Research Paper: Security in Cloud Computing

Pages: 10 (3274 words)  ·  Bibliography Sources: 6  ·  Level: College Senior  ·  Topic: Education - Computers  ·  Buy This Paper


[. . .] The users using the infrastructure need to ensure that they maintain an effective security policy. These controls are developed and implemented to cater the hostile internet environment for multi-tenant usage of user applications hosted through cloud computing services (Mather et al., 2009).

Mather et al. (2009) further elaborates that the security controls for data in various stages. It is required for data in transit, data at rest, and data processing. It is also required for data lineage, data provenance, and data reminisce. The informed decision are required for increasing data security in cloud computing. All security measures are not a responsibility of the cloud services providers. There are various cases where security of data at cloud computing is compromised due to clients negligence. Therefore it is also required for the cloud computing customers to ensure security at their primacies and usage of the hosted applications.

4 Security and privacy:

The security and privacy concerning the cloud computing users has two distinctive directions. The security of cloud computing is concerning the internal and external safety of the infrastructure and applications. The applications and infrastructure resources of cloud computing are secured through the measures implemented as controls as described above. The security of cloud computing services from attempts of external elements as well as internal breach of the adopted policy can be reduced through effective measures at organizational level. The customers and services providers are involved in increasing the level of security against the perceived threats (Wang, Wang, Ren, & Lou, 2010).

Privacy of information in cloud computing is also related to two different dimensions. The legal and unlawful release, acquisition, and misuse of classified information about customer's identity and data stored in cloud resources is subject to various privacy laws. The major portion of the responsibility is with the concerning service providers and their ability to fulfill their commitments. The release of information about customer's identity is only possible through legal procedures. After the increase in terrorism certain privacy laws are changed to provide increased access to the law enforcement agencies and government investigators. However it has to be within the legal jurisdiction and through appropriate channels of information access.

The second major issue in information privacy that is regarded as a breach of customer commitment is through unlawful sharing of the customer data with unauthorized entities. The illegal access to customer data is one of the major concerns as most of the customers are unaware of the procedures and physical controls implemented by the cloud services providers. The cloud services providers should ensure that they comply with the requirements of customer data and information privacy through elaborative and detailed controls. The breach in customer privacy may also result into sever damage of reputation and as a result losing business.

The businesses seeking cloud computing services are also required to consider the data storage facilities that are secure and enable them to safeguard their information. The data breach of confidential customer information also has potential threat for the cloud computing services providers. The businesses especially banks, insurance agencies, and medical services providers should be particular about the information they seek to store in the cloud services. The business is liable in legal and ethical terms to protect the classified information for their customers.

5 Compliance:

The issues of compliance with cloud services security and confidentiality of information saved by the clients is a relatively vast subject. There are various legal, ethical, and contractual issues that require compliance in cloud computing. The business is also prone to certain compliance and legal issues related to the business continuity and data recovery, logs and audit trials, and unique compliance requirements in cloud computing these issues are addressed in following section with detailed insight.

5.1 Business continuity and data recovery:

According to Buyya, Broberg, and Goscinski (2010) offers a large number of resources for its clients. These resources are offered by the service providers on demand basis and the customers can increase or decrease the required resources. The availability of the services from cloud service providers is one of the major issue. The natural disasters and other network related calamities can also disrupt the availability of the resources. Therefore a disaster recovery and business continuity issues are considered as important for cloud services.

Three distinct concerns are raised through the work highlighting the issues of sub-contracting cloud service providers that share the resources or infrastructure offered form other providers. The damage to infrastructure of one provider can also affect continuity of other service providers. The cloud service providers also tend to fail in their business operations and as a result they can stop offering their services. The third most significant issue is related to the multi-tenancy sharing infrastructure of the service providers. All these issues are related to assurance from the service provider and vigilant analysis of suppliers prior to acquisition of SaaS, IaaS, and Paas. All the above mentioned scenarios can disrupt and cause the business to lose data in case of non-availability of backup services (Buyya et al., 2010).

