7/27/2019 Security Issues in Hybrid Cloud Computing

1/3

7/27/2019 Security Issues in Hybrid Cloud Computing

2/3

4

C

P

oE

S

cl

P

c

P

c

5

clcl

Inte

Figure 2:

. Four Cl

Private Clo

Public Clo

Communit

Hybrid Clo

louds can beho owns and

igure 3:NIS

rivate Clou

erated bynterprise CloPC (Virtualuite, Micros

oud.

ublic Cloud:

rporation.

zure, IBMublic cloud.

ommunity

ultiple orgaoogle apps f

mmunity Cl

ybrid Clou

ore than onezure, VMwa

. Benefitsybrid cloudsouds while aouds. The fo

national J

Example of rco

ud Deplo

ud

d

Cloud

ud

categorizedthem.

T visual mod

: This is asingle org

d (UEC - porivate Cloudft ECI data

This is a Clooogle App

mart Cloud,

loud: This is

nizations for governmen

ud are exam

: This is a CClouds typese vCloud are

of Hybrid

offer the cso offering tllowing are s

ournal of

esources proputing

ment Mo

in different t

l of Cloud c

Cloud whicanization. Ewered by Eu), VMwarecenter are

ud which canEngine, M

Amazon E

a Cloud whi

some spe, Microsoft a

le of Comm

oud which ofrom the abexamples of

Cloud

st and scalee security anome of the p

cience an

Volume

ided by Clou

els

ypes dependi

mputing defi

can be useucalyptus,alyptus) , Aloud Infrastrxample of P

be owned byicrosoft Wi

2 are exam

h can be sha

ific requirepps for gover

nity cloud.

wns the featuve three. Wiybrid cloud.

benefits ofd control of possible benef

Research

2 Issue 6,

www.ijsr.

ng on

ition

andbuntu

azoncture

rivate

largedows

le of

ed by

ents.ment

res ofdows

ublicrivatets for

thoap

Co

coancotepu

thede

for

Bu

avabisu

undrabe

adthesec

M

ma

apma

6.Th

co

thepreinfsecco

inthe

datorSe

As

thehy

(IJSR), In

June 2013

et

se who oflications:

Fig

st Savings:

puting. Couse opera

puting capaporary projelic clouds re

se projects. Ielopment an

sensitive dat

siness Agilit

ilable in ality to rapidport for clo

xpected needstic improveause of the

ition computpure privateured informa

intenance:

intenance, an

lication instintenance req

Security

ere are a nu

puting but

ir partly on tmises accoormation ofurity becaufidential inf

big loss in fiorganization

a kept inanization hasurity issues f

ecurity issue

ecurity issue

organization

y must underid cloud e

dia Online

er cloud c

re 4: Hybrid

It is thepanies can retional expe

bilities. It icts at a red

oves the ne

hybrid cloutesting whi

.

: A Hybrid cprivate clouly scale usid bursting,

for additionents in the

bility to add

er resourcescloud for fuion, data and

Cloud servid access is th

allation ontouirements.

ssue

ber of securi

ybrid cloud

e cloud andding to tany organize any learmation, inte

nance and readopt hybrid

o the preto bear the

all into two b

faced by clo

faced by the

use hybrid

rstand the nvironment.

ISSN: 231

mputing-bas

Cloud Comp

ajor benefitduce their caditures for

proves resouced cost be

ed for invest

, public cloule private cl

loud offers bdeploymen

g public clsing the pub

l IT resourceoverall orgapublic clou

requirementslfilling the rprocess.

e providersrough APIs t

PCs, thus

y issues asso

llows the org

he rest of ape requiremation required or tamntionally or

utation of thclouds, the h

ises dataost to develooad categori

ud providers.

ir customers.

louds for the

w security rhile hybrid

9-7064

d services

uting

of using Cital expenditincreasingce allocatioause the usents to carr

s can be useuds can be

th the advantalong with

uds. It suplic clouds fo

s. It also proizational ags for unexpe

and also suquirement o

do the syat do not re

further redu

ciated with c

anization to

lications onnts. Data

the high lered in hiccidentally r

organizatioighly confide

enter. Forp the data ces.

ir business n

equirementsclouds offer

and

louduresheirfor

e ofout

forsed

agesthelies

r an

ideslity,cted

portthe

temuire

cing

loud

lace

heirandevelghlysult

. Asntial

thatter.

eds,

of athe

417

7/27/2019 Security Issues in Hybrid Cloud Computing

3/3

International Journal of Science and Research (IJSR), India Online ISSN: 2319-7064

Volume 2 Issue 6, June 2013

www.ijsr.net

security advantages of private clouds, there are some uniquesecurities challenges that should be keep in mind whileadopting the hybrid cloud.

