Analyze the Security Issues In Cloud Computing †Free Samples

Question: Discuss about the Analyze the Security Issues In Cloud Computing. Answer: Introduction There is an important requirement of securely store, share, analyze as well as manage huge amount of complicated data, which are semis-structured and unstructured in order to determine the specific patterns as well as trends for enhancing the quality of managing information (Lian et al. 2014). The critical nature of the applications leads to use cloud to be secure. However, major security challenges with the cloud become major concerns of the users. In this aspect, the emerging cloud computing model attempts in addressing the explosive development of the devices that are connected on the web and handle huge amount of data. Presently, Google has introduced MapReduce framework in order to process large amount of data on the commodity hardware. The research will analyze the security issues associated with cloud computing and recommended possible measures to mitigate the issues. Scope of the proposed research The research will be helpful to identify different types of attacks occurred in cloud computing. The issues including security in storage, network security, middleware security and data security will be analyzed in the research (Modi et al. 2013). On the other hand, particular aspects of cloud computing will be critically evaluated in the research that will be helpful to take measures to protect the attacks (Hashem et al. 2015). In addition, security issues in different types of cloud computing such as PaaS, IaaS and SaaS will be presented in the research. Proposed recommendations would be helpful to mitigate security issues in cloud computing. Definition of important terms Cloud computing: It is considered as information technology paradigm as well as model for enabling ubiquitous access to the shared pools for configurable resources. Access control: Access control systems can perform authorization for identification, authentication, access approval as well as accountability of the entities through login credentials that include passwords, biometric scans and personal identification number. Aim of the research The research aims to identify the security issues lied in the use of cloud computing and critically evaluate them. In addition, the research will provide appropriate recommendations in order to overcome the security issues in cloud computing. Rationale of the research Even though the cloud computing provides potential advantages, there are several security issues involved with cloud computing. It includes networks, databases, virtualizations, scheduling of resources, transaction management and memory management. Security issues for several systems as well as technologies are applicable to cloud computing. For instance, the network interconnecting the particular systems in a cloud needs to be secure. Hence, it becomes an important issue of research (Ali et al. 2015). On the other hand, mapping virtual machines to the physical machines needs to be carried out securely. A resource allocation as well as memory management algorithm requires to be secured so that the cloud services can be effectively offered. Furthermore, data mining techniques need to be applicable in order to detect malware in clouds that requires analyzing (Chang and Ramachandran 2016). Data security engages encryption of the data and ensuring that proper policies can be enforced for the process of data sharing. Therefore, analyzing cloud security issues becomes immensely important and achieved in the present research. Literature review Overview Cloud explains the utilization of a collection of services, information, applications as well as infrastructure that is comprised of pools of compute, network, storage as well as information resources. The elements can be rapidly provisioned, deployed as well as decommissioned providing for on-demand utility like model of allocations as well as demand utility-like model related to consumption and allocations. Cloud features: Cloud computing is an integral part of any business or companies who have adopted this process. The main use of this process is used to get scalability in architecture and efficiency in business processes (Li et al. 2013). Moreover, the various components of the cloud computing processes are the SaaS, PaaS and the IaaS. The SaaS is termed as the software as a service which is basically used t make software in the cloud. The PaaS is the platform as a service which is used to implement the platform of the cloud infrastructures. The third party vendors responsible for giving the cloud platform provides the tools and services for providing the customizable options to their clients (Rewagad and Pawar 2013). Lastly, the IaaS or the infrastructure as a service is used to get computational resources from the cloud to host the set of applications or software. Risks in cloud computing However, the use of these services can also be risky adoptions if proper security checks are not adopted. In addition to security for the data, the compliance to policies and standards are also other risks that must be addressed by the companies concerned. This report discusses about the various risks present in accepting cloud solutions. The first risk in the cloud features are the need for a good security policy. According to a survey among various business companies and organizations implementing the cloud solutions, the majority risks are in their security aspects (Xiao and Xiao 2013). This means that are always the target for security breaches by attackers or other unethical workers. This is termed as a red flag in any system