LANWAN security of database in cloud computing
Cloud computing is a buzz in the information technology industry. There has been effort by companies and individuals to store databases in the cloud but the big questions is whether there is enough mechanisms to assure their safety while they are stored in the cloud. the point of contentions here is that there are few companies which provide could computing services and they are the same companies who have to make sure that the security of what they store in their clouds is assured for their clients. Many researchers and technologists argue that there should be third party companies who should be concerned with security of information that are stored in the cloud. The third party players will become the natural byproduct of the new technology of cloud computing. Cloud computing providers are totally responsible for what is taking place in their clouds including the security of the data. Clients have had to communicate with these providers very often to make sure that all is well with their data in the cloud. This paper will look at the various instances where the security of databases can be achieved in a cloud computing environment.
Chapter one
1.1 Introduction
Cloud computing knowledge is important for one to understand the strategy that needs to be taken when coming up with security implementation in a LANWAN cloud environment. This technology involves sending services which have been hosted through the Internet. Cloud computing would be useless without the technologies like Web 2.0, Software as a Service (SaaS), and Data as a Service (DaaS). These technologies have made cloud computing a success (Cleveland, 2009). The main aim of cloud computing is to change the paradigm to another shift so that computing could get a new meaning information technology moved from desktop applications to getting services which are hosted in the cloud. As the world delves into cloud computing, there are security issues which have become a point of concern form many.
Cloud computing involve the use of the Internet to get services that were initially got from desktop computers LANWAN security of cloud computing is paramount to the storage of databases in the cloud. This technology of cloud computing allows businesses and consumers to get access to applications without the need of installing them on their own on-site servers. One of the ways of using the application in a cloud computing environment is by installing it in a remote server. The applications are installed on remote servers. In the normal way of applications use, consumers purchase licenses for application software from their software provider and install them on their on-site servers. In cloud computing case, it is On Demand basis where consumers pay a subscription fee for the service. The use of this technology increases efficiency because the storage, memory and processing are centralized.
There are three types of cloud computing. The first is the Software as a service (SaaS). This is the cloud computing type where applications are installed on the remote servers and then offered to the consumer as a service. A single instance of the application software is set to run on the cloud and serves multiple users or organizations. In the traditional software use, users would purchase the license and install them on their on-site servers. With cloud computing, the end-user will pay for the service he uses.
The second type of cloud computing is the Platform as a service (PaaS). Most companies started by providing SaaS to the end-users. This is where the cloud computing and the LANWAN cloud computing storage of data all started. Most of these companies have also started developing platform services for the end-users. In PaaS, products are provided to enable applications to be deployed on the end-users. Platforms act as an interface to enable users to get access to applications which are provided by partners or by customers. Some of the big players in this cloud computing industry like Microsoft, Google and Amazon have provided platforms which include Windows Live for Microsoft, Apps Engine for Google and EC2 for Amazon. Providers like Amazon, Google, and Microsoft have developed platforms which enable users to gain access to applications stored on centralized servers.
Chapter two
2.1 Literature review
McIvor and Schulze (2008) discuss the limitations that were experienced with grid computing. One of the problems of grid computing is the fact that it exposes too much detail of the underlying implementation thus making interoperability more complex and scaling almost impossible (McEvoy, Schulze, 2008). Instead of this being a flaw it became one feature of grid computing. When someone is looking for solution at a more abstract and higher level, that is where cloud computing becomes handy and plays a big role.
Jha, Merzky, Fox also give a descripti9on of clouds as providing higher level abstraction through which services are delivered to the customer. It is widely agreed that the difference between the cloud and grid is the complexity of the interface through which the services are delivered to the customer and the extent to which the resources underlying are exposed. With cloud computing, the interfaces of higher-level cloud restrict the services to off-the-shelf software, which are deployed as a generic shared platform (Jha, Merzky, Fox).
There are many papers and proceedings which discuss SaaS, cloud computing, virtualization, and grid computing. Several of the most useful references are summarized in this section. The references for both the support and conflicts of the various definitions are all included.
The have been various views about the cloud model. Some authors have argued that cloud computing model incorporates popular trends such as Web 2.0 SaaS, and DaaS. The main aim of all these revolutions is so that we may change the way we compute and shift absolutely from desktop based computing to services and resources which are hosted in the cloud.
There have been other explanations about cloud computing that gives the distinction between cloud services and cloud computing. He argues that a cloud service is any business or consumer service that is consumed and delivered over the Internet in real-time. Cloud computing depends on the network, LANWAN, which makes it worth researching. The cloud services are accessed by the clients using the Internet. What the users need to have is Internet connection.
Another definition of cloud computing is that it is a style of computing where large and scalable information technology activities are provided as a service using Internet technologies to external customers. Cloud computing are characterized by their self-service nature where users customers acquire resources any time they wish to use these services as long they have an Internet connection and can get rid of these services when they are no longer interested in these services.
