Security of Cloud Storage and Cloud computing and Cloud storage is based on and include ... Shared Technology Issues. ... issuing authority diversity

Embed Size (px)

Text of Security of Cloud Storage and Cloud computing and Cloud storage is based on and include ... Shared...

  • 1

    AbstractAbstractAbstractAbstractCloudCloudCloudCloud computingcomputingcomputingcomputing isisisis thethethethe fundamentalfundamentalfundamentalfundamental changechangechangechange

    happeninghappeninghappeninghappening inininin thethethethe fieldfieldfieldfield ofofofof InformationInformationInformationInformation Technology,Technology,Technology,Technology, whichwhichwhichwhichrepresentsrepresentsrepresentsrepresents itsitsitsits trendtrendtrendtrend towardstowardstowardstowards thethethethe intensiveness,intensiveness,intensiveness,intensiveness, largelargelargelarge scalescalescalescale andandandandspecialization.specialization.specialization.specialization. However,However,However,However, itititit bringsbringsbringsbrings aboutaboutaboutabout notnotnotnot onlyonlyonlyonly thethethethe convenienceconvenienceconvenienceconvenienceandandandand thethethethe efficiency,efficiency,efficiency,efficiency, butbutbutbut alsoalsoalsoalso thethethethe greatgreatgreatgreat challengeschallengeschallengeschallenges totototo thethethethe datadatadatadatasecuritysecuritysecuritysecurity andandandand privacyprivacyprivacyprivacy protection.protection.protection.protection. CurrentlyCurrentlyCurrentlyCurrently securitysecuritysecuritysecurity hashashashas beenbeenbeenbeenregardedregardedregardedregarded asasasas oneoneoneone ofofofof thethethethe greatestgreatestgreatestgreatest problemsproblemsproblemsproblems totototo bebebebe solvedsolvedsolvedsolved inininin thethethethedevelopmentdevelopmentdevelopmentdevelopment ofofofof cloudcloudcloudcloud computing.computing.computing.computing. ThisThisThisThis paperpaperpaperpaper describesdescribesdescribesdescribes thethethethe greatgreatgreatgreatrequirementsrequirementsrequirementsrequirements inininin cloudcloudcloudcloud computingcomputingcomputingcomputing andandandand cloudcloudcloudcloud storagestoragestoragestorage securitysecuritysecuritysecurity keykeykeykeytechnologytechnologytechnologytechnology andandandand providesprovidesprovidesprovides aaaa cloudcloudcloudcloud computingcomputingcomputingcomputing securitysecuritysecuritysecurity framework.framework.framework.framework.

    KeyKeyKeyKey wordswordswordswordscloudcloudcloudcloud computing;computing;computing;computing; cloudcloudcloudcloud storage;storage;storage;storage; cloudcloudcloudcloud computingcomputingcomputingcomputingsecuritysecuritysecuritysecurity;;;; cloudcloudcloudcloud securitysecuritysecuritysecurity frameworkframeworkframeworkframework

    I. INTRODUCTION OF CLOUD STORAGE AND CLOUDCOMPUTING

    loud computing and Cloud storage uses a complex,extensive infrastructure (hardware, platform, and

    software hence the abstraction as cloud) to providesignificant storage and computing resources to the user over anetwork. Depending on cloud configuration, it can be infinitelyextensible, readily accessible, with minimal management effortor service provider interaction.There is a good example to describe Cloud computing

    technologies like the electricity network power applications.We use electricity networks to improve the running of thecompany, each family can enjoy cheap energy from this, ratherthan your own home power generation. Cloud computing willbring about similar cycle as the development of the electricitynetwork in the next decade.Cloud computing and Cloud storage is based on and include

    the Distributed Computing technology, Parallel computingtechnology, Utility Computing technology, Network Storagetechnology, Virtualization technology, and Load Balancetechnology.

    A. The Hybrid Cloud Architecture

    A private cloud network is allocation on a premise, may bebelong to a company, and users are all the employees of thiscompany. It is easier to manage, it is more dependable, andmore secure in a private than the public cloud network. Becausethe user of the public cloud may be all over the world. So wecan use a hybrid cloud network. By utilizing "hybrid cloud"architecture, companies and individuals are able to obtaindegrees of fault tolerance combined with locally immediateusability without dependency on internet connectivity. Hybridcloud architecture requires both on-premises resources andoff-site (remote) server-based cloud infrastructure. Hybridclouds lack the flexibility, security and certainty of in-houseapplications[2]. Hybrid cloud provides the flexibility of inhouse applications with the fault tolerance and scalability ofcloud based services.

