Sehgal NK, Sohoni S, Xiong Y, Fritz D, Mulia W, Acken JM. A Cross Section of the Issues and Research Activities Related to Both Information Security and Could Computing. IETE Tech Rev 2011; 28:279-91
In this article the authors are informing users of the benefits of cloud computing as well as any related security issues. Knowing that cloud computing is the direction for the future, the authors would like for an increase in research to occur around this topic. Before cloud computing, computing has been in physical boundary of which has giving the users the comfort that their information is secure. A cloud does not have clear boundaries. As more solutions are provided regarding security the more users will trust in and accelerate the adoption of cloud computing.
With the growth of cloud computing there are increases of challenges and opportunities surrounding information security. Information Security is defined as the protection of data and processing from unauthorized observation, modification, or interference. This article refers to cloud computing as “providing IT services, applications and data using scalable pool(s), possibly residing remotely, such that users do not need to consider the physical location of the servers or storage that supports their needs,” however, the definition is still evolving. There are three different types of models for cloud computing: public clouds, private clouds, and hybrid clouds. Public computing creates the greatest amount of potential security threats.
There are benefits for companies and users when using cloud computing. The benefits of cloud computing are automated provisioning and data migration, seamless scaling and increased multi-tenancy. With automated provisioning and data migration it eliminates users concerns about having to buy new servers, as well as loading new operating systems. The cloud also offers on demand purchasing of capacity which will help companies in time restraints. Companies can now save on upfront investment of hardware and software purchases.
Cloud computing has been rapidly evolving from end user services to support critical business and business applications. As the progression continues new emerging trends are starting to appear. These trends include and expansion of the on demand imaging, virtual data centers, flexibility, scalability, new pricing models (pay for what you use), and Service Level Agreement (better predictability to meet goals).
Companies are starting to utilize the clouds services to enhance their business to remain competitive. When using these clouds they need to address some security issues such as network latency, fine-grained migration and provisioning, standards and open-source solutions for cloud infrastructure support, and offline vs. online synchronization of data. Companies do remain hesitant due to these security concerns. Information security can be viewed as including three functions, access control (entrance and reentry), secure communication (transfer of information) and protection of private data (storage, devices, processing units and cache memory).
In this article they describe the following security topics: identity authentication, secure transmissions, secure storage and computation and the security players. Identity authentication occurs when a person tries to access the system. There are three elements to the identity authentication process; what you have, what you know, and what you are. Secure transmission is when a secure source environment and secure destination environment exists. When transmitting data, one needs to ensure that if it hits and unsecure environment that the information is encrypted. Encrypting data is also needs to occur when storing and computation data. In this article they give roles