Abstract— This paperhelp us to understand and avoiding the concept of potential risk of cloudcomputing. Cloud computing is emerging from internet technology that provides acomputing platform to individuals and organizations to perform differentvarieties of tasks such as: business applications, customized system software,developing reliable and efficient network environment. In this paper wedescribes how can we overcome these potential risk and threats while includesecuring our data over a cloud by adapting an effective security policy.Keywords— Cloud Computing, Potentialrisk, Cryptography, Cloud Database, Securities.I.
IntroductionCloud computing hasgenerated significant interest in everyone’s life. It is a powerful computingmodel came into existence around the end of 2007 1 that can facilitateindividuals and organizations to create a realistic network environment bydeveloping system software over a cloud. Cloud provides applications and storage spacesover the internet as services with little bit cost. Now a days we all utilizethese services in our daily life such as: web-based email services i.e.(Google, Yahoo, Hotmail); different social networking sites i.
e. (Facebook,LinkedIn, Twitter); cloud storage like (Dropbox, One-Drive, Google-Drive). Thebasic principal of cloud computing is to shift the computing from the localcomputer into the network 2.Today the most importantcomputing technology we experiencing are cloud computing which is one of thegreat advancement in computing technology. It focuses on the economical use ofresources available which facilitate effective and efficient way of thecomputing by providing application software on-demand SaaS (Software as aService).
Nevertheless, cloudcomputing is an important paradigm, however security and privacy risk in cloudcomputing and developing efficient and effective solution are critical for itssuccess. Security issues associate with cloud computing happens every day likecybercrime. Varieties of different techniques are used by hackers to gain unauthorizedaccess to the cloud for their illegal activities.Thisarticle illustrates the important issues of cloud computing to understandingand avoiding the potential risk, threats, security and privacy challenges incloud. We also discuss various approaches to overcome these challenges and alsoexplore future work needed to provide effective trustworthy cloud computing environment. II.
Cloud Computing: Definition and FeaturesCloud computing is a uniquecomputing model that enabling individuals and organizations a convenient andon-demand network access to a shared pool of configurable computing resourcessuch as networks, applications, storage, server and services which are reliableand effective with minimal management effort for computing.For cloud computing, it mustbe understand the basic principal characteristic of cloud computing that howindividuals and organizations use these services and how potential risks can beavoiding.There are 5-key characteristics includingon-demand self-services, universal network access, autonomous resources, swiftelasticity and measured services of cloud computing. These characteristic are absoluteand transparently.
In its description of essential cloud characteristic,3 theUS National Institute of standards and Technology (NIST) provides IT services. · On-demand services:User can order and mange services without humaninteraction with the service provider for example a web portal and managementinterface.· Universal network Access:Cloud services are accessed via the network (usuallythe Internet), by using standard mechanisms and protocol.· Resource Pooling: Computing resources are used to provide cloud servicesthat are realized using homogeneous infrastructure shared between all serviceusers.· Swift elasticity:Resources can be scaled upand down rapidly and elasticity.· Measured Services:Measured services are reference to services where thecloud provider optimized or monitors the use of computing resources such as:automated resource allocation, load balancing, access control, capacityplanning and metering tools at some level of abstraction 4, 5.Applications running or beingdeveloping for cloud computing platform has various challenges of security andprivacy depending on its underlying models. There are 3-key models for deliveryin cloud computing such as; Saas (Software as a Service), PaaS (Platform as aService) and IaaS (Infrastructure as a Service).
Cloud computing buildsheavily on capabilities available through several core technologies:· Infrastructure as a services(IaaS):IaaS also called bottom layeris a one of the three fundamental services model of cloud computing. As withall cloud computing services it provide access to computing resources in avirtualized environment and can be utilized for effective and easily scalableIT solution where complexity and expenses are outsourced to the cloud provider.It offering some different features such as; virtual server space, networkaccess/connection, bandwidth, IP addresses and load balancing.
· Platform as a service (PaaS):It is a category of cloudcomputing that provides a platform and environment to allow developers to buildapplication on-demand. It allows users to create software application usingtools supplied by the provider. Some features that (PaaS) offering are;operating system, Database management system, server software, tools of designand development and hosting. · Software as a service (SaaS):Describes cloudservices where individuals and organizations are able to access softwareapplication and wide range of tasks over the internet world widely. Google,Twitter, Facebook are some examples of (SaaS).
