Security in Cloud Computing
WRITING ASSIGNMENT 2 INSTRUCTIONS
SECURITY IN CLOUD COMPUTING
Everyone is talking about cloud computing nowadays. It has become a new way to do business. Suppose you are an IT analyst of a company and your boss asks you to investigate into cloud computing and present him the services and capabilities it can offer. He instructs you to specially note the security aspects of cloud computing. Moreover, since Amazon is one of the first companies to offer cloud services to the public and has good customer service and reputation, you are going to specifically look into Amazon’s cloud computing services and use it as an example to explain the concept of cloud computing, the services available, and the security aspects.
You are expected to write a report based upon your investigation and provide a detailed answer to the following questions your boss may ask.
1. What is cloud computing? How does it work?
2. What are the typical applications of cloud computing? Explain them.
3. Describe the cloud computing’s infrastructure security including at the network level, the host level, and the application level.
4. Amazon’s cloud computing services is called Amazon Web Services (AWS). The most central and well-known services are Amazon EC2 and Amazon S3. Explain these two services of AWS.
5. Describe the security features of EC2 and S3 for protecting sensitive data and applications.
You are expected to provide a detailed answer that shows a clear understanding to each question’s subject matter. Biblical worldview should be integrated in an appropriate manner and supported by Scripture. In addition to the module’s “Reading & Study” materials, a minimum of 3 references is required for this assignment and be sure to include complete reference information. Your submission must contain at least 1,000 words and should follow the current APA formatting style. Please refer to the current edition of the APA publication manual for guideline details.
Submit this assignment by 11:59 p.m. (ET) on Sunday of Module/Week 2.
Security in Cloud Computing
In the world today, one can access technological services such as storage and database from cloud providers, for instance, the Amazon web service. Organizations dealing with different services and products use the cloud for a variety of uses for instance disaster recovery, data backups as well as big data analytics. Cloud computing has a variety of capabilities although goes through various security issues (Almorsy, Grundy and Müller, 2016). The paper is a report based on the concept of cloud computing, services available as well as security in cloud computing.
Cloud computing is any activity that involves the delivery of hosted services over the internet which includes services such as platform as a service (PaaS), software as a service (SaaS) as well as infrastructure as a service (IaaS) (Rittinghouse, and Ransome, 2017). Cloud computing requires an internet connection where information is stored and shared through virtual servers controlled by various providers, for instance, the Amazon.
Cloud computing makes operations easier in organizations, for instance, enable servers and internet hosting. Cloud computing works through connecting the computer user to the cloud where the front end consists of the user while the back end consists of the cloud section which involves computer servers together with storage systems. Nevertheless, cloud computing systems include other computer applications where the programs possess an independent and dedicated server.
Cloud technology possesses an array of applications that are provided freely, for instance, online file storage, digital video software, photo editing software, presentation software, e-commerce software, and many others (Dastjerdi, et, al., 2016). The online file storage is vital because the application stores document videos and presentations (Devi, and Ganesan, 2019). The file storage has the ability to download various files holding a file size of 2GB. Digital video software application involves a platform to download different genre of videos such as movies where users view them online for instance YouTube.
E-commerce software is an application that Helps business persons to identify opportunities in the market as well as challenges involved in the business. The application is affordable because users select various cloud computing solutions such as data concerning a certain product for free therefore becoming affordable (Dastjerdi, et, al.,2016). Additionally, presentation software is an application used to generate presentations done from anywhere across the world through the web. The application is reliable although do not consist of services such as editing while offline.
Infrastructure in cloud computing is managed by customers through the server where users take responsibility for safeguarding cloud applications. For instance, users have to maintain and keep applications up to date as well as establish security measures to protect infrastructure against vulnerabilities (Almorsy, Grundy, and Müller, 2016). Cloud infrastructure in both public and private is securely maintained and require a resource lifecycle management, interface security as well as component-level security. Nevertheless, infrastructure security is implemented according to the application level, host level as well as network level.
The network level of infrastructure security in public clouds considers network topology and how the network interacts with cloud providers such as Amazon. Private Internet is not affected by new attacks therefore no changes are required by the security personnel. Several risk factors are involved in network level of infrastructure security, for instance, replacement of network zones, ensuring the reliability of internet-facing facilities in the company, proper auditing, and authentication, and confidentiality of the organization, especially on public data.
