Security Challenges in Cloud Computing

Security Challenges in Cloud Computing

Sumit Jaiswal (Indian Institute of Technology (B.H.U.), India), Subhash Chandra Patel (Indian Institute of Technology (B.H.U.), India) and Ravi Shankar Singh (Indian Institute of Technology (BHU), India)
DOI: 10.4018/978-1-4666-5888-2.ch141

Chapter Preview



The era of cloud computing dates back to grid computing in early 1990’s when concept of high performance computing was on its emergence. In grid computing, various high performance computing machines were connected together by high speed communication links to utilize their combined enhanced efficiency towards complex computational problem solving. The gird is association of parallel and distributed systems taken into account where the resources are shared from distributed resources and allocating them in dynamic way thereby improving the performance, cost and dependency (Buyya, Yeo, Venugopal, Broberg, & Brandic, 2009).

The evolution of cloud computing from grid computing is the result of shifting of focus on managing the infrastructure performance towards the better economic way of delivering the services and computation in a abstract way with the minimal trouble at the client side. This resulted in the approach of computing as a service targeted towards business side of providing resources at an economical way (Foster, Zhao, Raicu, Lu, 2008).

Figure 1. depicts the representation model of cloud computing definition proposed by NIST which includes five essential features, three service models and four deployment models as shown (Subashini & Kavitha, 2011). Herein, the five essential features includes virtualized computing resource pool, broad network access, rapid elasticity, on-demand self-service, measured service; the three service models are Infrastructure as a Service (IaaS), Platform as a Service (PaaS), Software as a Service (SaaS); the four deployment models are private cloud, community cloud, public cloud and hybrid cloud.

Figure 1.

The NIST definition model of cloud computing

Key Terms in this Chapter

Hash Function: A one way function which produces a fixed data output. It is used to confirms the message integrity at receiver side.

Integrity: A property by which the data enclosed in a message being transmitted remains intact in its form after being received. Thus, the data arrives in the same form as it was during sending.

Cloud Computing: A newly emerged computing paradigm where the resources being allocated on-demand with scalability, multitenancy, pay-for-use model focusing on economic aspect of computing.

Authentication and Authorization: Authentication a process of verifying the claim of the identity and granting the access if the identity is true as it being claimed the entity. In Authorization, it is ensured that properly authenticated entity is entitled to the same access privilege rights as per its security clearance level.

Multitenancy: A property of software architecture, where single running instance of a software server each client individually.

Remanence: The residual representation of digital data that remains even after attempts have been made to remove or erase the data.

Trusted Third Party: An entity that is responsible for managing the data processing and handling the access control operations. This entity earns a suitable amount of trust by the client and is permissible to do operations on client’s behalf.

Trust: A notion of understanding between two entities A and B, where A is supposed to have trust over B when B actually performs the task in the same manner as being supposed by A.

Identity and Access Management: A procedure where the identity and access mechanism of the employees is being managed. It holds significance in Cloud Computing where it is essential to monitor and prevent unauthorized access in the cloud.

Availability: A property by which the data is available all the time during the business hours. In cloud computing domain, the data availability by the cloud service provider holds a crucial importance.

Confidentiality: A property by which the data enclosed in a message is secret, if acquired however, the data is non-intelligent to be read.

Complete Chapter List

Search this Book: