Cloud computing security

The focus of information security is encryption and privacy protection, the key to network security is to prevent illegal access and malicious code, and the core of cloud computing security is the safe use of shared technologies, involving data security, privacy protection, virtualization security, etc. From information security, network security, to cloud computing security, the constant security requirements are information confidentiality and privacy protection. Changed information processing modes and application scenarios bring new security threats: when information processing extends from a single node or center to a network environment, problems such as illegal access, viruses and worms follow; when information and computing When services develop from the network model to the cloud computing model, the security and availability of data and virtualization security have become the core of cloud computing security concerns.

1.2 Analysis of Cloud Computing Security Characteristics According to the annual report of the Cloud Security Alliance CSA and the research results of relevant scholars in the literature. we can summarize the threats to cloud computing security.
Cloud computing adopts a service outsourcing model, and its core technologies include virtualization, multi-tenancy, and cross-domain sharing. Therefore, it faces both traditional security threats and new security challenges. (1) Data security: data leakage, data loss, privacy leakage, complex data access rights management, and difficulty in data destruction; due to cloud computing using a service outsourcing model, the risk of privacy leakage is particularly prominent. (2) Access control and identity authentication: Because it involves the management of massive shared resources, the management complexity of access control and identity authentication is greatly expanded. Once account hijacking occurs, it often brings more serious consequences. (3) Virtualization security: Although service providers have designed and implemented seemingly complete virtual machine isolation strategies, attacks between virtual machines cannot be completely avoided; virtual services make coordinated attacks more likely to occur and difficult to track; Will lead to changes in the security domain. Virtualization technology blurs the boundaries of traditional hosts, and host-granular security policies need to be changed. (4) Multi-tenancy and cross-domain sharing: Multi-tenant isolation and multi-user security need to be guaranteed; cross-domain sharing makes service authorization and access control more complex, and trust transfer between cloud computing entities needs to be re-examined. (5) Advanced Persistent Threat (APT): APT is a long-term planned intrusion and attack on cloud computing systems, which is increasing day by day and forms some underground interest chains. (6) System security loopholes: Due to the complexity of cloud computing system services and the different management and service levels of many service providers, there are always insecure interfaces and APIs, and other security loopholes in the system will also be amplified due to the scale effect of cloud computing. its dangerous. (7) Threats from insiders: The unintentional or intentional information leakage of insiders of service providers often makes security strategies against external attacks ineffective, which has become an important topic of cloud computing security today. (8) Misapplication of cloud services: misuse, abuse and illegal use of cloud services; misuse of cloud computing will bring trouble to users, service providers or third parties, usually manifested as a decrease in information processing efficiency; Illegal use will result in serious consequences. (9) Service availability: service quality is difficult to guarantee and service is refused. Because the society’s dependence on cloud computing services is increasing year by year, once the availability of a cloud service is affected, the resulting losses will gradually increase.

Study on Data Security Policy Based On Cloud Storage

Zhe, D., Qinghong, W., Naizheng, S., & Yuhan, Z. (2017, May). Study on data security policy based on cloud storage. In 2017 ieee 3rd international conference on big data security on cloud (bigdatasecurity), ieee international conference on high performance and smart computing (hpsc), and ieee international conference on intelligent data and security (ids) (pp. 145-149). IEEE.

The purpose of this paper is to realize the data security of cloud storage and formulate corresponding cloud storage security policies. The author firstly analyzes the security risks of user data in cloud storage based on the existing academic research results, and proposes related security technology topics according to the structural characteristics of cloud storage systems. Aiming at the characteristics and security issues of cloud storage systems, this paper proposes an online distributed storage system with cloud storage as the core, and discusses them at different levels. When users store data, the cloud storage system processes the accessed data through chips, and then transmits the data to storage media distributed in different places. When a user reads data, after passing client authentication, the virtual view provided by the storage manager distributed in different places completes the reading operation. Compared with the previous discussion on cloud storage security, this article is obviously Insufficient depth, the technical discussion level is superficial and needs to be strengthened.

The Management of Security in Cloud Computing

Ramgovind, S., Eloff, M. M., & Smith, E. (2010, August). The management of security in cloud computing. In 2010 Information Security for South Africa (pp. 1-7). IEEE.

