A Review of Security Challenges in Cloud Storage of Big Data

A Review of Security Challenges in Cloud Storage of Big Data

Sara Usmani (National University of Sciences and Technology (NUST), Pakistan), Faiza Rehman (National University of Sciences and Technology (NUST), Pakistan), Sajid Umair (National University of Sciences and Technology (NUST), Pakistan) and Safdar Abbas Khan (National University of Sciences and Technology (NUST), Pakistan)
DOI: 10.4018/978-1-5225-3142-5.ch007

Abstract

The novel advances in the field of Information Technology presented the people pleasure, luxuries and ease. One of the latest expansions in the Information Technology (IT) industry is Cloud Computing, a technology that uses the internet for storage and access of data. It is also known as on-demand computing. The end user can access personal data and applications anywhere any time with a device having internet. Cloud Computing has gained an enormous attention but it results in the issues of data security and privacy as the data is scattered on different machines in different places across the globe which is a serious threat to the technology. It has many advantages like flexibility, efficiency and scalability but many of the companies are hesitant to invest in it due to privacy concerns. In this chapter, the objective is to review the privacy and security issues in cloud storage of Big Data and to enhance the security in cloud environment so that end users can enjoy a trustworthy and reliable data storage and access.
Chapter Preview
Top

Introduction

Cloud Computing is considered as the standard for next generation computation. In Cloud Computing, the resources i.e., end user applications, personal data or DBMS (Database Management Systems) are provided by a third party over internet like services. National Institute of Standards and Technology (NIST) defines Cloud Computing as universal, appropriate, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction (Mell & Grance, 2011). There is a service provider that manages and provides the services over the internet while the clients purchase them according to their needs. The architecture of cloud includes several modules like databases, software competencies, applications, etc. planned to influence the power of cloud resources to solve problems of enterprise. The architecture of cloud includes modules and the relationship between these modules. The cloud architecture has several components like

  • Resources on ground cloud resources.

  • Software services and components middleware.

The cloud architecture is intended at providing the users with huge bandwidth allowing them continuous access to their data and applications and having the ability to move rapidly and competently between servers or even between clouds. The service model comprises three levels: Software as a Service (SaaS), Platform as a Service (PaaS) and Infrastructure as a Service (IaaS) as described in Figure 1.

Figure 1.

SPI Cloud Service Delivery Model (Almorsy, 2010)

In SaaS, applications are accessed via web browsers that are managed by cloud service provider and interfaces available on the end-user side. It removes the need to perform any installation or download on individual devices. In PaaS, applications are built on the platform. The services are provided to the user through a set of programs that can carry out the specific task. It makes the building and deployment of applications quick and economic. IaaS facilitates services through virtual machines. It provides the computer infrastructure with on demand resources. The users do not have to purchase the equipment; they have to purchase the service.

Top

Background

Cloud Computing is associated with Grid Computing but they are not the same (Berman, 2003). Grid Computing incorporates different resources together and controls the resources with the incorporated Operating Systems to provide high performance computing services whereas in Cloud Computing, computing and storage resources are controlled by different Operating Systems to provide services such as large data storage and high performance computing to users. The whole representation of Grid Computing has been changed by Cloud Computing. Cloud Computing is very favorable for the Information Technology (IT) applications but some problems still exist while storing data and deploying applications that should be solved for personal users and enterprises. One of the major hurdles in adoption of Cloud Computing is data security which is escorted with issues like compliance, privacy, trust and legal matters (Shah, 2008). Privacy and security is close to the role of institutions and institutional evolution (Kshetri, 2013). A latest survey by International Data Group (IDG) enterprise discuss the three challenges for applying a successful cloud strategy in enterprise vary considerably between IT and line-of-business (LOB).

Key Terms in this Chapter

SaaS: Software as a Service is centrally hosted in which software is accredited on subscription basis.

Virtual Machine (VM): An emulation of a particular computer system. Virtual machines operate based on the computer architecture and functions of a real or hypothetical computer, and their implementations may involve specialized hardware, software or a combination of both.

PaaS: Platform as a Service allows the customers to develop, run and manage their applications.

Cloud Computing: The process of providing shared resources and other services to user on demand that can be accessed from anywhere provided the internet connection.

Security: Involves policies that protect the data and information linked with Cloud Computing applications

Cloud Service: Resources that are delivered over the internet are known as cloud services.

Privacy: Privacy involves keeping the user data and integrity safe from external attack.

Cloud Storage: The availability of data and keeping the data safe and secure is the responsibility of Cloud Storage.

Host-Based Intrusion Prevention System (HIPS): A Host-based Intrusion Prevention System is a system or a program employed to protect critical computer systems containing crucial data against viruses and other Internet malware.

IaaS: Virtualized computing resources available over the internet is the responsibility of Infrastructure as a Service.

Complete Chapter List

Search this Book:
Reset