Upload
ijsrnet-editorial
View
224
Download
0
Embed Size (px)
Citation preview
7/27/2019 Security Issues in Hybrid Cloud Computing
1/3
7/27/2019 Security Issues in Hybrid Cloud Computing
2/3
4
C
P
oE
S
cl
P
c
P
c
5
clcl
Inte
Figure 2:
. Four Cl
Private Clo
Public Clo
Communit
Hybrid Clo
louds can beho owns and
igure 3:NIS
rivate Clou
erated bynterprise CloPC (Virtualuite, Micros
oud.
ublic Cloud:
rporation.
zure, IBMublic cloud.
ommunity
ultiple orgaoogle apps f
mmunity Cl
ybrid Clou
ore than onezure, VMwa
. Benefitsybrid cloudsouds while aouds. The fo
national J
Example of rco
ud Deplo
ud
d
Cloud
ud
categorizedthem.
T visual mod
: This is asingle org
d (UEC - porivate Cloudft ECI data
This is a Clooogle App
mart Cloud,
loud: This is
nizations for governmen
ud are exam
: This is a CClouds typese vCloud are
of Hybrid
offer the cso offering tllowing are s
ournal of
esources proputing
ment Mo
in different t
l of Cloud c
Cloud whicanization. Ewered by Eu), VMwarecenter are
ud which canEngine, M
Amazon E
a Cloud whi
some spe, Microsoft a
le of Comm
oud which ofrom the abexamples of
Cloud
st and scalee security anome of the p
cience an
Volume
ided by Clou
els
ypes dependi
mputing defi
can be useucalyptus,alyptus) , Aloud Infrastrxample of P
be owned byicrosoft Wi
2 are exam
h can be sha
ific requirepps for gover
nity cloud.
wns the featuve three. Wiybrid cloud.
benefits ofd control of possible benef
Research
2 Issue 6,
www.ijsr.
ng on
ition
andbuntu
azoncture
rivate
largedows
le of
ed by
ents.ment
res ofdows
ublicrivatets for
thoap
Co
coancotepu
thede
for
Bu
avabisu
undrabe
adthesec
M
ma
apma
6.Th
co
thepreinfsecco
inthe
datorSe
As
thehy
(IJSR), In
June 2013
et
se who oflications:
Fig
st Savings:
puting. Couse opera
puting capaporary projelic clouds re
se projects. Ielopment an
sensitive dat
siness Agilit
ilable in ality to rapidport for clo
xpected needstic improveause of the
ition computpure privateured informa
intenance:
intenance, an
lication instintenance req
Security
ere are a nu
puting but
ir partly on tmises accoormation ofurity becaufidential inf
big loss in fiorganization
a kept inanization hasurity issues f
ecurity issue
ecurity issue
organization
y must underid cloud e
dia Online
er cloud c
re 4: Hybrid
It is thepanies can retional expe
bilities. It icts at a red
oves the ne
hybrid cloutesting whi
.
: A Hybrid cprivate clouly scale usid bursting,
for additionents in the
bility to add
er resourcescloud for fuion, data and
Cloud servid access is th
allation ontouirements.
ssue
ber of securi
ybrid cloud
e cloud andding to tany organize any learmation, inte
nance and readopt hybrid
o the preto bear the
all into two b
faced by clo
faced by the
use hybrid
rstand the nvironment.
ISSN: 231
mputing-bas
Cloud Comp
ajor benefitduce their caditures for
proves resouced cost be
ed for invest
, public cloule private cl
loud offers bdeploymen
g public clsing the pub
l IT resourceoverall orgapublic clou
requirementslfilling the rprocess.
e providersrough APIs t
PCs, thus
y issues asso
llows the org
he rest of ape requiremation required or tamntionally or
utation of thclouds, the h
ises dataost to develooad categori
ud providers.
ir customers.
louds for the
w security rhile hybrid
9-7064
d services
uting
of using Cital expenditincreasingce allocatioause the usents to carr
s can be useuds can be
th the advantalong with
uds. It suplic clouds fo
s. It also proizational ags for unexpe
and also suquirement o
do the syat do not re
further redu
ciated with c
anization to
lications onnts. Data
the high lered in hiccidentally r
organizatioighly confide
enter. Forp the data ces.
