Security and Privacy Trends in Cloud Computing and Big Data
eBook - ePub

Security and Privacy Trends in Cloud Computing and Big Data

  1. 216 pages
  2. English
  3. ePUB (mobile friendly)
  4. Available on iOS & Android
eBook - ePub

Security and Privacy Trends in Cloud Computing and Big Data

About this book

It is essential for an organization to know before involving themselves in cloud computing and big data, what are the key security requirements for applications and data processing. Big data and cloud computing are integrated together in practice. Cloud computing offers massive storage, high computation power, and distributed capability to support processing of big data. In such an integrated environment the security and privacy concerns involved in both technologies become combined.

This book discusses these security and privacy issues in detail and provides necessary insights into cloud computing and big data integration. It will be useful in enhancing the body of knowledge concerning innovative technologies offered by the research community in the area of cloud computing and big data. Readers can get a better understanding of the basics of cloud computing, big data, and security mitigation techniques to deal with current challenges as well as future research opportunities.

Frequently asked questions

Yes, you can cancel anytime from the Subscription tab in your account settings on the Perlego website. Your subscription will stay active until the end of your current billing period. Learn how to cancel your subscription.
At the moment all of our mobile-responsive ePub books are available to download via the app. Most of our PDFs are also available to download and we're working on making the final remaining ones downloadable now. Learn more here.
Perlego offers two plans: Essential and Complete
  • Essential is ideal for learners and professionals who enjoy exploring a wide range of subjects. Access the Essential Library with 800,000+ trusted titles and best-sellers across business, personal growth, and the humanities. Includes unlimited reading time and Standard Read Aloud voice.
  • Complete: Perfect for advanced learners and researchers needing full, unrestricted access. Unlock 1.4M+ books across hundreds of subjects, including academic and specialized titles. The Complete Plan also includes advanced features like Premium Read Aloud and Research Assistant.
Both plans are available with monthly, semester, or annual billing cycles.
We are an online textbook subscription service, where you can get access to an entire online library for less than the price of a single book per month. With over 1 million books across 1000+ topics, we’ve got you covered! Learn more here.
Look out for the read-aloud symbol on your next book to see if you can listen to it. The read-aloud tool reads text aloud for you, highlighting the text as it is being read. You can pause it, speed it up and slow it down. Learn more here.
Yes! You can use the Perlego app on both iOS or Android devices to read anytime, anywhere — even offline. Perfect for commutes or when you’re on the go.
Please note we cannot support devices running on iOS 13 and Android 7 or earlier. Learn more about using the app.
Yes, you can access Security and Privacy Trends in Cloud Computing and Big Data by Muhammad Imran Tariq, Valentina Emilia Balas, Shahzadi Tayyaba, Muhammad Imran Tariq,Valentina Emilia Balas,Shahzadi Tayyaba in PDF and/or ePUB format, as well as other popular books in Computer Science & Cloud Computing. We have over one million books available in our catalogue for you to explore.

Information

Publisher
CRC Press
Year
2022
Print ISBN
9780367619626
eBook ISBN
9781000583700
Edition
1
Topic
Computer Science
Subtopic
Cloud Computing
Index
Computer Science

Chapter 1 Information security framework for cloud and virtualization security

Muhammad Imran Tariq
Superior University of Lahore
Shahzadi Tayyaba
University of Lahore
Muhammad Arfan Jaffar
Superior University of Lahore
Muhammad Waseem Ashraf
Government College University Lahore
Shariq Aziz Butt
The University of Lahore
Muhammad Arif
Guangzhou University
DOI: 10.1201/9781003107286-1

CONTENTS

  • 1.1 Introduction
  • 1.2 Virtualization
    • 1.2.1 Type-I hypervisor
    • 1.2.2 Type-II hypervisor
    • 1.2.3 Virtualization benefits
      • 1.2.3.1 Low cost/save energy
      • 1.2.3.2 Small footprints
      • 1.2.3.3 Fast lab provisioning
      • 1.2.3.4 Abstraction
      • 1.2.3.5 Disaster recovery
      • 1.2.3.6 Application isolation
      • 1.2.3.7 Easy migration to cloud
      • 1.2.3.8 Better testing
  • 1.3 Cloud and security issues in virtualization
    • 1.3.1 Virtualization issues
      • 1.3.1.1 Virtualization based malware
      • 1.3.1.2 Mobility
      • 1.3.1.3 Denial of service attack
      • 1.3.1.4 Communication attack among guest VMs and hosts
      • 1.3.1.5 Virtual machine escape
      • 1.3.1.6 Inter-VM attacks and network blind spots
  • 1.4 Information security framework for cloud computing
    • 1.4.1 User network
    • 1.4.2 Security layer
    • 1.4.3 Private cloud
      • 1.4.3.1 User interface layer
      • 1.4.3.2 Platform layer
      • 1.4.3.3 Software layer
      • 1.4.3.4 Management layer
    • 1.4.4 Public cloud
  • 1.5 Conclusion
  • References