It can be scalable with upgradesavailable on demand. · Cryptography;Many cloudcomputing security requirements can be solvable by this cryptography technique.Fig 1 – 3-Key clouddelivery Model Cloud computing services are dividedinto four deployment models.· Public Cloud;Data is stored on shared server and is not separated from thegeneral population. Facebook and Gmail are examples of services where data isstored on a public cloud.· Private Cloud;Data is stored in dedicated resources, not on shared server. This isless cost effective but often the choice when sensitive information is present.· Hybrid Cloud;Data is stored on combination of dedicated and shared resources.
· Community Cloud;Data is stored on shared servers, but customers are grouped togetherby some level of organization. This type of service is often implemented whencloud providers need to manage compliances obligation. III. cloud database servicesDue to high demand,cloud providers are offering a new service known as Database as a service orDBaaS besides the traditional services i.e. (IaaS, PaaS, SaaS) which is anessentially on-demand database for consumers from the cloud over the InternetOutsourcingdatabase service is an essential part of cloud computing technology.
Due toadvancements in network technology, the cost and latency of transmitting hugeamount of data from long distances has decreased significant whereas 6 in meantime,the operational and management cost of database maintenance are several timehigher than its initial cost. Cloud service provider offers these solutions bydividing data from large databases and spreading it across different serversfor providing parallel processing and computing for consumer.Cloud serviceprovider offers multi-instance model for Database as a service (DBaaS)environments. In this model a unique DBMS on a dedicated virtual machine isrunning with specific customer.
This feature provides better control overadministrative and other security issues and user authentication.In general, themulti-instance model of database cloud computing is highly recommended forsecure services because of its certain security features like data encryption.IV.
SecuritychallengesThere are number ofsecurity concerns in Database cloud environment that organizations have to takeinto consideration for data security. The main aspects of database security inthe cloud is to secure sensitive data while in rest or transmitted and in useas well as data access control 7. That says;· To ensurethat data on cloud does not get corrupted or hijacked, then it is important tohave safe and secure procedures for protecting data transfer to and from thedatabases in the cloud.
· To ensureconfidentiality, then it is important that outsourced data which is stored incloud databases should be encrypted at all times.· To ensureintegrity, then it is important that the data which is stored at cloud databaseplatform needs to be controlled and monitored properly. There are differentstandard communication security protocols and procedures are available that areused for protecting data.
The main security challenges faced by cloud databaseservices are;· Availability; One of the criticalsecurity aspects that organizations need consideration is that all systemresources are accessible and usable to individuals or organizations. Normallythere are many threats to availability which includes DOS attacks, equipmentfailures and natural disasters in cloud. Infrastructure design of cloudcomputing service to provide high availability and reliability are suffer fromunplanned.· An Access Control Issues:It is one of the main security threats of cloud databases that isthe loss of access control.
When sensitive data migrate to cloud brings moresecurity risks of lose physically, logically and personal control over thedata. In order to ensure security of sensitive data, it is very critical forcloud database administrator to proper control and monitoring procedures.· Auditing and monitoring issues: Major benefits of cloud computing areproviding elasticity and flexibility but it brings different security risks.Cloud databases scale up and down frequently for satisfying customer needs. Dueto all these factors which result in non-static environment where customershave no visibility or accessibility of data in the physical infrastructures.· Data Sanitization:Sanitization isanother security risk in cloud computing which involves the deletion/removal ofdata from storage media by overwriting. 7 In cloud environments, data fromdifferent customers, individuals and organizations are physically co-locatedtogether, which complicates the sanitization procedures.Fig 2 – Databases Cloud ComputingV.
Defining potential risks of cloudPotential risks refer to any riskassociated with an action that is possible, in certain circumstance. Generallydata security risks arise from cloud computing relate to an increase in threatsof data confidentiality due to common infrastructure, lack of privacy, datasecurity and data segregation.Currently, the security model for cloudseems to be relatively simpler and less secure. Cloud infrastructure typicallyrely on web forms (over SSL) to create and manage account information forend-user, and allows user to reset password and received password via email inan unsafe and unencrypted communication.VI. possible potential risks Some possible potentialrisks of cloud computing are;· Data Security:There are number ofthreats associated with cloud data services, not only covering traditionalsecurity threats like network spy or illegal invasion attacks but also includespecific cloud computing threats for example; side channel attacks,virtualization vulnerabilities.· Data Loss:Data loss isapplicable in both state as in rest and when in motion (transmitted over thenetwork). Data loss occur due to various reasons, including; data corruption,data stolen, data storage devices physically damage or stolen, overwritten byattackers, network penetration or intervention attack.
