A Research to Study Concerns Regarding the Security of Cloud Computing

  

 

Sairam Madasu

8347 Sandstone Crest Lane, Indian Land, South Carolina 29707

Email: Rammadasu5@gmail.com



Abstract — 

Concerning the safety of data stored in the cloud is the focus of this article.   The most recent advancements in computing have caused a sea shift in how people see the architecture and development of IT systems.   As the dangers and threats to sensitive information continue to grow, this article will discuss the many methods now in use throughout the world to keep it safe. In addition, the concept of an encryption/decryption algorithm-based, simple, safe, and privacy-preserving system for inter-cloud data exchange against unauthorised access is presented. Since we are storing the data on the Third Party CloudService, and the CloudComputing Providers/Data owner pose the greatest security risk, encryption of the data in the cloud is essential. As a result, it is in everyone's best interest for the consumer to encrypt the data before sending it to a third-party service provider like a host. The RSA algorithm, built on the Prime Factorization approach and the Extended Euclidean Theorem, is the focus of this study.With RSA encryption, we've reduced the risk of a phishing attempt or other intrusion.

 

Keywords — Artificial Intelligence, Automotive Industry, Technology, Machine Learning, Cybersecurity.

                                                                                                                                                           I.        Introduction

The concept of cloud computing is relatively new, and many companies are hesitant to adopt it because they are concerned about the safety of their data when it is stored on the cloud and managed by a third party.  One of the most straightforward definitions of cloud computing is "the practice of using a network of remote servers hosted on the Internet to store, manage, and process data, rather than a local server or a personal computer." This is one of the various definitions of cloud computing that are currently accessible.[1] Cloud computing is utilized increasingly as a service since it hosts the data of individuals on their own resources, therefore minimizing the cost of infrastructure and offering protection for the data of end users. Cloud computing has a number of benefits and advantages, but one of the most significant concerns is about the data security, data integrity, and data maintenance. It is of the utmost importance for cloud service providers to use multiple mechanisms and algorithms that encrypt the data, depending to the kind of data, in order to guarantee the data's safety.[2]

                                                                                                                                                               II.       Objective

The research aimed to fulfill the following objectives:

·      To study concerns regarding the security of cloud computing

·      How secure are the providers of cloud services?

·      Discussions and result

 


                                                                                                                                                        III.      Methodology

One   of   the   most   common   and

important question often be in the mind of

the organization that to store the data on a

third   party cloud   service   provider or   to

make   and   internal   organization   cloud.

Many a times the data is at most sensitive

like Army   Nuclear   Codes   or   the   Future

Plan   of the   Government etc.   So, storing

these types of data on Third party cloud are

risky business, so it is recommended that to

make an internal cloud storage. 

The   paper   is   about   the   data

security techniques   used for   securing the

data on cloud, through   Encryption   of the

data with the help of powerful Algorithm

and   also, it   discusses   the   potential   threat

and the solution for the same

One   of   the   most   common   and

important question often be in the mind of

the organization that to store the data on a

third   party cloud   service   provider or   to

make   and   internal   organization   cloud.

Many a times the data is at most sensitive

like Army   Nuclear   Codes   or   the   Future

Plan   of the   Government etc.   So, storing

these types of data on Third party cloud are

risky business, so it is recommended that to

make an internal cloud storage. 

The   paper   is   about   the   data

security techniques   used for   securing the

data on cloud, through   Encryption   of the

data with the help of powerful Algorithm

and   also, it   discusses   the   potential   threat

and the solution for the same

The topic of whether an organisation should build their own internal cloud infrastructure or store their data with a third-party cloud service provider is one of the most typical and essential questions that arises inside an organisation. There are several instances in which the data is at its most sensitive, such as Army Nuclear Codes or the Future Plan of the Government, etc.   Therefore, keeping this kind of data on a cloud service provided by a third party is a dangerous business move; therefore, it is recommended that an internal cloud storage be created. The article examines the data security approaches that are utilised for safeguarding the data on cloud by encryption of the data with the assistance of sophisticated algorithms. Additionally, the paper addresses the possible danger as well as the remedy for the same.

