15 Discussion 2Rachana Response 1 Response 2 An
Please find below Discussion1, Discussion2 and Discussion3 and reply to them.
Each response must be 350 words and references:
Response 1: Your answer must be 350 words and references
Response 2: Your answer must be 350 words and references
Response 3: Your answer must be 350 words and references
Discussion 1
Hari Krishna Potluri
This could lead to a number of security problems that could cause your personal data to be exposed to the Internet and be available for others to access. There are also numerous types of cloud-based email services. For a number of these, the server that holds all data is not directly connected to the internet and can be safely kept outside of the public sphere. While the cloud itself does not provide any threat to the user, it can cause security problems for those who may be trying to download information. This is a very important topic to discuss, and it should be addressed by the industry. The point here is that even if the NSA collects the data of an American citizen, and even if the agency collects it for purposes of “tactics” that have nothing to do with intelligence collection, the data is still subject to the strictures of the Fourth Amendment. If the NSA is in the business of collecting large volumes of communications for intelligence purposes, then it should not be collecting the data of the public at all. For example, if an ISP sees that an individual has subscribed to a number of high-volume services in a short period of time, it can flag the subscriber for further attention and potentially suspend that customer’s service, or cut off their Internet service (Masa’deh, R. (2020).
These can be done using the Backup method, backup method (also known as the Secure method), the File System and the Backup method. All of these backup methods work in the backup folder of the drive. In the Secure backup method, the Backup method will be used to perform the backup. In this case, the data is stored in a file encrypted with the Encrypting Tool. This encrypted file is then encrypted in the Recovery folder using the Key (Masa’deh, R. (2020).
Automated management and reporting of network assets.
Automatic detection and repair of network failures, issues, or breaches.
Categorization of traffic, application, and device traffic.
Extensible, flexible network policies and policy-enforcement.
Security policy configuration for virtualized and dedicated services.
These three principles will guide the design of the future digital information architecture.
To understand the advantages of this approach, it is helpful to know how computers used to operate in the past. Digital computers used to run the BIOS or other operating system firmware contained software and/or firmware that would encrypt certain information, typically the system BIOS and possibly the boot sector. In the early days of digital computers, encryption was implemented as the main component of the firmware. In recent times, cryptography has been integrated as a second-level security layer into the firmware (Masa’deh, R. (2020).
References:
Raza, M. T., Lu, S., & Gerla, M. (2019). vEPC-sec: Securing LTE Network Functions Virtualization on Public Cloud. IEEE Transactions on Information Forensics and Security.
Dzogovic, B., Santos, B., Noll, J., Feng, B., & van Do, T. (2019, February). Enabling smart home with 5G network slicing. In 2019 IEEE 4th International Conference on Computer and Communication Systems (ICCCS) (pp. 543-548). IEEE.
Karajeh, H., Maqableh, M., & Masa’deh, R. (2020). Privacy and Security Issues of Cloud Computing Environment. In Proceedings of the 23rd IBIMA Conference Vision (pp. 1-15).
Discussion 2
Rachana Reddy Bheemreddy
Cloud service providers held the subscriber information to keep track of the services they have enrolled, the information, which is necessary to identify them as their details, Social security information, email addresses, credit card information, or mobile numbers. In case we failed to protect subscriber data, the company loses all its subscribers because of the security vulnerability issues. So, protecting the subscriber data is mandatory, especially when we are in the cloud environment where heavy traffic can access the information. These days content owners are relying on the enormous amounts of data for the better experience of the application that they have developed. Most of the time, they store the location, search history, or credit card information. If all these information attacks by the attackers, then subscriber data be at stake. To mitigate this risk of losing the cloud, service providers should take care of user access, data security, and network security (Prateek, 2016). In detail, the following are the two different approaches to protect the application from the security issues in the cloud environment related to virtualization.
- Secure Identity and Access Management (IAM): In the corporate world, different parts of the application should be managed by different users who are having proper roles and privileges to access them for the right reasons. For instance, database developers should be restricted to access only schema information and the data definition language manipulations. At the same time infrastructure team should have access to related environment roles rather than the actual development code. By restricting the individuals to access appropriate resources depends on their requirement can reduce the risk of misusing the data. These authorized role-based access to the resources can help the cloud service providers to protect subscriber information from the attacker’s hands (V. Kumar, 2018).
