08-16-2017, 09:30 PM
Security in cloud computing refers to a broad set of policies, technologies, and controls deployed to protect the data, applications, and associated infrastructure of cloud computing. Cloud computing security is the set of control-based technologies and policies designed to adhere to regulatory compliance standards and protect information, data applications, and infrastructure associated with the use of cloud computing.
Cloud computing and storage provide users with the ability to store and process their data in third-party data centres. Organisations use the cloud in a variety of different service models (with acronyms such as SaaS, PaaS and IaaS) and implementation models (private, public, hybrid, and community). Security issues associated with cloud computing fall into two broad categories: security issues faced by cloud providers (organisations providing software, platform or infrastructure as a service through the cloud) that host Applications or store data in the cloud). However, responsibility is shared. The provider must ensure that its infrastructure is secure and that its clients' data and applications are protected, while the user must take steps to strengthen their application and use secure passwords and authentication measures.
When an organisation chooses to store data or host applications in the public cloud, it loses its ability to have physical access to the servers hosting its information. As a result, potentially sensitive data is at risk of internal attacks. According to a recent report from the Cloud Security Alliance, insider attacks are the sixth biggest threat in cloud computing. Therefore, cloud service providers must ensure that thorough background checks are performed for employees who have physical access to data centre servers. In addition, data centres should be monitored frequently for suspicious activity.
In order to conserve resources, reduce costs, and maintain efficiency, cloud service providers often store more than one data client on the same server. As a result, there is the possibility that a user's private data can be viewed by other users (possibly even by competitors). To handle such sensitive situations, service providers in the cloud must ensure adequate data isolation and logical storage segregation.
Extensive use of virtualisation in deploying cloud infrastructure brings with it unique security concerns for customers or tenants of a public cloud service. Virtualisation alters the relationship between the OS and the underlying hardware. This introduces an additional layer - virtualisation - that must be configured, managed and secured correctly. Specific concerns include the possibility of compromising virtualisation software, or "hyper-visor." While these concerns are largely theoretical, they exist. For example, a violation on the administrator's workstation with the virtualisation software management software may cause the entire data centre to slow down or be reconfigured to the liking of an attacker.