Introduction to Cloud Computing

The concept of cloud computing can be considered as one of the most advancing sectors which is related to the recent technologies. In recent times organisations are tending to move more towards the concept of the cloud due to the vast sector of advantage which is achieved from the concept. It can be stated that due to the complexity of the data which an organisation possess most of the organisation tend to move towards the cloud which helps them to secure the data and safeguard the data. The concept of cloud computing helps the organisation to focus more on important internal matters of the organisation rather than concentrating on the storage and the security of the data. There are different services which are available in the concept of the cloud service like the SaaS, PaaS and IaaS which can be very much beneficial for the organisation (Ibtihal & Hassan, 2017). These services can directly alter the internal as well as external working of the organisation. Recently research is being conducted on the field due to the fact that in any type of technology there are loopholes which should be mitigated at an early stage so that it does not possess any type of threat in the internal as well external working of the organisation.

The main focus point of the report is to take into consideration different aspects which are related to the concept of cloud computing. The community based charity is moving to the concept of the cloud in order to maintain the different functionality of the organisation. There are different functionality of the cloud which can be adopted by the organisation in terms of the benefit which the organisation want to achieve.

The concept of cloud computing can be considered as one of the most advancing sectors which is related to the recent use of technology. Before the concept of cloud came into existence it can be stated that the security of data of the organisation was a concern and a major time was indulged into the concept. The concept of cloud can be stated to be becoming to the factor of rescue. Most of the organisation in this context tend to move to the concept of cloud due to factor that there are different types of mechanism which are included into the concept which enhances the security of the data when it is stored. Information security in the concept of internet can be stated as one of the biggest issue which is faced in recent times. All the process which are related to the legislative are directly tumbling due to the factor of issues which are faced within the concept (Kaur & Kinger, 2014). The main aspect which can be taken into consideration is the trans-border flow of data. Some of the countries in this context majorly indulge into the privacy regulation of the data of their own countries and do not indulge into the privacy of other countries. Some of the countries hold their data storage server and some of the organisation tend to use their server and store their personal information into the server. The employee data can be considered one of the backbone of the organisation which include the major working of the organisation. If there any loss of the data of the employee it can lead to directly internal working of the organisation. In order to improve the security of the employee data there are different parameters which are taken into consideration one of the most important sectors which can be taken into consideration is the use of the password which is related to the accessing of the data. The password can act as a protection mechanism of the data which is saved in the concept of the cloud.

Benefits of Cloud Computing for Organizations

Another issue which is related to the concept of the security of the employee data is directly defining under which circumstances access permission is given to access the data. According to the user it can be stated that the data of the user is very much confidential and secured which should protected due to the fact that it belong to them. They actually do not have an idea that were they are storing the data is not their space and it is the space of the owner and the owner have direct control over the space. If one day the state authority ask for the data they may have to give up with their data. This can be loss for the organisation due to the fact that in order to achieve benefit from the concept it can directly lead to failure of the process.

It can be stated here that the cloud provider has the overall control of the data. Sometimes it is very much advised not to save the personal data of the organisation into the concept of the cloud due to the factor that what are the security mechanism included into the process is not known. The charity organisation in order to indulge into the process of adopting the process should take into consideration the different aspects of the security issue and what can be outcome of the process (Kaur & Kinger, 2014). Data should be updated eventually so that updated data can be accessed during the need of execution of the data. Security policy are implemented are done from the end of the cloud service providers and justification of the concept is done on the hand due to the factor that security tend to be one of the most important priority sector in the concept of the cloud. In the future it can be stated that more security act mechanism would be included into the process which would be enhancing the quality of service which would be given from the end of the cloud providers.

Most of the organisation tend to include the crucial data in the concept of the cloud and it can be stated here that the data is of upmost priority for the organisation. For the organisation who is moving to the concept of the cloud they want their data to be protected so that any third party cannot indulge into the data (Yi, Qin & Li, 2015). Hence fourth it can be stated here that since privacy of the data is crucial different mechanism should be included into the process which enhances the privacy aspect of the data.

