Cloud Security: Three Major Challenges In Cloud Computing

Words: 1492
Pages: 6

Abstract
Cloud computing is a type of computing that relies on sharing computing resources rather than having local servers to handle applications. Cloud computing is a colloquial expression used to describe a variety of different types of computing concepts that involve a large number of computers and other resources connected through a real time communication network.
Security issues have been the dominant barrier of the development and widespread use of cloud computing. There are three main challenges for building a secure and trustworthy cloud system: Outsourcing (don’t know where your servers are, how many copies of your data are kept and who all have access to your data physically and programmatically), Multi-tenancy (What type of

The major tasks involved in cloud security are:
➢ Governance: An organization’s board is responsible (and accountable to shareholders, regulators and customers) for the framework of standards, processes and activities that, together, ensure the organization benefits securely from Cloud computing. We are the leading provider of information, books, products and services that help boards develop, implement and maintain a Cloud governance framework.
➢ Compliance: Most organizations have established security and compliance policies and procedures that are used to protect their intellectual property and corporate assets, especially in the IT space. A framework of controls and further procedures are established to mitigate risk and serve as a benchmark for the execution and validation of compliance. These principles and policies, the enterprise security plan, and the surrounding quality improvement process constitute the enterprise security compliance

Today, encryption of personal and enterprise data is strongly recommended, and in some cases mandated by laws and regulations around the world. Cloud customers want their providers to encrypt their data to ensure that it is protected no matter where the data is physically located. Likewise, the cloud provider needs to protect its customers’ sensitive data. Strong encryption with key management is one of the core mechanisms that Cloud Computing systems should use to protect data. While encryption itself doesn’t necessarily prevent data loss, safe harbor provisions in laws and regulations treat lost encrypted on data as not lost at all. The encryption provides resource protection while key management enables access to protected resources.

ATTRIBUTE BASED ENCRYPTION (ABE)
Attribute based encryption is more suitable for access control to the data stored in the cloud. The main goal for these models is to offer security and access control. The main aspects are to provide flexibility, scalability and fine grained access control.
Types of ABE
There are many types of ABE namely
• Cipher text and key policy
• Attribute based encryption with no- monotonic access