Cloud computing
Abstract Every day, new technology is discovered, or existing technology is enhanced. The field of technology is changing at an alarming rate. The area of cloud computing is experiencing the same change. As the field of technology improves, the area of cloud computing is also becoming more effective. However, the challenge of security and privacy still remains a key consideration and challenge for many companies today. Due to the virtual nature of the platform, many virtual attacks are now targeted to the information stored in it. This paper will analyze some of the ley challenges in cloud computing in terms of privacy and security. Proposed solutions to these challenges will also be investigated. Introduction Cloud computing has always been perceived as the next-generation technology in the field of information and computing. In a cloud computing environment, resources and applications are delivered through an internet platform. The cloud is defined as an environment made up of both software and hardware resources in a data storage centre that offers different services through an internet-linked platform to meet the needs of the users (Ghorbel, Ghorbel & Jmaiel, 2017). According to the National Institute of Standards, cloud computing is allowing the convenient, ubiquitous on-demand internet platform to access a variety of configurable resources in computing and information systems that can be achieved through minimal interaction with the service provider. Cloud computing can, therefore, be perceived as a new computing model that offers services that are on demand in the market at a reduced cost. The three most commonly used service architectures in the cloud computing environment include infrastructure as a service (IaaS), software as a service (SaaS) and platform as a service (PaaS). In a cloud computing environment, the consumption of on-demand services is conducted. This aspects of cloud computing have transformed it into a popular platform for both companies and individual use. However, one of the most challenging and disadvantage of cloud computing is data security (Rajarajeswari & Somasundaram, 2016). When the security of data on a cloud computing platform is compromised, the privacy of the data is also damaged. The issue of data privacy and security has been a challenge for cloud computing service providers, mainly due to the increasing complexity of the attacks launched at the platform. Data security As the level of security is enhanced on the platform, the type of attacks launched at the platform is also being improved. Data security becomes a key consideration in cloud computing since data is spread across different machines and storage system including PCs, servers and various mobile devices. The data may also be stored on wireless networks and smartphones. Data security in a cloud environment, due to the different systems of storage, become more complicated compared to the traditional systems of data storage. Most traditional data storage systems require the use of strong physical security, such as motion detectors to ensure its security. However, in a cloud computing environment, the data is stored virtually. Therefore, with access to the users' passwords and credentials, an attacker can access this data from anywhere in the world without physically attacking the data storage centre (Mukherjee, Matam, Shu, Maglaras, Ferrag, Choudhury & Kumar, 2017). To ensure data security, the service provider must ensure that the integrity of the data is maintained. Data integrity is one of the most essential components in any cloud computing system. It generally involves protecting the data from unauthorized modification, deletion and fabrication. Effective management of the admittance of entities and privileges to a specific resource enterprise ensures that data that is valuable is not abused, stolen or misused. To achieve data integrity, the company develops a standalone system that is maintained by a single database. To preserve the integrity of data in such a system, database constraints and transactions are used and effected through a database management system (Kong, Lei & Ma, 2018). Every transaction in this system must be conducted through the ACID (atomicity, consistency, isolation and durability) model. Many database systems today are developed through the ACID system to ensure that the integrity of data is maintained. Authorization is also a model used to ensure the integrity and privacy of data. This is mainly conducted through an access control system. By definition, an access control system is a security system that has been developed to allow or deny access to data in a cloud computing environment by evaluating the credentials provided by the person requesting access. The first step in access control is identification. The person requesting access must first provide the documents or credentials that identify him or her with the organization. The system checks these documents and identifies the user in the database. The second step is authentication. The use of false identification credentials has been mainly used to compromise information systems (Aloraini & Hammoudeh, 2017). Access control ensures this does not occur by authenticating the credentials provided by the user. This is done by evaluating the documents against a database in the organization. Once everything has checked out, the user is allowed access. Data confidentiality To ensure the security of data, cloud computing providers must also ensure the confidentiality of the user's data. Through data confidentiality, users are able to store their most private data in the cloud confidently. Access control through authentication is applied in this case to ensure that the confidentiality of the stored data is maintained. This is achieved by ensuring the reliability and trustworthiness of the cloud environment. Since most users find it hard to trust cloud service providers with their data, it becomes difficult to get rid of any potential insider threat. Encryption that has often been used to ensure the confidentiality of data has been faced by serious data management challenges. The system of encryption due to poor management has not been able to handle parallel modification, fine grained authorization and queries. Encryption I mainly used to ensure the security of data by ensuring its confidentiality. The current systems of encryption have, however, failed to guarantee this due to poor management by cloud service providers. Homomorphic encryption is a new system of encryption prosed by Rivest (Washizaki, Fukumoto, Yamamoto, Yoshizawa, Fukazawa, Kato & Kondo, 2016). The system functions by ensuring that every cypher text that involves and algebraic expression is consistent with evident results after the encryption process. The implementation of this methodology is now in use in many companies to ensure the confidentiality of user data is maintained. Distributed storage is also a prosed methodology to ensure the security of data by ensuring its confidentiality. The system addresses some of the steps that were missed by homomorphic encryption. To ensure the security of data, one of the best approaches is to store data in multiple cloud environments. The data whose security is to be upheld is stored in different locations in the cloud and divided into chunks. A polynomial algorithm is implemented by creating a secret code for each data chunk. The system achieves data security by ensuring that when an