Different Services Available in Cloud Computing

Encryption can be considered as one of the techniques which can be implemented which would be enhancing the privacy aspect of the data. Encryption can be added into the data of the organisation which would be safeguarding the data of the organisation so that anyone except the authorised person cannot access the data (García-Valls, Cucinotta & Lu, 2014). On the other hand another way to enhance the privacy of the data is to zip the files and make them password protected and save the data in the concept cloud. There are some cloud service provider that directly provides local decryption and encryption process of the files or the data of the organisation in addition to the backup and storage. The process can be beneficial in a way that it protects the data at the local personal computer of the organisation and on the other hand saves the data in the concept of the cloud (Ibtihal & Hassan, 2017). Therefore it can be stated that the process which is discussed would be directly beneficial in a way by which not even the providers of the cloud service nor the system administrator would be able to get access of the data. Example of these type of service majorly include Waula and spideroak.

When taking into consideration the best practise which is related to the protection aspect of the information it should be always taken into consideration how much valuable the information is to the organisation and to what extend it is justified to protect the data. The first thing which should be taken into consideration is the level of privacy and the level of protection it should be implemented within the data. In the concept of data cloud providers usually ask for money to be paid in order to safeguard the data of the organisation. Sometimes from the point of view of the organisation it can be very much beneficial to invest in the cloud providers due to the factor that they remove the headache which is related to the protecting the critical information of the organisation. According to the cloud security alliances (CSA) it is recommended that the organisation should be aware of the different software interfaces which are majorly used for the aspect of communicating with the cloud providers.

Research is being conducted in the field of cloud computing by which security and privacy mechanism of the data can be protected and which would be directly safeguarding the data of the organisation. In most of the cases it can be stated that there is no clear idea about the different security mechanism which are included into the concept of the cloud providers this directly means that who is in control of the data is not known by the organisation (Oliveira & Ogasawara, 2016). Apart from the parameters of the security and privacy there are different mechanism whose advantage can be taken from the concept and competitive advantage can be achieved from it. It can be stated that the services which are offered from the end of the cloud provider are very much crucial as it tend to alter the overall working of the organisation as most of the crucial activities are conducted in the platform of the cloud which results in reducing of headache of the different activity of the organisation.

Importance of Information Security in Cloud Computing

In the concept of the cloud computing the digital identity issue can be considered to one of the most important issue which is seen in the sector. In most of the cases it is seen that the access point of the data of the organisation are not manipulated properly due to which unauthorised person can easily access the data of the organisation (Gai et al., 2016). This can lead to problem of data being leaked out and used by some other person for their personal use or benefit. There should be implementation of strategy which directly aims at security the data by which unauthorised person are not allowed to access the data.

The concept of digital identity needs to become an aspect of security control. The aspect of compromising with the authorised user’s digital identity and aspect of intruding upon the user’s access with the common attack and vulnerability, the attackers can easily gain access to the path which is the quickest to the data of the organisation (Kapoor & Dabas, 2015). The web access system of management directly authorise and authenticate the user access while directly letting the web content flow through without the involvement of the security checks. This is majorly done to directly defend against the attack and the takeovers of the sessions. The concept of web access management system needs to directly involve to become aware of the security vulnerabilities and threats (Aazam & Huh, 2014). In this context it can be stated that there is a difference between threat aware identity and the concept of access management which is explained below with the help of a table.

Identity Management	Access management
Identity the intelligence and governance	Adaptive federation and access control
Management of user life cycle	Application protection of the content.
Control of privileged identity	Single sign on and authentication

Most of the organisation in recent times have customized and soloed IT driven management of identity to directly govern the access of their employee, partners and contractors. The main benefit which can be achieved from the concept is that it offers opportunity for the user’s enterprise to be very much productive while the concept of the implementation of the business can be included into the new computing era. Digital identity can be directly be linked with the security of the data and how different aspects of the security are implemented within the working of the data (Rittinghouse & Ransome, 2016). In most of the cases it is seen that organisation tend to include into the concept of cloud computing without taking into consideration different aspects which are related to the concept risk factors and later on they get involved into different scenario which affect the data which is stored in the concept of the data.

