Issues And Challenges of Data Security In A Cloud
Computing Environment
Prof.(Dr.) Pradeep Kumar Sharma
University of Engineering & Management, Jaipur
Jaipur, Rajasthan, India
pradeepk.sharma@uem.edu.in
Prof. (Dr.) Prem Shankar Kaushik, Prerna Agarwal,
Payal Jain, Shivangi Agarwal, Kamlesh Dixit
Shree Digamber Institute of Technology, Dausa, Rajasthan,
India
Abstract— Now customers can opt for software and
information technology services according to his requirements and
can get these services on a leased basis from the network service
provider and this has the facility to scale its requirements to up or
down. This service is known as cloud computing, provided by the
infrastructure provider which is a third party provider. Cloud
computing provides many advantages to the customer like
scalability, better economics of scaling, its ability to recover from
problems , its ability to outsource non-core activities and flexibility.
Cloud computing is a better option for the organizations to take as
their best option without any initial investment and day by day
frequent and heavy use of cloud computing is increasing but
despite all the benefits a cloud offers to an organization there are
certain doubts and threats regarding the security issues associated
with a cloud computing platform. The security issues primarily
involve the external control over organizational structure and
management and personal and private data of the organization can
be compromised. Personal and private data in this computing
environment has a very high risk of breach of confidentiality,
integrity and availability. Growth of cloud computing is mainly
hampered due to these security concerns and challenges. Proper
security arrangements are need to be placed before selecting the
service provider for any cloud computing service and customers
need to be very careful about understanding the risks of security
breaches and challenges of using this new computing environment.
This detailed study discusses about some of the challenges
associated with cloud computing services and security issues related
to this platform.
Keywords— Cloud Computing, Cloud Cryptography, Cloud
Service, Cloud Security Controls, Cloud Security, Computer
Network, Distributed Computing, Security. Security Threats.
I. INTRODUCTION
Cloud computing is emerging as the best suited utility for
organizations who dreamt for economic, feasible, flexible and
scalable computing service for its day to day activities. The
cloud computing offers network of centralized computing
infrastructure which can be deployed very fast and can also be
scalable as per user requirements with great efficiency and
minimum burden of managing the system [1]. With its unprecedented advantages, cloud computing enables a
fundamental paradigm shift in how we deploy and deliver
computing services. Users and organizations can avoid
spending large amount of money and resources creating large
capital outlays when purchasing and managing software and
hardware, as well as dealing with the operational overhead
therein [1]. Overall security and privacy has been the major
concern in comparison to the benefits offered by a cloud [2]. It
is very difficult to control or manage a cloud by users as all
the resources of a cloud are from outside. Cloud computing
still faces problems related to security threats from internal
and external sources though it has more powerful and reliable
capabilities for management and has reliable cloud computing
system infrastructure. There are many examples of security
breach in the recent times [2] like Apple’s iPad subscriber
privacy leak [25], Amazon S3’s recent downtime [26], and
Gmail’s mass email deletions (27). Cloud service provider
organizations usually don’t examine data sent or received by
user to the cloud and users don’t have any access to the
internal procedures of a cloud, hence leading to possibility of
data breach. Additionally, owing to hardware virtualization,
multiple users can now share the same physical infrastructure,
which runs their distinct application instances simultaneously.
From user point of view cloud computing seems to be very
insecure due to privacy and security vulnerabilities arises from
its multi-tenancy feature [3]. It is not possible for user to get
control of his data and computing applications until a strong
security measure and privacy guarantee are not in place. User
will not give priority to scalability, flexibility and economic
availability over its privacy and security of his personal data.
More motivation is required towards addressing security
issues and providing more trustworthy solutions for making a
cloud more helpful and accessible to public at large.
