ANALYSIS OF APPROACHES PROVIDING SECURITY OF CLOUD SEVICES

Вячеслав Вікторович Фролов

Abstract


The article is devoted to the analysis of modern approaches that ensure the security of cloud services. Since cloud computing is one of the fastest growing areas among information technology, it is extremely important to ensure the safety and reliability of processes occurring in the clouds and to secure the interaction between the client and the provider of cloud services. Given that fears about data loss and their compromise are one of the main reasons that some companies do not transfer their calculations to the clouds. The object of research and analysis of this work are cloud services, which are provided by various cloud service providers. The aim of the study of this work is to compare existing approaches that provide information security for cloud services, as well as offer a new approach based on the principle of diversity. There are many approaches that ensure their safety, using both traditional and cloud-specific. The multi-cloud approach is one of the most promising strategies for improving reliability by reserving cloud resources on the servers of various cloud service providers. It is shown that it is necessary to use diversity to ensure the reliability and safety of critical system components. The principle of diversity is to use a unique version of each resource thanks to a special combination of a cloud computing provider, the geographical location of data centers, cloud service presentation models, and cloud infrastructure deployment models. The differences between cloud providers and which combination of services are preferable to others in terms of productivity are discussed in detail. In addition, best practices for securing cloud resources are reviewed. As a result, this paper concludes that there is a problem of insufficient security and reliability of cloud computing and how to reduce threats in order to avoid a common cause failure and, as a result, loss of confidential data or system downtime using diversity of cloud services.

Keywords


cloud services; multi-cloud strategy; cloud security approach; diversity; cloud providers; cloud service delivery model; cloud deployment model; common cause failure; cloud security threats

References


Wood, R. T., Belles, R. J., Cetiner, M. S., Holcomb, D. E. et al. Diversity strategies for nuclear power instrumentation and control systems (NUREG/CR-7007, ORNL/TM-2009/302). U.S. Nuclear Regulatory Commission, Office of Nuclear Reactor Regulation, Washington, DC, 2010. – 225 p. DOI: 10.2172/1000417.

Yastrebenetsky, M., Kharchenko, V. Nuclear Power Plant Instrumentation and Control Systems for Safety and Security. IGI Global, USA, 2014. 450 p.

Sen, J. Security and Privacy Issues in Cloud Computing. Available at: https://arxiv.org/ftp/arxiv/papers/1303/1303.4814.pdf (accessed 10.06.2019).

Cloud Computing Use Cases White Paper. Version 4.0. 2010. Cloud Computing. Use Case Discussion Group. Available at: http://www.cloud-council.org/Cloud_Computing_Use_Cases_Whitepaper-4_0.pdf (accessed 10.06.2019).

ENISA – Cloud computing: benefits, risks and recommendations for information security. Available at: https://www.sbs.ox.ac.uk/cybersecurity-capacity/system/files/ENISA%20Cloud%20Computing%20Security%

Risk%20Assessment.pdf. (accessed 21.12.2019).

Cloud Security Alliance (CSA). Available at: http://www.cloudsecurityalliance.org/ (accessed 20.12.2019).

Kandukuri, B. R., Paturi, R., Rakshit, A. Cloud Security Issues. Proceedings of the 2009 IEEE International Conference on Services Computing, Bangalore, 21-25 September 2009, pp. 517-520.

Popovic, K., Hocenski, Z. Cloud computing security issues and challenges. The Third International Conference on Advances in Humanoriented and Personalized Mechanisms, Technologies, and Services, 2010, pp. 344-349.

Jensen, M., Schwenk, J., Gruschka, N., Iacono, L. L. On Technical Security Issues in Cloud Computing. IEEE ICCC, Bangalore, 2009, pp. 109-116.

Grobauer, B, Walloschek, T., Stöcker, E. Understanding CloudComputing Vulnerabilities. IEEE Security and Privacy, 2011, vol. 9, no. 2, pp. 50-57. DOI: 10.1109/MSP.2010.115.

Subashini, S., Kavitha, V. A survey on security issues in service delivery models of cloud computing. Journal of Network and Computer Applications, 2011, vol. 34, no. 1, pp. 1-11. DOI: 10.1016/j.jnca.2010.07.006.

Spanaki, K., Gürgüç, Z., Mulligan, C., Lupu, E. Organizational cloud security and control: a proactive approach. Information Technology & People, 2019, vol. 32, no. 3, pp. 516-537. DOI: 10.1108/ITP-04-2017-0131.

Chen, L., Takabi, H., Le-Khac, N.-A. (Eds.). Security, Privacy, and Digital Forensics in the Cloud, 2019, Higher Education Press Publ., DOI: 10.1002/9781119053385.

Majumdar, S. et al. Runtime Security Policy Enforcement in Clouds. In: Cloud Security Auditing. Advances in Information Security, Springer, Cham, 2019, vol. 76, pp. 145-156.

Wu, Y., Lyu, Y., Shi, Y. Cloud storage security assessment through equilibrium analysis. Tsinghua Science and Technology, 2019, vol. 24, no. 6, pp. 738-749. DOI: 10.26599/TST.2018.9010127.

Kumar, R., Goyal, R. On cloud security requirements, threats, vulnerabilities and countermeasures: A survey. Computer Science Review, 2019, vol. 33, pp. 1-48. DOI: 10.1016/j.cosrev.2019.05.002.

Scott, S. Effective security requires close control over your data and resources. Bastion hosts, NAT instances, and VPC peering can help you secure your AWS infrastructure. Available at: https://cloudacademy.com/blog/aws-bastion-host-nat-instances-vpc-peering-security/ (accessed 22.12.2019).

AWS security best practices. Available at: https://aws.amazon.com/whitepapers/aws-security-best-practices/ (accessed 22.12.2019).

Microsoft Azure security best practices. Available at: https://docs.microsoft.com/en-us/azure/security/security-best-practices-and-patterns (accessed 22.12.2019).

Google cloud platform security best practices. Available at: https://cloud.google.com/docs/enterprise/best-practices-for-enterprise-organizations (accessed 22.12.2019).

Multi-cloud strategy. Available at: https://searchcloudcomputing.techtarget.com/definition/multi-cloud-strategy (accessed 22.12.2019).

Gorbenko, A., Romanovsky, A., Kharchenko, V., Tarasyuk, O. Dependability of Service-Oriented Computing: Time-Probabilistic Failure Modelling. In: Software Engineering for Resilient Systems. SERENE 2012, Springer, Berlin, Heidelberg, 2019, Lecture Notes in Computer Science, vol 7527, pp. 121-133. DOI: 10.1007/978-3-642-33176-3_9.

Gorbenko, A., Kharchenko, V., Mamutov, S., Tarasyuk, O., Romanovsky, A. Exploring Uncertainty of Delays as a Factor in End-to-End Cloud Response Time. Proceedings - 9th European Dependable Computing Conference, EDCC 2012. DOI: 10.1109/EDCC.2012.10.

A Comparative Study of Cloud Performance. Available at: https://www.thousandeyes.com/resources/cloud-performance-benchmark-report-november-2019 (accessed 22.12.2019).

Frolov, V., Frolov O., Kharchenko V. Classification of Diversity for Dependable and Safe Computing. COLINS, 2019. Available at: http://ceur-ws.org/Vol-2362/paper32.pdf (accessed 22.12.2019).




DOI: https://doi.org/10.32620/reks.2020.1.07

Refbacks

  • There are currently no refbacks.