Cloud Computing Security

Security in cloud computing is the main issue. Data should be kept in an encrypted form in the cloud. Proxy and brokerage tools should be used to limit client access to shared data directly.

Security Planning

Before using a specific resource to cloud, one should need to evaluate various conditions of the resource such as:

  • Choose a resource that requires moving to the cloud and evaluating its sensitivity to risk.
  • Understand the data storage process of the cloud service provider and its transition to and from the cloud.
  • Consider models of cloud services like IaaS, PaaS, and SaaS. Such models demand that customers should be responsible for protection at various service levels.
  • Consider the type of cloud to use, such as public, private, community, or hybrid.

Understanding Security of Cloud

A specific service model describes the boundary between the customer and the responsibilities of service providers. The cloud security alliances (CSA) stack model is a model which helps to explain the limits between each service model and also shows how various functional units relate to each other.

The following figure shows the CSA stack model:

Cloud computing security

Understanding Data Security

Because all the data is transferred via the internet; data security is the main concern in the cloud. There are various key mechanisms for protecting data.

  • Access control
  • Auditing
  • Authentication
  • Authorization

Isolated Access to Data

Because the information stored in the cloud can be accessed from anywhere, we need a mechanism for isolating and shielding data from direct access by the user.

  • Brokered cloud storage access is a strategy to cloud storage isolation. Two programs are being developed in this approach.
  •  A broker with complete processing access but no customer access.
  • A proxy with no storage access, but access to both the broker and the client

Working of Brokered Cloud Storage Access System

When the client sends a request to access data:

  • The request of the client goes to the external service interface of proxy.
  • The proxy sends the request to the broker.
  •  The broker asks for cloud storage data.
  •  The proxy must give the information to the server at last.

The following figure shows the entire above steps

Cloud computing security 1