Growth of cloud computing have changed the entire
scenario of computing applications in a very revolutionary
way. Users in this new platform can access computing
applications and network from a remote location whereas the
computing infrastructure is located at some unknown and
remote locations to which user has no control and direct
access [7], [6], [10]. In this case user sends a request for any
processing of data to a remotely located cloud infrastructure
and when the remote server is done with the processing the
output is again send back to the user. Data regarding the user
interface with the cloud computing infrastructure may be
stored on remote location either by the user itself or by the
cloud computing software which makes the system vulnerable
to the following cases (a) sending user’s personal data to the
cloud server (b) sending processed data back to user’s systems
from server computers (c) chance of storing user’s personal
data in the systems servers of cloud computing infrastructure
978-1-5386-1104-3/17/$31.00 ©2017 IEEE 560
which are not controlled and owned by the user. Due to these
factors it is of high importance to have issues related to
research and study of security aspects of cloud computing
because only due to the above mentioned factors cloud
computing becomes more susceptible to security threats. The
main concept of the cloud computing is its infrastructure and
the process of handling the user’s requests where user take the
computing resources on rent for the time of his usage and
resources always remain somewhere else with ownership of
someone else [4], [9], [8]. By means of unwanted breach into
the systems using different methods of hacking, it is always
possible to access personal data in cloud computing. Cloud
computing cannot avoid this to happen due to its approach and
nature of its process. Secure cloud computing cannot be
considered as a single step process but it is an ongoing process
which makes it compulsory to analyze security of the cloud
computing as a compulsory practice [6], [10], [9], [8], [28],
[11], [12]. The present study focuses on the safe
implementation of the cloud based computing infrastructure
and to address issues of secure usage of this new facility.
Various security issues involved in cloud computing
implementation have also been discussed and discussion
regarding the authentication of cloud computing has also been
taken care of with a view to keep integrity in security of cloud
computing.
II. SECURITY ISSUES IN A CLOUD
A. Models for Cloud Deployment
Cloud Computing implementation has four major models
for deployment as shown in Figure 1.
Figure.1 Cloud Computing Deployment Model
According to National Institute of Standards and
Technology (NIST) there are four set of deployment models as
shown in figure 1 [1],[22].
(a) Public Cloud –here cloud infrastructure is accessed
and managed by any outside organization or any third
party service providers. These are less secure in
comparison to other models due to the fact that
applications and data shared on a public cloud are not
always under attack. This model is flexible enough to
address random demand for optimization of cloud
environment [16].
(b) Private Cloud – here any private organization
manages and operates this model which ensures the
consistent security and private issues of cloud
computing. In this model infrastructure and
applications are pooled together for sharing among its
users. Here cloud resources and applications are
managed by the organization itself who is
implementing this cloud. This is more secure because
of its internal usage as only own organization and
specified users only can access the services offered
by the cloud infrastructure [15].
(c) Community Cloud – here cloud computing
infrastructure is shared among members from a
specific community or organizations with common
issues regarding security, projects, applications,
research and jurisdiction because of the requirement
of a shared and common central cloud computing
facility irrespective of the solution needed.
Community cloud can be considered as a cluster of
private clouds.
(d) Hybrid Cloud – here two or more cloud computing
models are combined to form a composite cloud but
individually their internal properties remain intact.
Here two or more clouds are linked to external cloud
services which are centrally managed, considered as
a single unit and a secure network takes care of all
the clouds inside it [17]. Hybrid cloud can provide
virtual cloud services by using all the facilities
available in its cluster of private and public clouds
and provide more secure control of data and
applications to make information access possible
through internet.
Various aspects of security and service providers for all
the four deployments models for a cloud computing system is
described in table 1.
Table 1. Cloud Computing Deployment Models
| Models | Managed By | Infrastructure | Accessible and Consumed By |
|
| Owned By | Located | |||
| Public | Third Party Provider |
Third Party Provider |
Off Premises |
Un-trusted |
| Private | Organization | Organization | On Premises |
Trusted |
| Third Party Provider |
Third Party Provider |
Off Premises |
||
| Community | Third Party Provider |
Third Party Provider |
On Premises |
Trusted & Un-trusted |
| Hybrid | Organization & Third Party Provider |
Organization & Third Party Provider |
Off Premises & On Premises |
B. Service Delivery Models for a Cloud Computing
561
While implementing a cloud, its platform, storage, software
and networking infrastructure is provided as its services which
can be made flexible according to the requirements of the user
as shown in the Figure 2.
