• Home
  • Archive
  • Tools
  • Contact Us

The Customize Windows

Technology Journal

  • Cloud Computing
  • Computer
  • Digital Photography
  • Windows 7
  • Archive
  • Cloud Computing
  • Virtualization
  • Computer and Internet
  • Digital Photography
  • Android
  • Sysadmin
  • Electronics
  • Big Data
  • Virtualization
  • Downloads
  • Web Development
  • Apple
  • Android
Advertisement
You are here: Home » Technical Aspects of Data Security in the Cloud

By Abhishek Ghosh November 7, 2013 4:33 am Updated on November 7, 2013

Technical Aspects of Data Security in the Cloud

Advertisement

Technical aspects of data security in the cloud is one of the main reason why the companies or the end users thinks to be in the cloud. Here is a discussion.
Cloud computing is no longer just a buzzword, over the years cloud computing has established itself as a serious technology as alternative resource for infrastructure, platforms and applications. Cloud computing now offers own cloud based unique solutions for certain services. The end-users, for example, have the opportunity to outsource the data stored locally to export to the cloud and for getting this advantage, an Internet connection from anywhere is enough. But that is not the only advantage cloud computing provides. Especially the small and medium sized companies can react with the provided technology flexibly to new IT requirements. In addition to the outsourcing of the data, it is possible to combine cloud services and own data center to operate on the market. Through the sharing of resources, there is customer cost savings and quality benefits through the usage of the available standardized services on the market.

The cloud service provider (CSP) benefited from the sharing of resources and the improved utilization of their system, but this poses dangers. Regardless of whether it is an infrastructure, a platform or an application, all providers have to overcome major challenge to the end user. On the one hand, having the standards and certifications did help to both the cloud service provider (CSP) to make sure systems are at par with the standards available, as well as help the user to distinguish from non-legitimate cloud service providers.

The data security must be guaranteed for all data in the first place. In addition to the availability of systems and data integrity thus includes the confidential handling of data stored in the cloud. Therefore, the cloud service provider (CSP) must make extensive technical security measures.

Advertisement

---

Table of Contents

  • 1 Introduction
  • 2 Problems and Objectives
  • 3 Legislature and Standards
  • 4 Planning Model
  • 5 Authentication and Encryption

Go To Top of This Article

 

Technical Aspects of Data Security in the Cloud : Problems and Objectives

 

The supposedly inadequate security of cloud service provider (CSP) coupled with the uncertainty of the end users about data security shuns many clients to outsource company’s internal or personal data in the cloud. This barrier is thus confirmed by various third party driven statistics. The security survey covering over 1200 stated as the biggest obstacle is the risks of a cloud environment. This setting is quite understandable, since it is a very complex structure with a comprehensive cloud solution. Such an extensive system poses many potential sources of error and this results in a large attacking platform for the hackers. Therefore, the security of data is of vital importance for the cloud service provider (CSP), because if there is a point of leak of data, the acceptance of the customer is quickly depleted.
The ultimate goal of this article is to minimize the barriers in terms of data security by the technical safety related components are described. This is the acceptance of the end user a security risk can be reduced Compared to a cloud solution implemented without having any taken measures. It therefore addresses the role of the legislature, which resolves the legal requirements on technology and guidelines for dealing with standardizations and certifications.

 

Technical Aspects of Data Security in the Cloud : Legislature and Standards

 

Data security is the property of a functionally reliable system to accept only those states which system do not lead to unauthorized access to system resources and data. Based on this definition and using the ISO 27001 defined protection goals of confidentiality, integrity and availability of data, the security of a system is maintained. Accordingly, the provider of a system has to take care to make all the necessary measures to provide a functioning system available to the end user. Primarily the measures are to protect the system from unauthorized access. Unauthorized access could lead to the manipulation or even deleting existing data. Two important standards for any cloud service provider (CSP) are ISO 27001 and ISO 27002. These standards define the IT Baseline Protection and monitoring guidelines. However,  these are not specifically developed for the cloud standards, but only for general IT policies.

Go To Top of This Article

 

Technical Aspects of Data Security in the Cloud : Planning Model

 

If the security of a web application is considered, this assessment will almost always take place with regard to a faulty or correct programming and configuration. Even if this view is correct, this level is (the implementation level) only one of several aspects that should be considered. In order to assess a web application as fully safe, it is essential to consider all levels and to set a focus on perhaps the adverse interaction between the individual levels. The Web Application Security can be divided into 6 sections. Even if a classification to exactly one level is not always possible, this model can be very helpful in understanding the subject matter and the organization of the management of web application security.

 

Level 0 – Network and host

Although the Web Application Security is of course also dependent on the security of network, hardware and host, this level is not directly allocated to this area of ??security. The security in this plane is nowadays taken granted and is firmly anchored in the security of business processes.

Level 1 – System Level

Level 1 contains all the software components, which requires a web application to be run. This includes servers such as application servers and Web servers and databases involved as back-end systems. In order to assess the safety of a Web application, it is important to involve all components involved in the consideration. If the database is accessed via an insecure channel, it is exposed to manipulations from the web and therefore represents a target for the hackers.

Level 2 – Technology

This area includes the technologies those are used to protect an application. When a web application, for example, transmits sensitive information unencrypted over the Internet, the right technology is not used for transmission. If the Web application, transmits the data in encrypted form in this example, but uses smaller number of encryption key, the right technology is used but it is used incorrectly.
The first example shows the fact that the application is unacceptable to spying attempts on the transmission completely unprotected, in the second example, there is the danger of attacks using a cracking method. Thus, both applications are not secure, although no security vulnerabilities are included in the program code.

Level 3 – Implementation

This level is the one with the most obvious reference to web application security. In the implementation at the level of programming, errors can occur, which can lead to security problems. In addition, errors can occur when testing an application. This testing can be a one-sided approach or the neglect of quality assurance in order to save costs or to meet deadlines.

