AbstractAbstractAbstractAbstractCloudCloudCloudCloud computingcomputingcomputingcomputing isisisis thethethethe fundamentalfundamentalfundamentalfundamental changechangechangechange
happeninghappeninghappeninghappening inininin thethethethe fieldfieldfieldfield ofofofof InformationInformationInformationInformation Technology,Technology,Technology,Technology, whichwhichwhichwhichrepresentsrepresentsrepresentsrepresents itsitsitsits trendtrendtrendtrend towardstowardstowardstowards thethethethe intensiveness,intensiveness,intensiveness,intensiveness, largelargelargelarge scalescalescalescale andandandandspecialization.specialization.specialization.specialization. However,However,However,However, itititit bringsbringsbringsbrings aboutaboutaboutabout notnotnotnot onlyonlyonlyonly thethethethe convenienceconvenienceconvenienceconvenienceandandandand thethethethe efficiency,efficiency,efficiency,efficiency, butbutbutbut alsoalsoalsoalso thethethethe greatgreatgreatgreat challengeschallengeschallengeschallenges totototo thethethethe datadatadatadatasecuritysecuritysecuritysecurity andandandand privacyprivacyprivacyprivacy protection.protection.protection.protection. CurrentlyCurrentlyCurrentlyCurrently securitysecuritysecuritysecurity hashashashas beenbeenbeenbeenregardedregardedregardedregarded asasasas oneoneoneone ofofofof thethethethe greatestgreatestgreatestgreatest problemsproblemsproblemsproblems totototo bebebebe solvedsolvedsolvedsolved inininin thethethethedevelopmentdevelopmentdevelopmentdevelopment ofofofof cloudcloudcloudcloud computing.computing.computing.computing. ThisThisThisThis paperpaperpaperpaper describesdescribesdescribesdescribes thethethethe greatgreatgreatgreatrequirementsrequirementsrequirementsrequirements inininin cloudcloudcloudcloud computingcomputingcomputingcomputing andandandand cloudcloudcloudcloud storagestoragestoragestorage securitysecuritysecuritysecurity keykeykeykeytechnologytechnologytechnologytechnology andandandand providesprovidesprovidesprovides aaaa cloudcloudcloudcloud computingcomputingcomputingcomputing securitysecuritysecuritysecurity framework.framework.framework.framework.
KeyKeyKeyKey wordswordswordswordscloudcloudcloudcloud computing;computing;computing;computing; cloudcloudcloudcloud storage;storage;storage;storage; cloudcloudcloudcloud computingcomputingcomputingcomputingsecuritysecuritysecuritysecurity;;;; cloudcloudcloudcloud securitysecuritysecuritysecurity frameworkframeworkframeworkframework
I. INTRODUCTION OF CLOUD STORAGE AND CLOUDCOMPUTING
loud computing and Cloud storage uses a complex,extensive infrastructure (hardware, platform, and
software hence the abstraction as cloud) to providesignificant storage and computing resources to the user over anetwork. Depending on cloud configuration, it can be infinitelyextensible, readily accessible, with minimal management effortor service provider interaction.There is a good example to describe Cloud computing
technologies like the electricity network power applications.We use electricity networks to improve the running of thecompany, each family can enjoy cheap energy from this, ratherthan your own home power generation. Cloud computing willbring about similar cycle as the development of the electricitynetwork in the next decade.Cloud computing and Cloud storage is based on and include
the Distributed Computing technology, Parallel computingtechnology, Utility Computing technology, Network Storagetechnology, Virtualization technology, and Load Balancetechnology.
A. The Hybrid Cloud Architecture
A private cloud network is allocation on a premise, may bebelong to a company, and users are all the employees of thiscompany. It is easier to manage, it is more dependable, andmore secure in a private than the public cloud network. Becausethe user of the public cloud may be all over the world. So wecan use a hybrid cloud network. By utilizing "hybrid cloud"architecture, companies and individuals are able to obtaindegrees of fault tolerance combined with locally immediateusability without dependency on internet connectivity. Hybridcloud architecture requires both on-premises resources andoff-site (remote) server-based cloud infrastructure. Hybridclouds lack the flexibility, security and certainty of in-houseapplications. Hybrid cloud provides the flexibility of inhouse applications with the fault tolerance and scalability ofcloud based services.
