Cloud Computing offers an on-demand and scalable access to a shared pool of resources hosted in a data center at providers’ site. It reduces the overheads of up-front investments and financial risks for the end-user. Regardless of the fact that cloud computing offers great advantages to the end users, there are several challenging issues that are mandatory to be addressed.

1. Yateesh Avula
(@yatee15)

2. What is Cloud Computing?
 Cloud is Common
Location –independent
Online
Utility
available on Demand Services.
 Cloud computing means "a type of Internet-based computing," where different services — such as
servers, storage and applications —are delivered to an organization's computers and devices through the
internet.
 Cloud computing is the broader concept of converged infrastructure and shared services.
 It not just promises cheaper IT, but also faster, easier, more flexible and more effective IT.
 It is also versatile and flexible application of internet.
 This are fully managed by the cloud provider; the consumer requires only a computer and internet
access.

3. Clouds can be classified as public, private or hybrid.
Private Cloud (Low Security Risk):
> Typically owned by the respective Enterprise.
> Functionalities are not directly exposed to customers.
Public Cloud ( More Security Risk ):
> Enterprises may use Cloud functionalities from others .
> Scope of functionalities may differ.
Hybrid Cloud ( High Security Risk ):
> Mixed employment of private & Public cloud.
> Provide highly customized, enhanced offerings to local companies &
world class application
Deployment TypeDeployment Type

5. Locations & ServicesLocations & Services

6.  PaaS as well as SaaS are hosted on top of IaaS; thus, any breach in IaaS will impact the security of both
PaaS and SaaS services.
 PaaS offers a platform to build and deploy SaaS applications, which increases the security dependency
between them.
 These relationships and dependencies between cloud models may also be a source of security risks.
 A SaaS provider may rent a development environment from a PaaS provider, which might also rent an
infrastructure from an IaaS provider.
 Each provider is responsible for securing his own services, which may result in an inconsistent
combination of security models.
 It also creates confusion over which service provider is responsible once an attack happens.

7. Cloud computing security challenges fall into three broad categories:
Data Protection
> Securing your data both at rest and in transit.
User Authentication
> Limiting access to data and monitoring who accesses the data.
Disaster and Data Breach
> Contingency Planning.

8.  Data breaches:
> It is an incident in which sensitive, protected or confidential data has potentially been
viewed, stolen or used by an individual unauthorized.
 Data loss:
> Valuable data disappear into the ether without a trace.
 Account or service traffic hijacking:
> An attacker gains access to your account, he or she can eavesdrop on your activities and
redirect your clients to illegitimate sites.
 Insecure interfaces and APIs:
> Cloud computing providers expose a set of software interfaces or APIs that customers use to
manage and interact with cloud services.
SECURITY ISSUES IN CLOUD COMPUTINGSECURITY ISSUES IN CLOUD COMPUTING

9.  Denial of service:
> DoS outages can cost service providers customers and prove pricey to customers who
are billed based on disk space consumed.
 Malicious insiders:
> It can be a current or former employee, a contractor, or a business partner who gains
access to a network, system, or data for malicious purposes.
 Cloud abuse:
> A bad guy using a cloud service to break an encryption key which is too difficult to
crack on a standard computer.
 Shared technology vulnerabilities:
> Cloud service providers share infrastructure, platforms, and applications to deliver their
services in a scalable way.
Cont……Cont……

10. How to ensure Users that bothHow to ensure Users that both
Data and Code are safe ?Data and Code are safe ?
 Very hard for the customers to actually verify the currently implemented security
practices and initiatives of a cloud computing service provider because the customer
generally has no access to the provider’s facility which can be comprised of multiple
facilities spread around the globe.
Solution:
 Provider should get some standard certificates from some governing institution that
ensure users that provider has established adequate internal control and these control
are operating efficiently.

11. ConclusionConclusion
Cloud computing can be seen as a new phenomenon which is set to
revolutionise the way we use the Internet, there is much to be cautious about.
There are many new technologies emerging at a rapid rate, each with
technological advancements and with the potential of making human’s lives
easier. However, one must be very careful to understand the security risks and
challenges posed in utilizing these technologies.