The host-level involves operations such as assessing security risks around internet servers, for instance, SaaS, PaaS, and IaaS in all organizations (Almorsy, Grundy, and Müller, 2016). In software as a service platform as a service, the host security duties are taken to the cloud provide while the infrastructure as a service involves the responsibilities of customers to safeguard the host, for example, the virtual server security. The application level is responsible for controlling the end-user security, public cloud security limitations, application-level security, and customer deployed application security. Each; level of security in infrastructure security delivers security based on different aspects of cloud computing
Amazon web services come in different types where the major types include the EC2 and the S3 both used globally by millions of customers (Dutta, and Dutta, 2019). The EC2 is secure and well designed for computing which is easier for all developers. The Amazon EC2 allows users to access the amazon computing environment with full control over resources used in computing. The EC2 we service is faster and saves on time during scaling capacity and booting the new server. Developers are provided with a chance to build applications which as resilient to failure.
The EC2 amazon consists of low rates purchasing options such as the on-demand instances, reserved instances as well as spot instances. Additionally, the EC2 consists of auto-scaling enabling providers to automatically make changes to EC2 instances according to preferred conditions. Nevertheless, the EC2 auto-scaling maintains applications and makes scaling faster when using both dynamic and predictive scaling.
Amazon S3 web service is simpler and allows users to store and retrieve data of all sizes anywhere and anytime which makes it convenient. Amazon S3 is affordable because data is stored at a low cost, highly scalable compared to the ES2 as well as faster to any developer. With Amazon, S3 developers can host a static website where the content of the website is uploaded to a bucket that contains the public read access. The Amazon S3 website is used alongside Amazon route 53 at the root level.
Amazon S3 consists of several security measures that protect the website from security incidents. Ensuring the Amazon S3 bucket contains the right policies which are not easily accessed by the public (MAHESH, LAXMAIAH, and SHARMA, 2019). To maintain a secure S3 bucket, providers identify policies that are effective for users as well as those allowing the wildcard action. Additionally, the access control list of the S3 bucket is identified by users. Least privileged access is considered during implementation where permission to S3 resources is only offered to authorized users. Implementing the least privileges restricts security risks as well as activities leading to errors. Enabling multi-factor authentication through changing the state of the bucket and permanently deleting the object version.
The EC2 consists of security controls used to protect sensitive data, for instance, encrypting of data at reset which is fundamental and ensures confidential information stored in dis is protected and not accessible from unauthorized users. Through the EC2 data is encrypted by choosing the data-at-reset option for example in encrypting the Amazon EBS. Encryption of file storage is vital together with the use of a Linux dm-crypt infrastructure mechanism that mounts the encrypted data and files.
To sum up, cloud computing is vital in every organization since the use of cloud services is time and cost-saving. The primary aim of cloud computing is to change the economics of the data center through regulation of sensitive data. Cloud computing consists of typical applications such as e-commerce and presentation software that are free and available to users although subjected to insecurity. Additionally, Amazon cloud computing also known as amazon web service consists of two main webs which includes the S3 and ES2 consisting of distinct benefit although serving the same purpose. Each Amazon web service consists of security measures provided to protect sensitive data from security incidents.
References
Almorsy, M., Grundy, J., & Müller, I. (2016). An analysis of the cloud computing security problem. arXiv preprint arXiv:1609.01107.
Chao, C. Y., Chang, J. Y. C., Bennett, P. W., Sanchez, J. C., Woods, D. R., Kaneyasu, Y., … & Lohmann, M. (2016). U.S. Patent No. 9,426,155. Washington, DC: U.S. Patent and Trademark Office.
Dastjerdi, A. V., Gupta, H., Calheiros, R. N., Ghosh, S. K., & Buyya, R. (2016). Fog computing: Principles, architectures, and applications. In Internet of things (pp. 61-75). Morgan Kaufmann.
Devi, T., & Ganesan, R. (2019). Environmental Benefits of Enhanced Hecc-Elgamal Cryptosystem for Security in Cloud Data Storage Using Soft Computing Techniques. Ekoloji, 28(107), 665-677.
Dutta, P., & Dutta, P. (2019). Comparative Study of Cloud Services Offered by Amazon, Microsoft & Google.
MAHESH, K., LAXMAIAH, D., & SHARMA, D. Y. K. (2019). A COMPARATIVE STUDY ON GOOGLE APP ENGINE AMAZON WEB SERVICES AND MICROSOFT WINDOWS AZURE. Technology, 10(1), 54-60.
Rittinghouse, J. W., & Ransome, J. F. (2017). Cloud computing: implementation, management, and security. CRC press.