StudentShare
Contact Us
Sign In / Sign Up for FREE
Search
Go to advanced search...
Free

A Concept to Avoid and Minimize Security Risks in Cloud Computing - Essay Example

Cite this document
Summary
This essay talks about a cloud which is basically a network in which certain servers are attached in the form of cluster. It is a computing network that shares computers and resources. The users just have to pay for the usage rather than paying for local resources such as infrastructure etc. …
Download full paper File format: .doc, available for editing
GRAB THE BEST PAPER92.2% of users find it useful
A Concept to Avoid and Minimize Security Risks in Cloud Computing
Read Text Preview

Extract of sample "A Concept to Avoid and Minimize Security Risks in Cloud Computing"

Fog Computing A Concept to Avoid and Minimize Security Risks in Cloud Computing Contents 3 Introduction 4 1Current System 5 2Suggested System 5 2.Clouds Safeguarding Through Fog 5 2.1User Behavior Profiling 6 2.2Decoy System 7 2.3Decoy Technology 7 2.4Detection of Malicious Attacker 9 2.4.1User Behavior Profiling 9 3.Fog Computing 9 3.1.Categorization of Fog Computing 9 3.2.Functioning of Fog Computing System 11 4.Conclusion 14 References 15 ABSTRACT A cloud is basically a network in which certain servers are attached in the form of cluster. It is a computing network that shares computers and resources. The users just have to pay for the usage rather than paying for local resources such as infrastructure etc. This is no doubt an exciting technology because of its cost efficiency and service effectiveness. This computing technology greatly influence the way people use computers and access to their personal data or information. However with this new communication and technology models, comes personal and business data security challenges. The main concern in cloud technology is its security and privacy. The existing protection mechanism like encryption failed to provide sufficient security especially from the insider attacks within the cloud network. To overcome this issue a new technology has been introduced called Fog Computing. After doing deep analysis it is apparent that fog computing is not considered as a substitute for cloud it is just an addition of the cloud computing system and introduce new applications and services. These applications ensure safety by isolating user data from each other. The foremost goal of this technology is to put data near to the ultimate consumer. 1. Introduction Today cloud computing is an effective computing network to manage private data centers. That is why it has been widely used by many enterprises for web applications and batch processing (Takahashi, 2010). This subscription based technology protects their data and allow them to use cloud resources whenever required. However the encryption method is not capable to protect the user data in cloud from illegal admission. The traditional database systems are developed in closed environments and users can access the data by using limited or fix network. Cloud Computing is a technology based service which is used for protecting data and for making use of the cloud resources anywhere anytime. Further Cloud Computing is designed with a collective pool of resources which manages private data centers for clients who are utilizing web application and batch processing services (Mowbray, 2009). The rapid growth of W.W.W enables users to register into cloud and access their database from anywhere in the world. Despite of its immense benefit this technology also comes up with certain security and privacy risks. To avoid this problem a new technology has been used which is known as fog computing (Dancher, 2009). Fog computing is a virtual platform which offers computing, networking and storage resources to the end-users. Fog computing is a new standard which provide a virtual IT infrastructure. The security solutions which are designed for cloud computing does not allow fog computing devices to balance their connectivity load at the verge of the network. Fog computing offers greater security and benefits while working with cloud. In this the user has to first register and sign up fog computing. He will then receive an e-mail or message that his account is being activated. Fog computing offers a range of applications and services that play a beneficial role while data managing and analysis (P.Allen, 2010) 1.1 Current System The existing security mechanism in cloud is encryption however it fails to save data from the hackers (Novak, 2014). It cannot identify if the user is approved or not, thus cloud computing safety is not reliable and emphasis on how to save data from unauthorized access. Encryption proved to be not safe as there are many cases of theft in cloud including the twitter incidence which was also on cloud network. However in 2010 and 2011 a new cloud computing technology was identified for hackers which aim to protect the user data in cloud network (Van Dijik & A.Juels, 2011). 