Security and Privacy Trends in Cloud Computing and Big Data
eBook - ePub

Security and Privacy Trends in Cloud Computing and Big Data

Muhammad Imran Tariq, Valentina Emilia Balas, Shahzadi Tayyaba, Muhammad Imran Tariq, Valentina Emilia Balas, Shahzadi Tayyaba

Partager le livre
  1. 216 pages
  2. English
  3. ePUB (adapté aux mobiles)
  4. Disponible sur iOS et Android
eBook - ePub

Security and Privacy Trends in Cloud Computing and Big Data

Muhammad Imran Tariq, Valentina Emilia Balas, Shahzadi Tayyaba, Muhammad Imran Tariq, Valentina Emilia Balas, Shahzadi Tayyaba

DĂ©tails du livre
Aperçu du livre
Table des matiĂšres
Citations

À propos de ce livre

It is essential for an organization to know before involving themselves in cloud computing and big data, what are the key security requirements for applications and data processing. Big data and cloud computing are integrated together in practice. Cloud computing offers massive storage, high computation power, and distributed capability to support processing of big data. In such an integrated environment the security and privacy concerns involved in both technologies become combined.

This book discusses these security and privacy issues in detail and provides necessary insights into cloud computing and big data integration. It will be useful in enhancing the body of knowledge concerning innovative technologies offered by the research community in the area of cloud computing and big data. Readers can get a better understanding of the basics of cloud computing, big data, and security mitigation techniques to deal with current challenges as well as future research opportunities.

Foire aux questions

Comment puis-je résilier mon abonnement ?
Il vous suffit de vous rendre dans la section compte dans paramĂštres et de cliquer sur « RĂ©silier l’abonnement ». C’est aussi simple que cela ! Une fois que vous aurez rĂ©siliĂ© votre abonnement, il restera actif pour le reste de la pĂ©riode pour laquelle vous avez payĂ©. DĂ©couvrez-en plus ici.
Puis-je / comment puis-je télécharger des livres ?
Pour le moment, tous nos livres en format ePub adaptĂ©s aux mobiles peuvent ĂȘtre tĂ©lĂ©chargĂ©s via l’application. La plupart de nos PDF sont Ă©galement disponibles en tĂ©lĂ©chargement et les autres seront tĂ©lĂ©chargeables trĂšs prochainement. DĂ©couvrez-en plus ici.
Quelle est la différence entre les formules tarifaires ?
Les deux abonnements vous donnent un accĂšs complet Ă  la bibliothĂšque et Ă  toutes les fonctionnalitĂ©s de Perlego. Les seules diffĂ©rences sont les tarifs ainsi que la pĂ©riode d’abonnement : avec l’abonnement annuel, vous Ă©conomiserez environ 30 % par rapport Ă  12 mois d’abonnement mensuel.
Qu’est-ce que Perlego ?
Nous sommes un service d’abonnement Ă  des ouvrages universitaires en ligne, oĂč vous pouvez accĂ©der Ă  toute une bibliothĂšque pour un prix infĂ©rieur Ă  celui d’un seul livre par mois. Avec plus d’un million de livres sur plus de 1 000 sujets, nous avons ce qu’il vous faut ! DĂ©couvrez-en plus ici.
Prenez-vous en charge la synthÚse vocale ?
Recherchez le symbole Écouter sur votre prochain livre pour voir si vous pouvez l’écouter. L’outil Écouter lit le texte Ă  haute voix pour vous, en surlignant le passage qui est en cours de lecture. Vous pouvez le mettre sur pause, l’accĂ©lĂ©rer ou le ralentir. DĂ©couvrez-en plus ici.
Est-ce que Security and Privacy Trends in Cloud Computing and Big Data est un PDF/ePUB en ligne ?
Oui, vous pouvez accĂ©der Ă  Security and Privacy Trends in Cloud Computing and Big Data par Muhammad Imran Tariq, Valentina Emilia Balas, Shahzadi Tayyaba, Muhammad Imran Tariq, Valentina Emilia Balas, Shahzadi Tayyaba en format PDF et/ou ePUB ainsi qu’à d’autres livres populaires dans Ciencia de la computaciĂłn et Ciberseguridad. Nous disposons de plus d’un million d’ouvrages Ă  dĂ©couvrir dans notre catalogue.

Informations

Éditeur
CRC Press
Année
2022
ISBN
9781000583700

Chapter 1 Information security framework for cloud and virtualization security

Muhammad Imran Tariq
Superior University of Lahore
Shahzadi Tayyaba
University of Lahore
Muhammad Arfan Jaffar
Superior University of Lahore
Muhammad Waseem Ashraf
Government College University Lahore
Shariq Aziz Butt
The University of Lahore
Muhammad Arif
Guangzhou University
DOI: 10.1201/9781003107286-1

CONTENTS

  • 1.1 Introduction
  • 1.2 Virtualization
    • 1.2.1 Type-I hypervisor
    • 1.2.2 Type-II hypervisor
    • 1.2.3 Virtualization benefits
      • 1.2.3.1 Low cost/save energy
      • 1.2.3.2 Small footprints
      • 1.2.3.3 Fast lab provisioning
      • 1.2.3.4 Abstraction
      • 1.2.3.5 Disaster recovery
      • 1.2.3.6 Application isolation
      • 1.2.3.7 Easy migration to cloud
      • 1.2.3.8 Better testing
  • 1.3 Cloud and security issues in virtualization
    • 1.3.1 Virtualization issues
      • 1.3.1.1 Virtualization based malware
      • 1.3.1.2 Mobility
      • 1.3.1.3 Denial of service attack
      • 1.3.1.4 Communication attack among guest VMs and hosts
      • 1.3.1.5 Virtual machine escape
      • 1.3.1.6 Inter-VM attacks and network blind spots
  • 1.4 Information security framework for cloud computing
    • 1.4.1 User network
    • 1.4.2 Security layer
    • 1.4.3 Private cloud
      • 1.4.3.1 User interface layer
      • 1.4.3.2 Platform layer
      • 1.4.3.3 Software layer
      • 1.4.3.4 Management layer
    • 1.4.4 Public cloud
  • 1.5 Conclusion
  • References

1.1 Introduction

Cloud computing is new technology as compared to other technologies that provide pay-per-use services over the Internet. It allows its consumers to dynamically allocate, configure and reconfigure resources according to their needs [1, 2, 3, 4, 5]. The core theme of cloud computing is its virtualization that users cannot see; however, the user can deploy their application and tools as per desire by utilizing the benefits of virtualization [6, 7, 8]. Virtual machines are permitted to share the assets of the host machine and at the same time can give disconnection among virtual machines and and the host. Virtual machine escape is one of the bugs that occurs if the confinement between the host machine and between the virtual machines is undermined. On account of virtual machine escape, the program running in VMs can totally sidestep the virtual machine layer and gain admittance to the host machine. Since the host machine is the base of security of a virtual framework, the program that accesses the host machine additionally gains the root benefits from the virtual machine [5,9,10].
The Cloud structure is celebrated because of its administrations that have drawn broad consideration from academicians and associations. The cloud assets are given as administrations over the web. Distributed computing is additionally confronting numerous detours in its sending and on the off chance that these barriers won’t resolve at the appointed time of time, at that point numerous issues will resolve and innovation will develop quickly [11,12]. Security is one of the incredible worries of clients particularly when they moved classified and delicate data on the cloud server. The reality behind the said worry is that the vast majority of the cloud servers are taken care by business suppliers who are not heavily influenced by the client. In addition, the classification factor additionally emerges when the client redistributes its information in the cloud. The aftereffect is that the cloud clients feel uncertain when compared with different conditions [13]. Honestly speaking, it is not easy to resolve the security, privacy and confidentiality issues [4,14,15].
Cloud computing has already been taking leverages of virtualization for load balancing. Virtualization also provides security tools that not only allow the monitoring of virtual machines and management of compound clusters.. There have been various researches and discussions on virtualization security about different points of view but still, virtualization security is a big question mark in virtualization performance [16,17]. The structure of the chapter is the following: Section 1.2 is about virtualization. Cloud security issues regarding virtualization are discussed in Section 1.3, and cloud and security issues in virtualization are also discussed in detail in the same section. Section 1.4 is about the information security framework for cloud computing. The authors concluded all discussion in the conclusion section of this chapter.

1.2 Virtualization

Virtualization allows more than one application to get maximum access to the hardware and software resources of the machine installed on it. It is a layer between the hardware and operating system and allows the sharing of the physical devices among virtual machines [18,19]. The hypervisor is a software and acts as a virtual machine monitor, it manages multiple operating systems or we may say multiple instances of operating systems [20]. The basic block diagram of Virtualization is shown in Figure 1.1.
Figure 1.1 Basic virtualization block diagram.
For a better understanding of virtualization, it is necessary to know about the two types of the hypervisor listed below:

1.2.1 Type-I hypervisor

The applications run directly above the host machine. It means the hypervisor will act as an operating system and can be directly installed on the physical layer of the machine. The core benefit of the Type-I hypervisor is that it directly communicates with the underlying physical server hardware [21].
Figure 1.2 Type-I hypervisor.
The resources are para-virtualized and virtual machines can use them. It also monitors the smooth running of both operating systems installed on the guest machine and the operating system installed on the hypervisor as shown in Figure 1.2. Type-I hypervisors are also called native, bare metal and embedded hypervisors.

1.2.2 Type-II hypervisor

Type-II hypervisor is renewed as a hosted hypervisor. It is installed on the existing host operating system. The guest operating system is installed above the hypervisor as shown in Figure 1.3. If any problem arises in the host operating system, then it directly affects the hypervisor and guest operating system that is installed on hypervisor [22]. The host operating system provides security to the hypervisor which is why it is secured, but the guest operating system would not be. The host operating system also manages the physical resources and device support to hypervisor [23].
Figure 1.3 Type-II hypervisor.

1.2.3 Virtualization benefits

Virtualization brings a drastic change in Information Technology by providing huge capabilities and efficiencies that simply are not possible when roadblocks exist [24]. Virtualization itself continued its advancement and matureness, but few organizations that are using virtualization are still not taking full benefits/advantages that virtualization offers to its users [25]. Here we will discuss some major benefits of virtualization to brief the reader about its importance.

1.2.3.1 Low cost/save energy

Migrating physical servers over to virtual machines and then combining them into fewer physical servers generate marvelous results in the form of reducing capital cost, power consumption and cooling costs in the organization [26]. This thing will also increase the life of the Data Centre and fatter the bottom line.

1.2.3.2 Small footprints

In addition to power-saving and minimizing cooling costs, another advantage of virtualization is to reduce the overall footprints of the data center. It means few servers, networking devices, cables and racks are required in the data center. It will also reduce the cost of the data center in addition to saving energy [27].

1.2.3.3 Fast lab provisioning

Server virtualization provides the elastic ability to its users to deploy the system at any time. Users can speedily clone a master template image of an existing virtual machine to obtain an operational server in minutes. Next time when a user is required to build the same lab, he will just wait for hardware and its installation time [28].

1.2.3.4 Abstraction

The key feature of virtualization is the abstraction between software and hardware. It means that the user need not be linked to a particular provider [29,30]. Virtualized servers or machines do not care what hardware is running, so the user is not dependent on one supplier, server type or even platform.

1.2.3.5 Disaster recovery

Virtualization offers very important features when a disaster recovery solution is required. The first ability is reduced hardware lock-in. By eliminating vendor lock-in, particularly hardware or server model, a disaster recovery site do not require identical hardware to match the environment, and you can save money by purchasing more cheap equipment. Second, b...

Table des matiĂšres