5.2 Logs and audit trails:

The availability of logs and audit trials should be produced by the business. The cloud service providers are obliged to maintain an effective archive of the logs and audit trials. The safety of these should be ensured at secure locations. The emergency situations require these trials to be used for investigation purposes (Aluru, Bandyopadhyay, Catalyurek, Dubhashi, Jones, Parashar, & Schmidt, 2011). The logging and audit trials are performed in order to ensure the security of cloud computing resources.

The regulatory compliance is also associated with fulfillment of logging and audit trials. The security management and incident management requires the usage of this information in order to recover and investigate. The SLAs and QoS management is also related to the activity for providing support and incident management modules in cloud services. The security of cloud computing is also ensured through compliance and regulations related practices (Mahmood, 2013).

5.3 Unique compliance requirements:

The security and compliance guidelines in cloud computing are related to the emphasis on roles of cloud computing customers, cloud providers, and auditors regarding the compliance requirements. The assessors also need to acquainted themselves with the unique requirements of cloud computing. Furthermore the need for extended ability to fulfill compliance requirements in cloud computing is also essentially required. The regulatory issues, customer privacy, terminations, identity protection in relation to the shared environment of cloud computing are unique for cloud computing. The patent issues should also be considered in order to provide the required services for the clients. The selection of jurisdiction is also an important factor in order to comply with the regulatory issues (Kurtz et al., 2010).

6 Legal and contractual issues:

The infrastructure of cloud computing is set up in several countries and conformance with legal requirements is obligatory however certain under developed countries have less effective information security laws. It is also required to have an interoperable system for cloud services for sharing and integration of resources. The disadvantages of cloud services can be minimized with vigilant incorporation of standard procedures for acquiring software and software suppliers

The service level agreements offered by the suppliers should be thoroughly understood with the help of technical and legal experts. The agreements should include an objective performance criterion and a clear mechanism for performance measurement. The performance measurement process should also be elaborated with the help of clearly defined positions. The conditions of the agreement's applicability should be understood in order to implement the provisioned system for enforcement of the performance evaluations and measures. The SLAs provided by the vendors contain legal and technical jargon. It is necessary for the customers to gain reassurance for the terms and conditions in accordance with their requirements. The customer's system should acknowledge and implement the procedural requirements in order to achieve optimized performance.

6.1 Public records:

The maintenance of records is mandatory in several business cases. The cloud services can provide a long-term records maintenance services based on the terms and conditions of the agreement. The organizations are obliged to provide key information about their customers and shareholders in certain legal scenarios. The cost of long-term maintenance and back up services is considered during the identification of cloud requirements. The legal system of several countries requires maintaining key records for a specified period of time. The business reputation and credibility of a service provider is also relevant to ensure customers for long-term business relations.

The legal issues of cloud service include a wide range of obligations and enforcements of the legal system. The legal compliance system is obligatory for cloud vendors to safeguard their customers and their interests. The information security, integrity, and unauthorized manipulations are common examples of the elements covered in the legal obligations. The Freedom of Information Act (FOIA) is also a legal obligation requiring fulfillment and availability of data for such events should also be considered. The Federal records Act is also a considerable factor… [END OF PREVIEW]

Cloud Computing Several Organizations Research Paper

Cloud Computing and Data Security Term Paper

Security Issues of Cloud Computing Data Analysis Chapter

Cloud Computing and the Insider Threats' Problems Literature Review Chapter

Cloud Computing Term Paper

View 203 other related papers  >>

Cite This Research Paper:

APA Format

Security in Cloud Computing.  (2013, October 3).  Retrieved August 23, 2019, from

MLA Format

"Security in Cloud Computing."  3 October 2013.  Web.  23 August 2019. <>.

Chicago Format

"Security in Cloud Computing."  October 3, 2013.  Accessed August 23, 2019.