this present time, cloud computing is the best resource available in this network (Internet).
In this topic are discussed cloud architecture to understand implementation, issues and challenges of security in cloud to provide safety measures. In this cloud environment are two biggest points, first are Reliability and second are Security, which are most dependable of this thing. It is many type of user are using with the help of cloud service provider technology like Web, Functional and Spread types of computing. It is provided such as Amazon, IBM, Google’s Application, Microsoft etc., it is the rising applications in cloud environment and to access them from anywhere. In this field, every user cloud data is stored in with the help of service provider and the authorized user data is access in a remote server network. For the security reason, cloud data service provider are the one of the sensitive term because it is the major concern for the data transmitted to the remote server technology over to the other Internet network. The cloud data security is the biggest challenges for this time because everyday users are increases in this environment and cloud security is much required.