1.2 Suggested System The anticipated procedure is to safe employer data in cloud was decoy document technology commonly known as Fog computing. This technique helps to protect data in cloud and detect and monitor any abnormal activity in data access patterns (M. Bowen, 2011). In this system when some hacker tries to access the user data a fake document is automatically created by the system and presented to the hacker. The document is pretty much alike the same so the hacker couldn’t identify the difference. The authentication is identified through a security question that either the user is authorized or not. If the use passes the security he is hen provided with original documents (S.J.Stolfo, 2011) 2. Clouds Safeguarding Through Fog Cloud services provides numerous methods to store and use files, documents and other data that can be accessed from anywhere whenever the users go online (F. Bonomi, 2011). The major issue in maintaining security of cloud is the method through which the data is accessible to only authorized users and no one else. The cloud fails to satisfy users in terms to secure their data. All the standard approaches for providing safety fail over time for some sort of reasons. The security risks included misconfiguration, buggy codes, improper implementations and inside attacks to the system. Even after building a trustworthy network did not seems to be enough as the inside attacks were continuous and data was damaged and lost and there was no means to get it back (M.J.Samella, 2003) One should be prepared for any such kind of coincidences. The main idea behind is that the data damage can be decreased by limiting the value of stolen information to the hacker. Therefore fog computing is introduced to give additional security features to cloud (P.Tavel, 2007). This preventive technique secures the user data through number of means which are discussed as below. 2.1 User Behavior Profiling This is a process of monitoring normal user behavior on cloud. This means that cloud can model that how much data or information is used by the user generally. Also that at the time and how the user accesses his data present in cloud (Danchev, 2009). The user performance is continuously monitored that whether the activity is happening as per routine or not. Any abnormal activity such as unusual path of accessing information or bulk downloading is being detected and informed to the user through e-mail or SMS. This kind of security profiling is usually used in fraud detection applications. Any abnormal cloud access can be determined by the scope and scale of data transformation (M. Bowen & S. Hershkop, 2009) 2.2 Decoy System Decoy data is the information that is gathered through documents, bogus information and honeypots and is used to detect any kind of unauthorized access. It actually presents the hacker with alternative information rather than original one. The presented document looks totally normal and legitimate (J. Pepitone, 2011). This change can only be identified by the legitimate user and he can alter the response through various means such as answering security question. This informs the cloud that it has mistakenly noticed unauthorized access (M. Bowen & S. Hershkop, 2011). In case of correct identification of unauthorized access the cloud protects the user information in two ways: (1) Through user validation and (2) by confusing the hacker with bogus and decoy documents. 2.3 Decoy Technology In decoy technology traps are placed within the files in system. These traps or decoy files are transferred from Fog computing location. This site offers automatically generated decoy forms such as tax or medical reports return forms, bank statements or receipts etc. The authorized user downloads these files and place in location that does not interfere in normal activities on computer (G.Forman, 2003). A hacker who is not familiar with the original files in the system will get the decoy files when he tries to reach the sensitive material. Careful monitoring of decoy files will inform the authentic user about any deception movement on the network (Madsen, et al., 2013). The documents which are decoyed includes a specific keyed in parameter in the header section of the document which is Hash Message Authentication Code (HMAC). This code allows the user to use these documents by verifying key specific to each worker. When a text is downloaded the HMAC ascertain if the document is a decoy or not. If the documents appear to be decoy an automatic trigger is generated. The benefits of engaging decoys includes detecting hacker’s activity, confusing the attacker with fake documents and the deterrence effect (Josang, A.Ismail & C.Boys, 2001). Figure 1 Decoy System (Dhande, 2015) The above mentioned figure is the concept to identify unauthorized access. In local file setting experiments reveal that combining both methods would yield better results. This security approach is quite beneficial for cloud network making the system more sustainable and transparent. 