Cmgt 441 - Security in the Cloud
Autor: jrf1964 • November 25, 2011 • Essay • 891 Words (4 Pages) • 1,440 Views
Security in the Cloud
Jamie Franklin
CMGT/441
November 14, 2011
David S. Murphy
Security in the Cloud
Companies are using the cloud more frequently, but they are concerned about the data they put into the cloud. This paper will explain the cloud, security concerns of the using the cloud, as well as what do look for when looking for a cloud provider. The top threats are concerned with insider attacks; log in credentials, and sharing of resources.
Cloud computing is where shared resources are accessed over the internet. The consumers benefit by saving money because they no longer need the hardware, software licenses, or system maintenance. There are three different areas of cloud computing. These aspects are:
• Software as a Service- Cloud provider uses their data center to host and manage applications which are available to customers over the internet. The major providers are Oracle CRM On Demand, Salesforce.com, and NetSuite.
• Platform as a Service- Developers are delivered application and deployment platforms over the internet. The company saves the expense of having to purchase the entire infrastructure needed to support the complete life cycle. Services like Google AppEngine and EngineYard are examples of Platform as a service.
• Infrastructure as a Service- Hardware and all the associated software delivered as a service to companies who pay. Web Services Elastic Compute Cloud (EC2) and Secure Storage Service (S3) are the major providers of this service.
Types of Clouds
There are three types of clouds. Private, public, and hybrid are the different types of cloud. Private clouds are controlled completely by the organization. The data center for the company runs and manages this type of cloud. There is no need for the regulatory, legal and security issues because the center is managed internally. Public clouds are run by external organizations that provide and manage the infrastructure. Hybrid cloud is a mix of the other two models.
Security Concerns of the Cloud
There are many security concerns to companies that use the cloud. These are the top threats and what can be done to prevent them from being affected by the threats. There is no particular order that they are presented. Not all clouds are affected by every one of these threats.
• Denial of Service Attacks- An attacker floods a network with excessive requests until the provider cannot provide service to the authorized users.
• XML Signature Element Wrapping- A common way to attack a web service.
...