survey of the network security in cloud computing

International Journal of Computer Trends and Technology (IJCTT) – volume 4 Issue 8–August 2013

ISSN: 2231-2803 http://www.ijcttjournal.org Page 2680

Abstract-Network security has become more important to personal computer users, organizations, and the military. But still many companies are not ready to implement cloud computing technology due to lack of proper security control policy and weakness in protection which lead to many challenge in cloud computing. Cloud computing is a virtualization technology that uses the internet and central remote servers to offer the sharing of resources such as software, infrastructures, business and applications processes to the market environment to fulfill the elastic demand. To prevent Data from unauthorized access, it propose a distributed scheme for providing security of the data in cloud. This paper presents a survey of the network security of Cloud Computing. This includes a discussion of the evolution process in cloud computing and current technologies adopted in cloud computing. This survey paper also presents a comparative study of cloud computing platforms (Amazon, Google and Microsoft). Keywords–Cloud computing, Cloud computing service models (SAAS,IAAS,PAAS), Types of Cloud computing, Network issues, Security issues. I. INTRODUCTION The technology uses the Internet and central remote servers to maintain data and applications. Cloud computing that allows businesses to use applications without installation and access their personal files at any computer with internet access. This computing technology allows for more efficient computing by centralizing storage, memory, processing and bandwidth. In 2005, the term cloud computing became popular and the sub classification of IAAS, PAAS & SAAS got formalized. The term Cloud Computing refers to both the applications delivered as services over the Internet and the servers and system software in the data centers that provide those services. Cloud computing really is accessing resources and services needed to perform functions with dynamically changing needs. An application developer requests access from the cloud rather than a specific endpoint or named resource. This paper describes the cloud computing, cloud computing models, and a comparative study of cloud computing systems. II. CLOUD COMPUTING SERVICE MODELS A. SOFTWARE AS A SERVICE (SAAS) SAAS is the most common form of cloud computing for small businesses. SAAS is the online delivery of software functionality and capability without the need for locally running software. SAAS runs on a Web browser. Gmail and Sales force are two popular SAAS products. Direct benefits of SAAS include reduced hardware costs, reduced software licensing costs,

and more flexible IT resources that can be dialed up or down quickly on demand. SAAS applications allow users to access and manipulate their data anywhere they have a data connection from any device –an important consideration in a world where nearly everyone has several compute platforms (mobile, laptop, tablet).The software application host is responsible for controlling and maintaining the application, software updates and settings. Example of a SAAS is a web-based mail service or customer relationship management system. B. INFRASTRUCTURE AS A SERVICE (IAAS) IAAS is the delivery model which provides computer Infrastructure as a service. The service provider maintains the physical computer hardware consist of CPU processing, memory, data storage and network connection. This entails the rental of a complete computing resources for running applications, hosting data and company’s entire computing environment. Examples of an IAAS include Amazon EC2, Rack space and Windows Azure.

C. PLATFORM AS A SERVICE (PAAS)

PAAS can be described as a crossover of both SAAS and IAAS. Using a PAAS companies can produce new applications more quickly and with a greater degree of flexibility than with older development platforms tied directly to hardware resources. Application development on a PAAS has a number of key benefits. Programmers especially appreciate that the cloud provider handles all the care and maintenance of the underlying operating systems, servers, storage, and application containers. PAAS environments can be much useful when development teams are widespread geographically or when partner companies or divisions share development efforts. Traditionally, hardware and software is fully contained on a user´s computer. This means that you access your data and programs exclusively within your own computer. Cloud computing allows you to access your data and programs outside of your own computing environment. Instead of storing your data and software on your personal computer or server, it is stored in 'the cloud'. This could include applications, databases, email and file services. A common analogy to describe cloud computing is renting versus buying. Essentially, you rent capacity (server space or access to software) from a cloud service provider and connect over the internet. III. TYPES OF CLOUD COMPUTING A. PUBLIC CLOUD COMPUTING A public cloud provides all of the infrastructure and services through the Internet. It is cost effective because the cost is spread out and shared across a very large group of individuals and businesses. Some of the service providers are Google, Amazon,

Survey of the network security in cloud computing M.usha devi#1

Research Scholar Mr. B.Loganathan*2

#Assistant professor Department of Computer Science

Government Arts college(Autonomous),Coimbatore-18,Tamilnadu,India.


