Cloud Computing: Data Security Issues and Solutions
Introduction
According to National Institute of Standards and Technology (NIST), “Cloud computing is a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications and services) that can be rapidly provisioned and released with minimal management effort and or service provider interaction”.
Thus, cloud computing is the fastest growing computing network as it not only reduces efforts but at the same time it also improves accessibility and have better geographic coverage. Most of us are using cloud computing in out day to day lives in one form or another without even realizing like someone is using Microsoft Office 365 for writing something on word or preparing data on excel, or someone is using Gmail to send emails.
While cloud computing comes with many advantages, challenges to cloud computing are not far behind. The major challenges to cloud computing are data security, lack of resources and expertise on it.
What is Cloud Computing Model?
Data security issues and challenges with cloud computing
Steps to maintain confidentiality, integrity and availability in cloud computing
Methods used to improve data security at different stages of data lifecycle
Future Challenges in Cloud Computing
Conclusion
What is Cloud Computing Model?
Cloud computing model consists of five major actors. These are:
- The first one being the cloud service consumer (CSC) or in other words the end user, who gets the service from the cloud provider and pays for such service as per the use.
- The second one is the cloud service provider (CSP), which is responsible for providing services to cloud service consumer.
- Next comes the cloud auditor, which is responsible for conducting an independent assessment of the cloud services, information system operations and performance and security of the cloud implementations.
- Then comes cloud broker, who acts as a broker between cloud service provider and cloud service consumer to make the business deal.
- The last one is cloud carrier, who is responsible for providing connectivity from cloud service provider to cloud service consumer.
However, as cloud computing provides services to large base of consumers and is technically open to entire world, it is more prone than anything to security issues. Therefore, security becomes the primary responsibility between cloud service provider and cloud service consumer.
Data security issues and challenges with cloud computing
When the data of the company is stored, it is stored in the company’s premises, thereby giving complete control to the company to ensure traditional steps to make sure that the data is safe. However, when customer uses cloud computing, data is stored outside of the consumer’s place, and therefore cloud computing when used by end consumers, must employ additional security measures apart from the traditional security measures.
Confidentiality, integrity and availability can make or break a business of cloud computing as data is the core component of the cloud business. Furthermore, such data is given as an assurance to the end consumer that data information is uncorrupted and thus, can only be accessed by authorized user. Furthermore, maintaining confidentiality, integrity and availability is easier in enterprise computing but is much difficult in cloud computing.
Steps to maintain confidentiality, integrity and availability in cloud computing
- The first step is to classify the data once the data is created, identify the sensitive data of it, and thereafter, defines policies and then create access methods for different types of data. Furthermore, creating policies for data archive and destroying of data can go a long way in maintaining confidentiality along with integrity.
- While storing the data in proper security protection is very important, backup and recovery plan goes hand in hand with maintaining confidentiality and integrity.
- Furthermore, in cloud computing what is known as service level agreements can be implemented and thus, it can be identified that what type of data is to be shared, with whom it is to be shared and it can be shared?
- Lastly, even after taking all measures, if data is still compromised, corrective action place should be in place when the data is in transit.
Thus, these steps go handy while protecting the cloud computing. However, computation integrity can also be used in protecting clod computing from compromising. Computation integrity refers to only the authorized applications are allowed to access the data and use it for computation. Any abnormality from normal computing should be avoided.
Methods used to improve data security at different stages of data lifecycle
- First method is to apply data encryption when the data is at rest and also when the data is in transit. Apply strong encryption algorithms like Advanced Encryption Standard (AES) and Rivest Shamir Adleman (RSA) algorithms. Example of such algorithm is 256-Bit AES which is used by Amazon.
- While encryption method can prove to be useful to large extent, it cannot protect from configuration errors and software bugs. To resolve such issues, harsh methods can be used which consumes more bandwidth, however are more time consuming.
- Furthermore, third party auditors, who specialized in such fields can be employed to check the data integrity.
- Another major precaution that can be taken is to not store encryption keys along with the encrypted data.
- Data duplication, redundancy and backups goes a long way in protecting the data integrity.
Future Challenges in Cloud Computing
While the cloud computing problems are mainly with security and privacy of the data stored in the cloud, future cloud environments such as heterogeneity, resource sharing, multi-tenancy, virtualization, mobile cloud computing and service level agreements make cloud computing even more vulnerable. Furthermore, there are also new developments in cloud computing like Container-as-a-Service (CaaS), Software-defined networking (a concept to design and manage networks that abstracts applications away from the underlying networks), Software-defined-storage (abstracts the logical storage services and capabilities away from the underlying hardware) and Cloud-of-Things (CoT), (a concept combining cloud computing and Internet-of-Things (IoT) for smart city applications). All these new developments bring new challenges in cloud computing and they need to be addressed
Conclusion
Cloud computing is considered to be one of the major development in the internet era because of its easy accessibility and use. However, accessibility and use does not guarantee safety of such use. With use at a mass scale and data being more prone to be breached, cloud computing even becomes more vulnerable and there arises more need to protect such data.
Thus, reviewing security policies whenever there is a change in technology and furthermore, updating to protect the data and its privacy can prove to be useful not only for the companies but for the end user as well as leak of data at such massive scale can lead to disaster at both individual and mass level.