This article discusses and highlights the security issues that should be properly addressed and managed from a holistic security perspective in cloud computing. Gartner’s list of cloud security issues is the focus of this article. The main body of the article is the analysis of the following aspects: Privileged access; Regulatory compliance; Data location; Data segregation; Recovery; Investigative Support. The article explains how cloud computing security is guaranteed by asking questions and answering these aspects, evaluating, planning, implementing and evaluating customers’ needs for cloud computing. Finally, combined with the structure of cloud computing, it proves that cloud computing provides data for the market environment by providing data Storage and capacity and flexible and scalable computing processing power to match elastic demand and supply, while reducing capital expenditures. The analysis in this article has some effects, but it overlaps with mainstream content and does not highlight its own advantages.

From Security to Assurance in the Cloud: A Survey

Ardagna, C. A., Asal, R., Damiani, E., & Vu, Q. H. (2015). From security to assurance in the cloud: A survey. ACM Computing Surveys (CSUR), 48(1), 1-50.

The survey of this paper focuses on the interface between cloud security and cloud security assurance. First, the author outlines the state-of-the-art in cloud security. We then introduce the concept of cloud security assurance and analyze its growing impact on cloud security approaches. In the public cloud vision, infrastructure, platforms and software services are provided to tenants (i.e. customers and service providers) on a pay-as-you-go basis. Compared to traditional on-premises resources, cloud tenants can use cloud resources at lower prices, higher performance, and flexibility without having to care about infrastructure management. Nonetheless, cloud tenants still care about the service levels of the cloud and the non-functional properties that their applications can rely on. Finally, based on the advantages and features discussed above, the article makes some recommendations for the development of next-generation cloud security and assurance solutions. This article is informative and informative about some of the content discussed, but it is not systematic, and only gives some suggestions at the end. Authors should still be able to make extensions to existing techniques.

1.  CLOUD COMPUTING SECURITY: AMAZON WEB SERVICE

Narula, S., & Jain, A. (2015, February). Cloud computing security: Amazon web service. In 2015 Fifth International Conference on Advanced Computing & Communication Technologies (pp. 501-505). ieee.

This article focuses on how AWS (Amazon Web Service) cloud computing works. The author first reviews security research in the field of cloud security, expounding that the focus in cloud computing is security around data, access, and privacy protection. It then analyzes to readers how AWS provides network security, building real-time sliding window dashboards on streaming data, protecting data with encryption, backup and recovery methods and other functions. Finally, the article demonstrates that security should be a core operation, not an additional operation, and recognizes AWS’s outstanding performance in the field of cloud computing. This article can be seen as an introduction to the principles of AWS, which is friendly to newcomers, but has obvious limitations. , which only emphasizes the technologies that AWS is good at, and does not mention more and more comprehensive cloud security-related technologies.

2. Cloud Threat Defense – a Threat Protection and Security Compliance Solution

Bharadwaj, D. R., Bhattacharya, A., & Chakkaravarthy, M. (2018, November). Cloud threat defense–a threat protection and security compliance solution. In 2018 IEEE International Conference on Cloud Computing in Emerging Markets (CCEM) (pp. 95-99). IEEE.

This paper proposes a cloud-native and scalable cloud security solution by exploring the security issues related to cloud computing. The authors first investigate some of the key research challenges of cloud security solutions in securing dynamic cloud environments, followed by comparisons with traditional models. Through the analysis of security threats in cloud computing, the author divides the countermeasures into the following categories–Poor Identity and Access Management; Workload threats and Network threats. Finally, according to the classification, a practical solution is provided to overcome cloud providers and consumers challenges in protecting its data and valuable assets. The limitations of this paper are also obvious, the description of security threats is not detailed enough and too abstract; after the classification, the countermeasures are directly discussed and the principle analysis is less. The final solution is more of a method rollup than a new method.

An Analysis of the Cloud Computing Security Problem

Almorsy, M., Grundy, J., & Müller, I. (2016). An analysis of the cloud computing security problem. arXiv preprint arXiv:1609.01107.

In this paper, the author studies cloud security issues from the perspective of cloud architecture, the features provided by the cloud, the perspective of cloud stakeholders, and the perspective of cloud service delivery models. Based on a step-by-step analysis, the article derives a detailed specification of cloud security issues. The authors argue that multi-tenancy and isolation require a vertical solution from the SaaS layer to the physical infrastructure (developing physically similar boundaries between tenants rather than virtual boundaries of current applications); security management requires and controls so much for control and management Very critical; the cloud model should have an overall security wrapper. Then gave relevant suggestions such as focusing on problem virtualization, Inherent in the cloud architecture, and Support for multi-tenancy. The main limitation of the article is that it fails to form a system to discuss, and only focuses on the advantages and disadvantages of several specific technologies. Therefore, some of the technologies and solutions described in this article are for reference, but the overallity and thinking are not strong.