- Securing the Network: As the whole cloud environment is configured in the network, securing the overall network is mandatory. Network protection prevents data breaches in large companies, malicious code injections into the application, traffic re-routing, and the sanity of virtual machines. To protect the network from outsiders, most of the companies use firewalls and gateways to allow only trustable and well-certified requests to access the application. By encrypting the sensitive information over the network makes it hard to crack the data even though they hack the data center of the organization. Enforcing the security policies and pieces of training throughout the organization can also help to protect the network. A network must run on the secure port to avoid malicious attacks from the outsiders. Besides, organizations should provide a secure channel by incorporating the multifactor authentication, Secure Socket Layers (SSLs) and Internet Provider Sec (IPsec) (V. Kumar, 2018)
Along with the approaches mentioned above, secure programming can avoid bugs and vulnerabilities within the application. Moreover, firewall configuration and anti-virus installation should be highly secure to avoid black-box attacks. Company-wide policies to audit the transactions of the application and securing the dormant virtual machines are necessary to avoid secure data leakage while doing security patches. As needed, the separation of virtual machines (H. Tsai, 2012) can also help in securing the subscriber data from cloud service providers.
References:
Prateek Duble, (2016) Retrieved from
V. Kumar and R. S. Rathore, (2018) “Security Issues with Virtualization in Cloud Computing,” International Conference on Advances in Computing, Communication Control and Networking (ICACCCN), Greater Noida (UP), India, 2018, pp. 487-491.
doi: 10.1109/ICACCCN.2018.8748405
H. Tsai, M. Siebenhaar, A. Miede, Y. Huang and R. Steinmetz, (2012) “Threat as a Service?: Virtualization’s Impact on Cloud Security,” in IT Professional, vol. 14, no. 1, pp. 32-37, Jan.-Feb.
doi: 10.1109/MITP.2011.117
Discussion 3
Dineshkumar Malempati Hari
Recommended approaches for Cloud security providers
Information privacy, security and policies pertaining to these cannot be always objectively measured (Erl, T., et. al., 2014). Security concerns and privacy issues are still a cause for concern in the traditional network of systems. Even inside closed loops and protected with firewalls and other countermeasures they are prone to breaches and cyberattacks.
These incidents are exponential in the cloud infrastructure sheerly because attacking one virtual system can provide a gateway to corrupt the other virtual hosts and the underlying physical network (Kesan, J. P., et. al., 2012). Although some of the institutions or organizations have adopted the cloud infrastructure for the scale of operations and others are jumping into the bandwagon, a majority of the firms are reluctant to enforce the mode due to the scale of cyberattacks, vulnerabilities in the cloud computing architecture and the potential damages, they cause have translated into the slower than expected growth for the adoption of cloud computing architecture, outweighing the benefits and ease of operations (Hurtaud, S., et. al., 2014).
The major inhibitors are
- Lack of availability of data on the performance of these models and an increasing number of data security incidents.
- No ironclad regulations governing these models and a lack of compliance standards.
- Lack of governance standards on all available formats of information or data.
- Leading perception among industry that there is inherent risk in the fact that the servers hosted by 3rd party providers, in remote locations across the globe.
This can be alleviated by educating the industry on the different deployment models of cloud servicing available and to consider a risk-based approach to decide on which model to adopt based on the organization’s risk appetite and the security control requirements to meet the same in the deployment model.
When adopting a risk-based approach the organization should consider first identifying the assets that would be exposed to the cloud deployment model (Hurtaud, S., et. al., 2014). These assets are then evaluated and categorically ranked to the level of risk tolerance it can withstand without incurring potential damage or losses to the organization. This evaluation encompasses assessing confidentiality, integrity and availability of these assets and what they withhold with respect to sensitive data or proprietary information.
Once these assets are evaluated proper deployment models for each of the categories can be selected based on the degree of control the organization expects to exercise on them. This provides the organization to leverage the options available and has an effective spending model and bargaining power with the cloud service providers (Hurtaud, S., et. al., 2014). The evaluation model can be further made effective by conducting them at periodic intervals and reassign the assets exposed and not exposed to the cloud.
A cloud subscriber should select an IAM based solution based on the control requirements and should revise the requirements and deploy patches accordingly or at the sign of a threat. Privacy statements should be revised with each iteration.
References:
Erl, T., Mahmood, Z., & Puttini, R. (2014). Cloud computing: concepts, technology, & architecture. Upper Saddle River, NJ: Prentice Hall
Hurtaud, S., & Vaissiere, L. de la. (2014, July 10). How to ensure control and security when moving to SaaS/cloud applications. Retrieved from https://www2.deloitte.com/content/dam/Deloitte/lu/Documents/technology/lu_ensure-control-security-saas-cloud-applications_07102014.pdf.
Kesan, J. P., Hayes, C. M., & BashirIll, M. (2012). Information Privacy and Data Control in Cloud Computing: Consumers, Privacy Preferences, and Market Efficiency. Illinois Program in Law, Behavior and Social Science Paper, 11–20. Retrieved from http://dx.doi.org/10.2139/ssrn.2042638.