Higher Nationals in Computing

Unit 16: Cloud computing

ASSIGNMENT 2

Assessor name:

Learner’s name: NGUYEN CAO TRI

ID: GCS17556

Class:

Subject code:

Assignment due: Assignment submitted

 ASSIGNMENT 2 FRONT SHEET

Qualification BTEC Level 5 HND Diploma in Computing

Unit number and title Unit 16: Cloud Computing

Date Received 1st

Submission date
submission

Date Received 2nd

Re-submission Date
submission

Student Name Student ID

Class Assessor name

Student declaration

I certify that the assignment submission is entirely my own work and I fully understand the consequences of plagiarism. I
understand that making a false declaration is a form of malpractice.
 Student’s signature

Grading grid

P5 P6 P7 P8 M3 M4 D2 D3
❒ Summative Feedback: ❒ Resubmission Feedback:

Grade: Assessor Signature: Date:

Signature & Date:

 ASSIGNMENT 2 BRIEF

Qualification BTEC Level 5 HND Diploma in Computing

Unit number Unit 9: Cloud Computing

Assignment title Cloud’s implementation and security threats

Academic Year 2018 – 2019

Unit Tutor DO Quoc Binh

Submission
Issue date
date

IV name and date

Submission Format:

Format: A presentation in Power Point format(about 25 pages)

A security manual(in PDF format)
You must use font Calibri size 12, set number of the pages and use multiple line
spacing at 1.3. Margins must be: left: 1.25 cm; right: 1 cm; top: 1 cm and bottom: 1
cm. The reference follows Harvard referencing system.
Submission Students are compulsory to submit the assignment in due date and in a way
requested by the Tutors. The form of submission will be a soft copy posted on
http://cms.greenwich.edu.vn/
Note: The Assignment must be your own work, and not copied by or from another student
or from
books etc. If you use ideas, quotes or data (such as diagrams) from books, journals or other
sources, you must reference your sources, using the Harvard style. Make sure that you know how
to reference properly, and that understand the guidelines on plagiarism. If you do not, you definitely
get failed

Unit Learning Outcomes:

LO3 Develop Cloud Computing solutions using service provider’s frameworks and open source
tools.

LO4 Analyse the technical challenges for cloud applications and assess their risks

Assignment Brief and Guidance:

Task 1

Base on the scenario and architecture design in the first assignment provide the implementation.
Because of the time constraint of the assignment, the implementation just provides some demo
functions of the scenario. The implementation includes two parts:

 A presentation (about 25 pages)

 o which shows which functions are implemented
o How to config, deploy and test the services (Web application, Database Server,
Source code management, server logs..) using service provider’s frameworks and
open source tools.
o Images for the built functions
 The source code for the built application

Task 2

The table of contents in your security manual (which should be 500–700 words) should be as
follows:

1. Analysis of the most common problems of a cloud computing platform.

2. Possible solutions to these problems.
3. Analysis of the most common security issues in the cloud environment.
4. Discussion on how to overcome these issues.
5. Summary.
 Learning Outcomes and Assessment Criteria

Pass Merit Distinction

LO3 Develop Cloud Computing solutions using service

provider’s frameworks and open source tools

D2 Critically discuss how one

P5 Configure a Cloud
Computing platform with a
cloud service provider’s
framework.
M3 Discuss the issues and
can overcome these issues
constraints one can face during
and constraints.
the development process.

P6 Implement a cloud platform

using open source tools.

LO4 Analyse the technical challenges for cloud applications and

assess their risks

P7 Analyse the most common
problems which arise in a
Cloud Computing platform and
discuss appropriate solutions
to these problems.
M4 Discuss how to overcome D3 Critically discuss how an
these security issues when organisation should protect
building a secure cloud their data when they migrate
platform. to a cloud solution.
 P8 Assess the most common
security issues in cloud
environments.

Contents
P5 Configure a Cloud Computing platform with a cloud service provider’s framework.......................................................... 9

P6 Implement a cloud platform using open source tools. ...................................................................................................... 9

P5 Configure a Cloud Computing platform with a cloud service provider’s framework.

P6 Implement a cloud platform using open source tools.

P7 Analyse the most common problems which arise in a Cloud Computing platform and discuss appropriate
solutions to these problems.

Risk management

Risk management is a systematic and systematic approach to risk in order to identify, control, prevent and minimize
losses, caused by risk factors.

