Data Security in Cloud Computing, Volume I
eBook - ePub

Data Security in Cloud Computing, Volume I

  1. 152 pages
  2. English
  3. ePUB (mobile friendly)
  4. Available on iOS & Android
eBook - ePub

Data Security in Cloud Computing, Volume I

About this book

This book covers not only information protection in cloud computing, architecture and fundamentals, but also the plan design and in-depth implementation details needed to migrate existing applications to the cloud.

Cloud computing has already been adopted by many organizations and people because of its advantages of economy, reliability, scalability and guaranteed quality of service amongst others. Readers will learn specifics about software as a service (Saas), platform as a service (Paas), infrastructure as a service (IaaS), server and desktop virtualization, and much more.

Readers will have a greater comprehension of cloud engineering and the actions required to rapidly reap its benefits while at the same time lowering IT implementation risk. The book's content is ideal for users wanting to migrate to the cloud, IT professionals seeking an overview on cloud fundamentals, and computer science students who will build cloud solutions for testing purposes.

Frequently asked questions

Yes, you can cancel anytime from the Subscription tab in your account settings on the Perlego website. Your subscription will stay active until the end of your current billing period. Learn how to cancel your subscription.
At the moment all of our mobile-responsive ePub books are available to download via the app. Most of our PDFs are also available to download and we're working on making the final remaining ones downloadable now. Learn more here.
Perlego offers two plans: Essential and Complete
  • Essential is ideal for learners and professionals who enjoy exploring a wide range of subjects. Access the Essential Library with 800,000+ trusted titles and best-sellers across business, personal growth, and the humanities. Includes unlimited reading time and Standard Read Aloud voice.
  • Complete: Perfect for advanced learners and researchers needing full, unrestricted access. Unlock 1.4M+ books across hundreds of subjects, including academic and specialized titles. The Complete Plan also includes advanced features like Premium Read Aloud and Research Assistant.
Both plans are available with monthly, semester, or annual billing cycles.
We are an online textbook subscription service, where you can get access to an entire online library for less than the price of a single book per month. With over 1 million books across 1000+ topics, weā€™ve got you covered! Learn more here.
Look out for the read-aloud symbol on your next book to see if you can listen to it. The read-aloud tool reads text aloud for you, highlighting the text as it is being read. You can pause it, speed it up and slow it down. Learn more here.
Yes! You can use the Perlego app on both iOS or Android devices to read anytime, anywhere ā€” even offline. Perfect for commutes or when youā€™re on the go.
Please note we cannot support devices running on iOS 13 and Android 7 or earlier. Learn more about using the app.
Yes, you can access Data Security in Cloud Computing, Volume I by Giulio D'Agostino in PDF and/or ePUB format, as well as other popular books in Computer Science & Cloud Computing. We have over one million books available in our catalogue for you to explore.

Information

Publisher
Momentum Press
Year
2019
Print ISBN
9781947083998
eBook ISBN
9781949449006
Topic
Computer Science
Subtopic
Cloud Computing
Index
Computer Science

CHAPTER 1

CLOUD COMPUTING ESSENTIALS

Though the Internet was created in the 1960s, it was only in the 1990s that the potential of the Internet to serve businesses was discovered, which then led to more innovation in this area. As the transfer rates of the Internet and connectivity got better, it led to fresh types of businesses called Application Service Providers (ASPs). Consumers would pay a monthly fee to the ASPs to conduct their companiesā€™ businesses over the net from the ASPā€™s systems. It was only in the late 1990s that cloud computing as we know it now appeared and led to the blog on what is cloud computing.
Now that we have a reasonable idea of what the cloud is, just consider all your everyday activities on the Internet, and you will understand that many of the work that you do online relies on the cloud, for example, your social networking interactions, whatever you shop online, paying your energy bills online, Internet shopping, everything is on the cloud. There is this program called the Customer Relationship Management (CRM) which relies on the cloud. This software is highly utilized in most sales organizations for superior agility, increased productivity, and low expenses. The way the cloud is used is similar to a field sales representative given access to your mobile device, which is connected to the web. He can then retrieve client information from any location. The sales representative can update the information on the move, so there is no need for him to return to the office to upgrade the information. The sales managers can also monitor everything on their web-enabled devices and will understand which deals to close.
On another note, a European cloud user who keeps their database using a cloud supplier in the United States might find that their information is subject to review because of U.S. Patriot Act. The principal benefits of cloud computing are ease of use and price reduction. Cloud suppliers specialize in the support that they provide: leasing hardware, operating systems, storage, and application services. Thus, a business does not have to engage the services of an assortment of IT employees and can concentrate on its central mission. As an example, a company does not need to have employees specialized in backup because it can buy this service from an organization that specializes in backup services like Code42 CrashPlan. The backup cloud supplier will probably offer far greater support than ad hoc employees hired to look after it. Another advantage this computing outsourcing version provides is that it reduces business expenses up front and ongoing expenses. Cloud computing providers function in a hi-tech version, eliminating burdensome tasks such as software and equipment updates and maintenance. The cloud user can use the cash saved in future gear investments and management on regions strategic to its assignment.
The National Institute of Standards and Technology (NIST; Knight 2012) has made attempts to offer a unified means to specify cloud computing from the very beginning. Despite its sophistication and complex character, NIST has identified five fundamental characteristics that signify a cloud computing system:
1. On-demand self-service: A consumer can unilaterally provision computing capabilities, such as server time and network storage, as needed automatically without requiring human interaction with each service provider.
2. Broad network access: Capabilities are available over the network and accessed through standard mechanisms that promote use by heterogeneous thin or thick client platforms (e.g., smartphones, mobile devices, tablets, laptops, and workstations).
3. Resource pooling: The providerā€™s computing resources are pooled to serve multiple consumers using a multitenant model, with different physical and virtual resources dynamically assigned and reassigned according to consumer demand. There is a sense of location independence in that the customer generally has no control or knowledge over the exact location of the provided resources but may be able to specify location at a higher level of abstraction (e.g., country, state, or data center). Examples of resources include storage, processing, memory, and network bandwidth.
4. Rapid elasticity: Capabilities can be elastically provisioned and released, in some cases automatically, to scale rapidly outward and inward commensurate with demand. To the consumer, the capabilities available for provisioning often appear to be unlimited and can be appropriated in any quantity at any time.
5. Measured service: Cloud systems automatically control and optimize resource use by leveraging a metering capability at some level of abstraction appropriate to the type of service (e.g., storage, processing, bandwidth, and active user accounts). Resource usage can be monitored, controlled, and reported, providing transparency for the provider and consumer.
Resource allocation may be corrected as a client needs more (or less) storage or servers. Essentially, cloud elasticity involves continual reconfiguration in a system and relevant controls in the cloud web. The NIST distinguishes two forms of scaling alternatives: vertical and horizontal, which involve establishing added resources or services, and changing the computing capability of delegated resources, respectively.
Vertical scaling entails altering the computing capability assigned to sources while maintaining the same number of physical machines.
Virtualization enables the creation of virtual machines, software programs, and tools that serve numerous tenants in precisely the same time, rendered in the same physical infrastructure. From the cloud environment, computing tools are distant and introduced to cloud customers as a virtualized resource. When a cloud user buys access to any hardware platform, access is not provided to a real dedicated hardware but to a digital platform. Other cloud applications like Google Docs can also be shared among several cloud customers. Data is isolated from one another, similar to procedures being isolated between individuals in contemporary operating systems. Cloud computing solutions are supplied on a pay-per-use model and adhere to a ā€œmeasured-serviceā€ version. The cloud supplier checks or measures the supply of solutions for a variety of reasons, including charging effective utilization of tools or general predictive preparation. Different usage-specific metrics (network I/O, storage area utilization, etc.) are used to compute fees for customers.
Cloud users access cloud tools through cloud customer software which can be installed in many different assumptions (buildings of their business) and devices (desktops, notebooks, tablet computers, and tablets).
Cloud computing contains quite a few implementations depending on the services they supply, from program service provisioning to utility and grid computing. Below we discuss about the many popular versions underlying the cloud paradigm.
Figure 1.1. Database server, web server, internet
Figure 1.2 illustrates these three versions, which will be explained in the next subsections.
Figure 1.2. IaaS, PaaS, SaaS

