Cloud Computing – Cloud Security
Essay Preview: Cloud Computing – Cloud Security
Report this essay
Cloud Security
Cloud computing is a collection of approaches which deliver compute, network, and storage infrastructure resources, services, platforms, and applications to users on-demand across any network from any place and at any time. All most every organization irrespective of their size are adopting cloud technology because the services provided by cloud are easy to access from any where and reduces the overall cost.
Potential Attacks on Cloud
By increasing the cloud adoption the cloud attacks are also increasing. There are many types of cloud attacks, some of them are, Data breaches, System vulnerabilities, account hijacking, advanced persistent threats, data loss, Insufficient due diligence, Denial of service, Man-in-the-middle cryptographic attacks, authentication attacks, cloud malware injection attack.
Denial of Service (Dos) attacks:
Denial of service attacks is considered as the powerful attack on the cloud and also most damaging attack as it is shared by the users. Dos are designed in such a way that prevents users from accessing their data and applications. The attackers target the cloud services and consumer resources like processor power, memory, disk space and cause system slowdown and leave service users without accessing to services. More computational power like virtual machines and service instances are provided by cloud computing operating system when workload increases. When maximum workload is reached the process does not hold longer, in that case the cloud system tries to work against attackers for some extent providing more workload i.e., computational power and it supports the attacker by allowing attacker to do possible damage starting from a single flooding attack on server’s availability.
Authentication Attacks:
Authentication is a weak point in virtual services and is regularly focused or targeted. Authentication attacks takes place in many ways like information a person knows. Attackers target on mechanisms which are used to secure authentication process. Among Saas, Paas and Iaas architecture, Iaas is only offering information regarding protection and data encryption. The most suitable way to securing data communication is Iaas architecture service model of cloud computing for any organisations whose transmitted data is categorized as confidential. The management of this data belongs to enterprises but it is stored an service providers side and authorized by user’s side instead of service providers. Excluding some financial institutions, most users are using username and password type authentication. The secondary authentications are site keys, virtual keyboards, shared secret questions and etc., these makes much more difficult for attackers to attack.
Cloud Malware Injection Attack: In this attack it aims in injecting a virtual