The legacy of data security and integrity in the cloud must be prevented

Data security has been a hot issue in the IT field, a variety of data leaks, theft has become commonplace. Hosting data in cloud services is making the battle for data security more intense, Preetam choudhary a post on the security issue of cloud-computing legacy data in Dzone, which involves legal differences/imperfections, data transmission of the public network, the hidden dangers of information integrity, and public cloud-specific Neighbour's influence "and so on.

The following is the translation:

Cloud computing brings convenience and cost-benefit, but also brings no attention to security risks. Cloud computing security vulnerabilities generally appear on the vendor side, and cloud vendors are using a variety of security measures to address these safety issues. Users usually default to believe that the supplier will properly protect the security and confidentiality of data, unknowingly give up the maintenance of data security. There are a number of companies that are investing in private clouds, based on concerns about cloud security, but even so, it is not certain that data will be absolutely secure under the protection of firewalls.

Privacy, data security, and data integrity

Privacy issues began to emerge from the cloud architecture and have not been properly addressed. One reason is that each country has its own rules for the privacy of data requests in the server because the data owner may not be in the same country as the service provider. While cloud providers have an obligation to protect the absolute security of data, in some laws and regulations, the supplier is required to give officials access to the data, regardless of whether or not the user is permitted. Another troubling reason is that the law does not revise the security of all types of data that is protected, and may only protect private text or e-mail messages. Unfortunately, data security is also threatened by storage locations. If the legal data is accessible, officials will also be able to extend collateral damage to other user data on the same disk.

Data confidentiality in the cloud

Another controversial issue is that even if data is encrypted, cloud service providers may access the data, which may be randomly accessed and manipulated.

Data Flow Security

In a cloud environment, data is generally transmitted over the Internet. If the data passes through a secure "https" channel, it will be safe. However, if the data is transmitted on a public network, packets may be stolen-albeit encrypted. In addition, given the frequent access to data in the cloud, data corruption and the chances of hacking are often increased.

IaaS, SaaS, PaaS, various problems

Cloud computing has 3 service patterns: IaaS, PaaS, SaaS, each with an unresolved flaw. For example, SaaS networking deploys the same software in a desktop application environment, and developers have not written secure code for blocking vulnerabilities and penetration protection.

Service Level agreement

Cloud providers have their own service level agreements for their own operations, and these SLAs may not meet the security needs of users.

There are a lot of arguments and unresolved issues, such as shared physics, logical resources, and auditing and evaluation related. Once users who share the same disk resources are blocked due to legal action, there is no mechanism to protect the data. When the user terminates the service, does the service provider have a mechanism to ensure the integrity of the data. The eternal question, of course, is whether the service provider survives. As long as service providers fail, users are bound to worry about the security of their data.

Of course, there are many problems to some extent or complete solution, with the expansion of cloud services, will inevitably be born with new problems, but now users have to buy into the cloud services for detailed review, in the use of more step-by-step.

Original link: Some unresolved security Issues in Cloud Computing