Abstract
The concept of “Cloud computing” became very interesting in recent years because it enables optimization of resources used and costs paid for it. Considering all advantages, this approach is applied widely in business systems of general purpose. In recent years, in literature it is possible to find considerations related to application of this approach in corporate systems as electric power utilities. Having in mind that such types of systems represent infrastructure ones that have great impact to the security of people and utilities, a very important question related to information security should be seriously considered. This chapter discusses advantages and disadvantages of application of cloud computing in electric power utility systems.
TopBackground
Considerations related to cloud computing application in corporate systems, such as Electric Power Utilities, have been discussed in literature by a number of authors in recent years. Some of authors consider possibility of cloud computing application in traditional SCADA (Supervisory Control And Data Acquisition) systems (Y. Chen, J. Chen, & Gan, 2015; Church et al., 2017; Wilhoit, 2013), others discuss application in modern smart grid systems (Bitzer, 2015; Chaichi, Lavoie, Zarrin, Khalifa, & Sue, 2015; Parthasarathy & Karthika, 2017; Popeanga, 2012), etc. Generally, all authors agree that application of the cloud computing has a number of advantages. At the same time, it is evident that an important issue of information security must be seriously addressed, having in mind that these types of systems represent an infrastructure that has a great impact to security of people and utilities.
Key Terms in this Chapter
Cloud Computing: The new concept in computing, in comparison with the traditional one. It assumes on-demand availability of computer system resources, particularly data storage and computing power, based on resource sharing and cost minimization, typically applying a “pay-as-you-go” model.
Authentication: The act of proving identity of a computer system user. Actually, this is a process of verifying that user (person, computer etc.) is what it claims to be. This process can be based on something the user knows (password, personal identification number – PIN, etc.), something the user has (ID card, security token, etc.) or something the user is (fingerprint, retinal pattern, signature, voice, face, etc).
Information Security: Preservation of basic properties of information (confidentiality, integrity and availability), whereby other properties can also be involved (authenticity, accountability, non-repudiation, reliability, etc.).
Private Cloud: Cloud infrastructure operated solely for a single organization.
Service Level Agreement: The document that regulates the relationship between a cloud computing service provider and a cloud computing service customer, depending on the cloud computing service model applied (infrastructure, platform, software, communications or network as a service).The agreement defines mutual obligations of each party, parameters of the service provided, as well as the data and information security aspects of the arrangement.
Cloud Computing Service Provider: An individual or an organization responsible for making cloud computing services available to Cloud Customers.
Cloud Computing Service Customer: An individual or an organization that uses cloud computing services from Cloud Providers.
Information Assets: Everything that has a value to the organization. It can generally be classified into six categories – data (in all forms), software (system, application, development), hardware (computers, servers, printers, plotters, etc.), services (computer and communication services, general services – electricity supply, heating, air-conditioning etc.), people (number and competence of employees) and non-material assets (reputation, image of organization, certificates and licenses, awards, etc.).
Authorization: Process of verifying that user (person, computer etc.) is permitted to take an action within the system, usually after successful authentication. It consists of a predefined set of permissions and restrictions for the particular user (read-only rights, read/write rights, change rights, etc.).
Hybrid Cloud: Cloud environment that represents a combination of two or more clouds (private, community or public). It retains and respects the specifics of the customers in comparison with other ones that use benefits of sharing common resources.