...BACKGROUND Today, in order to efficiently and effectively deal with data confidentiality and system security, organizations must adopt an approach that is both holistic and proactive. This decision traditionally involves an evaluation of the business processes involved, assessment of compliance with regulations and standards, and the identification of information systems and technology capability. Cloud Computing has become one of the most discussed and sought after solutions for dealing with such challenges. According to IDC Cloud, research suggests that IT Cloud Services spending will reach $47.4 billion in 2013 and is expected to be more than $107 billion in 2017 with an annual growth rate of 23.5 percent, five times that of the industry (IDC, 2013). Cloud Computing is a resourceful model that allows enterprises to accelerate innovation, decrease infrastructure costs, improve resource utilization, and greater ability to manage information technology security (PwC, 2010). The “Cloud” refers to the Internet, a collection of interconnected networks that communicate with each other, and it can be accessed globally. Cloud Computing employs network resources to deliver services entirely online. The National Institute of Standards and Technology defines Cloud Computing as: “A model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned...
Words: 3764 - Pages: 16
...Dublin Institute of Technology ARROW@DIT Dissertations School of Computing 2010-09-01 Cloud Computing:Strategies for Cloud Computing Adoption Faith Shimba Dublin Institute of Technology, faith.shimba@gmail.com Recommended Citation Shimba, F.:Cloud Computing:Strategies for Cloud Computing Adoption. Masters Dissertation. Dublin, Dublin Institute of Technology, 2010. This Dissertation is brought to you for free and open access by the School of Computing at ARROW@DIT. It has been accepted for inclusion in Dissertations by an authorized administrator of ARROW@DIT. For more information, please contact yvonne.desmond@dit.ie, arrow.admin@dit.ie. This work is licensed under a Creative Commons AttributionNoncommercial-Share Alike 3.0 License School of Computing Dissertations Dublin Institute of Technology Year Cloud Computing:Strategies for Cloud Computing Adoption Faith Shimba Mr. Dublin Institute of Technology, faith.shimba@student.dit.ie This paper is posted at ARROW@DIT. http://arrow.dit.ie/scschcomdis/1 — Use Licence — Attribution-NonCommercial-ShareAlike 1.0 You are free: • to copy, distribute, display, and perform the work • to make derivative works Under the following conditions: • Attribution. You must give the original author credit. • Non-Commercial. You may not use this work for commercial purposes. • Share Alike. If you alter, transform, or build upon this work, you may distribute the resulting work only under a license identical...
Words: 35464 - Pages: 142
...Is Green IT Threat to Security Dissertation Supervisor name: Student name : Student number: Intake: Contents 1 Introduction 4 1.2 purposes of study 6 1.3 Problem Gartner research on Green 6 1.4 Background and Motivation 7 1.5 Audience 8 1.6 Outcome of Study 8 2 Introduction 10 2.1 Green IT 10 2.2 Why IT Need to be Green 12 2.3 Benefits of Green IT 13 2.4 Companies Interest in Green IT 14 2.5 Green IT and Information Assurance and Security 14 2.6 Information Assurance and Security 15 2.7 Green IT from Information Assurance viewpoint 16 2.8 Dimension of Green IT 18 2.9 Green IT Initiatives 19 3 Introduction 21 3.1 Research design 21 3.2 Justification of paradigm and methodology 22 3.3 Data Collection Methods 23 3.3.1 Questionnaires 23 3.3.2 Interview 24 3.4 Data Analysis and Interpretation 25 3.5 Ethical Considerations 25 3.6 Chapter Summary 26 4 Introduction 27 4.1 Presentation and Analysis of data 28 4.1.1 Quantitative data analysis 29 4.1.2 Demographic Questions: 29 4.2 Technical question 32 4.2.1 Quantitative analysis 46 4.3 Quantitative analysis 46 4.4 Chapter summary: 47 4.5 Recommendation and suggestions 48 5 Introduction 49 5.1 Security assurance in cloud computing 50 5.1.1 Confidentiality 51 5.1.2 Correctness Assurance 51 5.1.3 Availability 51 5.1.4 Data Integrity 52 5.2 Security guideline 52 5.2.1 Cloud Service Provider Agent (CSPA)...
