Cloud computing is the further development of Grid computing, distributed computing and parallel computing, and has become the focus of all industries. It is an internet-based Super computing model that establishes a mechanism for accessing configurable resources such as networks, servers, storage, applications, and services on demand, with powerful computing and storage capabilities.
With the popularization of cloud computing, the security problem has gradually risen, which has become an important factor restricting its development. Services such as answering services, news services and location tracking were affected by the collapse of Amazon's cloud computing Center in April 2011, which led to the disruption of Amazon cloud services for four consecutive days. The same month, Sony Cloud computing server suffered a series of hacker attacks, lost 77 million of account information. Account information includes name, date of birth, e-mail address, and login information.
Therefore, to enable enterprises to large-scale application of cloud computing technology and platform, the confidence of their own data delivery to the cloud service provider management, it is necessary to comprehensively analyze and address the various security risks faced by cloud computing.
1. Cloud computing faces major security risks
In 2008, Gartner, the US information technology research firm, published the Cloud Computing Risk Assessment Report, which analyzes the risks of cloud computing from a vendor-wide perspective, and lists the major security risks to cloud computing technologies, as shown in table 1.
Table 1 Gartner listed seven major risks
2009 Cloud Security Alliance CSA released the key areas of cloud computing Security Guide, based primarily on the attacker's perspective on the major threats to the cloud computing environment, 12 key security focus areas were released, followed by a concise report on cloud security risk, which condensed the security Guide to the 7 most common and most dangerous threats , as shown in table 2.
Table 2 CSA listed seven major risks of cloud computing
2, the main security risk prevention analysis
2.1 Server and Database security
Cloud computing Services or applications, first server and front-end database must be trusted, then enterprises can take advantage of the corresponding services provided by cloud computing. Companies that use cloud computing services can store data in storage media provided by an Internet service provider (ISP), dramatically reducing costs. Therefore, it is important to guarantee information exchange, confidentiality of data processing, integrity and authentication on the server side.
2.2 Network security
Considering the application of cloud computing, possible network connectivity includes wired and wireless.
For large enterprises, cloud computing service providers are best built with a dedicated line or leased line model. Therefore, it is necessary to use encryption system and authentication mechanism on the network to maintain information security. In addition, the security threats of companies that use cloud computing are not just external, but they can also occur within the enterprise. Therefore, to ensure information security and quality of service, enterprise and cloud computing service providers must reach service level agreements (SLAs). Service-level agreements must have a clear and accurate definition of service quality and security.
For small and medium-sized enterprises, cloud computing service providers often use virtual private network (VPN) to improve their services. For those without confidential information transmission, the Internet will be the best choice, but this service is not safe.
With the development of wireless communication applications, mobile cloud computing has become one of the current trends. Mobile cloud computing refers to the delivery and usage patterns of IT resources or (information) services, such as infrastructure, platforms, software (or applications), that are required and easily scalable via mobile internet. Wireless networks have advantages such as low cost, low power consumption, high scalability, and more flexibility. However, information is easily intercepted, deceived and tampered with in the course of transmission. Therefore, the information security risk is more prominent.
2.3 User authentication
It is important to manage user accounts and corresponding authorized access permissions. Many companies use single sign-on (sign On,sso) or give each employee a different account to access different systems. This is an unsuitable method. In addition, managing access to authorization is a key.
With centralized identity and access management, cloud users can protect operations and information that affect information security in a standard way to meet security needs, increase efficiency, and avoid risk.
The user authentication and authorization measures of cloud computing require the following capabilities:
1 Identity Management. Effectively manage user identity and access to resources during the user identity lifecycle, including:
User identity lifecycle management, including user-registered, self-managing, and automated user identification Deployment Services.
User identity control, including access and permissions control, single sign-on, and auditing.
2) Access authorization. Provide access at any time during the user identity lifecycle. The user identity lifecycle can span multiple environments and security domains, monitoring, managing, and reducing the risk of identity and access through centralized identity, access, authentication, and review.
2.4 Cloud Data security
Whether it's the underlying IaaS, the PAAs in the middle tier or the highest level of SaaS, cloud storage is the key to implementing cloud applications. Data security in the cloud must meet the following requirements:
1 Storage and System protection: Service providers must provide storage system protection to avoid data corruption and system failure.
2 Data protection: stored data must not allow unauthorized users or intruders to access, staff access must also meet the requirements of authorization and certification. In addition, the service provider must ensure the integrity of the data.
3. Conclusion
Cloud computing has a broad development prospects, more and more enterprises are adopting the cloud computing model. But at the same time the security risks they face are unprecedented. Although there are many security issues in cloud computing applications that need to be addressed now, the introduction of a variety of solutions will greatly reduce these threats, and cloud development will further affect the world.