In most cases, the provider must ensure that theirinfrastructure is secure and that their clients data andapplications are protected while the customer must ensurethat the provider has taken the proper security measures to

protect their information. The following are some issueswhich can be faced while adopting the hybrid cloud.

Location of the Data: Some time applications may useresources from multiple servers in clouds. The servers arebased at multiple locations and the services provided by thecloud may use different infrastructures across theorganization. This situation creates compilations inproviding the security to the data which are stored in cloud.

Confidentiality and integrity: Confidentiality refers to whostores the encryption keys data from company A, stores inany encrypted format at company B must be kept secure

from employees of B; thus, the client company should ownthe encryption keys. Integrity refers to the face that no

common policies exist for approved data exchanges; theindustry has various protocols used to push differentsoftware images or jobs.

Authentication: It is a process that traditionally says theprivileges to the user to access particular information or

access a service. There is no authority of the client to applyproper security measures to the data stored on the clouds.There is not control of the client on the management of thecloud. The providers do not like to interfere in their ownmethodology. It is an easy way to solve the identity needs of

private clouds, but in hybrid cloud now private cloud isextend with public cloud. So it is difficult task to control theidentity and access management.

Scalability: As the hybrid cloud extends the organizationoutside the organizations boundary, we should be verycareful because doing so it opens up the larger surface areafor the attack on public as well as on the private cloud also.

Data Segregation: It is a risk in the hybrid cloudcomputing. Public clouds are used by many users. As aresult data can be kept in a shared mode in the public cloud.Due to this reason there is a chance of the users private data

to be seen by other users. If the data and the information arenot protected from other users then it is a major risk to the

user to keep his/her private information in the cloud.

Network Security: In hybrid cloud deployment modelsinstead of traditional clearly defined network boundaries theborders between tenant networks can be dynamic andpotentially blurred in a large scale virtual/Cloudenvironment. In a public cloud deployment model, sensitivedata is obtained from the enterprises, processed by the SaaS

application and stored at the SaaS vendor end. All data flowover the network needs to be secured in order to preventleakage of sensitive information.

Security Policies: There are risks associated with thesecurity policies adopted by the hybrid cloud such as how

the encryption keys are managed in public cloud.

Backup and Recovery: In hybrid cloud computing somedata are stored in some remote location. Because of someincident like fire, earthquake, flood or any natural calamitiesthere may be chance of data loss. So there must be aprovision to recover the data which may be loss due to theabove reasons.

7. ConclusionGrowing need of the down the resource and to cut down the

cost expenditure the cloud benefits are endless. But in orderto achieve the best while spending less, have some securityproblems which are unresolved. This paper describes thevarious aspects of the cloud and its security. Through thispaper has covered almost the security issues in the hybridcloud environment. Although the cloud is the cheapest andthe easiest way to use the resources, still it needs a security

architecture which describes all the service models as wellas the cloud architecture in future.

References

[1] Csrc.nist.gov/groups/SNS/cloud-computing/cloud-computing-v25.ppt

[2] (http://csrc.nist.gov/groups/SNS/cloud-computing/cloud-def-v15.doc)

[3] Information Technology for Management: By BEHL[4] Annual International Conference on Cloud Computing

and Virtualization (CCV 2010)[5] (http://csrc.nist.gov/groups/SNS/cloud-

computing/cloud-def-v15.doc)

[6] www.ijera.com/papers/vol2_issue1/V21117125.pdf[7] www.ibm.com/in/PaaS[8]

En.wikipedia.org/wiki/software_as_a_service

418