Figure.2 Service Model for delivery of a Cloud Computing
Model
Infrastructure as a Service (IaaS) – here central
and dedicated resources are shared with contracted clients
only at pay-per-use charge to minimize huge initial cost of
establishing the cloud which saves a lot amount of money
from installing separate servers, networking devices and
processing power. Here the basic advantage is to add or
remove any application with ease and cost effective manner
[13]. Though cost is the deciding factor for a cloud to
implement but IaaS provides only basic security and it will
require a higher level of security mechanism for applications
moving into the cloud. Amazon and GoGrid leased their
virtual servers under IaaS.
Platform as a service (PaaS) – in this platform
software and development tools are provided on the service
provider’s system. It helps to develop applications without
having knowledge of internal procedures and processes of
cloud computing system. PaaS offers a full software
development environment from planning, designing, testing
and implementing it to client side. Here all virtual machines
should be made secure from malicious attacks. Cloud
middleware WOLF and Windows Azure are under this
platform.
Software as a Service (SaaS) – here application are hosted
by any vendor and customers can access these applications
over a network. SaaS is more popular delivery model because
of its support to web services and service oriented architecture
(SOA). It usually works on the model of pay-as-you-go to
subscription model. SaaS offers an architecture which allows
many simultaneous users i.e. multi-tenancy. Here security of
the web browser is vital and important because software is
generally accessed using a web browser. Some of the
mechanisms available for data protection on the cloud are
Web Services (WS) security, Extendable Markup Language
(XML) encryption, Secure Socket Layer (SSL) and available
options. Examples of SaaS are Facebook and SalesForce.
III. CLOUD COMPUTING CHALLENGES
Cloud computing being a plus factor for many of the
applications and cost effectiveness of it usage still remain a
doubtful choice among users due to some of the challenges
associated with implementation of a cloud and choosing a
right cloud service for users requirements. As a study done by
Rightscale 2016 State of the Cloud Report shows in Figure 3,
some of the major challenges are:
Figure 3. Cloud Computing Challenges
(a) Security: it is the most important issue in making
cloud popular and most used with application. Still for
a user it is a most concerned task to use his private
data on other’s network, running his software on
other’s platform. There have been cases of data loss,
phishing, running remotely on a cluster of machines
(botnet) in case of cloud computing and these are still
a problem which is the most sought after issue in using
cloud computing securely. For attackers it is very
convenient and cost effective to initiate their attack
using services available on a cloud infrastructure [14].
(b) Cost model: on one hand cloud computing reduces the
cost of infrastructure; it increases the cost of data
communication on the other hand. The cost of
implementation is even more in hybrid cloud
deployment model [14].
(c) Charge Model: cloud offers very elastic cost model
due to which cost analysis has become more complex.
Its multi-tenancy approach cost in huge sums in SaaS
deployment because of its responsibility of re-design
and re-development of software and hence cost of
providing new features, performance and security
encouragements raises the overall charge model.
Hence it is very important to have a suitable charge
model in case of Saas model [14].
(d) Service Level Agreement (SLA): to ensure the
quality, availability, performance and reliability of
the resources, users need to have a Service Level
Agreement (SLA) from the service provider to ensure
all these issues. SLA must ensure maximum
562
expectations of any user and should comply with the
resource allocation mechanism of any cloud
computing service provider. There must be
availability of feedback and customization
mechanism in any SLA mechanism [18].
(e) Issue of Migration: as shown in Figure 4,
organizations still have concern over security and
privacy issues in migrating to cloud services. At
present information technology management and
application related to personal use are easily movable
application to cloud platform. Here organizations
prefer SaaS over IaaS because of the fact that many
of the marginal functions are outsourced to the cloud
environment whereas basic and core applications are
kept in own control. This also shows that almost
31.5% of the organization will move to cloud
computing for their storage needs in the next three
years but still it is to be improved a lot [24].
