Cloud computing is one of the most emerging technologies. There are following different types of Cloud.
Types of Cloud
As per Services Offered :
IaaS or Infrastructure as a Service : If the cloud offers the service of infrastructure like storage disks or virtual servers, it is called Infrastructure as a Service or IaaS. Examples include Rackspace, Flexiscale.
PaaS or Platform as a Service : If the cloud offers a development platform and it includes an Operating System and a programming language execution environment, database and web server, it is called Platform as a Service or PaaS. Examples include Google App Engine, Salesforce.
SaaS or Software as a Service : If the cloud offers access to software applications on per user basis, it is called Software as a Service or SaaS. Examples include GMail, Google Docs.
As per Deployment Models :
On the other hand, as per deployment models there are mainly four types of clouds.
Private Cloud : Private clouds operate solely for a single organization. They can be managed internally or by a third party, hosted internally or externally.
Public Cloud : In a Public Cloud, services are rendered over a network that is open to public.
Community Cloud : Community Cloud shares infrastructure among several organizations from a specific community with similar concerns like security, compliance, jurisdiction etc. They can be managed internally or by third party, hosted internally or externally.
Hybrid Cloud : Hybrid cloud is a composition of two or more clouds, like private, public or community. It offers the benefits of multiple deployment models.
Security Concerns of Cloud
What are the security concerns that the cloud service providers and the clients need to take care of ?
If we look closely, we can see quite a number of security concerns, which we need to take care of while implementing or using the service of clouds.
Let’s discuss a few of them.
- The first security issue that we can think of is data breaches. In a multi-tenant cloud service, if the cloud service database is not designed properly, a single flaw in a single client’s application can give an attacker access to data of one or multiple client. Encrypting data can be a solution, but if you lose encryption key, you lose data. Again, keeping offline backups of data increase the possibility of data breaches.
- Secondly, we can think of the issue of data loss that the cloud service providers need to take care of. Data must be preserved from disasters like fire, flood or an earthquake.
- The next issue we can think of is account hijacking. If an attacker somehow hacks the account of the cloud service provider, he can eavesdrop all the transactions and manipulate data and redirect the clients to illegitimate sites and prepare for more attacks.
- Fourthly, the threat of insecure interfaces and APIs. Cloud service providers provide APIs and interfaces for usage, management, orchestration and monitoring of cloud services. Weak interfaces and APIs can expose the threats of issues related to data confidentiality, integrity, availability and accountability.
- The next threat is Denial of Service attack. Cloud service providers bill their client’s based on computing cycles and disk space consumed. An attacker, even if he may not be able to stop the services completely, he may consume much process cycles to affect the services to a significant extent.
- The cloud service providers also have to keep safe from malicious insiders. They have to monitor properly all its employees, contractors or business partners who access the cloud, network, services and data. A malicious insider or irresponsible access to data can lead to serious threats.
- The seventh issue is the abuse of clouds. A malicious user should not use the processing power of clouds for the purpose of breaking encryption keys or hack a system. A cloud service provider needs to take care of the abuse of their clouds.
- A cloud service providers provide resources like CPUs, GPUs and caches to multiple clients. A cloud must be designed to offer strong isolation properties. If an integral component gets compromised, it exposes the entire environment to a potential of compromise and breach.
So, if you are a cloud service provider or a user, it is better to keep these concerns in mind and design it properly.