Cloud Computing Security and Privacy Issue
The article Security and Privacy Issue in Cloud Computing written by Jaydip Sen
describes security and privacy as global ethical issue information technology. Clouding
computing has changed how information technology is utilized and managed. Speeding of
innovation and enhanced efficiencies in cost has been facilitated by cloud computing technology.
Despite propaganda claims from some individuals concerning this innovation, cloud computing
has become substantially important in information storage for many individuals and corporations
globally. However, cloud computing has been faced with many challenges including quality of
service, operability, privacy and security issues, change in the global economy, and legal factors
(Sen, 2015). This article deals with different deployment and service models associated with
cloud computing, and security and privacy ethical issues. Also, it provides solutions to control
these issues along with cloud computing future trends.
Cloud computing allows users to conveniently access a pool of operating and configured
computing resources. These resources include servers, applications services, and networks.
Applications provided on the internet such as systems software and hardware which facilitates
service provision constitutes cloud computing. Cloud model consists of 4 basic models of
delivery. Additionally, these models are defined by the cloud service providers. These models of
delivery include public cloud in which its services are accessible to the public, a private cloud
which its services are provided only to the firm, community cloud which services of the cloud
are shared by particular firms sharing common goals, and hybrid cloud which consists of various
computing infrastructure. Furthermore, there are three types of services offered by the cloud. The
first service is software as a service which entails software renting instead of purchasing (Sen, 2015). Secondly, platform as a service which offers a cloud platform in that individual can
develop and execute applications. Lastly, infrastructure as a service provides storage space and
power when required.
Services on the cloud are founded on five primary factors that show their relation to, and
distinction from traditional approaches to computing. Infrastructure abstraction entails
abstracting storage, computation, and network from the data and application resources as a way
of delivering services. This occurs where physical resource which information if processed,
conveyed and stored becomes highly unclear from the application providing service delivery.
The democratization of resources helps abstraction of resources to allow particular individuals to
utilize applications, infrastructure or information they wish to access. Service-oriented
architecture provides access and utilization of resources in a standard manner. This model
concentrates on service delivery rather than managing the infrastructure (Sen, 2015). Lastly,
elasticity model deals with the speed, reliability, virtualization, automation, and ever-present
connectivity for the operation of the resources allocated for service delivery. Evidently, it
ensures high service levels and better use of resources is achieved.
There are various concerns relating to the security and privacy of information stored in
the cloud. Arguably, cloud computing consists of various technologies such as operating
systems, networks, memory management, and databases. Therefore, security and privacy
concerns of the technologies are applicable. To ensure the security of data, cryptographic
encryption mechanisms are preferred (Sicari etal., 2015). Significantly, the producers of hard
drives are currently selling self-encrypting drives which offer a storage that is trustworthy for the
computer users. Despite software encryption being applied to data protection, it slows the
process making it insecure thus encryption key can be easily stolen.
There are various threats related to cloud computing. The threat against data available in
the environment of cloud computing has been a major challenge. Moreover, there are other
threats such as various attackers and their ability to get the information, security problems
associated with the cloud, and current trends relating to security risks of cloud computing. These
threats are divided into various categories which include threats from the inside user, threats
from external attackers, and data leakages. Insider user threats occur when insiders try to access
customers information without their consent. Threats from external attackers occur when hackers
get access to public cloud and steal sensitive information from firms or the government. When
information from different organizations leaks to the public from the cloud, it is known as data
leakage. There are different types of attackers in cloud computing. Internal attackers are
employed by the customers, service providers or the third party. As they have access to the
clouds, they apply these privileges to access private information. External attackers possess no
access to the cloud information thus they apply their technological and computing techniques to
acquire private information from the clouds (Nikkhah & Sabherwal 2017). Additionally, the
attackers may be substantial, random, weak, or strong depending on their abilities to attack the
cloud.
Approaches to dealing with security and privacy of cloud computing have been
established. Protection of information in the cloud requires information-centric security
approach. Moreover, application of manual auditing process makes the customers satisfied with
storing their information in the cloud. This approach is known as high assurance remote server
attestation. Additionally, encrypting all the information before transferring it to the cloud will
help to reduce security threats. Furthermore, various organizations have emerged to standardize
the cloud computing (Sicari etal., 2015). Governments and organization have provided legislation and laws, and other trends such as secure service, trust, and policy management to
control cloud computing.
Many organizations in the world are believed to store information in the cloud due to the
integration of computerized record keeping. Arguably, the security and privacy threats apply
globally to all firms using cloud computing as a method of storing their information. If there is
any threat posed on the cloud, all the organizations in the world are affected. Also, a company
operating in different countries may be able to store its information in uniform storage
(Kalaiprasath etal., 2017). This article provides crucial knowledge to the individuals and firms
using cloud computing system and others who wish to use it in future.
It is beneficial to realize the importance of acquiring enough knowledge about all aspects
of cloud computing. For instance, this article has provided a green light on the threats associated
with storing information in the clouds. Organizations will be able to identify possible threats
which can emerge before deciding whether to store the information in the clouds. Furthermore, if
the organizations are faced with any threat, this article has provided measures to rectify the
threat. Most importantly, cloud computing is becoming one of the attractive technologies in the
world. It is flexible and cost efficient which makes more firms use it (Boroojeni etal., 2017).
Despite the benefits of cloud computing, this article has raised concerns about its future.
Arguably, some firms are only storing less sensitive information in the cloud.
Although cloud computing has somehow proven to be effective, some aspects have not been
made clear. For instance; what is the future of cloud computing in terms of storage of sensitive
information for the firm?
Has the cloud realized its potential so far?
Can cloud service providers be able to eliminate security and privacy issues completely?