2.4 Detection of Malicious Attacker 2.4.1 User Behavior Profiling Authorized users are familiar with the files and documents of their system and where they are situated. So their exploration for targeted files is limited. A hacker who illegitimately tries to break in to the system is most likely to be unfamiliar with the files and their location so his search will be extensive and untargeted (Arrington, 2009). On the basis of this supposition the user profiling performance is based on user models which are developed with one class exhibiting method known as one-class provision vector machines. These model machines are capable of building classifier without sharing data to other users. Therefore the privacy and data of user is saved and any deviation from usual activity is monitored from the user baseline. So it can be assumed that this deviation is possibly a hackers attack. Previous experiments based on these assumptions revealed positive results with detecting masquerade activities with very low false positive results (Rocha, 2011) 3. Fog Computing 3.1. Categorization of Fog Computing Fog computing is an extremely developed virtualized stage that provides computing, storage and networking facilities in cloud computing network and is located quite on edge of network. These compute, storage and networking services act as building blocks in both cloud and fog networking (Bonomi, 2011). Fog however has number of features that makes it insignificant addition of the cloud. These characteristics are described below: Fog has on the edge location, low latency and has location awareness. Its origin can be traced in early applications of support which offer great services at the edge of network comprising programs which requires low latency such as games or video streaming. Its geographic distribution is quite in contrast as compare to centralized Cloud. Its services and targeted applications require wide deployments. For example the Fog network will play an active role in bringing high quality streaming into moving objects by using its proxies that support it (J. Sannella, 2003). It has large scale sensor networks and inherently distributed systems like smart grid s to monitor its environment. They require storage and computing resources. These sensor networks and smart grid system have a large number of nodes which are significant in wide geo- distribution. The fog network provides support for mobility so that there is effective communication between its applications and mobile devices. This support helps the LOSP protocol a mobility technique to help the host to identify identity from location. It also requires a distributed directory system (Stojmenovic & Wen, 2014). The fog network involves real-time connections rather than just batch processing. It has Prevalence of wireless access Fog network is heterogeneous because the fog notes appear in different form factor that create a variety of environments Fog networks are interoperable and federated this means they can provide continuous support to several services such as streaming. This network works with the cooperation of different providers. Hence Fog network interoperate and provide continuous support across different domains. This type of network provides support for online analysis and interaction with cloud. It is designed to play an important role in processing the data close to the source. 3.2. Functioning of Fog Computing System Fog computing system works against the hackers especially from malicious hackers this type of attacks are performed by company’s haters or in envy to some other employees on user site. Attacking data or hacking is quite easy for a malicious insider because he could easily get the passwords and cryptographic keys. This threat is quite common these days because of lack of clearness in cloud events. This means that the provider is unaware that how much access is provided to users and how the reports are made and analyzed ( Fr¨ohlich and J. Plate, 2000). The Fog Computing system is demonstrated in the Figure below Figure 2 Fog Computing (Dhande, 2015) Figure 2 demonstrate the actual concept of fog computing. There are two logins in this network i.e. admin login and user login. The admin login follows two steps which are entering username and password. After login in to the system successfully he can now do all his supervision work however before downloading any file