Best Practices for Protecting Data in the Cloud

The charity is focusing on cloud provided by cloud provider which is used in large number of application. The charity comprises of 500 staff and administrative users. After deployment of SaaS for this charity, a large number issues can be encountered like

Instability: Security and stability are considered to be vital pillars of any SaaS based software. With the passage of time these services are becoming popular. It also checks that more option is provided to users and high quality services as it forces every user to maintain the competition. Apart from this, everyone can easily keep up pace with the growing market. 

Authentication and authorization: Authentication and authorization are mainly used in enterprise environment which needs to be changed on regular basis so that they work safely in any environment. Any kind of forensic task in this charitable organization will become much more difficult as it is very hard and impossible for investigators to access the system hardware in physical way.

Data confidentiality: Confidentiality can be easily stated as the prevention of any unintentional authorized access to some of the secured information. In many cases, it is related to various areas of encryption, property rights and convert channels. Whenever this charitable organization is sharing information over the cloud then a question is put on the confidentiality and privacy.

Availability: It mainly ensures that this charitable organization can easily access cloud data or services by the help of personnel. Availability of cloud data is considered to be matter of great concern in cloud domain. If the provided cloud services are anyhow compromised, then it can easily affect the traditional model of cloud computing.

Information security: In SaaS, data of various enterprise is generally stored the boundary of this organization. Various SaaS vendor should look for adaptation of security features so that it can easily ensure security of data and prevent any kind of breaches. The issues can easily arise due to security vulnerability in the given application which is encountered in different by unknown users (Aazam & Huh, 2014). The given SaaS model in this charitable organization should be considered to be enough flexible so that it can easily incorporate various policies given by organization.

Network Security: In SaaS model, some of the valuable information is obtained from different users. After that it is processed by various SaaS application      and stored as SaaS vendor. All the information which flows over the network of this charitable organization needs to be secured. This is mainly allowing flow of data from the given network which needs to be formatted. This mainly allows any kind of prevention of leakage of information.

Digital Identity Issue and Web Access Management

Data Breach: As data is deployed from various business organization in given cloud environment than any kind of breaching in the given environment will make the data available to large number of users. So as a result cloud has become a high potential kind of available target.

Identity management: Identity management can be considered to be well area which aims in dealing with individual in given system (Ibtihal & Hassan, 2017). Along with this it aims in controlling the given access to the large number of resources in the system which is achieved by looking into the key objectives. IDM is considered to be well known parameter which aims in analyzing the range of controls which is given to a system. It becomes a very challenging part on the side of SaaS provider to look into the details of the system.

Identity theft: SaaS providers generally require proper payment structure by the help of credit cards which can be done on remote places. It is considered to be a matter of great concern which deals with possible kind of risk available. There are large number of security protocols which is taken consideration for preventing any kind of issues.

Unknown Data Location: In the major cases, it is seen that SaaS provider does not provide any regarding the location of their data center. So the users like charitable organization are not aware of the fact that where their vital data are stored.

Paying for long term: Financial security is taken to be an important issue which is taken into consideration during the use of SaaS providers. Most of it needs payment in both upfront and in long term.

Poor Security Standards: Large number of security providers focus on security credentials. And it is proven they can easily have a proper control over the given data and security. Most of the providers focus on long term value of investment in SaaS. It is considered to be excellent option but apart from this there some kinds of fixed practices which is taken into consideration. It creates worries among users who want to continue with their subscription.

Cloud computing has created a large number of security issues like data breach, denial of service and malicious insiders. This particular threats can easily arise from issues like multi-tenancy, loss of control and any kind of trust. With the passage of time cloud computing is changing the whole system. In comparison to previous method of data processing, cloud services tend to provide much more benefits. The advantages generally range from connection, configuration and virtualization of various sources as per the demand (Ibtihal & Hassan, 2017). It ultimately helps in understanding the organizational goals when various organization deploy their services (Cai, Yu & Bu, 2016). With the passage of time, organization like this charitable fund are looking for implementation of cloud computing like multitenancy, loss of control and trust chain in cloud. Almost all of the cloud service providers tends to handle some of the sensitive information which comes up with technical measures. Organizational safeguards come up with certain measures which is avoiding protection of data which can easily in various damages.