and proper security must be in place for supporting them. The major services for collecting emails like the SendGrid or the major applications for taking notes like the Evernote, are always the targets for a data breach (Wei et al. 2014). This is always done to get the information from them which lead to grave threats for the company themselves. This gives a pre-requisite for adopting the risk mitigation techniques like encryption and tokenizing for enhancing the security needs. The non compliance to standards or policies is another issue in the cloud computing aspects which is of great concern. For a cloud vendor, the policies and security adopted in their services are to be opening sourced so that their clients can see them and adhere to them accordingly (Zhao et al. 2014). This is also of a concern to the companies accepting these solutions as the policies and frameworks in place for their infrastructure might be vulnerable to risks and breaches (Arora et al. 2013). Thus, a client of a third party business must also see to this to get compliance to the regulations as any breaches in their systems due to this can lead to extreme loss of business, fines or even lawsuits. The next issue is the loss of control over the services. A cloud service provide or the third party vendors always provide assurance to their clients about the type of the services that will be provide, the data centre that will be used or even the platform that will be used. From a survey conducted for cloud features, various companies do not accept the cloud solutions due to the loss of expertise in controlling their solutions (Kaur and Mahajan 2013). This loss of control is the main reason for almost all businesses to opt out of their cloud infrastructures. Although the cloud vendors are always providing trust in the minds of their clients, the fact still remains that the loss of services is to be addressed and the client companies need to have information about the location of their data and even the type of the solution used for security. In addition, in case of any breaches in the system, the clients along with the vendors will be considered responsible for these types of cases . The fourth issue in the cloud security features is the disaster recovery plans and the mitigation techniques adopted (Inukollu et al. 2014). During the strike of a disaster in the system, the operations and all the processes are backed up to the cloud which is stored in online and offline modes (Rao and Selvamani 2015). These are the normal methods of addressing disaster plans. However, the internet connections used a provided by the Ethernet cables which slows down the backup process. During the onset of the attack, information is to be sent by these media and this is the main cause in reduction of the speed. This raises a security issue in operations where sometimes backups cannot be made in the proper time (Cao et al. 2014). Furthermore, during recovery options, the reverting back of changes also requires downloading the solutions from the storages to make the system go online. This process also causes hindrances to the system as the rate of reverting back is extremely slow (Sugum aran et al. 2014). This is another area where the various risks in security need to be addressed. In case of reverting back the backed up process from storages, the need to secure their system against further attacks are necessary. Failure to comply with this can lead to many other attacks and may lead to loss in the backed up process. Research gap The research will identify the potential security issues involved with cloud computing. However, some areas will not be covered like issues lied in third part providers. Hence, future researcher can do research on the mentioned area of cloud computing. Additionally, cloud computing in SaaS needs to be analyzed in detailed. Possible measures to overcome the issues The cloud is the model of delivering on-demand computing resources from the applications to the data centers over the web on the basic of pay for use. In order to minimize security issues several measures can be taken such as multi-tenancy, information integrity as well as privacy (Rong et al. 2013). Multi tenancy can be implied on computational resources, storage, database, logical as well as physical platform at the premises of provider. In order to deliver secured multi-tenancy, it is required to maintain location transparency. On the other hand, exposing resources over the internet to valid users as well as malicious attackers needs to be included in this process (Dinh et al. 2013). In the perspectives of maintaining third party control, owner has any control on data as it is a known as third party issue. Cloud providers are not aware of the architecture effective; therefore it is required to adopt effective security measure so that security issues can be mitigated. Summary It can be summarized from above content that, there are generally three types of service models associated with cloud service such as software as a service (SaaS), Platform as a Service (PaaS) and Infrastructure as a Service (IaaS). However, with the rapid growth of the use of cloud computing, security issues are also increasing. Therefore, it becomes important to research on the security issues lied in the use of cloud computing. hence, it is important to research on the security issues in cloud computing. Methodology Research methodology assists to define most appropriate approach, which requires to be adopted in order to attain complete as well as detailed results of the procedure. The theories as well as concepts detailed results of the procedure. Mackey and Gass (2015) stated