Words: 12275 - Pages: 50
...Cloud Computing Benefits, risks and recommendations for information security Rev.B – December 2012 2 Cloud Computing Benefits, risks and recommendations for information security Document History Date December 2009 Version 1.0 Modification Initial Release, Rev.A Author Daniele Catteddu, Giles Hogben Thomas Haeberlen Lionel Dupré December 2012 2.0 Rev.B About ENISA The European Network and Information Security Agency (ENISA) is a centre of network and information security expertise for the EU, its member states, the private sector and Europe’s citizens. ENISA works with these groups to develop advice and recommendations on good practice in information security. It assists EU member states in implementing relevant EU legislation and works to improve the resilience of Europe’s critical information infrastructure and networks. ENISA seeks to enhance existing expertise in EU member states by supporting the development of cross-border communities committed to improving network and information security throughout the EU. More information about ENISA and its work can be found at www.enisa.europa.eu. Contact details This report has been edited by: Lionel Dupré, Thomas Haeberlen For contacting ENISA or for general enquiries about this report, please use the following details: Email: resilience@enisa.europa.eu Internet: http://www.enisa.europa.eu Cloud Computing 3 Benefits, risks and recommendations for information security Legal notice Notice...
Words: 12166 - Pages: 49
...search for keywords in the encrypted data and use the encrypted data as an input to computation or comparison operations. Because decrypting data stored at the cloud servers may possibly expose its content to the provider servers at least, so it is advised that it is more secure to decrypt data only on trusted machines which are controlled by the user who is authorized to access the data. Figure 2.2 Basic Architecture for Preserving Data Privacy in the Cloud Figure 2.2 shows the basic architecture of encryption for privacy protection before sending it to the cloud server. The data remain encrypted in the cloud server and only authorized users can get the credential for accessing this encrypted data. The encrypted data can be decrypted only after the data are downloaded to an authorized user device or machine. In such scenario, the privacy of the data doesn’t depend on any implicit assumption of trust of the server or the service level of agreement (SLA). Instead, the protection of privacy or integrity completely depends on the encryption techniques used to protect the data [45ECC]. The other leftover issues are how to allow the authorized users and data owner to search...
Words: 1702 - Pages: 7
...Top Threats to Cloud Computing V1.0 Prepared by the Cloud Security Alliance March 2010 Top Threats to Cloud Computing V1.0 Introduction The permanent and official location for the Cloud Security Alliance Top Threats research is: http://www.cloudsecurityalliance.org/topthreats © 2010 Cloud Security Alliance. All rights reserved. You may download, store, display on your computer, view, print, and link to the Cloud Security Alliance “Top Threats to Cloud Computing” at http://www.cloudsecurityalliance.org/topthreats/csathreats.v1.0.pdf subject to the following: (a) the Guidance may be used solely for your personal, informational, non-commercial use; (b) the Guidance may not be modified or altered in any way; (c) the Guidance may not be redistributed; and (d) the trademark, copyright or other notices may not be removed. You may quote portions of the Guidance as permitted by the Fair Use provisions of the United States Copyright Act, provided that you attribute the portions to the Cloud Security Alliance “Top Threats to Cloud Computing” Version 1.0 (2010). Copyright © 2010 Cloud Security Alliance 2 Top Threats to Cloud Computing V1.0 Table of Contents Introduction................................................................................................................................... 2 Foreword........................................................................................................................................ 4 Executive...
Words: 3759 - Pages: 16
...Implementing secure cloud computing Author: Justin Schmidt Abstract Cloud computing is an effective and efficient way in which most businesses are conducting business today or will one day. This is due to its low costs and benefits. Cloud computing is still considered to be in its younger years and has much to go through before it can be highly secure. This article will address some ways in which a company can reduce security risks before implementing on the cloud environment. Cloud Service Providers (CSP) hosts the information for their client company onto which ever cloud model is best suited for the company. These consist of either public cloud, private cloud, or hybrid cloud. Each have different specifications of features, like security, and play a big role in securing your data. Determining which CSP is best suited for a company can make all the difference before implementing in the cloud environment. CSP’s can also offer a variety of services such as software as a service (SaaS), Platform as a Service (PaaS), or Infrastructure as a Service (IaaS) which is determined by the client’s needs and all require different means of security. There are third party encryption applications that can assist in the secure data implementation process. 1. Introduction When the term “cloud computing” is heard most people state that they don’t understand what is meant by it and it generally confuses most people or companies. IT departments argue what is meant by the term and what...