    B. How is cloud storage and cloud computing worksTo saving data to an off-site storage system maintained by a

    third party. Instead of storing information to your computer'shard drive or other local storage device, you save it to a remotedatabase. The Internet provides the connection between yourcomputer and the database.A cloud storage system needs just one data server connected

    to the Internet. A client (e.g., a computer user subscribing to acloud storage service) sends copies of files over the Internet tothe data server, which then records the information. When theclient wishes to retrieve the information, he or she accesses thedata server through a Web-based interface. The server theneither sends the files back to the client or allows the client to

    Security of Cloud Storage and Cloud ComputingYuchen Cao

    C

    Fig. 1. TheDefinition ofCloud.

    Fig. 2. This is a explain of the deployment models of cloud. Private cloud iscloud infrastructure operated solely for a single organization. Public cloudapplications, storage, and other resources are made available to the generalpublic by a service provider. These services are free or offered on apay-per-use model. Hybrid cloud is a composition of two or more clouds(private, community or public) that remain unique entities but are boundtogether, offering the benefits of multiple deployment models. [1]

  • 2

    access and manipulate the files on the server itself[3].

    Like the Fig.3, when you use the cloud storage. First the datawill be partitioned to serval part, and will be storage intodifferent database. When you check or use the data, those servalpart will combine again.Cloud computing is based on cloud storage, and works

    similar with cloud storage. Like the Fig.4 and Fig.5.

    II. THREATS FACING CLOUD STORAGE AND CLOUDCOMPUTING

    Another analogy to cloud computing services is the watersupply services of a supply company:Original each family and their own digging wells, repair

    water tower, responsible for their own water security issues, forexample, to avoid contamination, to prevent others steal water.But now, we use the water supply services of water companies.The companies have to protect the whole system, to manage somany users, and keep the whole system safety.Because of the huge and complex of this system, this will be

    very difficult. So we can say that cloud storage and cloudcomputing brings about not only the convenience and theefficiency, but also the great challenges to the data security andprivacy protection.There are seven threats facing cloud storage and cloud

    computing.[9] They are:Because of some change from the traditional network to

    cloud network, and the use of some new technology, and newrules of management, there are more security risks of cloudnetwork than every before. In detail, there are the followingrisks facing cloud storage and cloud computing.

    A. Changes in the data flow modelIn a traditional data center, the data flow model is relatively

    simple:Various applications reference flow rate and bursty traffic

    rules to follow, even for larger data center can still be carriedout according to the importance of Web application servertargeted protection; Execution of the security equipment basedtraffic detection in accordance with established security policy.In the public cloud computing environment:Cloud computing center, similar server scale to tens of

    thousands to work together as a unit;The equipment is highly concentrated, from scattered to

    safety equipment performance under pressure;The equipment is unable to achieve sub-rule, and thus high

    performance requirements of safety equipment, especially inthe DDOS attack detection and prevention, new challenges.

    B. Virtual operating systemsVirtual operating systems has loopholes and flaws, it is prone

    to inter-virtual machine data leak by hacking attack, or evenpossible infiltration or take over the master operating systems.[8]Based on a high degree of integration of storage resources

    and server resources to provide various services, cloud

    Fig. 3. How is the cloud storge works

    Fig. 4. How is the cloud computing works

    Fig. 5. How is the cloud computing works

    Threat #1: Abuse and Nefarious Use of Cloud Computing.Threat #2: Insecure Interfaces and APIs.Threat #3: Malicious Insiders.Threat #4: Shared Technology Issues.Threat #5: Data Loss or Leakage.Threat #6: Account or Service Hijacking.Threat #7: Unknown Risk Profile.

  • 3

    computing and storage resources according to need, bringunprecedented risk to data security.

    C. The risk of identity management diversifiedIn traditional networks, the identity management is single for

    using a application. But in cloud network, there are multipleidentify provider. So that the standards of authenticationcredentials, issuing authority diversity. And because all ofthose providers and different standards works together, makesthe identity management system disordered.

    D. The risk for uncertainty of Security boundaryTraditional data center security protection, it is an important

    principle is "based on boundary safety isolation and accesscontrol", and strong research "according to different safetylocale, differentiated safety strategy".These measures, depends heavily on "between each area

    clear regional boundary".In cloud computing environment, Virtu