Assessing Security with Regard to Cloud Applications in STEM Education

Assessing Security with Regard to Cloud Applications in STEM Education

Ihssan Alkadi (Southeastern Louisiana University, USA)
DOI: 10.4018/978-1-4666-9924-3.ch017
OnDemand PDF Download:
$30.00
List Price: $37.50

Abstract

There are many steps involved with securing a cloud system and its applications (SaaS) and developed ones in (PaaS). Security and privacy issues represent the biggest concerns to moving services to external clouds (Public). With cloud computing, data are stored and delivered across the Internet. The owner of the data does not have control or even know where their data are being stored. Additionally, in a multi-tenant environment, it may be very difficult for a cloud service provider to provide the level of isolation and associated guarantees that are possible with an environment dedicated to a single customer. Unfortunately, to develop a security algorithm that outlines and maps out the enforcement of a security policy and procedure can be a daunting task. A good security algorithm presents a strategy to counter the vulnerabilities in a cloud system. This chapter covers the complete overview, comparative analysis of security methods in Cloud Applications in STEM Education and the introduction of a new methodology that will enforce cloud computing security against breaches and intrusions. Much light will be shed on existing methodologies of security on servers used for cloud applications in STEM education and storage of data, and several methods will be presented in addition to the newly developed method of security in cloud-based servers, such as the MIST (Alkadi). Not only can cloud networks be used to gather sensitive information on multiple platforms, also there are needs to prevent common attacks through weak password recovery, retrieval, authentication, and hardening systems; otherwise hackers will spread cyber mayhem. Discussion of current security issues and algorithms in a real world will be presented. Different technologies are being created and in constant competition to meet the demands of users who are generally “busy”. The selling point of these technologies is the ability to address these demands without adding more to any workloads. One of the demands often discussed is that users want to have their digital information accessible from anywhere at any time. This information includes documents, audio libraries, and more. Users also demand the ability to manage, edit and update this information regardless of physical location. Somewhat recently, mobile devices such as laptops, tablets, and smartphones have provided these abilities. This is no small feat as vendors and providers have reduced the size of these devices to increase mobility. However, as the amount of personal information that users are wanting to access has grown exponentially, manipulation and storage of it require more capable devices. To meet increased demands, increasing the capabilities of mobile devices may be impractical. Making mobile devices more powerful without technological advancement would require that the device be larger and use more resources such as battery life and processing power to function properly. Storing all of a user's information on a mobile device that travels everywhere also adds vulnerability risks. The best technical solution to having a user's information accessible is some sort of online storage where there is the convenience to store, manipulate and retrieve data. This is one of the most practical applications for the concept of cloud computing in STEM education. As storage capabilities and Internet bandwidth has increased, so has the amount of personal data that users store online. And today, the average user has billions of bytes of data online. Access is everywhere and whenever is needed. As everyone started doing so, people want their data safe and secure to maintain their privacy. As the user base grew in size, the number of security issues of the personal data started to become increasingly important. As soon as someone's data are in the remote server, unwanted users or “hackers” can have many opportunities to compromise the data. As the online server needs to be up and running all the time, the only way to secure the cloud server is by using better passwords by every user. By the same token, the flaws in the password authentication and protection system can also help unwanted users to get their way to other people's personal data. Thus, the password authentication system should also be free from any loopholes and vulnerabilities.
Chapter Preview
Top

Introduction

Cloud computing has been the center of a lot of attention and implementation priority over the past ten years. Its immediate, important implementation and use has been very prominent. its eminence is due to its powerful infrastructure and feasible platform. However, its use and implementation has faced some notable complications; as a byproduct of popular use and demand, it brought on many questionable security challenges that need to be addressed and resolved, especially in STEM education. Universities and STEM divisions are trying to apply cloud computing to solve problems that relate to increasing computing complexities and storage. Cloud computing systems serving users within STEM’s environment must at least involve the following factors and provide maximum security for the following capabilities as:

  • Services and support to a wide range of students, teachers, and potential customers.

  • A large number of course materials and academic support tools to instructors, teachers, professors, other educators, and university staff.

  • A variety of diverse service environments.

  • Operating cloud infrastructure as an economically viable model.

On the other hand, many risks and challenges of cloud computing for STEM education relate to its relative newness and the underdevelopment of the marketplace for cloud services. In STEM education, besides the technical and cost considerations, there are some other factors that influence the decision to adopt cloud computing. Some of these risks and challenges involve the following points:

  • Security: Security and privacy represent the biggest concerns to moving current existing services to external clouds. With cloud computing, data are stored and delivered across the Internet. The owner of the data does not have control or even know where their data are being stored. Additionally, in a multi-tenant environment, it may be very difficult for a cloud service provider to provide the level of isolation and associated guarantees that are possible with an environment dedicated to a single customer.

    • Interoperability: A universal set of standards and interfaces have not yet been defined, which represents a significant risk of vendor lock-in.

  • Control: The user does not have total control over the cloud environment and the data. It varies significantly.

  • Performance: As the access to the cloud is done via the Internet, latency is introduced into every communication between the user and the cloud environment.

  • Reliability: Many existing cloud infrastructures rely on hardware that is known to fail unexpectedly.

There are many benefits to using cloud storage and the most notable is file accessibility. Files stored in the cloud can be accessed at any time from any place so long as you have Internet access. Another benefit is that cloud storage provides organizations, such as STEM education institutions, with remote backups of data which reduce costs associated with disaster recovery. Unfortunately, the biggest disadvantage to cloud storage is that users are limited by bandwidth. If your Internet connection is slow or unstable, you might have problems accessing or sharing your files. STEM education institutions that require a large amount of storage may also find that costs increase significantly after the first few gigabytes of data stored, paying for a third party that offers a cloud storage service or buying enough servers that store the amount of required data. Also, cloud storage does have the potential for security challenges. This has been seen in the past years and could be seen years to come unless enforcing the security potential and eliminating breaches and threats.

Key Terms in this Chapter

Total Cost of Ownership: The total direct and indirect cost and investment on the installation, application, implementation, and the maintenance of the hardware, software, and the cloud.

Penetration Testing: Techniques used to explore and test vulnerability of the underlying network.

Cryptovirology: The study of using cryptology to design powerful malicious software. Cryptovirology makes use of cryptography as a mechanism of attacking rather than defending.

Availability of the Cloud: Making sure the cloud server network is fail-safe and ready at all times.

Cryptography: The encryption component of cryptology and has been traditionally used to defend systems using encryption and public key infrastructure (PKI).

Cloud Computing Security: The complete strict engulfment of the cloud network, its resources, user’s data, and the accessibility of it in special continuously updated method and/or techniques that enable the cloud computing network impenetrable.

MIST: A new technique for verifying the identity of users of cloud computing resources during the process of identity authentication.

Complete Chapter List

Search this Book:
Reset