How does one can ensure secure execution environments and communications in cloud ?
In a cloud environment, applications are run on different servers in a distributed
mode. These applications interact with the outside world and other applications
and may contain sensitive information whose inappropriate access would be
harmful to a client. In addition, cloud computing is increasingly being used
to manage and store huge amounts of data in database applications that are
also co-located with other users’ information. Thus, it is extremely important
for the cloud supplier to provide a secure execution environment and secure
communications for client applications and storage.
Secure Execution Environment
Configuring computing platforms for secure execution is a complex task; and in many instances it is not performed properly because of the large number of parameters that are involved. This provides opportunities for malware to exploit vulnerabilities, such as downloading code embedded in data and having the code executed at a high privilege level.
In cloud computing, the major burden of establishing a secure execution environment is transferred from the client to the cloud provider. However, protected data transfers must be established through strong authentication mechanisms, and the client must have practices in place to address the privacy and confidentiality of information that is exchanged with the cloud. In fact, the client’s port to the cloud might provide an attack path if not properly provisioned with security measures. Therefore, the client needs assurance that computations and data exchanges are conducted in a secure environment. This assurance is affected by trust enabled by cryptographic methods. Also, research into areas such as compiler-based virtual machines promises a more secure execution environment for operating systems.
Another major concern in secure execution of code is the widespread use of “unsafe” programming languages such as C and C++ instead of more secure languages such as object-oriented Java and structured, object-oriented C#.
Secure Communications
As opposed to having managed, secure communications among the computing resources internal to an organization, movement of applications to the cloud requires a reevaluation of communications security. These communications apply to both data in motion and data at rest.
Secure Execution Environment
Configuring computing platforms for secure execution is a complex task; and in many instances it is not performed properly because of the large number of parameters that are involved. This provides opportunities for malware to exploit vulnerabilities, such as downloading code embedded in data and having the code executed at a high privilege level.
In cloud computing, the major burden of establishing a secure execution environment is transferred from the client to the cloud provider. However, protected data transfers must be established through strong authentication mechanisms, and the client must have practices in place to address the privacy and confidentiality of information that is exchanged with the cloud. In fact, the client’s port to the cloud might provide an attack path if not properly provisioned with security measures. Therefore, the client needs assurance that computations and data exchanges are conducted in a secure environment. This assurance is affected by trust enabled by cryptographic methods. Also, research into areas such as compiler-based virtual machines promises a more secure execution environment for operating systems.
Another major concern in secure execution of code is the widespread use of “unsafe” programming languages such as C and C++ instead of more secure languages such as object-oriented Java and structured, object-oriented C#.
Secure Communications
As opposed to having managed, secure communications among the computing resources internal to an organization, movement of applications to the cloud requires a reevaluation of communications security. These communications apply to both data in motion and data at rest.
Secure cloud communications involves the structures, transmission methods,
transport formats, and security measures that provide confidentiality, integrity, availability, and authentication for transmissions over private and public
communications networks. Secure cloud computing communications should
ensure the following:
Confidentiality — Ensures that only those who are supposed to access data can retrieve it. Loss of confidentiality can occur through the intentional release of private company information or through a misapplication of network rights. Some of the elements of telecommunications used to ensure confidentiality are as follows:
Confidentiality — Ensures that only those who are supposed to access data can retrieve it. Loss of confidentiality can occur through the intentional release of private company information or through a misapplication of network rights. Some of the elements of telecommunications used to ensure confidentiality are as follows:
Network security protocols
Network authentication services
Data encryption services
Network authentication services
Data encryption services
Integrity — Ensures that data has not been changed due to an accident
or malice. Integrity is the guarantee that the message sent is the message
received and that the message is not intentionally or unintentionally
altered. Integrity also contains the concept of non-repudiation of a message
source. Some of the constituents of integrity are as follows:
Firewall services
Communications Security Management
Intrusion detection services
Availability — Ensures that data is accessible when and where it is needed, and that connectivity is accessible when needed, allowing authorized users to access the network or systems. Also included in that assurance is the guarantee that security services for the security practitioner are usable when they are needed. Some of the elements that are used to ensure avail- ability are as follows:
Firewall services
Communications Security Management
Intrusion detection services
Availability — Ensures that data is accessible when and where it is needed, and that connectivity is accessible when needed, allowing authorized users to access the network or systems. Also included in that assurance is the guarantee that security services for the security practitioner are usable when they are needed. Some of the elements that are used to ensure avail- ability are as follows:
-
Fault tolerance for data availability, such as backups and redundant
disk systems
-
Acceptable logins and operating process performances
-
Reliable and inter-operable security processes and network security
mechanisms
If you want to use security cloud you may use virtual data room Ideals. It is very effective service for virtual data management.
ReplyDeleteIt is really great and nice article. I read this and it is very helpful.
ReplyDeleteThank you for sharing very useful blog!!!!
ReplyDeleteSalesforce CPQ Course
Learn CPQ Salesforce
Nice Post
ReplyDeleteExploring Innovative Cloud Security Services | TechTriad
Cloud computing architecture refers to the components and subcomponents required for cloud computing. These components typically consist of a front-end platform, back-end platforms, a cloud-based delivery, and a network. Combined, these components make up cloud computing architecture. Last month ago I have taken the services from SAITECH INCORPORATED, which provides an extensive technology solution provider encompassing domains such as cloud computing, hardware and software engineering, cyber security, and more.
ReplyDeleteImpressive Article. Thanks for sharing.
ReplyDeleteAzure DevOps Training Online
Azure DevOps Online Training
Azure DevOps Online Training in Hyderabad
Azure DevOps Course Online
Microsoft Azure DevOps Online Training
Azure DevOps Training in Hyderabad
Azure DevOps Training
Azure DevOps Training in Ameerpet
Thank you for sharing interesting article Cloud Security Services
ReplyDeleteAzure consulting Services
DevOps services
Mobile App Development Services