                                                                                                      IV.      How secure are the providers of cloud services?

There is a rising need for cloud computing that is able to guard against security attacks that are becoming more complex. To meet this problem, vendors of cloud services will need to change their practices. When it comes to convincing consumers that their data is secure, having the most recent security certifications, in particular ISO 27001 and Cyber Essentials Plus, is very necessary. [3] Governments and other regulatory organizations impose a myriad of legal obligations on firms that keep data, including the necessity that these organizations have data protection officers and submit to compliance audits conducted by a third party.

 

If a firm does to perform these requirements, the company may be subject to hefty penalties or perhaps experience a loss of business. Vendors, such as Amazon Web Services and Microsoft Azure, subject their data security to regular assessments and updates in order to pinpoint any vulnerable places in their infrastructure and guarantee that their service is adequately secured.[4]

 

Methods for Reducing Dangers to Data in the Cloud

 

Backup of Data

It is essential that businesses back up their data in case their cloud service goes down. The strongest security against technical problems and ransomware assaults is regular data backups. Without this safeguard, it is risky to transfer data from physical to cloud storage. If you want to protect your data from being lost in the case of a natural disaster, hacker attack, or physical disaster, you should back it up in more than one place.

 

Analyze Existing Cloud Settings

Businesses may optimize their use of cloud services by conducting periodic configuration reviews. Businesses that rely on a single service are at danger of vendor lock-in since it is difficult to migrate their data to a new provider. Spreading data storage out over several locations or suppliers may assist protect against this, ensuring that no data or services are lost in the case of an assault on a single location. Misconfigured cloud services, however, pose a threat to data security and must be checked often.

 

Testing for Infiltration

One of the biggest concerns about cloud storage is the possibility of cyber assaults. When vulnerabilities in online applications are discovered by penetration testing, they may be patched up before they are exploited. Companies can prevent vulnerabilities from being exploited by simulating cyber-attacks.

 

Authentication using Multiple Factors

One of the most important aspects of cloud computing security is limiting access to just authorized users. Unauthorized users are unable to access cloud services thanks to two-factor authentication's access limitations. The security of data is maintained without affecting the user experience when a password is combined with another factor, such as a one-time code.

 

Staff Development

Businesses should have procedures in place to avoid the deletion of data by mistake. Employees should get enough training on how to use the cloud to prevent inadvertent harm. Regular reviews of user rights and network-based monitoring of employee access to information may assist reduce the risk of insider attacks.[5]

 

Data Security: An Integral Aspect of Cloud Computing | Cuelogic

FIGURE 1. CLOUD SECURITY

                                                                                                                                             V.       Discussions and result

In the encrypting the data using the RSA algorithm in order to offer data security on the cloud and ensure that only those who are concerned will have access to the data. The RSA algorithm is a block cypher that encrypts every message and maps each encrypted message to an integer.   It includes both the public key and the private key, both of which are used in the encryption and decryption processes of the data, respectively. In this particular technique, the public key is accessible to anybody, but the Private key is only known to the individual who owns the material. The client or the Cloud service provider is responsible for carrying out the decryption process once the encryption procedure has been completed. The encryption procedure may be carried out by either party.   After the data have been encrypted using the public key, we will be able to decrypt them using the corresponding Private key as soon as the encryption process has been completed. The protection of one's privacy and the secrecy of one's data are at the forefront of every customer who stores their information in the cloud. After the data has been uploaded, there should be a guarantee that no one else, not even the Service Provider, can access or know anything about the data.  Therefore, the client themselves may upload the data once it has been encrypted, which decreases the risk of data loss since only the customer knows the private key for the specific public key.[6]

                                                                                     VI.      CONCERNS REGARDING THE SECURITY OF CLOUD COMPUTING

The research will explore the primary challenge that necessitates the implementation of data security, despite the fact that there are several security risks associated with the act of storing data on the cloud.