ISSN: 2231-2803 http://www.ijcttjournal.org 681

Microsoft. Here a user does not have a control on the management of the resources. All the thing is managed by the third party and it’s their responsibility to apply software updates, security patches etc . This means that IT systems are shared by various users to a very high degree and since the networks are not separated, the user does not really know where his data is stored. A Public Cloud provide the best potential in terms of cost-effectiveness, so it only offers nominal data protection and specific availability. Service providers manage the infrastructure and pool resources into capacity that any customer can claim. The main benefits of using a public cloud are easy and inexpensive set-up because application, hardware and bandwidth costs are covered by the provider. Some issues related to public clouds are the user of public clouds have no control where their data is saved. Security and data protection is of nominal type. B. PRIVATE CLOUD COMPUTING In private clouds, the infrastructure and services are maintained on a private network. This type of cloud must be set up and maintained by personnel, so it is not ideal for a company that wants to operate with as few employees as possible. It still allows a company to maintain a smaller staff because it’s simpler to maintain once it is created. No other parties are involved with a private cloud. Private cloud otherwise called as internal cloud or corporate cloud that provides hosted services to a limited number of people behind a firewall. Private Clouds emulate cloud computing on private networks. Private Clouds represents an enterprise-specific environment with dedicated IT systems as well as private access and sharing. The rules can be defined and implemented individually. When Private Clouds are enhanced and hosted on the premises of the organization consuming it, they are also called as to On-Premise Private Clouds. The storage is typically not shared outside the enterprise and full control is retained by the organization. Cloud is as simple as adding another server to the pool and the self-managing architecture expands the cloud by adding performance and capacity. The main benefits of using private cloud are an enhanced security and data protection and one can raise it as much level as one wishes. The user has total control of where the data is being saved and easily recover from failure. Easy monitoring of demand for service and accordingly manage the cloud by scaling up or down. Very useful for Enterprise IT organizations use their own private cloud(s) for mission critical and other operational systems to protect critical infrastructures. Hence the cost of operation is high compared to Public Clouds. C. COMMUNITY CLOUD COMPUTING A community cloud exists where several organizations share access to a private cloud, with the same security considerations. For example that a series of franchises have their own public clouds and they are hosted remotely in a private environment. D. HYBRID CLOUD COMPUTING A hybrid cloud model takes advantages of both public and private cloud services. The hybrid cloud is the ideal way to effectively meet the needs of various parts of a business. For example, you could use a public cloud for your emails to save on large storage costs and keep your highly sensitive data safe and secure behind your firewall in a private cloud. . Hybrid Cloud provides applications and data in a secure manner so that many organizations prefer to keep sensitive data under their own control to ensure security. IV. NETWORK ISSUES IN CLOUD COMPUTING