Level 4 – Logic

Level 4 is devoted to the logic of the processes within the application. These are mainly the application and business logic and the interaction with the user. If this was implemented in a “purpose-oriented” way, a vulnerability is given by the fact that too little has been honored as the application could be used differently than intended. For example, to disable an user after the fifth failed login attempt, is an easy way for an attacker to selectively lock out certain users. This is facilitated by easy-to-guess user IDs, such as the e-mail address.

Level 5 – Semantics

The semantic level concerns the communication content and related aspects. It establishes the trust context for the interaction of the application with the user. In this area, the approach is very difficult to limit to a single application. The rules and guidelines in this area rather affect entire sites or even across companies. If errors occur at the semantic level, for example, is to be expected following attacks: social engineering, phishing, identity theft, fraud, forgery, fraud, and the breaking up of data protection and the protection of privacy.

Level 6 – Rules and Regulations

At this level include all of the rules of the company, from third parties and any other legal requirements. These include compliance with the Privacy Policy or the obligations of liability issues. This level is treated as such with no questions about the IT security itself. Nevertheless, a disregard of regulations or policy breaches cause serious damage.

Go To Top of This Article

 

Technical Aspects of Data Security in the Cloud : Authentication and Encryption

 

Technical Aspects of Data Security in the Cloud

Latest authentication technologies for identity and access management strategy requires a good planning. Appropriate technologies and products must be tested. In this previous article, we have discussed about the latest authentication technologies in terms of encryption, access control, biometrics and authentication.

Tagged With article on security system on technical aspects , aspects of data srcurity in cloud

This Article Has Been Shared 895 Times!

Facebook Twitter Pinterest

Abhishek Ghosh

About Abhishek Ghosh

Abhishek Ghosh is a Businessman, Surgeon, Author and Blogger. You can keep touch with him on Twitter - @AbhishekCTRL.

Here’s what we’ve got for you which might like :

Articles Related to Technical Aspects of Data Security in the Cloud

  • Installing CakePHP on Rackspace Cloud Sites

    Installing CakePHP on Rackspace Cloud Sites is quite easy if you know the method. Please carefully note we are talking that about Cloud sites not Cloud Servers.

  • Cloud Computing XaaS : Approaches and Possibilities

    Cloud Computing XaaS is an approach towards everything to provide as a service to make available and consume like we use electricity.Read the important aspects.

  • Cloud Computing : What Really Matters

    Cloud Computing and migration of IT into the cloud replace capital costs (capex) by operating costs (Opex). But, does Cloud Computing makes IT operations cheap?

  • Easy Guide to Use Git : For Heroku Cloud, GitHub or Anything

    Easy Guide to Use Git shows how easily a Git repository can be created, modified or changed, So that you can use excellent Free PaaS like Heroku Cloud easily. Easy Guide to Use Git is intended for those you get scared with Git and commands and can not follow our huge guides on Heroku Cloud. We […]

  • Cloud Computing for SMBs

    Cloud Computing for SMBs can empower the full IT department avoiding the one time investment and recurring costs at the same quality like that of enterprise.

Additionally, performing a search on this website can help you. Also, we have YouTube Videos.

Take The Conversation Further ...

We'd love to know your thoughts on this article.
Meet the Author over on Twitter to join the conversation right now!

If you want to Advertise on our Article or want a Sponsored Article, you are invited to Contact us.

Contact Us

Subscribe To Our Free Newsletter

Get new posts by email:

Please Confirm the Subscription When Approval Email Will Arrive in Your Email Inbox as Second Step.

Search this website…

 

Popular Articles

Our Homepage is best place to find popular articles!

Here Are Some Good to Read Articles :

  • Cloud Computing Service Models
  • What is Cloud Computing?
  • Cloud Computing and Social Networks in Mobile Space
  • ARM Processor Architecture
  • What Camera Mode to Choose
  • Indispensable MySQL queries for custom fields in WordPress
  • Windows 7 Speech Recognition Scripting Related Tutorials

Social Networks

  • Pinterest (24.3K Followers)
  • Twitter (5.8k Followers)
  • Facebook (5.7k Followers)
  • LinkedIn (3.7k Followers)
  • YouTube (1.3k Followers)
  • GitHub (Repository)
  • GitHub (Gists)
Looking to publish sponsored article on our website?

Contact us

Recent Posts

  • What Online Casinos Have No Deposit Bonus in Australia March 30, 2023
  • Four Foolproof Tips To Never Run Out Of Blog Ideas For Your Website March 28, 2023
  • The Interactive Entertainment Serving as a Tech Proving Ground March 28, 2023
  • Is it Good to Run Apache Web server and MySQL Database on Separate Cloud Servers? March 27, 2023
  • Advantages of Cloud Server Over Dedicated Server for Hosting WordPress March 26, 2023

About This Article

Cite this article as: Abhishek Ghosh, "Technical Aspects of Data Security in the Cloud," in The Customize Windows, November 7, 2013, March 31, 2023, https://thecustomizewindows.com/2013/11/technical-aspects-of-data-security-in-the-cloud/.

Source:The Customize Windows, JiMA.in

PC users can consult Corrine Chorney for Security.

Want to know more about us? Read Notability and Mentions & Our Setup.

Copyright © 2023 - The Customize Windows | dESIGNed by The Customize Windows

Copyright  · Privacy Policy  · Advertising Policy  · Terms of Service  · Refund Policy

We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept”, you consent to the use of ALL the cookies.
Do not sell my personal information.
Cookie SettingsAccept
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
CookieDurationDescription
cookielawinfo-checkbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytics
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Advertisement
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Others
Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
SAVE & ACCEPT