Words: 3210 - Pages: 13
...Pros and Cons of Cloud Computing in Businesses Cloud computing has been a controversy in Information Systems since Salesforce.com, the first of its kind, was released in 1999. According to the National Institute of Standards and Technology, “cloud computing is a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction” (Mell). In other words, the cloud uses the Internet to store, access, and process data. Before cloud computing, the only other way to store and process data was through in-house servers, which are simply a server located within the company. The invention of all new technology brings controversy because the amount of issues that could come from it must be compared to the amount of benefits. There are three different types of cloud computing, all of which can be incredibly beneficial for both personal and business use: Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS) (Turim-Nygren). Although they all function similarly, they take on their own roles and process information differently. The most commonly known is cloud storage such as Dropbox and Google Drive, which are categorized as SaaS. The pros and cons of cloud computing have been debated over the past decade, and individuals...
Words: 2142 - Pages: 9
...Cloud computing: benefits, risks and recommendations for information security Cloud computing is a new way of delivering computing resources, not a new technology. Computing services ranging from data storage and processing to software, such as email handling, are now available instantly, commitment-free and on-demand. Since we are in a time of belt-tightening, this new economic model for computing has found fertile ground and is seeing massive global investment. According to IDC’s analysis, the worldwide forecast for cloud services in 2009 will be in the order of $17.4bn1. The estimation for 2013 amounts to $44.2bn, with the European market ranging from €971m in 2008 to €6,005m in 2013 2. The key conclusion of ENISA’s 2009 paper on Cloud Computing: benefits, risks and recommendations for information security3 is that the cloud’s economies of scale and flexibility are both a friend and a foe from a security point of view. The massive concentrations of resources and data present a more attractive target to attackers, but cloud-based defences can be more robust, scalable and cost-effective. ENISA’s paper allows an informed assessment of the security risks and benefits of using cloud computing - providing security guidance for potential and existing users of cloud computing. The new economic model has also driven technical change in terms of: Scale: commoditisation and the drive towards economic efficiency have led to massive concentrations of the hardware resources required to provide...
Words: 2434 - Pages: 10
...SECURITY PROBLEMS FOR CLOUD - BASED COMPUTING Journal Article Review Narasimha Raju, Bhargava Salaka SECURITY PROBLEMS FOR CLOUD - BASED COMPUTING Journal Article Review Narasimha Raju, Bhargava Salaka 2014 2014 Introduction Cloud computing is a most important kind of information establishment, it is an alternate arrangement of activity to give prevalent, insignificant exertion preparing and data organizations, supporting distinctive assortments of information application. The fast change of distributed computing has brought a plan of non-standard security dangers, and put forth an alternate and higher enthusiasm to information security. Cloud computing and its Security Issues Cloud Computing also known as distributed computing is rethinking the on - demand use of remotely put and particularly available processing assets to the customer. Tragically, while the various budgetary and mechanical purposes of investment are clear, the migration of key division orders to the cloud has been confined due to a noteworthy centerpiece: the absence of quantifiable estimations to survey the tradeoffs (attributes, issues and the commercial concerns) of security. Despite the obvious worth of estimations in unique circumstances to survey such tradeoffs, a formal and standard - based system for the having a tendency to of security estimations in the cloud is a much harder and is an open issue. Moreover considering the constant investigation with relationship like the cloud security...
Words: 1000 - Pages: 4
...“Current Security Issues in Cloud Computing”. As of today, cloud computing is a flexible, cost-efficient, and established transfer platform for giving business or user IT services on the internet. Yet, cloud computing presents an additional level of risk because crucial services are time and again outsourced to a moderator. This makes it more difficult to uphold data security, privacy, support data, service availability, and validate compliance. It is my goal to discuss some of the current issues involved with the cloud and how important that they are to everyone. What is Cloud? Cloud computing is a capable computing regular where computing resources in big data points are made accessible as services over the internet. It has become a renowned IT by presenting a professional atmosphere for data storage capability. It is a standard for computing and is provides a striking, enormous, significant asset that contains any subscription-based or pay-per-use service over the web. Cloud is on-demand admission to virtualized IT services and products. Places like Amazon and Google are presently giving such services, by charging customers by means of an on-demand strategy. Being that consumers put their sensitive information on the clouds public domains, huge problems for cloud implementation are lack of security and access control. The key obstacle is that the doubtful info drifts as service providers can access numerous computer-generated mechanisms in clouds. The cloud takes virtual...
