Road Towards Cloud Computing – What are the issues? – Part – III
Multi-clouds Database Model (MCDB)
This is a method of Data Splitting which uses multiple clouds and several other techniques to ensure data is split in across clouds in a manner that preserves the data Confidentiality, Integrity and ensures Availability. Businesses now prefer professionals with cloud computing certification. MCDB provides cloud with database storage in multi-clouds.
MCDB model does not preserve security in a single cloud; rather security and privacy of data will be preserved by applying multi-shares technique on multi-clouds. By doing so, it avoids the negative effects of single cloud, reduces the security risks from malicious insiders in cloud computing environment and reduces the negative impact of encryption techniques . MCDB preserves security and privacy of user’s data by replicating data among several clouds, using a secret sharing approach that uses Shamir’s secret sharing algorithm, and using a triple modular redundancy (TMR) technique with the sequential method. It deals with the cloud manager to manage and control operations between the clients and the multi-clouds inside super cloud service provider .
Cloud systems share computational resources, storage, services between multiple customer applications (tenants) in order to achieve efficient utilization of resources while decreasing cost, this is referred to as multi-tenancy. However, this sharing of resources violates the confidentiality of tenants’ IT Assets. This implies that unless there’s a degree of isolation between these tenants, it is very difficult to keep an eye on the data flowing between different realms which make the multi-tenancy model insecure for adoption . Some multi-tenancy issues are:
Virtual Machine Attacks
Typically, in a cloud, business data and applications are stored and ran within virtual machines. These virtual machines are usually running on a server with other virtual machines, some of which can be malicious. Research has shown that attacks against, with and between virtual machines are possible. If one of the virtual machines on a server hosts a malicious application that breaches legal or operational barriers; this may lead legal authorities, the service provider or other authorities to shutting down and blocking access the entire server. This would greatly affect the users of the other Virtual Machines on the server.
Assuming the cloud system isn’t running on a virtual machine, the hardware is now an issue. Research has shown that it is possible for information to flow between processor cores, meaning that an application running on one core of a processor can get access to information of another application running on another core. Applications can also pass data between cores. Multicore processors often have complex and large caches. With these hardware resources, if data is decrypted in the cloud, if even for a moment for comparison, it would then exist unencrypted in the memory of some one of the cloud machines. The problem is that we don’t know what other application is running on these machines.
Other malicious cloud users or the service provider can me monitoring the machine memory and be able to read our data. However, the likelihood of these hardware attacks is very small. If one of the applications on a server hosts is malicious, this may lead to the service provider or some other authority shutting down and blocking access the entire server in order to investigate and determine the malicious application. This would greatly affect the users of the other applications on the server.
Cloud Computing offers some incredible benefits: unlimited storage, access to lightening quick processing power and the ability to easily share and process information; however, it does have several issues, and most of them are security related. Cloud systems must overcome many obstacles before it becomes widely adopted, but it can be utilized right now with some compromises and in the right conditions. People can enjoy the full benefits of cloud computing if we can address the very real security concerns that comes along with storing sensitive information in databases scattered around the internet. We have discussed several security issues that currently affect cloud systems; however, there may be many unmentioned and undiscovered security issues. Research is currently being done on the different known issues faced by cloud systems and possible solutions for these issues, however there is still a need for better solutions if cloud systems are to be widely adopted.
One of the main problems that need to be addressed is coming up with a clear and standardized format for the Service Level Agreement (SLA), a format that fully documents all of the services, what services and processes would be provided by the service provider to back up its assurances. When customers have the right level of expectations and the insecurities are deemed manageable, cloud computing as a whole will gain ground and take hold as usable technology. Another major issue cloud systems face is Encryption. Encryption is the main method of ensuring security of data stored in the cloud; however, encryption is computationally expensive. Encryption methods specific to DaaS (Cloud Databases) has been developed and more research is currently being done on Encryption mechanisms for cloud systems, however, more efficient methods are still needed to help accelerate the adoption of cloud systems.
· Weis & Alves-Foss, 2011
· Purushothama & Amberker, 2013
· AlZain, Soh, & Pardede, 2012
· Behl & Behl, 2012
About the On-Demand Webinar
About the Webinar