Building a systematic approach to the management of security risks is necessary to identify the organization's needs for
security and create an effective security management system. The method of managing the security risks must be
suitable to the environment of the organization and in particular, the organization's general orientation on risk
management. Efforts to ensure information security must address risks in an effective and timely manner at the right place
and time. The management of security risks can be applied to the continuous deployment and operation of the security
management system and is an indispensable activity.

Managing security risks is an ongoing process. This process needs to establish the internal and external context of the
organization, assess and handle risks according to the plan in order to implement recommendations and make decisions.
Risk management analyzes the possible cases and possible consequences, before deciding on solutions to minimize
risks to an acceptable level.

This procedure is guided in ISO / IEC 27005, the 2011 version has been proposed as the national standard of Vietnam
(TCVN).

Risk management in the cloud context

In the context of the cloud, risk management needs to consider the most important characteristics related to security.
- Confidentiality, the following risks are present: sneaking on communications lines, suppliers accessing sensitive data,
leaking data leaked by service providers; internal data leak.

- Integrity and possible risks include: manipulating data being transmitted, manipulating data at the service provider's side,
modifying random data while transmitting, modifying random data at on the service provider side, modify data at the
internal system.

- Availability (availability) is the following risks of concern: service disruption, unintentional downtime, availability attack,
loss of data access, loss of data on the supplier side Service level, lack of availability in the internal system.

In addition, some requirements on risk management in the cloud context include:

- Regarding performance, the following issues should be considered: network performance, limited scalability, intentional
underperformance, and internal system performance issues.

- Regarding accountability, it is necessary to pay attention to the following possibilities: identity theft, incomplete user
separation, incomplete operation logging, unauthorized access, no logging of the system. internal system.

- Regarding maintenance issues that need attention: limited ability to customize, inappropriate business processes,
incompatibility with new technologies, restrictions on data manipulation, proprietary technology, maintenance Incomplete,
updating in no time.

The above risks have dependent issues in the internal system, but most of them refer to the public transmission line and
especially on the service provider's side. Depending on the type of service provided, that risk is more or less.
Comment

Within the internal system, the entity can perform risk assessment and control. However, service providers often
underestimate, or do not mention the risks of using this service. Therefore, the evaluation of third parties should be
considered because they have the conditions, capabilities and an objective view in the evaluation. In addition, when
choosing to use cloud services, it is important to pay attention to the certificates issued to service providers.

Cloud computing services are provided on the basis of a Service Level Agreement (SLA), which is an important legal
basis in future disputes and disagreements. Conventional contracts cover service quality, availability, reliability and safety.

The above contents are intended to assist organizations and businesses to evaluate and consider when planning to
outsource IT services and especially cloud computing services.

P8 Assess the most common security issues in cloud environments.

Caesar cipher

In cryptography, the Caesar (Caesar) code, also known as the shift cipher, is one of the simplest and most well known.
The Caesar cipher is a monophonic alternative coding system, working on the 26-character English alphabet. It is a form
of substitution cipher, in which each character in the text is replaced by a character that is separated by a paragraph in the
alphabet to form the cipher.

Data encryption standard (DES) has been found vulnerable against very powerful attacks and therefore, the popularity
of DES has been found slightly on decline.
DES is a block cipher, and encrypts data in blocks of size of 64 bit each, means 64 bits of plain text goes as the input to
DES, which produces 64 bits of cipher text. The same algorithm and key are used for encryption and decryption, with
minor differences. The key length is 56 bits. The basic idea is show in figure.

RSA cryptosystem

The RSA algorithm is a public cryptographic algorithm developed by Ron Rivest, Adi Shamir and Leonard Adleman that
can be used in encryption and digital signature technology.

RSA

The RSA algorithm has two keys: the public key (or the public key) and the secret key (or private key). Each key is a fixed
number used in encryption and decryption. The public key is publicly available and is used for encryption. Information
encrypted with a public key can only be decoded by the corresponding secret key. In other words, everyone can encrypt
but only someone who knows the private key (secret) can decode.

RSA is one of the widely used asymmetric coding systems. It was named after the three MIT scientists designed it: Ron
Rivest, Adi Shamir, and Leonard Adleman. The key idea to ensure the safety of RSA is based on the difficulty of factor
analysis of two large prime numbers. (a x b = c, find the opposite of a, b from c is factor analysis).