B. How is cloud storage and cloud computing worksTo saving data to an off-site storage system maintained by a
third party. Instead of storing information to your computer'shard drive or other local storage device, you save it to a remotedatabase. The Internet provides the connection between yourcomputer and the database.A cloud storage system needs just one data server connected
to the Internet. A client (e.g., a computer user subscribing to acloud storage service) sends copies of files over the Internet tothe data server, which then records the information. When theclient wishes to retrieve the information, he or she accesses thedata server through a Web-based interface. The server theneither sends the files back to the client or allows the client to
Security of Cloud Storage and Cloud ComputingYuchen Cao
Fig. 1. TheDefinition ofCloud.
Fig. 2. This is a explain of the deployment models of cloud. Private cloud iscloud infrastructure operated solely for a single organization. Public cloudapplications, storage, and other resources are made available to the generalpublic by a service provider. These services are free or offered on apay-per-use model. Hybrid cloud is a composition of two or more clouds(private, community or public) that remain unique entities but are boundtogether, offering the benefits of multiple deployment models. 
access and manipulate the files on the server itself.
Like the Fig.3, when you use the cloud storage. First the datawill be partitioned to serval part, and will be storage intodifferent database. When you check or use the data, those servalpart will combine again.Cloud computing is based on cloud storage, and works
similar with cloud storage. Like the Fig.4 and Fig.5.
II. THREATS FACING CLOUD STORAGE AND CLOUDCOMPUTING
Another analogy to cloud computing services is the watersupply services of a supply company:Original each family and their own digging wells, repair
water tower, responsible for their own water security issues, forexample, to avoid contamination, to prevent others steal water.But now, we use the water supply services of water companies.The companies have to protect the whole system, to manage somany users, and keep the whole system safety.Because of the huge and complex of this system, this will be
very difficult. So we can say that cloud storage and cloudcomputing brings about not only the convenience and theefficiency, but also the great challenges to the data security andprivacy protection.There are seven threats facing cloud storage and cloud
computing. They are:Because of some change from the traditional network to
cloud network, and the use of some new technology, and newrules of management, there are more security risks of cloudnetwork than every before. In detail, there are the followingrisks facing cloud storage and cloud computing.
A. Changes in the data flow modelIn a traditional data center, the data flow model is relatively
simple:Various applications reference flow rate and bursty traffic
rules to follow, even for larger data center can still be carriedout according to the importance of Web application servertargeted protection; Execution of the security equipment basedtraffic detection in accordance with established security policy.In the public cloud computing environment:Cloud computing center, similar server scale to tens of
thousands to work together as a unit;The equipment is highly concentrated, from scattered to
safety equipment performance under pressure;The equipment is unable to achieve sub-rule, and thus high
performance requirements of safety equipment, especially inthe DDOS attack detection and prevention, new challenges.
B. Virtual operating systemsVirtual operating systems has loopholes and flaws, it is prone
to inter-virtual machine data leak by hacking attack, or evenpossible infiltration or take over the master operating systems.Based on a high degree of integration of storage resources
and server resources to provide various services, cloud
Fig. 3. How is the cloud storge works
Fig. 4. How is the cloud computing works
Fig. 5. How is the cloud computing works
Threat #1: Abuse and Nefarious Use of Cloud Computing.Threat #2: Insecure Interfaces and APIs.Threat #3: Malicious Insiders.Threat #4: Shared Technology Issues.Threat #5: Data Loss or Leakage.Threat #6: Account or Service Hijacking.Threat #7: Unknown Risk Profile.
computing and storage resources according to need, bringunprecedented risk to data security.
C. The risk of identity management diversifiedIn traditional networks, the identity management is single for
using a application. But in cloud network, there are multipleidentify provider. So that the standards of authenticationcredentials, issuing authority diversity. And because all ofthose providers and different standards works together, makesthe identity management system disordered.
D. The risk for uncertainty of Security boundaryTraditional data center security protection, it is an important
principle is "based on boundary safety isolation and accesscontrol", and strong research "according to different safetylocale, differentiated safety strategy".These measures, depends heavily on "between each area
clear regional boundary".In cloud computing environment, Virtu