Figure 4.
Figure 4. Slow Migration of Organization to Cloud Computing
(f) Issue of Cloud inter-operability: this a feature which
ensures smooth data flow across different clouds and
application within that or data flow between local
applications. Inter-operability operates through
various levels like optimizing assets and computing
resources of cloud for which any organization is
paying and need to put their core applications intact
within their secured periphery and another level is
like to outsource marginal functions of an
organization to cloud service from other vendors. As
cloud computing is still in its infancy, the issue of
inter-operability has not appeared with many of the
industry cloud organizations.
Figure 5 shows responses from organizations to adopt
cloud computing for their requirement for software
development, application employability and storing
their data on cloud.
Figure 5. Organizational access to cloud computing systems
There are some other service models available in
practice as DeskTop as a Service (DTaaS), Business Process
as a Service (BPaaS) Communication as a Service (CaaS),
STorage as a service (STaaS), Compute Capacity as a Service
(CCaaS) and IT as a service (ITaaS) [19]. Fundamental layers
of cloud computing infrastructure are shown in Table 2.
Table 2. Fundamental Layers of Cloud Computing
IV. SECURITY ISSUES IN CLOUD COMPUTING
ENVIRONMENT
In all types of computing systems and environments, it is
matter of great concern that the data and applications remain
secure and unauthorized access must be prevented to stop
unwanted use of information but in cloud computing specific
measures need to be taken and implemented to ensure data
integrity, security, authentication and authorization. In
comparison to the traditional computing environment, data,
applications, resources and processes remain at some
unknown remotely located position in a cloud computing
environment. In cloud computing environment if any breach
of data occurs then both the service provider and user are
responsible and both are responsible to make cloud secure. In
cloud computing mechanism of data storage, retrieval,
security, process, application etc are to be kept hidden from
the actual user who only sees the response of his request. All
the parameters, processes, mechanisms, applications and
resources which are meant to secure user interface with the
cloud always remain hidden from him, which makes him more
vigilant about the issues of data loss and security of his private
information, which ultimately decreases the progress of cloud.
563
Any unwanted person can affect the user data, applications,
data servers, hardware or software of the cloud infrastructure
if proper security mechanisms are not placed at appropriate
levels. Cloud computing offers a big lot of resources,
applications and facilities to the user which in general he
cannot afford to have but at the same time service providers
have to protect the cloud infrastructure by employing suitable
security mechanisms.
Cloud computing definitely provide a cost effective and
beneficial service models for various users but in terms of
security and issues related to privacy of data and user
application usage profiles are still a big challenge to address
and research. Performance of the cloud computing system is
largely affected by these security issues. To ensure some level
of security service providers are trying to provide some
mechanism like virtualization, authentication mechanisms and
cryptography techniques but these mechanisms have some
chances to be affected also [23]. While data, services, controls
and web applications are made available to cloud system, their
control is lost. Cloud computing environment is a shared
facility for data access making security issue about data
privacy, personal privacy, authentication, compliance,
confidentiality, integrity, encryption, internet protocol where
most of the IP services are un-trusted [23]. In addition,
Service Level Agreement (SLA) between user and service
provider, third party management, risk of virtualization, nonavailability of good standards, auditing process, law for
compliance and regulations are other factors for security in
cloud environment. Figure 6 shows risks related to cloud
computing environment for any organization.
Figure 6. Security Risk associated with Cloud Computing
Environment
Table 3 shows that in a cloud computing
environment, data and security of data is the primary risk area
whereas disaster recovery is the second critical risk area.