On cloud security requirements, threats, vulnerabilities and countermeasures: A survey

Kumar, R., & Goyal, R. (2019). On cloud security requirements, threats, vulnerabilities and countermeasures: A survey. Computer Science Review, 33, 1-48.

This narrative review examines cloud services and deployment models, cloud architecture components, cloud security classifications, security requirements, CSA’s 12 dangerous threats, known vulnerabilities in cloud architecture components, and suggested countermeasures. This survey provides some missing aspects of previous work on cloud computing system security and privacy, in particular developing a unified cloud security taxonomy to analyze the end-to-end correlation mapping between cloud security requirements and identified threats, known vulnerabilities, and suggested countermeasures. In addition to this, the article proposes prioritizing measures that can build trust and confidence in cloud-based solutions and systems for their users, such as providing users with control and visibility into data lifecycle management for their outsourced data. Wait. Since this article is a narrative review of previous research work modeling security in cloud computing based on published work, it is inevitable that new technologies are not covered. But it is long enough and comprehensive enough for a survey, and the article may be too long to obscure the point. Additionally, it highlights security challenges in other related areas, such as trust-based security models, cloud applications for big data, Internet of Things (IoT), software-defined networking (SDN), and network functions virtualization (NFV).

Assessing information security risks in the cloud: A case study of Australian local government authorities

Ali, O., Shrestha, A., Chatfield, A., & Murray, P. (2020). Assessing information security risks in the cloud: A case study of Australian local government authorities. Government Information Quarterly, 37(1), 101419.

This study explores key factors related to the information security requirements of cloud services in regional Australian local government environments and proposes a conceptual model of cloud computing security requirements. The article first briefly introduces cloud computing and its application in government operations, and then uses ten empirically verified factors to determine the security requirements for cloud computing in government departments. After analysis and statistics, the article proposes four components of the cloud computing security requirements model – data security; risk assessment; legal and compliance requirements; and business and technical requirements. The second half of this study adds readers’ academic insights and advantages to the application of cloud computing security to local government departments through a detailed analysis of each component. The main limitation of this article is that it only focuses on the needs of government departments for cloud computing security. It may be more targeted, but the angle is not suitable for readers other than government departments or large enterprises. Therefore, this article is sufficient to discuss the application of cloud computing by enterprises, but it lacks guidance for SME users. At the same time, it also needs to discuss cloud service providers in specific cloud computing application scenarios to ensure more comprehensive security.

An annotated bibliography is a list of citations followed by a brief summary or analysis of your sources, aka annotations. The annotation gives information about the relevance and quality of the sources you cited through a 150-250 word description or interpretation of the source.

The act of compiling a bibliography of this type involves:

• Choosing an annotated bibliography topic. Annotated bibliography topics are sometimes chosen by teachers or professors. There are times, however, when educators allow students or researchers to choose their own topics. Choose a topic which interests you to make the assignment more enjoyable to organize and complete.
• Seeking out relevant resources that directly correlate with a research topic
• Creating a citation for each resource. The citation includes the title, author’s name, date of publication, and other identifiable information. Citations can be formatted in MLA format, or another style your teacher or professor recommends.
• Writing a very brief analysis or summary of each source

In many nonfiction books and texts, authors provide readers with a suggested listing of resources for further reading. This is somewhat similar to an annotated bibliography, except a bibliography of this type takes it one step further and includes a brief write-up (about a paragraph long) about each source.

A Gantt chart, commonly used as a project schedule is one of the most useful and classic ways of showing activities (tasks or events) displayed against time. It is based on Henry Gantt’s original design that evolved from Karol Adamiecki’s harmonograph.

A Gantt chart is a horizontal bar chart that shows a project’s planned schedule and its tasks or events between a start and finish date. Each bar in the Gantt chart represents a task, while the dates are laid out horizontally.

Modern Gantt charts can also show task dependencies—how each task connects to others. A simple Gantt chart provides clarity on deadlines, milestones, and project progress. Everyone on your team knows what they have to work on, when, and how it impacts the overall project.