Annotated Bibliography For Privacy In Cloud Computing Essay.

Detailed Analysis of Related Work

Discuss about the Annotated Bibliography for Privacy in Cloud Computing.

Cloud computing is a practice that involves the use of services and applications that are hosted over the network which is usually the Internet. Almost all of the applications along with the data management are done on cloud in the present scenario. There are a number of specific properties that are associated with every cloud service such as sharing of resources, scalability, non-stop availability, easy accessibility and many others. Due to the involvement of a number of components and the presence of such huge number services, there are many issues that are seen in regards with the cloud computing. Security and privacy issues are one of the prime concerns that are seen in association with cloud computing.

These issues primarily affect the data and the information that is present in the cloud environment and adversely impacts the confidentiality, integrity and availability of the same. 

Hashizume, K., Rosado, D., Fernández-Medina, E., & Fernandez, E. (2013). An analysis of security issues for cloud computing. J Internet Serv Appl, 4(1), 5. https://dx.doi.org/10.1186/1869-0238-4-5

The resource is a journal that explains the concept and various issues that are associated with the same in terms of security and privacy. The author has made use of the three delivery models as Software as a Service (SaaS), Platform as a Service (PaaS) and Infrastructure as a Service (IaaS) to explain the security and privacy issues. The security issues that are present under SaaS include application security, issues due to the multi-tenancy architecture followed in cloud computing, data security issues and accessibility issues resulting in compromise of the privacy of the data. There are also a number of issues associated with PaaS sue to the presence of a number of third party relationships and developmental life cycle along with infrastructural security. IaaS has security and privacy issues due to shared resources, virtual machine monitor and virtual networks.

Jansen, W. (2016). Cloud Hooks: Security and Privacy Issues in Cloud Computing. Retrieved 30 September 2016, from https://www.computer.org/csdl/proceedings/hicss/2011/4282/00/10-03-01.pdf

The resource is a white paper and the author has focused upon a number of security and privacy issues that are associated with cloud computing. The issues that have been listed in the paper have been categorized and explained on the basis of various categories such as identity management, data protection, isolation and availability. There are also a number of insider threats that are seen due to easier access provided to the insiders and the malicious intents as well which result in the violation of the security and privacy. There are also a number of issues that arise due to architecture that is followed such as attack on the surface, virtual networks and client side protection.

Research Issues

Kshetri, N. (2016). Privacy and security issues in cloud computing: The role of institutions and institutional evolution. Sciencedirect.com. Retrieved 30 September 2016, from https://www.sciencedirect.com/science/article/pii/S0308596112000717

The resource is a journal and the topic of the same revolves around the privacy and security issues that are associated with the cloud computing that have been covered by the author in an elaborated manner. The author has described the nature, origin and the implications that are associated with each of the security and privacy issue that is involved with cloud computing. The changes that are necessary to be implemented have also been covered by the author.

Pearson, S. & Benameur, A. (2016). Privacy, Security and Trust Issues Arising from Cloud Computing. Retrieved 30 September 2016, from https://barbie.uta.edu/~hdfeng/CloudComputing/cc/cc05.pdf

The resource is a white paper that covers the trust, security and privacy issues that are covered by the author in association with cloud computing. Privacy issues that are associated with the cloud computing include due to a number of reasons and components such as the lack of user control, unauthorized secondary storage, data proliferation and dynamic provisioning. There are also security issues that are present in terms of the access issues, availability and backup, control over data lifecycle and lack of standardization along with the audit issues. There are also a number of trust issues that are seen which also cause violation of security and privacy that is associated with the data and information present with the cloud.

Ryan, M. (2016). Cloud Computing Privacy Concerns on Our Doorstep. Cacm.acm.org. Retrieved 30 September 2016, from https://cacm.acm.org/magazines/2011/1/103200-cloud-computing-privacy-concerns-on-our-doorstep/fulltext

The resource is an article in which the author has covered the various privacy concerns that exist in association with the cloud computing. The author has explained deliberate as well as the accidental threats that are present which result in the violation of the security. Deliberate threats are the ones that have the presence of malicious intent and are purposely executed to cause the damage. There are also accidental threats that are present which occur by a human or machine error or due to inadequate knowledge. These concerns along with the countermeasures are covered by the author in the article.

Sen, J. (2016). Security and Privacy Issues in Cloud Computing. Retrieved 30 September 2016, from https://arxiv.org/ftp/arxiv/papers/1303/1303.4814.pdf

The resource is a white paper that covers the concepts that are associated with cloud computing in terms of security and privacy. The author has explained the various components that are present in cloud computing and the issues that emerge due to the involvement of each. The author has covered the six broad areas that impact security and privacy as security of the data that is at rest, security of the data that is in transit or is moving, issues due to authentication, robust separation, legal issues and incident response. Confidentiality, availability and integrity threats are listed as well.