A. ATTACK OF NETWORK SNIFFING Another type of attack is network sniffer, it is a more difficult issue of network security in which unencrypted data are hacked through network for example an attacker can hack passwords that are not properly encrypted during communication. If the communicator is not used encryption techniques for data security then attacker can capture the data during transmission as a third party. For this attack, the parties should use encryption methods for securing there data. B. MIDDLE ATTACK This is another issue of network security that will happen if secure socket layer (SSL) is not configured properly. For example, if two parties are communicating with one other and SSL is not properly installed then all the data communication between two parties could be hack by the middle party. For this attack, SSL must properly install and it should check before communication with other authorized parties. C. DENIAL OF SERVICE When hackers overflows a network server or web server with frequent request of services to damaging network, the denial of service can’t keep up with them, server couldn’t legitimate client regular requests. In cloud computing, hacker attack on the server by sending thousands of requests to the server that server is unable to respond to the regular clients in this way server will not work properly. For this attack is to reduce the privileges of the user that connected to a server and this will help to reduce the DOS attack. V. SECURITY ISSUES IN CLOUD COMPUTING A. BROWSER SECURITY The first issue is Browser security. As a client sent request to the server by web browser the web browser have to make use of SSL to encrypt the credentials to authenticate the user.SSL support point to point communication means if there is third party and then middle host can decrypt the data and if the hacker installs sniffing packages on host, the middle attacker may get the credentials of the user and use in these credentials in the cloud system as a valid user. For this attack, Vendor should use WS-security concept on web browsers because WS-security works in message level that use XML encryption for continuous encryption of SOAP messages which does not have to be decrypted at mediator hosts B. XML SIGNATURE ELEMENTWRAPPING Attacker targets the component by operating the SOAP messages and putting anything that attacker like. For this attack, used the digital certificate. For example, X.509 authorized by third party such as certificate authorities and also uses the mixture of WS-security with XML signature to a particular component. XML should have the list of components so that it can reject the messages which have malicious file and also reject the unexpected messages from the client. . C. CLOUDMALWARE INJECTION ATTACK Cloud Malware Injection Attack, which tries to damage a service, application. An interloper is obligatory to generate his personal spiteful application, service request and put it into the cloud structure. Once the spiteful software is entered into the cloud structure, the attacker care for the software as legitimate request. If successful user ask for the service then malicious is implemented. Attacker can upload virus program into the cloud structure. Once cloud structure care for as a legitimate service the virus is implemented which spoils the cloud structure. For this case hardware damages and attacker aim is to damage the user. Once if user asks for the program request the cloud throws the virus to the client over the internet. The client machine is affected by virus.



Counter measure for this attack is authenticity check for received messages. Storing the original image file of the request by using hash function and compare it with the hash value of all upcoming service requests. In this, attacker create a legitimate hash value to deal with cloud system or to enter into the cloud system. D. FLOODING ATTACK Cloud system repeatedly increase its size when there is further requests from clients cloud system initialize new service request in order to maintain client requirements. Flooding attack is distributing a great amount of non-sense requests to a certain service. Once if the attacker throw a lot of requests by providing more recourses cloud system will attempt to work against the requests, then system consume all recourses and not capable to supply service to normal requests from user. Attacker attacks the service server. DOS attacks cost provide extra fees to the consumer for usage of recourses. In this situation the owner of the service has to compensate additional money. To stop from attacking the server, Intrusion detection system then filter the malicious requests and installing firewall. Intrusion detection system provides fake alerts and could mislead administrator. E. DATA PROTECTION Data protection in cloud computing is very important factor it could be complicated for the cloud customer to efficiently check the behavior of the cloud supplier and as a result he is confident that data is not handled in proper way, then it does not like that this problem is intensify in case of different transformation of data. For this attack, that a consumer of cloud computing should check data handle either it is handled lawfully or not. VII. CLOUD COMPUTING CHARACTERISTICS A. ON DEMAND SELF SERVICE Computer services such as applications, email, network service can be provided without requiring human interaction with each service provider. Cloud service providers that providing on demand self services include Amazon Web Services (AWS), Microsoft, Google, IBM and Salesforce.com. New York Times and NASDA are examples of companies using AWS. B. RESOURCE POOLING The provider’s computing resources are pooled together to serve multiple consumers using multiple-tenant model with different physical and virtual resources dynamically assigned and reassigned according to consumer demand. The resources include others storage, memory, processing, network bandwidth, and email services. The pooling of the resource builds economies of scale. C. RABID ELASTICITY Cloud services can be rapidly and automatically to scale out quickly and rapidly released to quickly scale in. For the consumer, the capabilities are available for provisioning often appear to be unlimited and can be purchased in any quantity at any time. D. MEASURED SERVICE Cloud computing resource usage can be controlled, measured, and reported for providing transparency to both provider and consumer of the utilized service. Cloud computing services that used a metering capability that enables to control and optimize resource use and implies that just like air time, municipality water IT services, or electricity are charged per usage metrics pay per use. The more which you utilize the higher bill. Like this utility

companies sell power to subscribers and telephone companies and sell voice and data services. IT services such as network and security management, data center hosting or departmental billing can now be easily delivered as a contractual service. VIII. BENEFITS OF CLOUD COMPUTING Cloud computing which produces a lot of benefits. It allows you to set up what is essentially a virtual office to give you the flexibility of connecting to your business anywhere and any time. The number of web-enabled devices used in today's business environment (e.g. smart phones, tablets), access to your data is even easier. A. REDUCED IT COSTS Moving to cloud computing may reduce the cost of managing and maintaining your Information technology systems. Instead of purchasing expensive systems and equipment for your business, so that you can reduce your costs by using the resources of your cloud computing service provider. You can able to reduce your operating costs because the cost of system upgrades, hardware and software may be included in your contract. you no longer need to pay wages for expert staff your energy consumption costs may be reduced there are fewer time delays.

B. SCALABILITY Your business can scale up or scale down your operation and storage needs quickly to suitable for your situation, allowing the flexibility as you needed to change. Purchasing and installing expensive upgrades yourself and your cloud computer service provider can handle this for you. With this, the cloud frees up your time so you can get on with running your business. C. BUSINESS CONTINUITY Protecting your data and systems is an important part of business continuity for planning. If you may experience a natural disaster, power failure and having your data stored in the cloud ensures it is backed up and protected in a secure and safe location. You can able to access your data again quickly allows you to conduct business as usual and minimising any downtime and loss of productivity. D.COLLABORATION EFFICIENCY Collaboration in a cloud environment gives your business the ability to communicate and share more easily to outside of the traditional methods. And if you are working on a project across different locations, you could use the cloud computing to give employees, contractors and third parties accessing the same files. You may also choose a cloud computing model that makes it easy for you to share your records with your advisers (e.g. a quick and secure way to share accounting records with your accountant or financial adviser). E. FLEXIBILITY OF WORK PRACITICES Cloud computing allows employees to be more flexible in their work practices. For example, if you have the ability to access data from on holiday, home or via the commute to and from work. If you need to access your data while you are in an off-site, you can connect to your virtual office, quickly and easily. Access to automatic updates for your IT requirements may be included in your service. If you depending on your cloud computing service provider and your system will be regularly updated with the



present technology. It include up to date versions of software and also upgrades to servers and computer processing power.

IX. CLOUD COMPUTING ARCHITECTURE

Cloud computing Architectures are designs of software applications that use Internet access on-demand services. Applications built on a Cloud Architectures are such that the underlying computing infrastructure is used only when it is needed and also draw the necessary resources on demand and perform a particular job and then relinquish the unneeded resources and often dispose themselves after the job is done .While in operation the application scales up or down elastically based on resource needs. The rapid growth of cloud computing is largely based on the effective implementation of its architecture. In cloud computing architecture, it is not just based on how the application will work with the users. Cloud computing requires an interaction with the hardware which is very essential to ensure uptime of the application.

Applications build on Cloud Architectures run in the cloud where the physical location of the infrastructure is determined by the provider. Advantage of simple API’s of Internet accessible services that scale on demand and that are industrial strength where the complex reliability and scalability logic of the underlying services remains implemented and hidden inside the cloud. The uses of resources in Cloud Architecture is as needed, thereby providing the highest utilization with optimum cost. X. COMPARATIVE STUDY OF CLOUD COMPUTING Comparative studies of cloud computing systems is done which basically includes Amazon EC2, Google App Engine and Microsoft Azure based on the three parameters such as Technology benefits, business benefits and future trends. A. AMAZON EC2 One or more instances of a virtual machine can be created for processing and for storage. Payment is made based on time the instances are running. Hourly charge vary from $0.020 (US East-Virginia) to $3.200 (South It is America-Sao Paulo) possible to

have a reserve instance for an initial payment and discounted rate of usage. Data storage can be both relational and non relational. Virtual machine can be a different capacity Standard (Small, Large, Extra Large), High-Memory (Double Extra Large, Quadruple Extra Large) High-CPU (Medium, Extra Large). Both Linux and Windows machine instances are supported. Application written in Python or Java can directly be deployed. We are charged on the actual normalized CPU cycles used and storage is only non relational. Charge which is calculated on these parameters – bandwidth, CPU, storage, emails send. Bandwidth usage charges are $0.12 per GB, CPU cycles usage charges are from $0.08 to $0.64 per hour depending upon the capacity, storage charges are $0.13 to $0.64 per GB per month. B. MICROSOFT AZURE Offering has 3 main parts which are Windows Azure, SQL Azure and App Fabric. It is used Hyper-V for virtualizes. It works more like an Amazon than like Google. There is an offer where the service can be avail for free. Payment is made for the resources used. For one instance of Virtual Machine usage charges vary from $15.00 per month (Extra Small Instance) to $720.00 per month (Extra Large Instance). Data storage charges are $4.995 per month up to 100MB and $9.99 per month for greater than 100MB up to1GB. Additional charges are and Europe regions and $0.19 per GB for Asia Pacific Region. The developing environment Visual Studio is applicable for additional usage more than 1GB. Bandwidth usage charges are $0.12per GB for North America through an SDK. C. FINDINGS Amazon has been one of the first service providers that provide sharing of resources (storage space and computing) to create a very scalable and flexible platform and resizable compute capacity in the cloud computing. Amazon EC2 which changes the economics of computing by allowing paying only for capacity that is actually used. The survey findings articulate that Amazon bested Google and Microsoft and Amazon is recognized as the leader. XI. CONCLUSION Cloud Computing provides computing services in today’s competitive environment in a highly scalable way. The environments provided by the cloud strives to be reliable, dynamic, customizable robust and elastic with a guaranteed Quality of Service. This survey will provide an idea on the current trends in the cloud systems and security, comparison studies of Amazon EC2, Microsoft Azure and Google App Engine is made based on technology benefits, business benefits and future trends. In this paper initialize the challenges which are currently faced in the cloud computing industry are highlighted and summarized the dominance of the Cloud Computing.

XII. REFERENCE [1] "Cloud Computing: Clash of the clouds". 2009-10-15. [2] "Defining "Cloud Services" and "Cloud Computing"" IDC. 2008-09-23. Retrieved 2010-08-22. [3] Mel P. and Grance G., “The NIST Definition of Cloud Computing (Draft),” in Proceedings of the National Institute of Standards and Technology, Gaithersburg. [4] Chandran S. and M. Angepat . “Cloud computing and analyzing. the risks specified in cloud computing environments” in the Proceeding of Natural Sciences and Engineering Sweden, pp. 2-4- 2010.

[5] Pfleeger C. and Pfleeger S., Security in Computing, 2nd ed, Prentice Hall, New Jersey, 1997. [6] Metri P. and Sarote G., “Privacy Issues and Challenges in Cloud computing,” International Journal of Advanced Engineering Sciences and Technologies. 5-6- 2011. [7] Vouk, M.A. Cloud Computing -Issues, research and implementations, IEEE Information Technology Interfaces 30th International Conference. [8] Klems, M. Lenk, , J. Sandholm , A. Nimis ‘What’s Inside the Cloud? And ‘ An Architectural Map of Cloud the Landscape’, IEEE Explore, pp 23-31, viewed 21 (2009). [9] L. Wang etal. “Scientific Cloud” and ” cloud Computing: early



definition and experience”. [10] , ZHENG Wei Min, CHEN Kang, Cloud Computing System Instances and current Research”. [11] D. Dikaiakos, D. Katsaros , P. Mehra , A..Vakali , ‘Cloud computing in distributed internet computing for IT and Scientific Research’, IEEE explore, pp 23-31, viewed 22 (2009). [12] S. Singh, “Different Cloud Computing 4. Putting Standards a

Huge Challenge,” The Economic Times, 4June2009; http://economictimes.india times.com/Infotech/Different – cloud-computing-standards/articleshow/4614446.cm. Computing.WorkshoponCryptographyandSecurity Cloud.Zurich.Catteddu,D.(2010).

survey of the network security in cloud computing

Documents