from server it is required to answer the security query. If he answers the question correctly the cloud will download the original file only. However on wrong entry the decoy documents will appear to the hacker. Decoy technology has a specific working mechanism. For example if the original word is “MADAM” then it will replace some alphabets of the word like replacing M with A so the word become “AADAA”. If the hacker knows what has been replaced even then he could get the right word because it will become “MMAMM”. So in fog there is no chance of hacker in getting original document ( Dinh, H.T., Lee, C., Niyato, &D., Wang, 2013) The same procedure has to be followed by the user when he login to the system. User can perform certain operation like downloading a file, sending messages and e-mails and viewing alerts. Alerts are the streams that notify the details of any unauthorized activity on their personal data with detailed information of date time and kind of activity (Balfanz, 2002).The best thing about fog is that the user gets a SMS after each successful login. This makes him aware if anyone tries to login to his account. In addition every activity such as downloading a file etc on his fog account is also messaged to his number. The SMS contain information of IP address, date and time details so it would be easier to track the hacker if he tries to break in. The system was originally e-mail provision but then SMS technique was also implemented. This makes fog computing more safe and secure than traditional cloud computing (Damiani, E., et al, 2002). 4. Conclusion In this paper the researcher presented a new approach of Fog computing in solving security threat issues and insider data attack in cloud computing. It was proposed that data access can be monitored by using profiling user behavior technique to detect any unauthorized access. In addition decoy documents present in the cloud storage also serve as sensors to inform about illegitimate activity. Once the hacker is detected and verified he will then be presented with similar decoy files having bogus information to protect the original data. Such prevention strategy that is based on disinformation technology can provide a high level of security on cloud computing and social networks. Fog computing is not only producing decoy files but also providing storage for these files in cloud network. In short Fog’s decoy technique is actually minimizing the threat of hacking and inside attacks in cloud. . References Bonomi., F., 2011. Connected vehicles, the internet of things, and fog computing.. VANET . Bowman, M., Debray, S. K. & Peterson., L. L., 1993. Reasoning about naming systems. ACM Trans.. Program. Lang. Syst., 15(5), p. 795–825. Forman, G., 2003. An extensive empirical study of feature selection metrics for text classification. J. Mach. Learn, p. 1289–1305. Fr¨ohlich, B. & Plate, J., 2000. The cubic mouse: a new device for three-dimensional input.. n Proceedings of the SIGCHI conference on Human factors in computing systems, p. 526–531. Frevert, R. et al., 2006. Modeling and Simulation for RF System Design. s.l.:Springer Science & Business Media. Li, K.-C., Li, Q. & Shih, T. K., 2014. Cloud Computing and Digital Media: Fundamentals, Techniques, and Applications. s.l.:CRC Press. Madsen, H., Albeanu, G., Burtschy, B. & Popentiu-Vladicescu, F., 2013. Reliability in the utility computing era: Towards reliable Fog computing. s.l.:Systems, Signals and Image Processing (IWSSIP), 2013 20th International Conference. Mahmood, Z., 2014. Cloud Computing: Challenges, Limitations and R&D Solutions. s.l.:Springer. Mowbray, M., 2009. The Fog over the Grimpen Mire: Cloud Computing and the Law. s.l.: Hewlett Packard Development Company. Sannella, M. J., 2003. Constraint satisfaction and debugging for interactive user interfaces. Stojmenovic, I. & Wen, S., 2014. The Fog computing paradigm: Scenarios and security issues. s.l.:Computer Science and Information Systems (FedCSIS). Read More
Cite this document
  • APA
  • MLA
  • CHICAGO
(“A Concept to Avoid and Minimize Security Risks in Cloud Computing Essay”, n.d.)
A Concept to Avoid and Minimize Security Risks in Cloud Computing Essay. Retrieved from https://studentshare.org/information-technology/1701456-a-concept-to-avoid-and-minimize-security-risks-in-cloud-computing
(A Concept to Avoid and Minimize Security Risks in Cloud Computing Essay)
A Concept to Avoid and Minimize Security Risks in Cloud Computing Essay. https://studentshare.org/information-technology/1701456-a-concept-to-avoid-and-minimize-security-risks-in-cloud-computing.
“A Concept to Avoid and Minimize Security Risks in Cloud Computing Essay”, n.d. https://studentshare.org/information-technology/1701456-a-concept-to-avoid-and-minimize-security-risks-in-cloud-computing.
  • Cited: 0 times