Proposed Solutions

Sun, Y., Zhang, J., Xiong, Y., & Zhu, G. (2014). Data Security and Privacy in Cloud Computing. International Journal Of Distributed Sensor Networks, 2014, 1-9. https://dx.doi.org/10.1155/2014/190903

There are three important properties of data and information as confidentiality, integrity and availability that are utilized in the journal by the author to explain the security and privacy issues that are associated with cloud computing. The attacks that are launched by the attackers with every specific area along with the countermeasures that can be adopted have been explained by the author.

Takabi, H. (2016). Security and Privacy Challenges in Cloud Computing Environments. Retrieved 30 September 2016, from https://csis.pace.edu/~marchese/SE765/Paper/security2.pdf

There are three imperative properties of information and data as classification, trustworthiness and accessibility that are used in the diary by the creator to clarify the security and protection issues that are connected with distributed computing. The assaults that are dispatched by the assailants with each particular range alongside the countermeasures that can be received have been clarified by the creator.

There are a number of security and privacy issues that are seen in the world of cloud computing. The research covers these issues in detail along with the references that have been utilized to assess and analyze the same.

Due to the involvement of a number of resources and components, the likelihood of these challenges has increased over the past few years. Also, the attackers have developed a number of newer forms of attacks which do not have a strong countermeasure to deal with the impact that may be caused. These issues that are associated with cloud computing in terms of security and privacy can have low to extremely severe impact and may also result in legal penalties and punishments. The research covers all of these issues and their impacts.

There are a number of countermeasures and technological advancements that can be adopted in order to put a check on the security and privacy issues that are associated with cloud computing.

The basic security measures and mechanisms that must be adopted well so that there are no easy access points to the attackers at the first step of security. These measures include use of anti-virus and other anti-malware software along with the installation of firewall at every network exit and entry point. Advanced security mechanisms in terms of identity and access management must also be ensured such as intrusion detection, intrusion prevention, multi layer authentication and many others. Networking monitoring and network scans must also be used to prevent any of the networking attacks and threats. Cryptography and encryption are the measures that must be used to keep up the security of the data and information even if the attacker succeeds in acquiring the information and data.

Experimental Analysis Related to Improve the Solutions

Physical security is one of the measures that are often overlooked by the organizations and firms that must never be ignored to protect the servers and physical access points. There must also be continual audit and activity logs that must be maintained to detect the activities of the resources and employees that are associated with the organization to put a check on the insider threats that are quite common in the present scenario.

The solutions that have been proposed can be implemented by providing training and conducting sessions for the security team that is involved with the application and the system.

There shall be a corrective and preventive solution implemented to the part of the system to test the effectiveness of the same and shall then be expanded to the system as a whole in case of success. Crowdsource testing along with the series of verifications and validations can also be utilized to verify and validate the steps that are implemented in a particular solution.

Conclusion and Recommendations

Privacy is one of the most important concerns that is seen in the field of cloud computing. There are a number of risks that are seen in the cloud services and applications with respect to the cloud computing. These risks can be executed through a number of threat agents and it is necessary to put a check on these threat agents.

The threat agents associated with cloud computing and security and privacy infrastructure present with the same can be prevented by applying a number of physical, administrative and technical controls. Audit logs and scans shall also be done to make sure that the threats are prevented.

References

Hashizume, K., Rosado, D., Fernández-Medina, E., & Fernandez, E. (2013). An analysis of security issues for cloud computing. J Internet Serv Appl, 4(1), 5. https://dx.doi.org/10.1186/1869-0238-4-5

Jansen, W. (2016). Cloud Hooks: Security and Privacy Issues in Cloud Computing. Retrieved 30 September 2016, from https://www.computer.org/csdl/proceedings/hicss/2011/4282/00/10-03-01.pdf

Kshetri, N. (2016). Privacy and security issues in cloud computing: The role of institutions and institutional evolution. Sciencedirect.com. Retrieved 30 September 2016, from https://www.sciencedirect.com/science/article/pii/S0308596112000717

Pearson, S. & Benameur, A. (2016). Privacy, Security and Trust Issues Arising from Cloud Computing. Retrieved 30 September 2016, from https://barbie.uta.edu/~hdfeng/CloudComputing/cc/cc05.pdf

Ryan, M. (2016). Cloud Computing Privacy Concerns on Our Doorstep. Cacm.acm.org. Retrieved 30 September 2016, from https://cacm.acm.org/magazines/2011/1/103200-cloud-computing-privacy-concerns-on-our-doorstep/fulltext

Sen, J. (2016). Security and Privacy Issues in Cloud Computing. Retrieved 30 September 2016, from https://arxiv.org/ftp/arxiv/papers/1303/1303.4814.pdf

Sun, Y., Zhang, J., Xiong, Y., & Zhu, G. (2014). Data Security and Privacy in Cloud Computing. International Journal Of Distributed Sensor Networks, 2014, 1-9. https://dx.doi.org/10.1155/2014/190903

Takabi, H. (2016). Security and Privacy Challenges in Cloud Computing Environments. Retrieved 30 September 2016, from https://csis.pace.edu/~marchese/SE765/Paper/security2.pdf