· Unauthorized Access:Unauthorized accessis the biggest threats for the user of cloud computing. The probability that anunauthorized access occur mostly in cloud computing rather than in traditionalsystem where functional management are accessible only few administrators.· Internet Protocol:Cloud computingservices are accessed by internet using standard protocols which must beun-trusted such as security breach.. · Online Cyber Theft:Cloud computingservices are providing powerful processing and computing huge amount of storagespace.
Customer may be have some sensitive data stored on clouds become anattractive target for cyber criminals. Online cyber thieves can steal passwordsto access user’s accounts to perform illegal activity.· Shared Technology Issues:The cloud servicesprovider use scalable infrastructure as SaaS, PaaS, IaaS where all of sharedtechnology can be attacked to gain unauthorized access to data.· Data Breach:Data breach is one ofthe biggest threats of cloud computing in which sensitive, protected andconfidential data is stolen, viewed, copying or transmitted by an unauthorizedaccess to do so.· Denial of Services:There are variousways an attackers can disrupt the services in virtual cloud computingenvironment by attacking against the cloud service to render it inaccessible,so disrupting the service of cloud computing.· Lack of control:Typically there aremany issues due to lack of control over a data in cloud computing which includelack of transparency, data mining techniques to analyse sensitive user data andmobile devices where data is transfer locally.· Insecure Interfaces and APIs:Various cloudservices on the internet are exposed by application programming interface.
That’sway APIs are accessible from anywhere on the internet where an attacker gaininga token used by the customer to access the service through service API are usedto manipulate the customers data.· Vendor Lock-in:Vendor lock-in is acommon problem in cloud computing where customers are dependent on single cloudprovider technology and cannot move from one vendor to another in futurewithout legal constraints and costs.· Reduced Operational Governance Control:Due to reducing levelof operational governance control may increase the risk associated with theoperational control. For example; longer distance between cloud customer andcloud provider makes unreliable network connection.· Virtual exploits:There are huge usersof virtualization, but there are different risks posed by the physical machineand also including exploits i.e. its own unique threats that target the virtualserver hosts and the guests. Fig 3 – Potential RisksVII.
Avoidingpotential risk in cloud In order to providebest quality of services, the cloud service provider of cloud computinginfrastructure are responsible for ensuring secure cloud environment bydefining different security policies and advance security technologies. Thereare some different precautionary security procedures that can be adopting toavoid potential risk in cloud computing for securing data. · Security Policy Enhancement:There aredifferent scenarios that may serve for security policy enhancement. Assume thatwith a valid credit card someone can utilize resources which are offered bycloud services provider. Through this hackers can easily take advantage toconduct malicious activities like attacking and spamming other computingsystem. Such abuse behaviour caused by weak registration systems, credit cardfrauds monitoring and block of public black lists could be applied 8.· Identity and Access Management:Identity and AccessManagement (IAM) is the security constraint that enables the right individualsto access the resources at the right times for the right reasons.
IAM canensure only authorized users to access sensitive and private data and accesscontrol mechanisms of data stored in the cloud to the end user’s. Not just onlydo with the physical computing system it will also monitoring the trafficcontrol access to the data that is restricted by the security technologies.There are different common tools such as firewalls that are used to restrictaccess from un-trusted resources and malicious activities.· Data Protection:To ensure data protection of your data,encryption must be very important when storing information in cloud computingto protect it from unauthorized viewer. There are different security tools thatdeal with data breaches threats. These tools include; data loss preventionsystem, behaviour pattern detection tools, format preserving and encryptiontools, authentication and authorization technologies 9, 10.· Prevention:Another way is to take back-up of the data you store in the cloud.
Ifit is threatened then you will be able to recover information. There is another option to customise policies to provide another levelof security. We can do this by implementing a system that protects informationin correlation to its sensitivity by scanning in the appropriate order so thatthe detection of threats and action should take places the priority of theinformation.