CHECK THESE SAMPLES OF A Concept to Avoid and Minimize Security Risks in Cloud Computing

Feminist Judgment of Rosemary Auchmuty

A concrete example of negotiating at a dominant position would be banks when it offers loan packages to jump start a business, increase capitalization, purchase cars, family homes and other personal amenities—the banks are at liberty to impose the terms of the loans, to accept the security offered and to further require spousal surety or “surety wife”.... These are the issues raised in the Etridge consolidated cases presented for critical analysis, it was alleged that the wives—the weak and vulnerable parties submit to the will of their husbands as undue influence is exerted upon them—were not fully cognizant of the nature of the transactions entered into by their spouses, given inadequate advice and if only the gravity of the situation were explained to them, they could not have acted as sureties much more offer their family homes as security to guaranty the loans procured by their spouses to finance their business undertakings....
13 Pages (3250 words) Essay

Modern Cloud Computing

CLOUD in cloud computing, all information technology resources would be provided over the Internet from a cloud.... Therefore, the cloud provider would be expected to design, develop, procure, install, test, deploy, provide and manage the IT resources in cloud computing.... During the early stages in the development of cloud computing, there were only two categorizations, private and public cloud according to Hollwarth (2012).... This cost would be borne by the cloud provider who acquires all physical computing resources including networks, storage, servers and hosting infrastructure....
4 Pages (1000 words) Research Paper

Flexibility in Information Systems Context

cloud computing and its components are a further development of utility computing and in our discussion, we shall often use cloud computing to encompass both concepts.... The idea behind cloud computing if it could be simplified is that businesses will no longer have to focus on the initial investment in IT hardware, upgrades, software licenses and fixed maintenance fees, but on the variable investment on IT resources based on consumption under pay-as-you-use models (Siemens IT Solutions and Services, 2009)....
8 Pages (2000 words) Coursework

Cloud Computing

Some of the major players in cloud computing market include such companies as Google, Cloudon, Amazon , Yahoo, Cisco, Vmware, Garantia Data, Embrace among others.... The rapid evolution tags along with it, the need for… Unlike the traditional networks or data centers, cloud computing has elasticity to cope with the ever growing current demands and the rapid information being created cloud computing (Section) Due) There has been rapid evolution of the traditional method of computing from a centralized data center to distributed data center owing to the fact that both information and information consumption has been distributed....
2 Pages (500 words) Assignment

How the Business Requirements Drove the Systems Initial Development

The advent of cloud computing has truly enhances services in the e-commerce world.... When it comes to cloud computing, many flavors are present.... For instance, a public cloud is one based on the standard cloud computing model, in which the service provider makes applications and services open to public.... Private cloud is the phrase used to describe a cloud computing platform that is implemented within the corporate firewall....
3 Pages (750 words) Essay

Security and Implementation Concerns of Cloud Computing Infrastructure

This paper “Security and Implementation Concerns of cloud computing Infrastructure” has summarized the analyses of different research papers, reports and web sites.... This research has highlighted a number of issues which are basically hindering in the success of cloud computing.... Hence in order to maintain data safely and reliably, they must have to implement a secure cloud computing environment.... In this situation, ineffective or insecure implementation of cloud computing arrangements and the absence of security policy is also a question mark....
8 Pages (2000 words) Coursework

Managing Information Systems

This assignment "Managing Information Systems" focuses on the function of a company's information technology support system, managers that can use technological systems to secure information and the implementation of information technology that cannot be used indefinitely.... nbsp;  … This assignment also discusses Web 2....
10 Pages (2500 words) Assignment

Maintenance of the Integrity of Crime Scene Evidence

The author of the "Maintenance of the Integrity of Crime Scene Evidence" paper aims at discussing the effective crime scene processes that are employed to ensure that the integrity of the evidence collected is maintained to avoid the risks of contamination.... nbsp;… All incidents of the crime leave scene traces that are valuable in an investigation process....
6 Pages (1500 words) Essay
sponsored ads
We use cookies to create the best experience for you. Keep on browsing if you are OK with that, or find out how to manage cookies.
Contact Us