Words: 2156 - Pages: 9
...CLOUD COMPUTING JOURNOUL Introduction Cloud computing is a most vital kind of data establishment, it is a substitute arrangement of action to give prevalent, irrelevant exertion preparing and information organizations, supporting particular combinations of data application. The quick change of distributed computing has brought an arrangement of non-standard security risks, and set forth a substitute and higher enthusiasm to data security. Cloud computing and its Security Issues Cloud computing otherwise called distributed computing is reevaluating the on - interest utilization of remotely put and especially available processing assets for the client. Tragically, while the different budgetary and mechanical purposes of speculation are clear, the movement of key division requests to the cloud has been limited because of a vital centerpiece: the absence of quantifiable estimations to review the tradeoffs (characteristics, issues and the business concerns) of security. In spite of the conspicuous worth of estimations in extraordinary circumstances to study such tradeoffs, a formal and standard - based framework for the tending to of security estimations in the cloud is a much harder and is an open issue. Additionally considering the consistent examination with relationship like the cloud security union and European meanders like Abc4trust, Comifin and INSPIRE. This paper likewise shows the cruciall building bits of a proposed security estimations structure for parts, for example...
Words: 950 - Pages: 4
...Red Cloud Rising: Cloud Computing in China by Leigh Ann Ragland, Joseph McReynolds, Matthew Southerland, and James Mulvenon Research Report Prepared on Behalf of the U.S.-China Economic and Security Review Commission September 5, 2013 Revised March 22, 2014 After the publication of this report on September 5, 2013, Microsoft brought to the authors’ attention new information about its partnership with Chinese company 21Vianet. The original version of the report inaccurately characterized certain aspects of the Microsoft-21Vianet partnership. A revised discussion of this partnership is provided on pages 32-34. The authors would like to thank Microsoft for their assistance in clarifying the details of 21Vianet’s Windows Azure service. Disclaimer: This research report was prepared at the request of the Commission to support its deliberations. Posting of the Report to the Commission's website is intended to promote greater public understanding of the issues addressed by the Commission in its ongoing assessment of U.S.-China economic relations and their implications for U.S. security, as mandated by Public Law 106-398 and Public Law 108-7. However, it does not necessarily imply an endorsement by the Commission or any individual Commissioner of the views or conclusions expressed in this commissioned research report. i About Defense Group Incorporated Defense Group Inc. (DGI) performs work in the national interest, advancing public safety and national security through innovative...
Words: 25160 - Pages: 101
...Cloud Computing: Moving Riordan into the Future Sean Mahany, Claude Bartee, and Michael Robles CIS/207 3/12/2014 Vikram Chowdiah Cloud Computing In essence cloud computing is what most companies today use, it is the way of the future. It will allow all of Riordan’s manufacturing facilities to work more cohesively and share services via a web server. Cloud computing will also allow Riordan to get all of their applications up and running faster and more smoothly. It will also reduce the environmental damage due to the decrease of power cloud computing requires. The unpredictable and sometimes fluctuating business demand will enable the IT department of Riordan to rapidly adjust resources. The system will improve the ability to manage the cloud computing services more easily. Although companies that provide the cloud service usually use a “pay as you go model” which in turn can have unexpectedly high and increasing charges if the administrators do not adapt to the prices of using the Cloud services. With the service, multiple users can access and edit their data without having to pay for licenses for certain applications they normally would have to use without the Cloud service. The implantation of the service requires less IT trained employees, so that would decrease the amount of training Riordan would have to spend to train their employees in IT. The maintenance aspect is easier due to the fact the service does not need to be installed on each user’s computers...
Words: 1726 - Pages: 7
...Cloud Computing – the Challenges!! ABSTRACT The word ‘cloud’ has become the hottest buzzword these days. Everything has started moving towards cloud and we could feel that ‘Cloud Computing’ as a revolutionary concept that is going to bring us to Internet ubiquity. At the same time there are also barriers to it. This paper discusses about various cloud-computing challenges, security challenges for cloud & security benefits of cloud. Table of Contents Introduction 4 Cloud Computing Challenges 4 Security Challenges 4 Data Security 5 Cloud Computing Security Issues 5 Security Benefits 6 Conclusion 7 Introduction Cloud Computing delivers information or services to customers who pay for what they use. The customer can be an external person or company who is paying for a service or information or an internal customer, such as the application proprietor who is using services that another division within the same company is offering, and who is being charged for consumption. There are two different types of clouds – Public cloud and Private cloud. In public cloud the information and services provided to the customer are from external sources and in private cloud customer gets the information from internal sources. With the public cloud, the customer does not own any storage or server and also no capital expenditure; the customers merely pay money for what they need on demand. With the private cloud, the customer is an internal customer so the company...
Words: 1970 - Pages: 8