The RSA encryption system consists of 4 steps: key generation, key distribution, encryption and decryption. To ensure
confidentiality, different systems need to create different public, and private keys. After the handshake and public key
process is sent to the client, the new information is officially encrypted when the server and the client communicate with
each other.
Safety of RSA

The security of RSA is mainly based on the random number generator generating two prime numbers p and q initially.
Recalculating p and q from n is almost impossible with the two 2048 bit primes as mentioned above. But calculating d
slowly p and q is very easy. Therefore, if either party guesses or finds a hole in that random number generator, then RSA
is considered to be neutralized. It was recently suggested that the US Department of Homeland Security (NSA) installed a
back door on the Dual Elliptic Curve random number generator to help the NSA crack the RSA 10,000 times faster. And it
is interesting that this random number generator is installed by the RSA company (founded by 3 co-authors of RSA
system) in many different applications.

Secure Sockets Layer (SSL)

SSL stands for Secure Sockets Layer, a standard technology that allows establishing secure encrypted connections
between a web server (host) and a web browser (client). This connection ensures that data transmitted between the host
and the client is maintained in a private, reliable manner. SSL is now used by millions of websites to protect their online
transactions with customers. If you've ever visited a website using https: // in the address bar, you've created a secure
connection via SSL. If you have an online store or website, SSL will help build trust with customers and keep the
information exchanged between you and your customers confidential.

SSL is like a "backbone" in ensuring safety on the Internet. It helps protect sensitive information when it is transmitted via
computer networks around the world. SSL is necessary to protect your site, even without sensitive information like credit
cards. It provides strict privacy, security and integrity for both site data and visitor's personal information
In general, the disadvantages of SSL compared to advantages, the importance of SSL is insignificant. Using appropriate
SSL will help protect customers, websites, data, create and maintain customer trust as well as sell more goods.

Reference

 Slideshare.net. (2019). Cloud Ecosystem. [online] Available at: https://www.slideshare.net/hamdani2/cloud-ecosystem

[Accessed 24 Dec. 2019].
 En.wikipedia.org. (2019). Cloud computing. [online] Available at: https://en.wikipedia.org/wiki/Cloud_computing
[Accessed 24 Dec. 2019].
 Amazon Web Services, Inc. (2019). Bậc miễn phí của AWS. [online] Available at: https://aws.amazon.com/vi/free/?all-
free-tier.sort-by=item.additionalFields.SortRank&all-free-tier.sort-
order=asc&awsf.Free%20Tier%20Types=*all&awsf.Free%20Tier%20Categories=categories%23compute&trk=ps_a13
1L000005vTUaQAM&trkCampaign=Emerging_Markets_Search&sc_channel=ps&sc_campaign=emp_VN&sc_publisher=g
oogle&sc_category=Cloud%20Computing&sc_country=VN&sc_geo=APAC&sc_outcome=acq&sc_detail=%2Bcloud%20
%2Bcomputing&sc_content=cloud_compute_bmm&sc_segment=359163539037&sc_medium=EMP-P|PS-GO|Non-
Brand|Desktop|SU|Cloud%20Computing|Solution|VN|EN|Text&s_kwcid=AL!4422!3!359163539037!b!!g!!%2Bcloud%
20%2Bcomputing&ef_id=CjwKCAiAi4fwBRBxEiwAEO8_HjvJ-
Jq2_TfDkXYGCtixhXuTCQW6_1LJcwGUybq_zd50AXhvMOy9WhoC138QAvD_BwE:G:s [Accessed 24 Dec. 2019].
 Google Cloud. (2019). What is cloud computing? | Google Cloud. [online] Available at: https://cloud.google.com/what-
is-cloud-computing/?hl=vi [Accessed 24 Dec. 2019].
 Anon, (2019). [online] Available at: https://www.cloudflare.com/learning/cloud/what-is-the-cloud/ [Accessed 24 Dec.
2019].
 Fingent Blog | IT Solutions Blog | Ideas to Motivate Business Growth. (2019). Cloud Service Models Saas, IaaS, Paas -
Choose the Right One for Your Business | Fingent Blog. [online] Available at: https://www.fingent.com/blog/cloud-
service-models-saas-iaas-paas-choose-the-right-one-for-your-business [Accessed 24 Dec. 2019].