Improving Internal Working of an Organization

Sensitive information in cloud domain comprises of data in wide section which comes up from different section and areas. Data related to health is considered to be some of the sensitive information which must be taken into action. Security issues in various cloud computing can easily lead to large number of privacy issues. Data is considered to be one of the important aspect for this charitable organization. It is considered to be important to be fully aware by the help of education and remainders on regular basis.  Some of the security issues of Data Sensitivity like multitenancy, loss of control and trust chain in cloud has been discussed in details.

Multi-tenancy: It mainly refers to easy sharing of any physical device and given virtualized network between various. By making use of this kind of arrangement an attacker can have easy physical machine on the target. Cloud providers can easily make use of multi-tenancy feature which is a vital one for building proper infrastructure. It has been designed in such a way that it can easily meets the needs of various users(García-Valls, Cucinotta & Lu, 2014). Sharing of sources merely focus on the fact that attacker can easily gain an access to data of target users.

Loss of control: It is considered to be another kind of breach of security which occurs when the data of this charity organization is hosted over another server. As various users do not have any kind of control over the given data it becomes possible for cloud providers to easily perform data mining (Ibtihal & Hassan, 2017). It can ultimately lead to various kinds of security issues in this charitable organization.

Trust chain in Cloud: Trust is considered to be a key role which is used for attracting large number of consumers by checking cloud providers. As a result of loss of control, cloud users heavily depend on cloud providers by use of trust mechanism. It provides the users to have a transparent control over the given data and cloud services (Aazam & Huh, 2014). Various cloud providers can easily build confidence in users like this charitable organization which is done by providing operation with the given safeguard of organization and provided standards.

Conclusion

The report can be concluded on a note that the technology of cloud computing are adopted widely by most of the organisation due to the different competitive advantage which is achieved from the concept. It can be stated here that the community based charity has different functionality which can be easily be achieved from the implementation of the cloud computing and adopting the framework of the technology. In a majority of the cases organisation tend to move to the concept of the cloud without any proper knowledge of the technology in such cases there are very less interaction between the cloud service providers and the organisation. The security mechanism which is applied are not taken into consideration which results in lack of internal factors of the cloud computing. Research is being conducted in the field so that in the near future the technology can play a more dominating role which any issue or ethical aspects involved into the concept. Moreover it can be stated that the extent of dominance of the features of the cloud would be benefiting the sector of business for most of the organisation.

References

Aazam, M., & Huh, E. N. (2014, August). Fog computing and smart gateway based communication for cloud of things. In Future Internet of Things and Cloud (FiCloud), 2014 International Conference on (pp. 464-470). IEEE.

Bera, S., Misra, S., & Rodrigues, J. J. (2015). Cloud computing applications for smart grid: A survey. IEEE Transactions on Parallel & Distributed Systems, (5), 1477-1494.

Cai, Y., Yu, F. R., & Bu, S. (2016). Dynamic operations of cloud radio access networks (C-RAN) for mobile cloud computing systems. IEEE Transactions on Vehicular Technology, 65(3), 1536-1548.

Chang, V., & Ramachandran, M. (2016). Towards achieving data security with the cloud computing adoption framework. IEEE Trans. Services Computing, 9(1), 138-151.

Cho, K. M., Tsai, P. W., Tsai, C. W., & Yang, C. S. (2015). A hybrid meta-heuristic algorithm for VM scheduling with load balancing in cloud computing. Neural Computing and Applications, 26(6), 1297-1309.

De Oliveira, D., & Ogasawara, E. (2016). Is Cloud Computing the Solution for Brazilian Researchers?. International Journal of Computer Applications. Recuperado en marzo de.

Gai, K., Qiu, M., Zhao, H., Tao, L., & Zong, Z. (2016). Dynamic energy-aware cloudlet-based mobile cloud computing model for green computing. Journal of Network and Computer Applications, 59, 46-54.