ir business n
equirementsclouds offer
and
louduresheirfor
e ofout
forsed
agesthelies
r an
ideslity,cted
portthe
temuire
cing
loud
lace
heirandevelghlysult
. Asntial
thatter.
eds,
of athe
417
7/27/2019 Security Issues in Hybrid Cloud Computing
3/3
International Journal of Science and Research (IJSR), India Online ISSN: 2319-7064
Volume 2 Issue 6, June 2013
www.ijsr.net
security advantages of private clouds, there are some uniquesecurities challenges that should be keep in mind whileadopting the hybrid cloud.
In most cases, the provider must ensure that theirinfrastructure is secure and that their clients data andapplications are protected while the customer must ensurethat the provider has taken the proper security measures to
protect their information. The following are some issueswhich can be faced while adopting the hybrid cloud.
Location of the Data: Some time applications may useresources from multiple servers in clouds. The servers arebased at multiple locations and the services provided by thecloud may use different infrastructures across theorganization. This situation creates compilations inproviding the security to the data which are stored in cloud.
Confidentiality and integrity: Confidentiality refers to whostores the encryption keys data from company A, stores inany encrypted format at company B must be kept secure
from employees of B; thus, the client company should ownthe encryption keys. Integrity refers to the face that no
common policies exist for approved data exchanges; theindustry has various protocols used to push differentsoftware images or jobs.
Authentication: It is a process that traditionally says theprivileges to the user to access particular information or
access a service. There is no authority of the client to applyproper security measures to the data stored on the clouds.There is not control of the client on the management of thecloud. The providers do not like to interfere in their ownmethodology. It is an easy way to solve the identity needs of
private clouds, but in hybrid cloud now private cloud isextend with public cloud. So it is difficult task to control theidentity and access management.
Scalability: As the hybrid cloud extends the organizationoutside the organizations boundary, we should be verycareful because doing so it opens up the larger surface areafor the attack on public as well as on the private cloud also.
Data Segregation: It is a risk in the hybrid cloudcomputing. Public clouds are used by many users. As aresult data can be kept in a shared mode in the public cloud.Due to this reason there is a chance of the users private data
to be seen by other users. If the data and the information arenot protected from other users then it is a major risk to the
user to keep his/her private information in the cloud.
Network Security: In hybrid cloud deployment modelsinstead of traditional clearly defined network boundaries theborders between tenant networks can be dynamic andpotentially blurred in a large scale virtual/Cloudenvironment. In a public cloud deployment model, sensitivedata is obtained from the enterprises, processed by the SaaS
application and stored at the SaaS vendor end. All data flowover the network needs to be secured in order to preventleakage of sensitive information.
Security Policies: There are risks associated with thesecurity policies adopted by the hybrid cloud such as how
the encryption keys are managed in public cloud.
Backup and Recovery: In hybrid cloud computing somedata are stored in some remote location. Because of someincident like fire, earthquake, flood or any natural calamitiesthere may be chance of data loss. So there must be aprovision to recover the data which may be loss due to theabove reasons.
7. ConclusionGrowing need of the down the resource and to cut down the
cost expenditure the cloud benefits are endless. But in orderto achieve the best while spending less, have some securityproblems which are unresolved. This paper describes thevarious aspects of the cloud and its security. Through thispaper has covered almost the security issues in the hybridcloud environment. Although the cloud is the cheapest andthe easiest way to use the resources, still it needs a security
architecture which describes all the service models as wellas the cloud architecture in future.
References
[1] Csrc.nist.gov/groups/SNS/cloud-computing/cloud-computing-v25.ppt
[2] (http://csrc.nist.gov/groups/SNS/cloud-computing/cloud-def-v15.doc)
[3] Information Technology for Management: By BEHL[4] Annual International Conference on Cloud Computing
and Virtualization (CCV 2010)[5] (http://csrc.nist.gov/groups/SNS/cloud-
computing/cloud-def-v15.doc)
[6] www.ijera.com/papers/vol2_issue1/V21117125.pdf[7] www.ibm.com/in/PaaS[8]
En.wikipedia.org/wiki/software_as_a_service
418