that theories as well as concepts in research methodology is helpful to analysis in detailed and better way regarding the topic of the research. Application of research methodology assists in comprehending the particular process adopted in the process of analyzing the research of cloud security issues. The detailed procedure of research methodology leads to find the common errors that may create limits within the process of research. Along with these, the researcher has tried to apply detailed process of research methodology, which helps in doing better analysis of cloud security issues. Research approach Research approach is a tool that helps to developed format needed to conduct the study. J A specific research topic can be undertaken for studying in broad ways either in deductive and inductive research. Inductive approach assists in studying in a research topic when adequate data on the selected topic is not available (Taylor et al. 2015). The initial phase of inductive approach is doing observation, which assists in obtaining relevant information and develops the way of the research proceed accordingly. Inductive approach can be helpful in serving the purpose of developing new theory for any topic. On contrary, deductive approach is utilized as a procedure that explains practical application of the theories that is studied in order to obtain access to the content of research. Deductive approach aims to develop a theory with more specifications as well as concepts of data analysis (Brinkmann 2014). On the other hand, depending upon the nature of the study as well as research topic, the chosen research approach is developed, which can assist in doing better analysis of the particular topic. The study will try to study the specific concepts associated to security issues in cloud computing with the assistance of several theoretical knowledge. Models related to security needed for selection of the approach, which can assist in comprehension for getting much precise as well as clear way. On the other hand, inductive approach fails to be implemented at the topic as there are no new theories emphasized by the researcher. Research strategy The research strategy assists in evaluating the specific research framework of the research topic. It would be helpful in order to select the collection as well as analysis pattern. During the procedure of data collection, a specific type of approach is applied, which is helpful in better explanation of the research strategy. Vaioleti (2016) stated that there are three types of research design used in academic research design such as explanatory, exploratory as well as descriptive. Exploratory research design is helpful for a researcher in order to acknowledge several types of ideas as well as thoughts needed for completion of the research paper. On the other hand, explanatory research design explains the possibility of occurrence of events as well as correspondingly effect of the process. Due to more description of the cause and effect relationship, penetration details of the particular research become limited. Finally, descriptive research strategy aims to obtain details as to state the occurrence of the detailed process along with appropriate explanation of the topic. Application of explanatory will be avoided as it supports the concepts of making longitudinal study, which is not possible for the topic. On the other hand, descriptive research design is able to define detailed procedure involved in the security issues involved in cloud computing. Data collection and analysis Data are considered as useful collection of information as well as facts, which are helpful to study any types of research. Gast and Ledford (2014) commented that data collections assist in order to deliver accurate outcomes to a research process as well as enables the standard format of the research study. Data sources helps in penetrating the topic of research as well as assist to extract data as per the needs. Primary and secondary data sources will provide materials that are helpful in order to obtain details of the research topic. Primary data assist in collecting raw data, which will be directly catered according to the requirements of the research topic. Primary data will be collected from randomly selected users of cloud services. On the other hand, secondary data are collected and used from different sources such as books, journals and websites Qualitative data are helpful in order to record narrative form of the data, which add better explanation of the research topic. Qualitative data assists in adding theoretical concepts in the practical field, which leads to make better comprehension of the research topic unlike quantitative process. Quantitative data will be applied in the form of statistical data, which assists in recording data of large sample sizes. In the study, quantitative research technique will be applied. Ethical considerations During the procedure of conducting research methodology, it is required to follow a code, which assists in detecting wrong and right set of behavior needed to adopt during the procedure. The researcher for analyzing the security issues lied in cloud computing and recommendations for minimizing the issues are discussed in the study. In the processing of data application, data obtained though conducting a study of the particular topic with special references to the cloud computing security issues (Bauer 2014). However, any types of commercial applications of the data will be avoided so that the findings and outcomes will be strictly limited to the academic purpose only. On the other hand, the research tried to include no external influence or