García-Valls, M., Cucinotta, T., & Lu, C. (2014). Challenges in real-time virtualization and predictable cloud computing. Journal of Systems Architecture, 60(9), 726-740.

Griebel, L., Prokosch, H. U., Köpcke, F., Toddenroth, D., Christoph, J., Leb, I., … & Sedlmayr, M. (2015). A scoping review of cloud computing in healthcare. BMC medical informatics and decision making, 15(1), 17.

Ibtihal, M., & Hassan, N. (2017). Homomorphic encryption as a service for outsourced images in mobile cloud computing environment. International Journal of Cloud Applications and Computing (IJCAC), 7(2), 27-40.

Kapoor, S., & Dabas, C. (2015, August). Cluster based load balancing in cloud computing. In 2015 Eighth International Conference on Contemporary Computing (IC3) (pp. 76-81). IEEE.

Kaur, R., & Kinger, S. (2014). Analysis of job scheduling algorithms in cloud computing. International Journal of Computer Trends and Technology (IJCTT), 9(7), 379-386.

Li, H., Shou, G., Hu, Y., & Guo, Z. (2016, March). Mobile edge computing: progress and challenges. In Mobile Cloud Computing, Services, and Engineering (MobileCloud), 2016 4th IEEE International Conference on (pp. 83-84). IEEE.

Lian, J. W., Yen, D. C., & Wang, Y. T. (2014). An exploratory study to understand the critical factors affecting the decision to adopt cloud computing in Taiwan hospital. International Journal of Information Management, 34(1), 28-36.

Mastelic, T., Oleksiak, A., Claussen, H., Brandic, I., Pierson, J. M., & Vasilakos, A. V. (2015). Cloud computing: Survey on energy efficiency. Acm computing surveys (csur), 47(2), 33.

Narula, S., & Jain, A. (2015, February). Cloud computing security: Amazon web service. In Advanced Computing & Communication Technologies (ACCT), 2015 Fifth International Conference on (pp. 501-505). IEEE.

Qiu, M., & Gai, K. (2017). Mobile Cloud Computing: Models, Implementation, and Security. Chapman and Hall/CRC.

Rajakumari, S. B., & Nalini, C. (2014). An efficient cost model for data storage with horizontal layout in the cloud. Indian Journal of Science and Technology, 7(3S), 45-46.

Rittinghouse, J. W., & Ransome, J. F. (2016). Cloud computing: implementation, management, and security. CRC press.

Sanaei, Z., Abolfazli, S., Gani, A., & Buyya, R. (2014). Heterogeneity in mobile cloud computing: taxonomy and open challenges. IEEE Communications Surveys & Tutorials, 16(1), 369-392.

Shiralizadeh, A., Hatamlou, A., & Masdari, M. (2015). Presenting a new data security solution in cloud computing. Journal of Scientific Research and Development, 2(2), 30-6.

Sookhak, M., Gani, A., Talebian, H., Akhunzada, A., Khan, S. U., Buyya, R., & Zomaya, A. Y. (2015). Remote data auditing in cloud computing environments: a survey, taxonomy, and open issues. ACM Computing Surveys (CSUR), 47(4), 65.

Sookhak, M., Yu, F. R., & Tang, H. (2017). Secure data sharing for vehicular ad-hoc networks using cloud computing. In Ad Hoc Networks (pp. 306-315). Springer, Cham.

Tao, F., Cheng, Y., Da Xu, L., Zhang, L., & Li, B. H. (2014). CCIoT-CMfg: cloud computing and internet of things-based cloud manufacturing service system. IEEE Transactions on Industrial Informatics, 10(2), 1435-1442.

Yi, S., Qin, Z., & Li, Q. (2015, August). Security and privacy issues of fog computing: A survey. In International conference on wireless algorithms, systems, and applications (pp. 685-695). Springer, Cham.

Zhang, L., Luo, Y., Tao, F., Li, B. H., Ren, L., Zhang, X., … & Liu, Y. (2014). Cloud manufacturing: a new manufacturing paradigm. Enterprise Information Systems, 8(2), 167-187.