1.1 Introduction

Cloud computing is new technology as compared to other technologies that provide pay-per-use services over the Internet. It allows its consumers to dynamically allocate, configure and reconfigure resources according to their needs [1, 2, 3, 4, 5]. The core theme of cloud computing is its virtualization that users cannot see; however, the user can deploy their application and tools as per desire by utilizing the benefits of virtualization [6, 7, 8]. Virtual machines are permitted to share the assets of the host machine and at the same time can give disconnection among virtual machines and and the host. Virtual machine escape is one of the bugs that occurs if the confinement between the host machine and between the virtual machines is undermined. On account of virtual machine escape, the program running in VMs can totally sidestep the virtual machine layer and gain admittance to the host machine. Since the host machine is the base of security of a virtual framework, the program that accesses the host machine additionally gains the root benefits from the virtual machine [5,9,10].
The Cloud structure is celebrated because of its administrations that have drawn broad consideration from academicians and associations. The cloud assets are given as administrations over the web. Distributed computing is additionally confronting numerous detours in its sending and on the off chance that these barriers won’t resolve at the appointed time of time, at that point numerous issues will resolve and innovation will develop quickly [11,12]. Security is one of the incredible worries of clients particularly when they moved classified and delicate data on the cloud server. The reality behind the said worry is that the vast majority of the cloud servers are taken care by business suppliers who are not heavily influenced by the client. In addition, the classification factor additionally emerges when the client redistributes its information in the cloud. The aftereffect is that the cloud clients feel uncertain when compared with different conditions [13]. Honestly speaking, it is not easy to resolve the security, privacy and confidentiality issues [4,14,15].
Cloud computing has already been taking leverages of virtualization for load balancing. Virtualization also provides security tools that not only allow the monitoring of virtual machines and management of compound clusters.. There have been various researches and discussions on virtualization security about different points of view but still, virtualization security is a big question mark in virtualization performance [16,17]. The structure of the chapter is the following: Section 1.2 is about virtualization. Cloud security issues regarding virtualization are discussed in Section 1.3, and cloud and security issues in virtualization are also discussed in detail in the same section. Section 1.4 is about the information security framework for cloud computing. The authors concluded all discussion in the conclusion section of this chapter.

1.2 Virtualization

Virtualization allows more than one application to get maximum access to the hardware and software resources of the machine installed on it. It is a layer between the hardware and operating system and allows the sharing of the physical devices among virtual machines [18,19]. The hypervisor is a software and acts as a virtual machine monitor, it manages multiple operating systems or we may say multiple instances of operating systems [20]. The basic block diagram of Virtualization is shown in Figure 1.1.
Figure 1.1 Basic virtualization block diagram.
For a better understanding of virtualization, it is necessary to know about the two types of the hypervisor listed below:

1.2.1 Type-I hypervisor

The applications run directly above the host machine. It means the hypervisor will act as an operating system and can be directly installed on the physical layer of the machine. The core benefit of the Type-I hypervisor is that it directly communicates with the underlying physical server hardware [21].
Figure 1.2 Type-I hypervisor.
The resources are para-virtualized and virtual machines can use them. It also monitors the smooth running of both operating systems installed on the guest machine and the operating system installed on the hypervisor as shown in Figure 1.2. Type-I hypervisors are also called native, bare metal and embedded hypervisors.

1.2.2 Type-II hypervisor

Type-II hypervisor is renewed as a hosted hypervisor. It is installed on the existing host operating system. The guest operating system is installed above the hypervisor as shown in Figure 1.3. If any problem arises in the host operating system, then it directly affects the hypervisor and guest operating system that is installed on hypervisor [22]. The host operating system provides security to the hypervisor which is why it is secured, but the guest operating system would not be. The host operating system also manages the physical resources and device support to hypervisor [23].
Figure 1.3 Type-II hypervisor.

1.2.3 Virtualization benefits

Virtualization brings a drastic change in Information Technology by providing huge capabilities and efficiencies that simply are not possible when roadblocks exist [24]. Virtualization itself continued its advancement and matureness, but few organizations that are using virtualization are still not taking full benefits/advantages that virtualization offers to its users [25]. Here we will discuss some major benefits of virtualization to brief the reader about its importance.

1.2.3.1 Low cost/save energy

Migrating physical servers over to virtual machines and then combining them into fewer physical servers generate marvelous results in the form of reducing capital cost, power consumption and cooling costs in the organization [26]. This thing will also increase the life of the Data Centre and fatter the bottom line.

1.2.3.2 Small footprints

In addition to power-saving and minimizing cooling costs, another advantage of virtualization is to reduce the overall footprints of the data center. It means few servers, networking devices, cables and racks are required in the data center. It will also reduce the cost of the data center in addition to saving energy [27].

1.2.3.3 Fast lab provisioning

Server virtualization provides the elastic ability to its users to deploy the system at any time. Users can speedily clone a master template image of an existing virtual machine to obtain an operational server in minutes. Next time when a user is required to build the same lab, he will just wait for hardware and its installation time [28].

1.2.3.4 Abstraction

The key feature of virtualization is the abstraction between software and hardware. It means that the user need not be linked to a particular provider [29,30]. Virtualized servers or machines do not care what hardware is running, so the user is not dependent on one supplier, server type or even platform.

1.2.3.5 Disaster recovery

Virtualization offers very important features when a disaster recovery solution is required. The first ability is reduced hardware lock-in. By eliminating vendor lock-in, particularly hardware or server model, a disaster recovery site do not require identical hardware to match the environment, and you can save money by purchasing more cheap equipment. Second, b...

Table of contents

  1. Cover
  2. Half Title
  3. Title Page
  4. Copyright Page
  5. Table of Contents
  6. Preface
  7. Editors
  8. Contributors
  9. 1 Information security framework for cloud and virtualization security
  10. 2 Security, integrity, and privacy of cloud computing and big data
  11. 3 The ways of networks intrusion their detection and prevention
  12. 4 Cloud-based face recognition for low resource clients
  13. 5 Data mining security for big data
  14. 6 Cloud computing security challenges and their solutions
  15. 7 Security algorithms for secure cloud environment
  16. 8 Cloud computing security challenges, analysis of security problems and cloud computing forensics issues
  17. 9 Impact of big data in healthcare and management analysis
  18. 10 Privacy and security issues of big data
  19. Index