pressure over the participants in the feedback process. Summary The present section portrayed the different research tool that will assist better analysis of the research topic. With the assistance of the section, researcher will true to align nature of the study with the available research technique. It helps to frame the best possible methodology for the research. Method for 11 week thesis Main activities Week 1 Week 2-3 Week 3-4 Week 4-6 Week 7-9 Week 10 Week 11 Selection of research approach Selection of research approach Selection of research strategy Selection of research strategy Data collection process Data collection process Primary data collection Data collection process Data analysis process Data analysis process Data analysis process Ethical consideration forming Research plan for 11 week thesis Main activities Week 1 Week 2-3 Week 3-4 Week 4-6 Week 7-9 Week 10 Week 11 Selection of topic Data collection from secondary sources Creation of layout Doing Literature review Forming research Plan Appropriate Research method selection Collecting Primary data Analysis and Interpretation of accumulated Data Findings from the data Conclusion of the research Forming Rough Draft Submission of the research References Ali, M., Khan, S.U. and Vasilakos, A.V., 2015. Security in cloud computing: Opportunities and challenges.Information Sciences,305, pp.357-383. Arora, R., Parashar, A. and Transforming, C.C.I., 2013. Secure user data in cloud computing using encryption algorithms.International journal of engineering research and applications,3(4), pp.1922-1926. Bauer, G.R., 2014. Incorporating intersectionality theory into population health research methodology: challenges and the potential to advance health equity.Social Science Medicine,110, pp.10-17. Brinkmann, S., 2014. Interview. InEncyclopedia of Critical Psychology(pp. 1008-1010). Springer New York. Cao, N., Wang, C., Li, M., Ren, K. and Lou, W., 2014. Privacy-preserving multi-keyword ranked search over encrypted cloud data.IEEE Transactions on parallel and distributed systems,25(1), pp.222-233. Chang, V. and Ramachandran, M., 2016. Towards achieving data security with the cloud computing adoption framework.IEEE Transactions on Services Computing,9(1), pp.138-151. Dinh, H.T., Lee, C., Niyato, D. and Wang, P., 2013. A survey of mobile cloud computing: architecture, applications, and approaches.Wireless communications and mobile computing,13(18), pp.1587-1611. Gast, D.L. and Ledford, J.R. eds., 2014.Single case research methodology: Applications in special education and behavioral sciences. Routledge. Hashem, I.A.T., Yaqoob, I., Anuar, N.B., Mokhtar, S., Gani, A. and Khan, S.U., 2015. The rise of big data on cloud computing: Review and open research issues.Information Systems,47, pp.98-115. Inukollu, V.N., Arsi, S. and Ravuri, S.R., 2014. Security issues associated with big data in cloud computing.International Journal of Network Security Its Applications,6(3), p.45. Kaur, M. and Mahajan, M., 2013. Using encryption algorithms to enhance the data security in cloud computing.International journal of communication and computer technologies,1(12), pp.56-59. Li, M., Yu, S., Zheng, Y., Ren, K. and Lou, W., 2013. Scalable and secure sharing of personal health records in cloud computing using attribute-based encryption.IEEE transactions on parallel and distributed systems,24(1), pp.131-143. Lian, J.W., Yen, D.C. and Wang, Y.T., 2014. An exploratory study to understand the critical factors affecting the decision to adopt cloud computing in Taiwan hospital.International Journal of Information Management,34(1), pp.28-36. Mackey, A. and Gass, S.M., 2015.Second language research: Methodology and design. Routledge. Modi, C., Patel, D., Borisaniya, B., Patel, A. and Rajarajan, M., 2013. A survey on security issues and solutions at different layers of Cloud computing.The Journal of Supercomputing,63(2), pp.561-592. Rao, R.V. and Selvamani, K., 2015. Data security challenges and its solutions in cloud computing.Procedia Computer Science,48, pp.204-209. Rewagad, P. and Pawar, Y., 2013, April. Use of digital signature with diffie hellman key exchange and AES encryption algorithm to enhance data security in cloud computing. InCommunication Systems and Network Technologies (CSNT), 2013 International Conference on(pp. 437-439). IEEE. Rong, C., Nguyen, S.T. and Jaatun, M.G., 2013. Beyond lightning: A survey on security challenges in cloud computing.Computers Electrical Engineering,39(1), pp.47-54. Sugumaran, M., Murugan, B.B. and Kamalraj, D., 2014, February. An architecture for data security in cloud computing. InComputing and Communication Technologies (WCCCT), 2014 World Congress on(pp. 252-255). IEEE. Taylor, S.J., Bogdan, R. and DeVault, M., 2015.Introduction to qualitative research methods: A guidebook and resource. John Wiley Sons. Tuohy, D., Cooney, A., Dowling, M., Murphy, K. and Sixsmith, J., 2013. An overview of interpretive phenomenology as a research methodology.Nurse Researcher,20(6), pp.17-20. Vaioleti, T.M., 2016. Talanoa research methodology: A developing position on Pacific research.Waikato Journal of Education,12(1). Wei, L., Zhu, H., Cao, Z., Dong, X., Jia, W., Chen, Y. and Vasilakos, A.V., 2014. Security and privacy for storage and computation in cloud computing.Information Sciences,258, pp.371-386. Xiao, Z. and Xiao, Y., 2013. Security and privacy in cloud computing.IEEE Communications Surveys Tutorials,15(2), pp.843-859. Zhao, F., Li, C. and Liu, C.F., 2014, February. A cloud computing security solution based on fully homomorphic encryption. InAdvanced Communication Technology (ICACT), 2014 16th International Conference on(pp. 485-488). IEEE.