CLOUD COMPUTING

Cloud computing is a new paradigm where services and resources are

provided to users over the Internet.

The cloud itself is not a product, but rather a data transmission and storage
model. Basically, it is a term used to describe a global network of
interconnected remote servers functioning as a single ecosystem to store
and manage data, run applications, provide content or services to users.

Although the term “cloud” may suggest something ethereal, there is actually
a huge infrastructure consisting of numerous physical resources
(communications networks, servers, storage systems, applications, services,
etc.) behind it. This allows multiple users manage all their files at any time
and from anywhere as long as they stay connected to the Internet.

TYPES OF CLOUDS

There are several different models of cloud computing services. They have
emerged to provide the right solution for a wide range of user needs.

• Public Cloud: Cloud resources, such as servers and storage, are owned and
managed by a third-party provider who delivers them over the Internet. This
provider also owns and manages all hardware, software, and other
infrastructure components. A user can access these services and manage
his/her account using a web browser.

• Private Cloud: Cloud computing resources are used exclusively by a single

organization which manages them and decides who can access the
infrastructure that is usually installed at a local data center of on the
organization premises.Hybrid Cloud: This model combines elements of a
public cloud and a private cloud using a technology that allows data and
applications to be shared between them. Users may own some parts and
share others, but in a controlled environment.

CLOUD SERVICES

Cloud services can be divided into three main categories:

• Software as a Service (SaaS): In this model, applications are delivered over the
Internet. Users access them from a connected device using a web browser.
Some of SaaS examples include email servers, online office tools, and file
sharing.

• Platform as a Service (PaaS): This is a model where a user can enjoy the
benefits of a fully functional service-oriented platform without having to
purchase or maintain the equipment or applications. For example, procuring
hosting services for websites, databases, email, etc.
 • Infrastructure as a service (IaaS): In this model, users are provided with all the
infrastructure they need to install their applications and services without
having to worry about maintaining a physical server, communications
infrastructure, or storage. It can be a virtual machine, a CPU, a hard disk along
with the necessary storage and bandwidth.

ADVANTAGES OF CLOUD COMPUTING

• Files can be accessed and modified anytime, from any location, on any
Internet-connected device.

• Flexibility in terms of storage capacity and processing power.

• Saving backup copies in the cloud.

• Reasonable price.

• Facilitating teamwork.

DISADVANTAGES OF CLOUD COMPUTING

• When there is no Internet connection or if the service provider’s equipment

fails, you will not be able to access the files in the cloud.

• Since the service provider owns, manages and controls the cloud
infrastructure, customers have minimal control over it, even after it is
removed from the cloud.

• Even though service providers tend to implement the best security standards,
a cyberattack could compromise the data stored in the cloud.

• Apart from attacks by third parties, information security threats can also
originate from the service provider itself.

CLOUD SECURITY

Cloud computing provides various data storage and processing capabilities

based on third-party servers. As a result, when you decide to use the cloud,
you lose physical access to your data and have to trust your cloud service
provider to implement adequate security measures to protect your
information.

Cloud computing security includes a wide range of policies, technologies, and

controls aimed at protecting cloud-based data, applications, and
infrastructure.

There are many different security concerns associated with cloud computing
all of which can be divided into two broad categories: issues faced by
providers (organizations offering cloud-based software, platforms, or
infrastructure as a service) and those faced by customers (companies or
people using the cloud to run applications or store data).

Cloud security is a shared responsibility: the provider must make sure that
the offered infrastructure is secure and that the customers’ data is protected,
while users are responsible for taking measures to ensure secure access by
using efficient authentication methods.

For an effective cloud security architecture, the right defenses must be

deployed in the right places by identifying potential entry points for attacks,
establishing safeguards to eliminate weaknesses and mitigate the effect of
attacks.

While there are many types of controls used in a cloud architecture, they
usually fall into one of the following categories:

• Deterrent controls: They are used to reduce the probability of attacks on a

cloud system. They warn potential attackers by informing them that there will
be severe consequences if they choose to proceed.

• Preventive controls: They strengthen the system’s protection against

incidents by reducing or eliminating vulnerabilities. They provide reliable user
authentication, reducing the probability of unauthorized access and ensuring
positive user identification.

• Detective controls: They are designed to detect threats as they occur and
react appropriately. Attacks on the cloud system and its supporting
communication infrastructure are usually detected by system and network
security monitoring, including intrusion detection and prevention.

• Corrective controls: They are implemented while an attack is in progress or

after it has occurred to mitigate the consequences, usually by limiting the
damage. These controls are primarily designed to restore a compromised
system from backup copies.

It is generally recommended to select and implement cloud security controls

according to the existing risks which are determined by assessing threats,
vulnerabilities, and their impact. Furthermore, service providers and their
users should negotiate the terms of liability and establish how incidents
involving data breach will be resolved.

CLOUD ENCRYPTION

Cloud computing security has quickly become a major concern for everyone
who uses this technology due to the sensitive nature of information they
store on the Internet.
The process of synchronizing files between different devices and the cloud is
a critical vulnerability from the point of view of data protection, making data
encryption indispensable for a high level of security.

Most cloud storage providers offer some form of file encryption either on the
server side (to store information) or on the client side.

Server-side encryption is the method used by most cloud storage services. It

means that data in an unencrypted form is uploaded to server, where it is
encrypted using the user’s password. Files are transmitted via a secure
connection (HTTPS/SSL). However, while this method offers protection
against attacks by third parties, data privacy is not guaranteed as the server
administrator or another insider can obtain access to the data and/or
encryption keys.

With client-side encryption, files are encrypted locally before they leave the
device connected to a cloud service. Ideally, the password should never leave
the client device, meaning that the cloud service provider only stores and
synchronizes data, but cannot see its content. However, not all applications
support this. Although less common, this method offers the advantage of
better privacy protection: the user’s information in an unencrypted form is
stored only on their devices, and even if the server or files are compromised,
the intruder will obtain only encrypted data and not the original content. The
drawback here is that if you forget the password, you will never be able to
recover it or use the files online, because they are stored on the server in an
encrypted from and can only be modified from the client device.

Cloud security remains a pressing challenge, and both customers and cloud
service providers need to work together proceeding from the understanding
that protecting the information exchanged between them is a shared
responsibility.