Professional Documents
Culture Documents
Abstract:
Cloud services are offering the flexible and scalable services. But there is always issue of security. When
data is transferred from centrally located server storage to different cloud the compromise of person and private
data would increase. There is always risk to the confidentiality and availability of data prior to selecting a cloud
vender or choosing own cloud and cloud service migration. Cloud services usually have their security concerns that
must be addressed. In this paper we have discussed the threats to cloud service and data in case of conventional
security system and modern security system and proposed an idea to secure data on cloud using multiple layers of
security
Hybrid Cloud
A Hybrid Cloud could be considered as
combination of public cloud and private
cloud where private cloud does critical
tasks and public cloud does non-critical
tasks.
Service Models
There are three service models in cloud
computing. First is Infrastructure as a
Service, Second one is Platform as a
Service and last one is Software as a
Service.
Fig 1 Cloud Based Delivery [4] Security issues in Cloud computing
[2] Cloud Server model Third party provides data and
Type of access to cloud has been defined infrastructure management in cloud
by Deployment model. There are four computing so the security of cloud is
types of accessibility in cloud that are biggest concern. There is a risk in
public access, private access, Hybrid providing the sensitive data to cloud
access and Community access. service provider. Any security breach
Public Cloud could result in customer or business loss
Access to general public is allowed by so venders provide protection to the
public cloud. Due to openness public accounts.
cloud is less secure Customer cannot switch from one cloud
Private Cloud service provider to another quickly so he
Due to its private nature private cloud is is dependent on cloud service provider
considered more safe and secure. for service. Customer management
Community Cloud interface is usually accessible on
Accessibility to a particular group is network in case of various public cloud
allowed by community cloud. service providers.
Data
Auditing
Fig 4 Encryption and Decryption
process
secure data on cloud using multiple security concerns & solutions for
layers of security. cloud computing ”, 2012, Journal
of Cloud Computing: Advances,
Reference Systems & Applications
doi:10.1186/2192-113X-1-11The
electronic version of this article
1. Peter mill & Tim grance, “The
is complete one & could be
NIST Definition of Cloud
found online
Computing”, 2011, National
7. .CSA “Security Guidance for
Institute of Standards &
Critical Areas of Focus in Cloud
Technology ,Gaitherbsburg,MD
Computing”, (2009), Tech. rep.,
20899-8930, NIST Special
Cloud Security Alliance.
Publication 800-145.
8. Rowstron & P. Druschel. Pastry:
2. Ellen Messmer, “New security
Scalable, distributed object
demands arising for
location & routing for large-scale
virtualization, cloud computing”,
peer-to-peer systems. Accepted
2011, security-demands-arising-
for Middleware, 2001, 2001.
for-virtualization—cloud
9. Ben Y. Zhao, John Kubiatowicz,
computing.html
& Anthony Joseph. Tapestry: an
3. .Sumedha Kaushik & Ankur
infrastructure for fault tolerant
Singhal, “Network Security
wide-area location & routing.
Using Cryptographic
April 2001.
Techniques” 2012, volume 2,
10. Andr´ea W. Richa C. Greg
Issue 12.
Plaxton, Rajmohan Rajaraman.
4. Charles Miers, Fernando
Accessing nearby copies of
Redigolo & Marcos Simplicio,
replicated objects in a distributed
“A quantitative analysis of
environment. In Proceedings of
current security concerns &
ACM SPAA, pages 311– 320,
solutions for cloud computing ”,
June 1997.
2012, Journal of Cloud
11. Stefan Saroiu, P. Krishna
Computing: Advances, Systems
Gummadi & Steven D. Gribble.
& Applications electronic
A Measurement Study of Peer-
version of this article is
to- Peer File Sharing Systems.
5. Rabi Prasad Padhay, “An
July 2001.
Enterprise CSSloud Model for
12. Ion Stoica, Robert Morris, David
Optimizing IT Infrastructure”,
Karger, M. Frans Kaashoek, &
2012, International Journal of
Hari Balakrishnan. Chord: A
Cloud Computing & Services
peer-to-peer lookup service for
Science (IJ-CLOSER) Vol.1,
internet applications. August
6. Nelson Gonzalez, et. al. , “A
2001.
quantitative analysis of current