Data security in cloud computing research proposal paper
Cloud computing is a computing service offered over the Internet. To avail a cloud computing service, a customer plugs into the ‘network cloud’ and uses computing capabilities owned and operated by another company called the service provider. The service provider may be a large company with many data centers containing hundreds of thousands of machines, such as Microsoft, Google, Yahoo! or Dell (Bernstein & Newcomer, 2009).
The great advantage of cloud computing is elasticity, the ability to add capacity or applications almost at a moment’s notice. Companies buy exactly the amount of storage, computing power, security and other IT functions that they need from specialists in data-center computing. They get sophisticated data centers services on demand, in only the amount they need and can pay for, at service levels set with the vendor, with capabilities that can be added or subtracted at will. The metered cost, pay-as-you-go approach appeals to small-and medium-sized enterprises; little or no capital investment and maintenance cost is needed. IT is remotely managed and maintained, typically for a monthly fee, and the company can let go of ‘plumbing concerns’. Since the vendor has many customers, it can lower the per-unit cost to each customer. Larger companies may find it easier to manage collaborations in the cloud, rather than having to make holes in their firewalls for contract research organizations.
On the other side, there are also some disadvantages to using cloud computing that must be considered. In the cloud, the customer may not have the kind of control over their data or the performance of the applications that they need, or the ability to audit or change the processes and policies under which users must work. Different parts of an application might be in many places in the cloud. Cloud customers may risk losing data by having them locked into propriety formats and may lose control of data because tools to see who is using them or who can view them are inadequate. Data loss is also a risk. It may not be easy to tailor service level agreements (SLAs) to the specific needs of a business. Compensation for downtime may be inadequate and SLAs are unlikely to cover concomitant damages, but not all applications have stringet uptime requirements.
One major concern or obstacle in adopting cloud computing is security and privacy. The security of cloud, and associated privacy concerns, give many organizations pause as they think through their particular cloud computing concerns. Security and privacy concerns include physical security and simple access to facilities and equipment, as well as logical security, industry compliance requirements, auditability, and more. There are also two perspectives: (1) where the security glass is half-full and (2) where it is half empty. The glass half-full perspective believes that the cloud security concerns are manageable and in fact are better when handled by a third-party cloud service provider. The glass half-empty point of view views all security challenges as hurdles that are immovable and cannot be mitigated or overcome, regardless of the business profile that merits onboarding into a cloud (Marks & Lozano, 2009).
This paper aims to investigate the different security concerns that hinder companies from adopting cloud computing. More specifically, this paper aims to answer the following questions:
1. What are security considerations of clients before choosing a vendor?
2. What are the security risks associated with cloud computing?
3. How do hosting companies ensure security?
4. What are the roles played by security professionals in ensuring cloud computing security?
Bernstein, P. A. & Newcomer, E. (2009). Principles of transaction processing. Morgan Kaufmann.
Marks, E. A. & Lozano, B. (2009). Executive’s guide to cloud computing. John Wiley and Sons.
comments powered by Disqus