Cloud Computing is based on sharing of computing resources, which delivers different services like servers, applications and storage to organizations via internet. This service makes you free from managing hardware and software of an organization. With a cloud app, you have to run a browser, log in, customize the app, and start using it. Cloud Computing runs on different methods, which are discussed as under.
Cloud computing serviced are divided into three categories: Infrastructure-as-a-Service (IAAS), Platform-as-a-Service (PAAS), and Software-as-a-Service (SAAS).
Infrastructure-as-a-Service (IAAS): Cloud service provider performs the operation and maintenance of IAAS. It offers storage, hardware, servers, and networking function.
Platform-as-a-Service (PAAS): Developer creates a set of software with tools provided from provider. The total control of software deployment and configuration is in hand of developer. The provider offers only server and storage.
Software-as-a-Service (SAAS): It is available via the internet. Many organizations use this type of model. It provides a remote access of software and its tasks.
Cloud Computing Types:
There are different types of cloud computing models like private cloud, public cloud, hybrid cloud, community cloud.
Private Cloud: Private cloud is carried only in organization. Employees of organization can access data, application, and other service. Unknown person cannot access private cloud service. The operation and maintenance of a private cloud is in the hands of an organization.
Public Cloud: Any person can access a web application and service through the internet. Organizations do not have to purchase personal cloud storage; they can store their data and backup on the third party cloud storage.
Hybrid Cloud: It is a combination of a private and public cloud. Organizations keep their essential data in enterprise’s private cloud storage. The rest data rests on public cloud storage. It saves cost of public cloud storage due to the usage of private cloud storage.
Security is necessary for a cloud computing service due to storage of high volume of data and backup. There are some security issues, which we cannot ignore while considering cloud computing.
Data Transfer: Data transfer is a critical issue for cloud computing. For a cloud customer, it is very hard to judge the behavior of an attacker. It is essential to check that the data travels on a secure connection. Therefore, your data should be encrypted using industry standard protocol like IPSec (internet protocol security). Your URL should begin with HTTPS instead of HTTP.
Interface & Authentication: While accessing API or software interface, you should be careful about its dependability, liability, and privacy. A weak interface can cause security issues. Organization should go through the policies of cloud service provider. There are many policies regarding cloud authentication that must be matched with company’s strategy. The security administration policy should be flexible that should support for new services that have different background of authentication.
Injection Attack: Attacker can inject virus in cloud service that can damage cloud system. Attacker makes a malicious application or service and places it in the cloud. When a user chooses a malicious program request, the virus will enter in the user’s system and can damage the user’s system hardware.
Flooding Attack: The main object of cloud computing is to provide available resources to users. Cloud computing frequently increase its size as per request received from a user. Here, attacker can place false requests to cloud service. Now, cloud service accepts such request, then, there will be no space for the legitimate request. Client has to pay additional money for the used space generated through false links.
Data Storage: Client should ask to cloud service provider about the security for data storage. How they maintain the client’s data on storage is very important aspect for service provider. Strong security must be there at the time of data transfer and data storage. Even access level of data and the details of people who manage your confidential data should be obtained.
Sniffing: When your data is not encrypted then, attacker can hack a password during the transfer of data. SSL helps you to secure your data transfer while accessing Cloud Computing service. The third party cannot read your password or login details, when you have SSL security for your cloud service.
In this article, we have discussed the types, security issues, and methods of Cloud Computing. Cloud Computing is a service that provides access to virtualized resources and saves the cost of clients. Cloud Computing is really a helpful technology that needs security at the time of implementation. Encryption of data is necessary when you use Cloud Computing service.