Table 3. Cloud Computing Risks
| Risk Area | Critical | Somewhat Important |
Not so Importan t |
| Security of Data | 91.70% | 08.30% | 00.00% |
| Recovery from any unwanted Disaster |
66.70% | 33.30% | 00.00% |
| 41.70% | 58.30% | 00.00% | |
| 41.70% | 50.00% | 08.30% | |
| 41.70% | 41.70% | 16.70% | |
| 33.30% | 41.70% | 25.00% | |
| 08.30% | 50.00% | 41.70% |
Management of
Operations
Management of
Change
Third party
management
Regulations and
legislation
Management of
Interface
Security issues in IaaS: Virtualization is the most
sought after mechanism to provide better cloud services and
these display some security issues for providing control to the
owner of the data irrespective of its location. As cloud is
implement through internet services hence whatsoever issues
and threats are addressing to internet, those are also to be
addressed to cloud computing and also the mode of
transferring data from one place to another is also a great
threat [20], [21].
Security issues in PaaS: here the service provider
give access for operating system platform, program
development tool and storage area to develop, create and
implement application or program by using the resources
available in the cloud platform and has to ensure that data
remain inaccessible in between different applications. Also
service provider has to take care of the load balancing in
between different platforms. In a cloud computing
environment service oriented architecture (SOA) also poses
security threats in addition to the web based services.
Security issues in SaaS: here for the purpose of data
security user has to depend upon the service provider and
service provider has to be responsible for providing
mechanisms and procedures to secure access to data and
applications for the user. In the process of providing security,
efficiency and availability, it may happen that the data is
replicated in more than one place due to which some issues
related to security arise regarding data storage, type of
security, action taken and implementation. There are some
important securities factors need to be considered while
deploying SaaS as follows:
(a) Access Control: many of the organizations store data
of their employees and users in cloud database and
these organizations have their own rules and
regulations for accessing this data. Hence in case of
adding a new user or removing any old user,
organizations need to enable or disable users account
otherwise security can be compromised. SaaS must
have good flexibility to avoid intrusion into the cloud
service by any unauthorized user.
564
(b) Data Locality: here users don’t know where about of
the data. Hence the service model must ensure the
security of data based on its location of storage as for
many organization in the world it is matter of concern
that their data is stored in a proper place or not.
(c) Availability: Cloud service must ensure the
authorize access to the data. For this SaaS
implementers must apply authentication process and
must address weakness issues like data and
information service lock in, connectivity and
bandwidth speed over the cloud service network.
(d) Data Security: if any information which is very
sensitive to any organization or any person are stored
on a cloud, then cloud service providers must ensure
physical and logical security in terms of secure
access policies and additional checks for doubtful
users. Control of data can really provide maximum
protection against private data theft and cyber crime.
This can also prevent data leakage due to sharing of
resources among multiple domains and not keeping
backups.
(e) Network Security: data flow is an integral part of
any cloud service over the network of computers or
clusters of systems using internet. Any intruder can
analyze the data packet to detect any weakness in the
system and can gain access to applications and data
using some kind of remote access mechanism and
injection like SQL and some bad command, Denial of
Service (DoS), Distributed DoS (DDoS), man in the
middle attacks, social networking attacks and some
unauthorized attacks are the major entrance level
attacks in cloud computing environment.
(f) Data Confidentiality: here multi-tenancy and
multitasking facilities of a cloud provide some
confidentiality threats and risks. User authentication
is related to data confidentiality which is a vital factor
to safe guard data from unauthorized access.
(g) Data Integrity: it ensures that data is modified by
only authorized user. With increase in number of
users it becomes very difficult to authenticate and
authorize user access. Data integrity takes care of the
fact that cloud system resources are properly
segregated among clients or not. In cloud computing
security can be breached by inadequate encryption
mechanism and weak key management.
V. TECHNIQUES AND CONTROLS FOR CLOUD
SECURITY
There have been few techniques to overcome cases of data
breach and to make cloud more secure and safe for its clients:
(a) Homomorphic encryption: here a specific
mechanism performs some specific task on encrypted
data which is not available with other encryption
schemes. Using this any user can encrypt his data and
store in the cloud and later can perform any process
without converting the encrypted data.
(b) Searchable/ structured encryption: fundamentally
Homomorphic encryption is used in this technique. It
helps in searching the database of encrypted data by
using an encrypted keyword and assures that cloud
system and data always remain opaque to each other.