A cloud computing system is the environment where the consumption of cloud services is enables and made possible. Cloud computing is a new way where capacity is increased, capabilities added and functionalities exploited without the need to add any infrastructure to the system, train new skills or acquisition of a new software license. In this new setup, the services can be categorized into concepts depending on the needs of the consumer. These categories include Infrastructure-as-a-Service (IaaS), Platform-as-a-Service (PaaS), managed service providers (MSP), and utility computing which deals with products, services, and solutions that are consumed over the Internet real-time. The users of cloud computing do not possess any infrastructure of the system because there is no initial investment in serves or software licenses. They instead use the resources as a service and pay for the use of these resources which are supplied by the service provider. In this case, most cloud computing providers have options which feature computing items which range from lower-powered system units to units which require extensive multicore CPU resources.
Conceptual framework
The theory that this paper will come up with is the fact that computing, with the cloud computing, is effective when centralized. This is because the entire buzz in this area of cloud goes back to centralization. The recent developments in computing shoes a very interesting fact that computing is shifting back to centralized services just the ones we had in the 20th century. We can thus say that the pendulum is swinging back to its original place. The theory behind all these is the fact that computing is going back to the old days of centralized infrastructure. It is therefore worth noting that computing is more efficient when they are centralized. In my own view, there is the development of computing basing on virtualization. This is because virtualization has been the main pillar in the coming of cloud computing. All the concepts of cloud computing have all originated from virtualization technologies. A brief overview of virtualization shows that cloud computing is in itself a subset of cloud computing.
Berry et al (2005) indicates that the concept of virtual machines started to be in existence since 1960s the time when IBM first developed the act of concurrent and interactive access to a mainframe computer. Each individual virtual machine used to give users the simulation of the real physical machine thus giving them the services that could have been there if they were accessing the machine directly. This gave way to a good, elegant way of sharing resources and time. This also gave way to reduction of costs on the ever-soaring costs of hardware. Each of the virtual machine was fully protected so that each was a separate copy in the underlying operating system. Users could run, and execute applications concurrently without fearing the occurrence of crush in the system. This technology was therefore used to reduce the cost of acquiring new hardware and at the same time improving productivity because users could work at the same time on the same machine.
There has been the practice of this technology in storage devices whereby they have been divided into partitions. A partition is a division which is logical done on the hard disk drive to simulate the effect of two separate hard disks.
The act of virtualization in operating system is where there is the use of software to enable a piece of hardware to run more than one operating system images simultaneously. This technology got its boost from mainframes ten years ago which allowed administrators to bring to an end a waste of expensive processing power.
Virtualization software was adopted at a very fast rate than ever imagined. Even Information Technology experts embraced this technology. Virtualization has been applied in three areas of Information Technology. These areas include networking, storage and servers. Network virtualization is the method of combining the available resources in a network and by splitting the available bandwidth into several channels each of these channels is independent of each other and can be assigned to a particular server or device in real time. The main idea behind network virtualization is so that the network can be divided into different manageable parts.
Storage virtualization is the act of pooling physical storage from multiple network storage devices so that there is a simulation of a single storage on the network which can be managed centrally. This technology is what has been popularly known as storage area networks (SANs).
Server virtualization is the masking of resources that is used by the server which include the number of individual users on the servers and the processors in the servers from the server users. The main aim of server virtualization is so that the user is spared having to understand and manage the complex details of the server resources while striving to increase sharing of resources and utilizing the capacity so that it can be expanded at a later time.
The technology of virtualization can be seen as a subset of the overall trend in information technology where it includes autonomic computing which is a scenario where the environment for information technology can manage itself based on perceived activity and utility computing which is where computer processing power is a utility where clients can pay only as needed. The main aim of virtualization is so that administrative tasks are centralized and improvement of scalability and work-overload is achieved.
From this computing trend, it is clear that computing is headed in developing more and more virtual hardware so that the real hardware is not seen per se but their work and presence is tremendous. This explains the reason we have virtual partition drives in computer hardware, the presence of grid computing.
There are many papers and proceedings which discuss SaaS, cloud computing, virtualization, and grid computing. Several of the most useful references are summarized in this section. The references for both the support and conflicts of the various definitions are all included.
The have been various views about the cloud model. Some authors have argued that cloud computing model incorporates popular trends such as Web 2.0 SaaS, and DaaS. The main aim of all these revolutions is so that we may change the way we compute and shift absolutely from desktop based computing to services and resources which are hosted in the cloud.
There have been other explanations about cloud computing that gives the distinction between cloud services and cloud computing. He argues that a cloud service is any business or consumer service that is consumed and delivered over the Internet in real-time. Cloud computing on the other hand consists of a full information technology environment which consists of all the components of network products that make the delivery of cloud services a reality. This is what enables cloud services to be performed.