· Encryption Consideration:The best ways toensure confidentiality of sensitive data in the cloud computing environment isto use encryption for data in transmitted as well as data at rest. There arebasically three encryption models are available to a cloud consumer for data. Partialencryption: Encryption of the database that is based on standard encryptiontechniques. Fullencryption: Encryption of the database that is based on standard encryptiontechniques.
Full encryption: Encryption of the database that is based on cloud provider’sencryption technique· Management Techniques and Strategies:Management strategy andtechniques are typically involved numerous tasks including; performancemonitoring (response times, latency, up-time) security and compliance auditingand management, initiating and overseeing disaster recovery. While cloudcomputing growing more complex and a wide variety of private, hybrid, and public cloud-based systems and infrastructure alreadyin use, so cloud management tools needs to be just as flexible and scalable asits cloud computing strategy.Fig 4 – Secure CloudProcedures VIII.
Cloud Computing benefits in databases Now a day, cloudbecome more popular not only for storage but also for computing needs. Toanalyse and evaluate the security techniques for data protection in the cloudcomputing, cloud service provider classified them in four different sectionsaccording to the security mechanisms that they provide are; authentication,confidentiality, authorization and access control which brings consumersatisfaction for data stored in cloud computing.By adopting clouddatabase will lower all operational expenses and IT complexities of anybusiness. It will help to replace costly business software because it requiresno traditional procedures, licences, installations, maintenance and managementby internal IT staff.There is no doubtthat cloud databases can heap huge amount of benefits from cloud computing tofacilitate consumer effectively and efficiently with secure securitymechanisms.
There are multiple advantages of using cloud databases technologyfor businesses such like reliability, manageability, strategic edge, costsaving, economics, scalability, empowerment etc. Fig 5 – Cloud Database IX.Conclusion and future workThis paper has been developed to understand and avoiding potential riskthat can be faced in cloud databases.
Cloud users enjoys many differentbenefits that cloud computing brings where security is key challenge. The main goal is to analyse and evaluate the security techniques incloud computing for data protection that are already accepted from the cloudservice providers which includes authentication, confidentiality, accesscontrol and authorization.The securityissues in cloud that must be conceder very important is a proper data securityin the cloud computing as abuse use of cloud computational resources, cloudsecurity attacks and data breaches.
I recommended some important relating to dataprotection security measures in the cloud computing that must be taken intoaccount. As cloud computing is in continual development in order to providesecure data security protections its need more effort to solve these securityrisks. X. References1 Lizhe Wang, Gregor vonLaszewski, Andrew Yoinge, Xi He, Marcel Kunze, Jie Tao, Cheng Fu, “Cloudcomputing: a perspective study”,generation computing , (volume 28,issue 2,page: 137-146),2010. 2 N Sadashiv, SMD Kumar,”Cluster, grid and cloud computing: A detailed comparison”, computer science& education (ICCSE), 6th international conference on, (page:477-482), 2011.3 P. Mell and T.
Grance,”Effectively and Securely Using the Cloud Computing Paradigm (v0.25),”presentation, US (NIST),2009; http://csrc.nist.gov/groups/SNS/cloud-computing 4 Cloud security alliance, “Security Guidance for Critical Area of Focus in Cloud Computing V2.
5 D. Catteddu and G. Hogben,”Cloud Computing: Benefits, Risks and Recommendations for InformationSecurity,” ENISA, 2009; www.enisa.europa.eu/act/rm/files.6 1 Buyya Rajkumar, BrobergJames & Goscinski,Cloud Computing Principles and Paradigms, John Wiley& Sons, Inc., Hoboken, New Jersey USA, 2011, ISBN: 978 0 470 88799 8.
7 NIST, Guidelines onSecurity and Privacy in Public Cloud Computing, December 2011,http://csrc.nist.gov/publications/nistpubs/800-145/SP800-145.pdf, 2012-05-05.8 A. Tripathi and A.
Mishra,”Cloud Computing Security Considerations Interface,” 2011 IEEE InternationalConference on Signal Processing, Communications and Computing, Xi’an, China,September 2011.9 Tackling the Insider Threathttp://www.bankinfosecurity.com”Cloud Security Risks and Solutions,” WhitePaper, BalaBit IT Security, Ju