Cloud is a boon to new generation technology. But if it fails to ensure proper security protection, cloud services could ultimately result in higher cost & potential loss of business thus eliminating all the potential benefits of cloud technology. So the aim of the cloud security & its researchers to help enterprise information technology and decision makers to analyze the security implications of cloud computing in their business. When a customer moves toward cloud computing, they have a clear understanding of potential security & risk associated with cloud computing.
Defining Cloud Security
It is a set of control-based technologies & policies adapted to stick to regulatory compliances, rules & protect data application and cloud technology infrastructure. Because of cloud's nature of sharing resources, cloud security gives particular concern to identity management, privacy & access control. So the data in the cloud should have to be stored in an encrypted form. With the increase in the number of organizations using cloud technology for a data operation, proper security and other potentially vulnerable areas became a priority for organizations contracting with cloud providers. Cloud computing security processes the security control in cloud & provides customer data security, privacy & compliance with necessary regulations.
Security Planning for Cloud
Before using cloud technology, users should need to analyze several aspects.
- Analyze the sensitivity to risks of user's resources.
- The cloud service models require the customer to be responsible for security at various levels of service.
- Understand the data storage and transfer mechanism provided by the cloud service provider.
- Consider proper cloud type to be used.
Cloud Security Controls
Cloud security becomes effective only if the defensive implementation remains strong.
There are many types of control for cloud security architecture; the categories are listed below:
- Detective Control: are meant to detect and react instantly & appropriately to any incident.
- Preventive Control: strengthen the system against any incident or attack by actually eliminating the vulnerabilities.
- Deterrent Control is meant to reduce attack on cloud system; it reduces the threat level by giving a warning sign.
- Corrective Control reduces the consequences of an incident by controlling/limiting the damage. Restoring system backup is an example of such type.
Understanding The Data Security
As we all know the data is transferred via the internet, so one of the major concerns is data security. The major points that one should adopt to secure cloud data are:
- Access Control
CSA (Cloud Security Alliance) MODEL
This stack model defines the boundaries of each service model & shows with how much variation the functional units relate to each other. It is responsible for creating the boundary between the service provider & the customer.
CSA Model's Key Points:
- IaaS is the most basic level among all services.
- Each of the services inherits the capabilities and security concerns of the model beneath.
- The infrastructure, platform for development & software operating environment are provided by IaaS, PaaS & SaaS respectively.
- The security mechanism below the security boundary must be built into the system that is required to be maintained by the customer.
Encrypt Cloud Data:
Encryption protects data from being compromised. It helps in protecting data that is being transferred & stored in the cloud. Encryption helps both protect unauthorized access along with the prevention of data loss.
Challenges of Cloud Computing
This emergent cloud technology is facing many technological challenges in different aspects of data & information handling & storage.
Some of the challenges are as follows:
- Availability & reliability
- Security & Privacy
Figure - Challenges Of Cloud:
The challenges as mentioned above are the most important and concerned points that should be processed for the betterment.