Abstract
Cloud computing is a type of computing that relies on sharing computing resources rather than having local servers to handle applications. Cloud computing is a colloquial expression used to describe a variety of different types of computing concepts that involve a large number of computers and other resources connected through a real time communication network.
Security issues have been the dominant barrier of the development and widespread use of cloud computing. There are three main challenges for building a secure and trustworthy cloud system: Outsourcing (don’t know where your servers are, how many copies of your data are kept and who all have access to your data physically and programmatically), Multi-tenancy (What type of
…show more content…
The major tasks involved in cloud security are:
➢ Governance: An organization’s board is responsible (and accountable to shareholders, regulators and customers) for the framework of standards, processes and activities that, together, ensure the organization benefits securely from Cloud computing. We are the leading provider of information, books, products and services that help boards develop, implement and maintain a Cloud governance framework.
➢ Compliance: Most organizations have established security and compliance policies and procedures that are used to protect their intellectual property and corporate assets, especially in the IT space. A framework of controls and further procedures are established to mitigate risk and serve as a benchmark for the execution and validation of compliance. These principles and policies, the enterprise security plan, and the surrounding quality improvement process constitute the enterprise security compliance
…show more content…
Today, encryption of personal and enterprise data is strongly recommended, and in some cases mandated by laws and regulations around the world. Cloud customers want their providers to encrypt their data to ensure that it is protected no matter where the data is physically located. Likewise, the cloud provider needs to protect its customers’ sensitive data. Strong encryption with key management is one of the core mechanisms that Cloud Computing systems should use to protect data. While encryption itself doesn’t necessarily prevent data loss, safe harbor provisions in laws and regulations treat lost encrypted on data as not lost at all. The encryption provides resource protection while key management enables access to protected resources.
ATTRIBUTE BASED ENCRYPTION (ABE)
Attribute based encryption is more suitable for access control to the data stored in the cloud. The main goal for these models is to offer security and access control. The main aspects are to provide flexibility, scalability and fine grained access control.
Types of ABE
There are many types of ABE namely
• Cipher text and key policy
• Attribute based encryption with no- monotonic access
This provides a means of communication that can help different vendors packages to communicate and manages the message transfers from clients to servers. 2.10. Compare and contrast the three cloud computing models. Three cloud computing models • Infrastructure as a Service (IaaS): IaaS contains basic building blocks for cloud infrastructure and provides access to networking features, computers and data storage.
Furthermore, the number of communications between C1 and C2 is constant. To perform range queries over encrypted integers in the cloud, we assume the data owner has encrypted and outsourced their database to C1. Integers in particular are encrypted using their bit representation. The lower and upper bound of the query are encrypted in a similar fashion. The comparison protocol is executed for every record.
7.7.1 Data Owners 1. One whose going to access files, one who owns file, who requires his data to be secure. 2. Data owners are responsible for encrypting the data by generating private key. MMCOE, Department of Computer Engineering, 2015-2016 26 Regeneration of code based cloud storage 3.
Prevalent storage choices include the S3 (Amazon Simple Storage Service), EBS (Elastic Block Store) and Amazon CloudFront. Amazon Simple Storage Service offers Web Service based storage and it is a totally redundant storage offering that can process any amount of data at anytime and anywhere on the Web. It can be used for backup, record and calamity recovery, and content storage, allocation and data analysis storage. S3 is current as part of the free Amazon Elastic Compute Cloud (EC2) tier service for 5GB of storage, 20,000 Get Needs or 5,000 Put Needs per month.
KELSER – ‘Technology forward’, provides a cloud solution for disaster recovery and targets especially small and medium business (SMB’s) which can provide a speedy recovery with lesser hardware dependency. The main advantage of using Kelser products is that it provides scalability for its DR services and can be purchased on ‘a need’ basis. The biggest drawback is that, it does not address all the business units of an organization and hence the DR process cannot be address at an organizational level which leads to lack of ownership in dealing with disaster recovery (KELSER, 2016).
I. Purpose This policy establishes the Compliance Supervisor with the responsibility of implementing and maintaining the privacy and security procedures. In general, the Compliance Supervisor is charged with developing, maintaining, and implementing organizational policies and procedures; conducting educational programs; reviewing the conduct of those assigned security responsibilities; and administering reviews relating to the company’s privacy and security procedures. II.
Implement a policy where employees must adjust their passwords every sixty days and that they must set a screen lock out when they step away from their workstation 4. True or false: COBIT P09 risk management control objectives focus on assessment and management of IT risk. True 5. What is the name of the organization that defined the COBIT P09 Risk Management Framework?
In In band exchange makes use of the same communication medium to exchange the symmetric key and the encrypted data. This type of exchange subject to eaves dropping or man in the middle attacks. In Out-of-band key exchange, the key exchange will rely on having been shared in advance.
2.7 Observations from GMPCS Model Based on the above model, several observations can be made as follows. Observation_1: According to an interoperability feature between CSPs, a storage service will be hosted over a pool of resources that are in different geographical locations. Furthermore, different technologies, protocols, and security strategies are applied by each CSP within its datacentres to facilitate managing an environment to protect both resources and data. The technologies and strategies, therefore, might be disparate in terms of efficiency, and the type of storage network or storage system might be varied as well.
• Reduce Manual Process: Automate the management and rotation of application credentials to reduce the IT operational resources required to secure application passwords and SSH keys. • Meet Audit and Compliance Requirements: Comply with internal and regulatory requirements for regularly changing application
In the present era everyone needs fast processing and less space required to store results in computation process as well as security of information. There are many encryption algorithms in which some of these take more computation time, some of these take less, but all has their own advantages and disadvantages. Mainly encryption are classified into two based on key used are: asymmetric key encryption and symmetric key encryption. Asymmetric key Encryption is also called public key cryptography. In this, two different keys are used, one is for encryption called public key and decryption is performed by another key termed as a private key.
The first step that the auditor should take is to gather as much information about any security procedures and policies that may have been in use following the information collected from the records available. Since each policy may have a different aspect that it works on, the findings from the audit may present evidence that may be vital in identifying the existing procedures or the absence of any policies or procedures. The existence of policies and procedures enables a company to reduce the occurrence or the impacts of a given risk. The lack of such policies may lead to reduced risk management
the more options there and can be used to violate privacy. Most people consider they have little, if any, control over their personal data. Better encryption and the minimizing of data requirements aids in this goal. PIMS systems are a new technological developing that promises to aid the privacy dilemma. The PIMS system consists of a user’s server, running the services selected by the user, storing and processing the user’s data locally instead of on an online server.
Cloud By using Cloud, Starbucks could set up a cloud-based coffee selling machine. It offers self-service. Customers can make their own coffee by selecting the coffee beans they like, the amount of sugar etc. It creates excellent customer experience to enhance customers’ loyalty. Moreover, this technology could keep track of its customers’ consumption patterns and buying behaviors.
"While the Internet-based economy provides many benefits, it also raises new concerns for maintaining the privacy of information. “Internet privacy is the privacy and security level of personal data published via the Internet. It is a broad term that refers to a variety of factors, techniques and technologies used to protect sensitive and private data, communications, and preferences.â€[1] As the federal government’s National Telecommunications and Information Administration (NTIA)[2] explains: Every day, billions of people around the world use the Internet to share ideas, conduct financial transactions, and keep in touch with family, friends, and colleagues. Users send and store personal medical data, business communications, and even intimate conversations over this global network.