Cloud Computing: A Security and Defense Proposal

Cloud Computing: A Security and Defense Proposal

Copyright: © 2023 |Pages: 16
DOI: 10.4018/979-8-3693-1528-6.ch001
(Individual Chapters)
No Current Special Offers


Cloud computing involves large numbers of computers connected through a network that can be physically located anywhere. Providers rely heavily on virtualization to deliver their cloud computing services. Cloud computing can reduce operational costs by using resources more efficiently. Starting with a look at cloud types, such as software as a service (SaaS), platform as a service (PaaS), infrastructure as a service (IaaS), and cloud models such as public clouds, private clouds, hybrid clouds, community clouds, difference between a data center and cloud computing with relative advantages are explained, and finally why most of companies are migrating to this kind of technology. In the second part of chapter, the focus is on the risks and security of cloud computing. These complex architectures are highly vulnerable; therefore, it is proposed artificial intelligence (AI) models to protect them. Many system protection techniques have been realized to defend cloud-computing systems, but many works are in progress. The authors analyze the state of art on this subject.
Chapter Preview


The terms data center and cloud computing are often used incorrectly. Data Center is typically a data storage and processing facility run by an in-house IT department or leased offsite. From a business perspective, the data center is the pivot on which business processes, communications and services depend, both towards internal users and towards customers, suppliers, partners, etc. Today there is no type of business that has not supported the management of its assets and resources on a Data Center, the beating heart of digital transformation and, more generally, of the digital economy.

Otherwise, Cloud Computing is an off-premise service that offers on-demand access to a shared pool of configurable computing resources. These resources can be rapidly provisioned and released with minimal management effort. Data centers are the physical facilities that provide the compute, network, and storage needs of cloud computing services. Cloud service providers use data centers to host their cloud services and cloud-based resources.

Data centers consist of buildings that contain infrastructures, systems, resources and technological assets that users access to storage data, to use applications and digital services. A data center can occupy one room of a building, one or more floors, or an entire building. Data centers are typically very expensive to build and maintain. For this reason, only large organizations use privately built data centers to house their data and provide services to users. Smaller organizations, that cannot afford to maintain their own private data center, can reduce the overall cost of ownership by leasing server and storage services from a larger data center organization in the cloud.

When we begin to implement analysis of a cloud-computing system, a series of problems arise to be addressed, such as:

  • Organizational data accessing anywhere and anytime.

  • Ease of subscribing only to the chosen services.

  • Minimize the need for onsite IT equipment, maintenance, and management.

  • Equipment, energy, physical reducing costs.

  • Personnel training needs reducing.

  • System resources quickly adapting to increasing data volume required.

Cloud Computing is today heavily applied in every field. About ten years ago one of the first application was in e-learning. In 2013 some researchers proposed an Architecture for Programming Education Environment as a Cloud Computing Service (Elamir et al., 2013). A study found that cloud-computing adoption is well accepted in information technology sector (Hassan et al., 2022).

In the first part this chapter shows different types of cloud-computing services: Software as a Service (SaaS), Platform as a Service (PaaS) and Infrastructure as a Service (IaaS). Subsequently, there is a description of cloud models such as Public Clouds, Private Clouds, Hybrid Clouds, Community Clouds. Then it deals with virtualization concept, difference between virtualization and dedicated server, the different architectures with Hypervisor layer (Cisco Networking Academy, 2020).

In second part this chapter shows the state of art on cyber security aspect in cloud-computing. We explain how Artificial Intelligence can help traditional security tecniques to improve and ensure data privacy in cloud systems.


Software As A Service (Saas)

In this service type the applications are on provider systems and are disposal to user profile. User logins on platform and uses applications configured in his profile. Applications are in cloud and user doesn’t need to manage them. User's only concern is entering data for his application. Applications provided can be word processing, data base, email and so on. Here are some common characteristics of SaaS services:

  • Multi-tenancy cloud architecture, so all users and applications share a common, centrally managed infrastructure.

  • Easy access via any connected device, which simplifies access to data and information and keeps data in sync.

  • Web-based interfaces, which are built on the same web that users already navigate and know on a daily basis (this can help increase adoption and usage rates).

  • Collaborative and social features, which allow people in different geographical locations or teams to collaborate effectively.

Key Terms in this Chapter

Virtualization: The act of creating virtual computer hardware, storage devices, and/or computer network devices.

Community Cloud: Applications and services offered by one or more organizations.

Infrastructure as a Service (IaaS): A network virtualized equipment and services offered in cloud.

Software as a Service (SaaS): The applications are on provider systems and are disposal to user profile in cloud.

Virtual Machine (VM): A computer resource that uses software instead of a physical computer to run programs and deploy apps.

Platform as a Service (PaaS): It’s a specialized service in which cloud provider is responsible for providing users access to the development tools and services used to build the applications.

Intrusion Prevention System (IPS): A network security tool (which can be a hardware device or software) that continuously monitors a network for malicious activity and takes action to prevent it, including reporting, blocking, or dropping it, when it does occur.

Software Defined Network (SDN): Network virtualization approach controlling traffic routing by taking over routing management from data routing in the physical environment.

Quality of Service (QoS): Quality of service (QoS) is the description or measurement of the overall performance of a service, such as a telephony or computer network, or a cloud computing service.

Hybrid Cloud: This is made up of public and private cloud connected using a single architecture.

Intrusion Detection System (IDS): A monitoring system that detects suspicious activities and generates alerts when they are detected.

Cloud Computing: The on-demand availability of computer system resources accessed by Internet.

Network Function Virtualization (NFV): An approach decoupling functions like a firewall or encryption from dedicated hardware and moving them to virtual servers in cloud.

Artificial Intelligence (AI): The ability of a digital computer to perform tasks commonly associated with intelligent beings.

Public Cloud: Applications and services offered to the general population.

Private Cloud: Consists of computing services and IT environments not made available to multiple users but hosted internally by the company.

Network Virtualization: Computer network elements such as switches, routers, and firewalls virtualized in cloud.

Application Programming Interface (API): A software intermediary that allows two applications to talk to each other.

Distributed Denial of Service (DDoS) Attacks: Distributed Network Attacks. This type of attack takes advantage of the specific capacity limits that apply to any network resources, such as the infrastructure that enables a company’s website.

Complete Chapter List

Search this Book: