Survey of the network security in cloud computing

Download Survey of the network security in cloud computing

Post on 16-Apr-2017

212 views

Category:

Documents

0 download

Embed Size (px)

TRANSCRIPT

<ul><li><p>International Journal of Computer Trends and Technology (IJCTT) volume 4 Issue 8August 2013 </p><p>ISSN: 2231-2803 http://www.ijcttjournal.org Page 2680 </p><p> Abstract-Network security has become more important to personal computer users, organizations, and the military. But still many companies are not ready to implement cloud computing technology due to lack of proper security control policy and weakness in protection which lead to many challenge in cloud computing. Cloud computing is a virtualization technology that uses the internet and central remote servers to offer the sharing of resources such as software, infrastructures, business and applications processes to the market environment to fulfill the elastic demand. To prevent Data from unauthorized access, it propose a distributed scheme for providing security of the data in cloud. This paper presents a survey of the network security of Cloud Computing. This includes a discussion of the evolution process in cloud computing and current technologies adopted in cloud computing. This survey paper also presents a comparative study of cloud computing platforms (Amazon, Google and Microsoft). KeywordsCloud computing, Cloud computing service models (SAAS,IAAS,PAAS), Types of Cloud computing, Network issues, Security issues. I. INTRODUCTION The technology uses the Internet and central remote servers to maintain data and applications. Cloud computing that allows businesses to use applications without installation and access their personal files at any computer with internet access. This computing technology allows for more efficient computing by centralizing storage, memory, processing and bandwidth. In 2005, the term cloud computing became popular and the sub classification of IAAS, PAAS &amp; SAAS got formalized. The term Cloud Computing refers to both the applications delivered as services over the Internet and the servers and system software in the data centers that provide those services. Cloud computing really is accessing resources and services needed to perform functions with dynamically changing needs. An application developer requests access from the cloud rather than a specific endpoint or named resource. This paper describes the cloud computing, cloud computing models, and a comparative study of cloud computing systems. II. CLOUD COMPUTING SERVICE MODELS A. SOFTWARE AS A SERVICE (SAAS) SAAS is the most common form of cloud computing for small businesses. SAAS is the online delivery of software functionality and capability without the need for locally running software. SAAS runs on a Web browser. Gmail and Sales force are two popular SAAS products. Direct benefits of SAAS include reduced hardware costs, reduced software licensing costs, </p><p>and more flexible IT resources that can be dialed up or down quickly on demand. SAAS applications allow users to access and manipulate their data anywhere they have a data connection from any device an important consideration in a world where nearly everyone has several compute platforms (mobile, laptop, tablet).The software application host is responsible for controlling and maintaining the application, software updates and settings. Example of a SAAS is a web-based mail service or customer relationship management system. B. INFRASTRUCTURE AS A SERVICE (IAAS) IAAS is the delivery model which provides computer Infrastructure as a service. The service provider maintains the physical computer hardware consist of CPU processing, memory, data storage and network connection. This entails the rental of a complete computing resources for running applications, hosting data and companys entire computing environment. Examples of an IAAS include Amazon EC2, Rack space and Windows Azure. </p><p> C. PLATFORM AS A SERVICE (PAAS) </p><p>PAAS can be described as a crossover of both SAAS and IAAS. Using a PAAS companies can produce new applications more quickly and with a greater degree of flexibility than with older development platforms tied directly to hardware resources. Application development on a PAAS has a number of key benefits. Programmers especially appreciate that the cloud provider handles all the care and maintenance of the underlying operating systems, servers, storage, and application containers. PAAS environments can be much useful when development teams are widespread geographically or when partner companies or divisions share development efforts. Traditionally, hardware and software is fully contained on a users computer. This means that you access your data and programs exclusively within your own computer. Cloud computing allows you to access your data and programs outside of your own computing environment. Instead of storing your data and software on your personal computer or server, it is stored in 'the cloud'. This could include applications, databases, email and file services. A common analogy to describe cloud computing is renting versus buying. Essentially, you rent capacity (server space or access to software) from a cloud service provider and connect over the internet. III. TYPES OF CLOUD COMPUTING A. PUBLIC CLOUD COMPUTING A public cloud provides all of the infrastructure and services through the Internet. It is cost effective because the cost is spread out and shared across a very large group of individuals and businesses. Some of the service providers are Google, Amazon, </p><p>Survey of the network security in cloud computing M.usha devi#1 Research Scholar Mr. B.Loganathan*2 #Assistant professor </p><p> Department of Computer Science Government Arts college(Autonomous),Coimbatore-18,Tamilnadu,India. </p></li><li><p>International Journal of Computer Trends and Technology (IJCTT) volume 4 Issue 8August 2013 </p><p>ISSN: 2231-2803 http://www.ijcttjournal.org Page 2681 </p><p>Microsoft. Here a user does not have a control on the management of the resources. All the thing is managed by the third party and its their responsibility to apply software updates, security patches etc . This means that IT systems are shared by various users to a very high degree and since the networks are not separated, the user does not really know where his data is stored. A Public Cloud provide the best potential in terms of cost-effectiveness, so it only offers nominal data protection and specific availability. Service providers manage the infrastructure and pool resources into capacity that any customer can claim. The main benefits of using a public cloud are easy and inexpensive set-up because application, hardware and bandwidth costs are covered by the provider. Some issues related to public clouds are the user of public clouds have no control where their data is saved. Security and data protection is of nominal type. B. PRIVATE CLOUD COMPUTING In private clouds, the infrastructure and services are maintained on a private network. This type of cloud must be set up and maintained by personnel, so it is not ideal for a company that wants to operate with as few employees as possible. It still allows a company to maintain a smaller staff because its simpler to maintain once it is created. No other parties are involved with a private cloud. Private cloud otherwise called as internal cloud or corporate cloud that provides hosted services to a limited number of people behind a firewall. Private Clouds emulate cloud computing on private networks. Private Clouds represents an enterprise-specific environment with dedicated IT systems as well as private access and sharing. The rules can be defined and implemented individually. When Private Clouds are enhanced and hosted on the premises of the organization consuming it, they are also called as to On-Premise Private Clouds. The storage is typically not shared outside the enterprise and full control is retained by the organization. Cloud is as simple as adding another server to the pool and the self-managing architecture expands the cloud by adding performance and capacity. The main benefits of using private cloud are an enhanced security and data protection and one can raise it as much level as one wishes. The user has total control of where the data is being saved and easily recover from failure. Easy monitoring of demand for service and accordingly manage the cloud by scaling up or down. Very useful for Enterprise IT organizations use their own private cloud(s) for mission critical and other operational systems to protect critical infrastructures. Hence the cost of operation is high compared to Public Clouds. C. COMMUNITY CLOUD COMPUTING A community cloud exists where several organizations share access to a private cloud, with the same security considerations. For example that a series of franchises have their own public clouds and they are hosted remotely in a private environment. D. HYBRID CLOUD COMPUTING A hybrid cloud model takes advantages of both public and private cloud services. The hybrid cloud is the ideal way to effectively meet the needs of various parts of a business. For example, you could use a public cloud for your emails to save on large storage costs and keep your highly sensitive data safe and secure behind your firewall in a private cloud. . Hybrid Cloud provides applications and data in a secure manner so that many organizations prefer to keep sensitive data under their own control to ensure security. IV. NETWORK ISSUES IN CLOUD COMPUTING </p><p> A. ATTACK OF NETWORK SNIFFING Another type of attack is network sniffer, it is a more difficult issue of network security in which unencrypted data are hacked through network for example an attacker can hack passwords that are not properly encrypted during communication. If the communicator is not used encryption techniques for data security then attacker can capture the data during transmission as a third party. For this attack, the parties should use encryption methods for securing there data. B. MIDDLE ATTACK This is another issue of network security that will happen if secure socket layer (SSL) is not configured properly. For example, if two parties are communicating with one other and SSL is not properly installed then all the data communication between two parties could be hack by the middle party. For this attack, SSL must properly install and it should check before communication with other authorized parties. C. DENIAL OF SERVICE When hackers overflows a network server or web server with frequent request of services to damaging network, the denial of service cant keep up with them, server couldnt legitimate client regular requests. In cloud computing, hacker attack on the server by sending thousands of requests to the server that server is unable to respond to the regular clients in this way server will not work properly. For this attack is to reduce the privileges of the user that connected to a server and this will help to reduce the DOS attack. V. SECURITY ISSUES IN CLOUD COMPUTING A. BROWSER SECURITY The first issue is Browser security. As a client sent request to the server by web browser the web browser have to make use of SSL to encrypt the credentials to authenticate the user.SSL support point to point communication means if there is third party and then middle host can decrypt the data and if the hacker installs sniffing packages on host, the middle attacker may get the credentials of the user and use in these credentials in the cloud system as a valid user. For this attack, Vendor should use WS-security concept on web browsers because WS-security works in message level that use XML encryption for continuous encryption of SOAP messages which does not have to be decrypted at mediator hosts B. XML SIGNATURE ELEMENTWRAPPING Attacker targets the component by operating the SOAP messages and putting anything that attacker like. For this attack, used the digital certificate. For example, X.509 authorized by third party such as certificate authorities and also uses the mixture of WS-security with XML signature to a particular component. XML should have the list of components so that it can reject the messages which have malicious file and also reject the unexpected messages from the client. . C. CLOUDMALWARE INJECTION ATTACK Cloud Malware Injection Attack, which tries to damage a service, application. An interloper is obligatory to generate his personal spiteful application, service request and put it into the cloud structure. Once the spiteful software is entered into the cloud structure, the attacker care for the software as legitimate request. If successful user ask for the service then malicious is implemented. Attacker can upload virus program into the cloud structure. Once cloud structure care for as a legitimate service the virus is implemented which spoils the cloud structure. For this case hardware damages and attacker aim is to damage the user. Once if user asks for the program request the cloud throws the virus to the client over the internet. The client machine is affected by virus. </p></li><li><p>International Journal of Computer Trends and Technology (IJCTT) volume 4 Issue 8August 2013 </p><p>ISSN: 2231-2803 http://www.ijcttjournal.org Page 2682 </p><p>Counter measure for this attack is authenticity check for received messages. Storing the original image file of the request by using hash function and compare it with the hash value of all upcoming service requests. In this, attacker create a legitimate hash value to deal with cloud system or to enter into the cloud system. D. FLOODING ATTACK Cloud system repeatedly increase its size when there is further requests from clients cloud system initialize new service request in order to maintain client requirements. Flooding attack is distributing a great amount of non-sense requests to a certain service. Once if the attacker throw a lot of requests by providing more recourses cloud system will attempt to work against the requests, then system consume all recourses and not capable to supply service to normal requests from user. Attacker attacks the service server. DOS attacks cost provide extra fees to the consumer for usage of recourses. In thi...</p></li></ul>