attacker attacks a data storage cloud environment, they can only gain access to a piece of the data they are targeting. The attacker has to gain access to all the data chunks stored in the different cloud environments. This is often a complicated process since a unique algorithm protects each data chunk. Deletion confirmation When data is deleted, users are not aware that they have to confirm the deletion for the data to be removed entirely from the cloud environment. The process creates a compromised situation where an attacker can easily recover the data. Attackers have developed technologies that are able to access and retrieve data that has been deleted by a user. This is mainly the case in a public cloud environment. IN the public cloud system, an attacker can gain access to data either in storage or during transmission (Duncan & Whittington, 2016). This is mainly the case when the user is using a public wireless network. Encryption of data is currently the most applied technique to avoid the recovery of data after deletion. Researchers have proposed a system referred to as the FADE model that is developed in technologies such as Ephemerizer. In this system, data is encrypted before being transmitted or stored in a cloud system. When a user opts to delete the data, the system creates a specific strategy to the entire storage environment where a new deletion operation replaces the deleted data. When an attacker recovers the deletion operation, they cannot gain access to the originally deleted data. Data privacy Privacy is the ability of a person to seclude themselves from the public and ensure that their information remained concealed. Three key components define privacy in the cloud environment. The first component is 'when'. The user of the data might be concerned about the future or current information being exposed. The second element id 'how'. The user must be able to define how their data will be exposed regardless of the person requesting access (Kumar & Vajpayee, 2016). The final component is 'extent'. The user must be able to define the level of access to their data that will be provided by the cloud service provider. One of the main concern in data privacy is data protection. Millions of users store their data in the cloud environment. This makes it harder and even more riskier for the service providers to ensure that every bit of information in their system is protected. In the cloud computing environment, maintaining the privacy of data has become a challenge due to the distributed architecture of the storage systems (Zhou, Cao, Dong & Vasilakos, 2017). Though distributed storage is meant to ensure the security of data, it also presents a new challenge for the cloud provider when trying to maintain the privacy of all the distributed data chunks. When the privacy of data is ignored, the security of the data is also compromised. The private data and information of every user are at risk of being illegally accessed. Insecure APIs have been the main challenge in ensuring the privacy of data. Application Programming Interfaces make it possible for users to customize the cloud computing practices they have access to. The nature of the APIs, however, presents a security and privacy challenge to the cloud environment. An API offers the developer the necessary tools to develop solutions to integrate their software (Ghorbel, Ghorbel & Jmaiel, 2017). The susceptibility of an API to attacks and unauthorized access is dependent on the type of communication that occurs between the applications. While the system is meant to help cloud developers and businesses, they raise a serious data privacy concern in the cloud system. Data replication is also a key concern in data privacy. Many businesses today are facing this challenge. Snapshots and data backup systems are essential for ensuring that data loss does not occur. However, all these systems of data recovery are stored in the cloud environment automatically. Most organizations are not aware that this process occurs (Orehovački, Etinger & Babić, 2017). The data, therefore, remains exposed to attackers without the knowledge of the user. The attackers are consequently able to easily access this data since no security architecture has been developed to protect it. Conclusion Cloud computing has been developed as an effective system of storage. Through cloud computing, globalization is now being realized in nay parts of the world. The process of communication has also been made easier. Marketing for businesses has been made easier since they are able to sell their products in any part of the world. However, the issue of security and privacy of data in the cloud computing environment still remains a big challenge for cloud service providers. As the system of storage and security in the cloud environment is enhanced to guarantee the security and privacy of data, attackers are also creating new ways and techniques to gain access to the data. It is, therefore, necessary that effective means of protecting cloud-based data are developed. This includes creating awareness among users to ensure that they are aware of the security and privacy concerns they expose their data by storing it in the cloud. The choice of a cloud service provider should be a key consideration when storing data in the cloud. Depending on the level of security the user needs on their data, they should ensure that they select a cloud service provider that will be able to meet their security and privacy data needs. This will help in the process of ensuring the effectiveness of cloud data storage systems. References Zhou, J., Cao, Z., Dong, X., & Vasilakos, A. V. (2017). Security and privacy for cloud-based IoT: Challenges. IEEE Communications Magazine, 55(1), 26-33. Duncan, R. A. K., & Whittington, M. (2016). Enhancing cloud security and privacy: the cloud audit problem. Cloud Computing 2016. Kumar, S. N., & Vajpayee, A. (2016). A survey on secure cloud: security and privacy in cloud computing. American Journal of Systems and Software, 4(1), 14-26. Orehovački, T., Etinger, D., & Babić, S. (2017, May). Perceived security and privacy of cloud computing applications used in educational ecosystem. In 2017 40th International Convention on Information and Communication Technology, Electronics and Microelectronics (MIPRO) (pp. 717-722). IEEE. Washizaki, H., Fukumoto, S., Yamamoto, M., Yoshizawa, M., Fukazawa, Y., Kato, T., ... & Kondo, Y. (2016, June). A metamodel for security and privacy knowledge in cloud services. In 2016 IEEE World Congress on Services (SERVICES) (pp. 142-143). IEEE. Aloraini, A., & Hammoudeh, M. (2017, July). A survey on data confidentiality and privacy in cloud computing. In Proceedings of the International Conference on Future Networks and Distributed Systems (pp. 1-7). Kong, W., Lei, Y., & Ma, J. (2018). Data security and privacy information challenges in cloud computing. International Journal of Computational Science and Engineering, 16(3), 215-218. Mukherjee, M., Matam, R., Shu, L., Maglaras, L., Ferrag, M. A., Choudhury, N., & Kumar, V. (2017). Security and privacy in fog computing: Challenges. IEEE Access, 5, 19293-19304. Rajarajeswari, S., & Somasundaram, K. (2016). Data confidentiality and privacy in cloud computing. Indian Journal of Science and Technology, 9(4), 1-8. Ghorbel, A., Ghorbel, M., & Jmaiel, M. (2017). Privacy in cloud computing environments: a survey and research challenges. The Journal of Supercomputing, 73(6), 2763-2800.
Date 24 May, 2020