With more and more organizations working on the cloud over unsecure internet, sharing files and emails and saving them on cloud storage imperative. Securing the end user sensitive data in transit has thus started to get maximum priority to protect it from Cloud company staff, hackers and data thieves. In this study, an attempt is made to review the research of end user data security. There is an urgent need for solutions for end users' data protection, privacy and during the times when migrating from one Cloud service provider to other. This chapter identifies end user data challenges and issues on cloud and presents use of Public Key Cryptography, Multi Factor Authentication and use of Cloud Aware applications as possible solutions.
TopIntroduction To End User Computing
Cloud based services provide flexible, scalable, pay-per-use, short term contract model for the IT Services make Cloud based services an efficient, affordable and easy to implement option reducing capital expenditure involving IT hardware, licenses, office space, computing power and bandwidth. Security of user data needs to be in place more so in today’s context with Cloud based application being hosted on the service provider premise as well as the end user residing in a remote data center, well outside the user’s control.
As per a recent survey conducted by International Data Group (IDG), the top three challenges for implementing cloud based security strategy differs between IT and the line-of-business (LOB). A survey conducted by International Data Corporation (IDC) declares that 47% IT Heads are highly concerned about security threats in cloud computing. In a recent survey conducted by Cisco, two thirds of the respondents acknowledged that security and privacy are the top two security issues for cloud consumers. This chapter reviews the challenges in Cloud computing services regarding end user data, analyzing the issues face and presents solutions to overcome them (Schutz et al., 2016). The end user data required to be protected is of four types ranging from usage data which is the information collected from computer systems, then is the sensitive information on health and bank accounts, then is the Personally identifiable information; information to identify an individual and finally is the Unique device identity information that is uniquely traceable like IP addresses, unique hardware identities (MAC address).By using solution paths such as digital keys, multi factor authentication and cloud aware applications.
When there is a need to provide End users with the right type of IT resources to enable them to perform their tasks, usually we do not emphasize on importance of securing the end user data (Bouchana et al., 2015). End user data for end user functionalities such as support, buying hardware, software and licenses, then plan endlessly for installation, support, maintenance as well as worry about capacity planning, creating IDs, configuring profiles or sit on a budgeted pile of money waiting for hiring to be completed.
- 1.
Web Based Services: Internet email services (Gmail, Yahoo, and Hotmail), Online stores (Amazon, Fab furnish, Jabong), Web hosting (NetMagic, Tulip). These have been around for many years.
- 2.
Distributed Computing: Splitting the processing workload among multiple systems usually connected at the same sites like being done in Parallel and Grid computing technologies.
- 3.
Datacenters: Single application being hosted in one location (over single or even multiple servers) does not qualify as a Cloud. Cloud computing leverages pooled hardware resources, automation services involving great deal of virtualization hosted across datacenters.
In these avenues, there are different types of security challenges and versatile solutions for each of the cloud deployment models and also overcome them as well.
- 1.
Software as a Service (SaaS) is pay on demand where users accessing over the cloud some of the examples such as On-Demand CRM Salesforce, Google Apps, Microsoft Office 365, Microsoft Sky Drive.
- 2.
Platform as a Service (PaaS) provides end users with complete environment so that developers can deploy their apps, perform testing and hosting of web applications and databases and that provides virtual servers, OS, development framework and coding apps. Examples are Google apps, Azure from Microsoft, Rack Space.
- 3.
Infrastructure as a Service (IaaS) provides hardware and computing power to end user to provision and harness resources from computing, network devices, storage or servers where the customers pay only for the amount of infrastructure used and not worry about buying hardware, maintaining or upgrading issues. Infrastructure can be scaled up or down dynamically based on application resource and market demands. Some of the examples are Amazon EC2, Rack Space, Attenda RTI, Eucalyptus (Open source).