The development of cloud computing as a novel paradigm brought notable advantages to the use of information technologies in business. Organizations of different scales currently use cloud computing service for storing, managing, and retrieving large amounts of data that supports their business continuity. However, the active use of cloud computing raised concerns about data protection, after many firms faced issues with data confidentiality and integrity during the recent decade. Specifically, it was admitted that more sophisticated to structures are no longer protected from emerging attacks that progress on the same pace with new data management technologies. Hence, a short literature review on the recent conference papers devoted to the latest advancements in cloud computer security issue is made, aiming to identify the benefits of cloud computing, evaluate what challenges are debated as most striking for the cloud security, and advise on potential ways for improvement.
Keywords: cloud computing, security issues, data protection, data security.
Cloud Computing Security Issues
Cloud computing is one of the fastest developing paradigms in the information technology sector. The core advantage of cloud computing is storing a large amount of data on the remote servers that could be efficiently accessed by enterprises on the ad-hoc basis. However, it also emphasizes the importance of developing robust security protocols and models for protecting the data from emerging cyber threats (Ramachandran, 2015). Furthermore, different business models are used to structure the data in the cloud and therefore require a regular audit of their business effectiveness. Hence, three recent publications are used to analyze the current advantages of cloud computing, related challenges, and to propose potential solutions to them.
Advantages of Cloud Computing
Cloud computing architecture is best described as a set of scalable resources that are available over the Internet and require little involvement of service providers to manage those. It implies that in general, cloud computing architecture consists of the five critical roles of consumer provider, auditor, carrier, and broker, who interact with a cloud depending on individual needs and requirements. Ramachandra, Iftikhar, and Khan (2017) specified that cloud architecture layout brings the advantages of the cost of entry regardless the firm size, seamless access to resources, service scalability, reduction of IT barriers toward innovation, and access to new types of delivery services. Kumar, Raj, and Jelciana (2018) also listed some of the common advantages of cloud computing such as anytime-anywhere accessibility, improved geographic coverage with less time to access required, and reduced infrastructural investments. However, in both studies it was admitted that aforementioned advantages could be easily jeopardized by failing to apply the appropriate security configuration and the use of data protection protocols, which will significantly decrease an efficiency of cloud servers.
Challenges of Data Security
Recent studies discuss several theoretical and conceptual perspectives on modern data security challenges that emerge in the cloud. For instance, Kumar et al. (2018) suggested that data security in a cloud should be controlled based on the stages of the data life cycle from its creation and destruction, as well as governed by the principles of “confidentiality, integrity, and availability,” also known as CIA triad (p. 693). Other challenges mentioned by Kumar et al. (2018) are related to the authentication and access control domain, which can emerge both in the private and public cloud. Specifically, it was identified that public clouds are more prone to the resource pooling, where the same users connect to the cloud simultaneously and create higher workloads through the use of multiple devices. The weak account management practices, poor protection of user credentials and identities create further risks for the cloud since those allow comprising session tokens and password (Kumar et al., 2018). Finally, the flaws in multi-tenancy and backup protocols implementation create additional risks on a design level and therefore should be regularly inspected by cloud auditors.
Since cloud computing services are provided through overlapping layers such as infrastructure-as-a-service or platform-as-a-service, some of the cyberattacks could require further conceptualization. In cloud computing models, virtual machines are interconnected by the bridge and route configuration nodes, where the major vulnerability of the former is the ability of sniffing into the network, and the main loophole of the latter is the use of address resolution protocols spoofing and MAC attacks (Hussain, Fatima, Saeed, Raza, & Shahzad, 2017). Furthermore, for software virtualization, cloud security risks emerge from the opportunity of scanning virtual machine images and further targeting of accidentally released screenshots, which lead to the data theft and corruption (Ramachandra et al., 2017). The problem with utility computing, the concept which advance grid computing as the model designed to provide on-demand services to customers, was also mentioned as an issue, where the fraudulent resource consumption attacks are aimed to acquire resource authorship without paying or capturing the data from web applications (Jakimoski, 2016). Hence, given that the number of data security challenges is high, it is proposed to classify attack types and introduce risk assessment practices to clearly evaluate their impact.
Solutions for the Challenges
Depending on the identified area of security, the following solutions for the given challenges were identified. For instance, to address potential security challenges in meeting the requirements for CIA triad, Kumar et al. (2018) suggested to apply data classification, sensitivity analysis, as well as create relevant policies for data management from creation to destruction. Furthermore, it was advised to ensure physical and logical models for security protection are deployed, followed by introducing recovery plans and collective policies known as service-level agreements (SLAs). For the data integrity, Kumar et al. (2018) argued the importance of using most recent encryption algorithms, hash methods trace intentional or accidental changes in the data structures, as well as new data validation schemes such as provable data possession to ensure that data is statistically correct. Finally, on the authentication and access control level, it was proposed to apply the single sign-in method, biometric authentication was appropriate, and the use of cryptographic algorithms such as RSA combined intrusion detection systems (Ramachandra et al., 2017). Overall, it implies taking a broader look at the opportunities to enhance cloud security through the use of new methods that reinforce data protection and encryption.
Another solution was proposed based on the multilayered nature of the cloud architecture, where each layer should be analyzed against the probability of facing one or another type of attack. Specifically, Hussain et al. (2017) suggested a novel model that ranks the risks as the attribute to the layer in an architecture, and afterwards classify the risk of attack progression through the layers. The model was found to be advantageous in terms of risk intensity assessment and correlation with the requirements of multi-tenancy and service authorization through the provision of dynamic security options for the consumers and provider. However, this concept requires further validation in a practical setting, and eventually more elaboration on its relationship with CIA triad and authentication models, which frequently differ between layers and types of cloud services used by the enterprise.
Conclusion
The proliferation of cloud computing in the contemporary world is essential for both small and large enterprises. It allows reducing infrastructural costs, optimizing remote access to resources, and minimizing the time to process large volumes of data. Meanwhile, the increasing number of threats to the cloud networks aimed to disrupt the business operation and illegally retrieve organizational data remains a major concern for service providers and cloud computing service users. The emphasis should be made on developing strong data protection policies, data management and encryption, as well as representation and storage of data under different layers of cloud architecture. However, it is also important to advance scientific research by developing novel, multivariate models that allow protecting and retrieving cloud data in a more dynamic way.
References
Hussain, S. A., Fatima, M., Saeed, A., Raza, I., & Shahzad, R. K. (2017). Multilevel classification of security concerns in cloud computing. Applied Computing and Informatics, 13, 57−65.
Jakimoski, K. (2016). Security techniques for data protection in cloud computing. International Journal of Grid and Distributed Computing, 9(1), 49−56.
Kumar, P. R., Raj, P. H., & Jelciana, P. (2018). Exploring data security issues and solutions in cloud computing. Procedia Computer Science, 125, 691−697.
Ramachandra, G., Iftikhar, M., & Khan, F. A. (2017). A comprehensive survey on security in cloud computing. Procedia Computer Science, 110, 465−472.
Ramachandran, M. (2016). Software security requirements management as an emerging cloud computing service. International Journal of Information Management, 36(4), 580−590.