1.1. INFRASTRUCTURE-AS-A-SERVICE

In this version, raw IT tools like storage, hardware, IP addresses, and firewalls are supplied to the cloud customers over the Internet. Cloud users have the freedom to set up an environment on these platforms along with the applications they need and control these tools along with their safety and dependability.

1.2. PLATFORM-AS-A-SERVICE

For cloud customers who need a more substantial degree of computing and management outsourcing, cloud suppliers also offer ready-to-use platforms as support. Within this version, an entire virtualized environment using a working system image installed may be leased. Having obtained a particular platform, cloud users are free to set up and manage software running on the virtualized environment. The amount of control and governance within the machine also reduces, since the cloud supplier installs, administers, and supports the system. The cloud supplierā€™s policies and mechanics determine safety of hardware and operating system (OS) degree.

1.3. SOFTWARE-AS-A-SERVICE

The most populous shipping model is when a restricted number of users access third-party applications via the Internet. The cloud user has little control over how the cloud applications run along with the safety of the information it accesses. The cloud program supplier takes on all of the administrative burdens.

1.4. DEPLOYMENT DESIGNS

The way cloud providers are set up might vary based on the possession of this serviceā€”the dimensions of the cloud tools, as well as the constraints to customer access. There are three main versions: private, public, and hybrid.
Everything works as though the company outsourced the support of provisioning IT tools, environments, and applications to an off-premises third party. Inside this environment, many diverse users or organizations might interact with a physical source, such as, for instance, a server, through multitenancy and virtualization. Safety is challenging since cloud customers are determined by the cloud supplier to ensure the isolation of information and computation among a heterogeneous group of customers. An organization owns a personal cloud (Figure 1.4), situated on a server, and provides a group of IT tools to several sections or departments of the business. It centralizes IT tools in large businesses so that its different components experience all of the benefits of cloud computing: on-demand flexibility and scalability.
The company is at precisely the same time a cloud supplier and a cloud customer. Being a cloud supplier, the company assumes all of the expenses of capacity planning on any IT asset, including the load of resource management, and reliability and safety assurances. This raises the amount of security and control of business assets since they may ascertain and apply their security and company policies. After all, when files, programs, and other data are not kept securely onsite, how can they be protected?
A hybrid (Figure 1.5) shows a joint set of private and public cloud, for example, an organization may have a private cloud to store sensitive intellectual property information but may take advantage of cloud support to let servers conduct performance-intensive jobs or just because the personal cloud is operating at peak capacity. The organization should employ a protected protocol for...

Table of contents

  1. Cover
  2. Half Title Page
  3. Title Page
  4. Copyright Page
  5. Dedication
  6. Abstract
  7. Contents
  8. List of Figures
  9. List of Tables
  10. list of Abbreviations
  11. Acknowledgments
  12. Introduction
  13. Chapter 1 Cloud Computing Essentials
  14. Chapter 2 Overview of Cloud Computing
  15. Chapter 3 Cloud Security Baselines
  16. Chapter 4 Cloud Computing Architecture
  17. Chapter 5 Cloud Computing Security Essentials
  18. Chapter 6 Cloud Security
  19. About the Author
  20. Index
  21. Back Cover