Another definition of cloud computing is that it is a style of computing where large and scalable information technology activities are provided as a service using Internet technologies to external customers. Cloud computing are characterized by their self-service nature where users customers acquire resources any time they wish to use these services as long they have an Internet connection and can get rid of these services when they are no longer interested in these services.
A cloud computing system is the environment where the consumption of cloud services is enables and made possible. Cloud computing is a new way where capacity is increased, capabilities added and functionalities exploited without the need to add any infrastructure to the system, train new skills or acquisition of a new software license. In this new setup, the services can be categorized into concepts depending on the needs of the consumer. These categories include Infrastructure-as-a-Service (IaaS), Platform-as-a-Service (PaaS), managed service providers (MSP), and utility computing which deals with products, services, and solutions that are consumed over the Internet real-time. The users of cloud computing do not possess any infrastructure of the system because there is no initial investment in serves or software licenses. They instead use the resources as a service and pay for the use of these resources which are supplied by the service provider. In this case, most cloud computing providers have options which feature computing items which range from lower-powered system units to units which require extensive multicore CPU systems which require more resources for their operations.
2.2 Research Questions
This paper is based on the following research questions
What is the security level of the database which stored in the cloud How is the security of unauthorized access of the data and databases which are stored in the cloud There is much to desire for the control of data in the cloud. What is the responsibility of the corporate users in the cloud With all the hype that has been associated with cloud computing, there are issues which should be considered before any company shifts their paradigm and move completely to cloud computing (Dodani, 2009). There is the issue of lose of control for information. The end user will lose control of the information once they are sent to the cloud. Hackers are no longer teenagers who are idle but they have become expert IT professionals who have made hacking their full time mission. The issue of security cannot be left on remote managers and servers and expect that everything will be right. All the security is left to the third-party to ensure this. In theory, the data which is stored in the cloud is unusually safe and they are replicated across multiple machines. In case the data is lost, there is no local backup. This can be overcome if the users download all the documents which have been stored in the cloud to the desktop. This might be tedious to most users, the more reason why most of the users are still skeptical about moving to this new technology.
The second research question is to deal with performance of the database in the cloud. Cloud computing vendors may not meet the quality that is required for quality performance. There are standards that have been set for proper storage of data in any environment. With cloud computing vendors not regulated, it leaves a lot of security leaks which could be detrimental to the security and integrity of the data in the cloud (Dodani, 2009).
The third research question is about management of the database in the cloud. It is proving to be a difficult task to administer security and manage a virtualized corporate information technology environment. The management of the security in the cloud may be thwarted with the complications of the legalities that come with this. There are no tools available for the user to monitor the security level and manage cloud computing vendors and their products.
The forth question is about governance and regulatory compliance. With there are many questions that come in mind when outsourcing of services is raised in any organization. The processes of cloud computing, internal tools to be used by the buyers and third-party auditor process need to be addressed.
The fifth question is about finance of managing the security of the database in the cloud. Will the company be able to manage the management of the security in the cloud without adding any budgetary allocations to it If there are tools which will be developed by the buyers, will the tools be costly once they have been adopted by the company
Chapter three
3.1 Methodology
Due to few companies which have implemented cloud computing, it was hard getting a company to get the features and their views on cloud computing security, like how data will be secured while being transferred to the cloud, and how data will be secured while in the cloud. Most of the research were got from giant companies like Google, IBM and Microsoft, which have fully adopted cloud computing in their systems and have all the tools that are required to study this subject well. Most of the views were taken form renowned review sites, like CNET and ZDNET, which have a wide experience in getting company information and technology trends in the offing. These review sites have a balanced representation of the companies.
3.1.1Procedures
The results were from 5 companies which have widely dealt with cloud computing and are concerned with the security of the databases stored in the clouds. These companies have their representatives and program officers who were very helpful in this research. This is because they are the leading in the development and development of cloud computing. Data was collected using SPSS program. The views from the employees of these companies were captured in a questionnaire which was sent online. They were asked how they perceive their achievement of the database security in cloud computing. They were then asked of their personal feel of the extent to which the war against attacks in the cloud has been achieved.
In part 1, the respondents were told to give the things they feel are important when one is implementing cloud computing. They were told to give the issues they feel were paramount in implementing security in cloud computing environments. Participants were then asked a series of questions related to database security in cloud computing the type of cloud computing they wish to implement (attribute vs. consensus), the type of information source (personal vs. impersonal), type of heuristics (independent self-related vs. interdependent self-related), decision speed, consideration set, product involvement, and product knowledge. In part 2, participants were asked a series of individual differences in their technologies they wished to b implemented. In part 3, participants were presented with demographic questions such as age, gender, nationality, raceethnicity, and cultural identity. Once a participant finished the questionnaire, heshe was thanked and dismissed.
Categories:
0 comments:
Post a Comment