(c) Proofs of storage: it is a kind of service level
agreement between the Cloud Service Provider and
its users to ensure that the data stored in the servers
of cloud computing facility will never be tempered or
used without the permission of the user and
guarantees about the integrity of data stored in cloud.
(d) Server aided secure computation: here some
computational process is carried out on the encrypted
data by server and user jointly without knowing the
details of the original data and both the parties remain
totally unaware of the process performed over the
data and the outcome achieved.
The mechanisms for cloud security will work properly
when some controls for security are implemented in cloud
computing system. Organization must ensure the latest
updates for their software and their system must comply with
the standard security guidelines. Various security controls are
made available to manage the security of cloud: mainly of four
types as follows:
(a) Deterrent controls: here the basic cloud architecture
is made secured from potential attack. In case of any
purposeful attack Deterrent controls warn the security
management to take preventive measures.
(b) Preventive controls: here attacks on basic cloud are
prevented and proper actions are taken to mitigate the
damage and to take control of the system abuse.
(c) Corrective controls: If any attack happens to the
cloud computing system, these are used to reduce the
effect of that attack.
(d) Detective controls: here detection of any attack is
done and in case of any positive response, it signals
the preventive or corrective control to address that
issue.
VI. CONCLUSION
Adoption of cloud computing system as a necessity is
always under threat from security issues where cloud systems
are more prone to attacks from unauthorized users or
unwanted activities from outside or inside of the cloud. Before
actually moving into a cloud infrastructure, it must be ensured
that proper security measures have been taken in to account or
not. It is a proved and verified fact that cloud computing
platform provides a cost effective mechanism to share
hardware and software resources and it has ability to scale up
or down according to the requirements of user. The charges
are almost zero if user is not using the facilities. In this paper
risks of security incorporated in cloud computing environment
such as Confidentiality, Integrity, Availability and
Authenticity (CIAA) and issues like DoS, network security,
data security and locality in SaaS models, network and host
intrusion in PaaS and IaaS also have been discussed in
565
connection to the transfer of data over internet. Methods
employed to reduce the risks have also been discussed.
Though cloud computing is in its infant stage, researchers are
trying to make it more secure and user friendly so that overall
cost of establishing the organization become less.
Organization must focus on their core business rather not to
concentrate on how data is stored, which application is to be
used or how their employees are using the data. Cloud
computing environment must ensure all these tasks for them
and must provide single window access for all of these
activities. In the very near future cloud computing can become
the frontrunner for a secure, flexible, scalable, cost effective,
virtual and user friendly tool for information technology
enabled services.
ACKNOWLEDGMENT
Authors want to thanks all the supportive staff and
colleagues from University of Engineering & Management
Jaipur for their constant support.
REFERENCES
| [1] | P. Mell and T. Grance, “The NIST Definition of Cloud Computing,” US Nat’l Inst. of Science and Technology, 2011; http://csrc.nist.gov/ publications/nistpubs/800-145/SP800-145.pdf. “Security Guidance for Critical Areas of Focus in Cloud |
||||
| [2] | |||||
| Computing”, | Cloud | Security | Alliance, | Dec. | 2009; |
| https://cloudsecurityalliance.org/ csaguide.pdf. | |||||
| [3] | T. Ristenpart et al., “Hey, You, Get Off of My Cloud! Exploring Information Leakage in Third-Party Compute Clouds,” Proc. 16th |
ACM Conf. Computer and Communications Security (CCS 09),
ACM Press, 2009, pp. 199–212.
| [4] | Bisong, A. and Rahman, S.S.M. (2011), “An Overview of the Security Concerns in Enterprise Cloud Computing”, International |
Journal of Network Security & Its Applications, 3(1), 30-45.
doi:10.5121/ijnsa.2011.3103.
| [5] | Kuyoro, S.O., Ibikunle, F. and Awodele, O. (2011), “Cloud Computing Security Issues and Challenges”, International Journal of Computer Networks, 3(5), 247-255. Ogigau-Neamtiu, F. (2012), “Cloud Computing Security Issues”, Journal of Defense Resource Management, 3(2), 141-148. Petre, R. (2012), “Data mining in Cloud Computing”, Database Systems Journal, 3(3), 67-71. Qaisar, S. and Khawaja, K.F. (2012), “Cloud Computing: |
| [6] | |
| [7] | |
| [8] |
Network/Security Threats and Countermeasures”, Interdisciplinary
Journal of Contemporary Research in Business, 3(9), 1323-1329.