 

A. The term "Data Integrity" refers to the fact that any time one user accesses, deletes, or reformats the contents of a file, that change should be reflected across all of the users who have permission to view that specific file. This concept is known as "Multitenancy," and it applies to businesses that use cloud computing to store their information and therefore have a large number of employees and departments.   When numerous users try to access shared data at the same time, the system may sometimes crash. If a hacker knows certain Alteration Codes, they may be able to access the data while the system is down. Multitenancy may be an unusually unsafe practice because of this. Verifying the user before to making use of the data is one way to prevent an issue of this kind from occurring. In order to circumvent problems associated with multitenancy, cloud computing makes use of a number of different approaches.

 

B.  In virtualization, a copy of a fully operational operating system is created inside another operating system so that it may share the resources of the original operating system.   When installing a guest operating system on a host system as a virtual machine, the component known as a hypervisor is required. The shared operating system computer is at its most susceptible when it is being used with the Hypervisor; if the hypervisor is hacked, then the data will also be jeopardized. 

 

C.  The data may be in the form of a file that is stored on the cloud and may be requested for use at some other site while it is in transit. This occurs while the data is being uploaded or downloaded onto or out of the cloud, respectively. Since those who eavesdrop on the data and have the capacity to edit or alter it while it is being sent are a greater threat to the data while it is in transit than to the data while it is at rest, the only way to ensure the safety of the data is to encrypt it.[7]

 

How to Ensure Data Security in Cloud Computing - IndustryWired

FIGURE 2: - CLOUD SECURITY 

 

CONCLUSION

Cloud computing offers several advantages, including the ability to help businesses simplify their processes and reduce the expense of maintaining physical safe data storage. Due to the ever-present risk of data breaches, it is vital to take into account the potential security risks that are connected with keeping data in the cloud. A corporation may face far-reaching repercussions as a result of the theft or loss of sensitive information. However, the dangers to data security posed by cloud computing may be reduced by implementing the appropriate preventative measures. Protecting sensitive data with numerous backups and verifying that cloud service providers are in conformity with relevant regulations are two procedures that absolutely cannot be skipped. It is possible to cut down on the likelihood of a data leak by doing regular penetration tests on the cloud and providing employees with adequate training. Companies are able to securely store their data in the cloud and take advantage of the numerous advantages offered by this game-changing technology if they first have an awareness of the security concerns associated with cloud computing and then adopt the right security procedures. 

          
    References

[1]Patil Madhubala R., “Survey on security concerns in cloud computing,” 2015 International Conference on Green Computing and Internet of Things (ICGCIoT), 2015. doi:10.1109/icgciot.2015.7380697 

[2]Patil Madhubala R., “Survey on security concerns in cloud computing,” 2015 International Conference on Green Computing and Internet of Things (ICGCIoT), 2015. doi:10.1109/icgciot.2015.7380697 

[3] “An overview of cloud computing security concerns,” International Research Journal of Modernization in Engineering Technology and Science, 2023. doi:10.56726/irjmets33230 

[4] Figure 6.3 security and privacy concerns kept individuals from using cloud computing, 2014. doi:10.1787/888933586369 

[5] G. K. Shyam and M. A. Ansari, “Security concerns in cloud computing,” International Journal of Trend in Scientific Research and Development, vol. Volume-2, no. Issue-5, pp. 2296–2301, 2018. doi:10.31142/ijtsrd18306 

[6] S. Pal, “Cloud computing,” Cloud Computing Service and Deployment Models, pp. 191–207. doi:10.4018/978-1-4666-2187-9.ch010 

[7] “A review on security concerns in cloud computing,” International Journal of Science and Research (IJSR), vol. 5, no. 3, pp. 871–874, 2016. doi:10.21275/v5i3.nov161993