[9] Rashmi, Sahoo, G. and Mehfuz, S. (2013), “Securing Software as a
Service Model of Cloud Computing: Issues and Solutions”,
International Journal on Cloud Computing: Services and
Architecture, 3(4), 1-11. Doi: 10.5121/ijccsa.2013.3401.
[10] Singh, S. and Jangwal, T. (2012), “Cost breakdown of Public
Cloud Computing and Private Cloud Computing and Security
Issues”, International Journal of Computer Science & Information
Technology, 4(2), 17-31.
[11] Suresh, K.S. and Prasad, K.V. (2012), “Security Issues and
Security Algorithms in Cloud Computing”, International Journal of
Advanced Research in Computer Science and Software
Engineering, 2(10), 110-114.
[12] Youssef, A.E. (2012), “Exploring Cloud Computing Services and
Applications”, Journal of Emerging Trends in Computing and
Information Sciences, 3(6), 838-847.
[13] J. Brodkin. (2008, Jun.), “Gartner: Seven cloud-computing security
risks”, Infoworld, Available:
<http://www.infoworld.com/d/security-central/gartner-sevencloudcomputingsecurity- risks-853?page=0,1> [Mar. 13, 2009].
[14] S. Ramgovind, M. M. Eloff, E. Smith, “The Management of
Security in Cloud Computing”, In PROC 2010 IEEE International
Conference on Cloud Computing 2010.
[15] S. Arnold (2009, Jul.), “Cloud computing and the issue of
privacy”, KM World, pp14-22. Available: www.kmworld.com
[Aug. 19, 2009].
[16] A Platform Computing Whitepaper, “Enterprise Cloud Computing:
Transforming IT.” Platform Computing, pp6, 2010.
[17] Global Netoptex Incorporated, “Demystifying the cloud. Important
opportunities, crucial choices.” pp4-14. Available:
http://www.gni.com [Dec. 13, 2009].
[18] C. Weinhardt, A. Anandasivam, B. Blau, and J. Stosser, “Business
Models in the Service World.” IT Professional, vol. 11, pp. 28-33,
2009.
[19] M.Carroll, A.Van der Merwe, P.Kotze, “Secure cloud computing:
Benefits, risks and controls”, Information Security South Africa
(ISSA), pp. 1-9, September 2011.
[20] S. Subashini, V. Kavitha, “A survey on security issues in service
delivery models of cloud computing”, Journal of Network and
Computer Applications, vol. 34, Issue 1, pp. 1-11, July 2010.
[21] D. Zissis, D. Lekkas, “Addressing cloud computing security
issues”, Future Generation Computer Systems, 2011.
[22] National Institute of Standards and Technology, “NIST Cloud
Computing Program, 2010”, <http://www.nist.gov/itl/cloud/>
[Accessed on: 18 October 2011].
[23] Grobauer, T. Walloschek, E. Stocker, “Understanding Cloud
Computing Vulnerabilities, Security & Privacy”, IEEE, vol. 9,
Issue 2, pp. 50-57, March 2011.
[24] F. Gens. (2009, Feb.). “New IDC IT Cloud Services Survey: Top
Benefits and Challenges”, IDC eXchange, Available:
<http://blogs.idc.com/ie/?p=730> [Feb. 18, 2010].
[25] (http://techcrunch.com/2010/06/15/ipad-breach- personaldata/).
[26] (http://status.aws. amazon.com/s3-20080720.html).
[27] www.techcrunch.com/2006/12/28/gmail-disaster-reports-ofmass-email-deletions.
566
The post Computing Environment appeared first on My Assignment Online.
