Revuew of A Survey on Security Challenges in Cloud Computing

Review
of
A Survey on Security Cloud Computing

"According to Google's Kevin Marks, the term "cloud computing" comes "from [the] early days in the internet where we drew the network as a cloud." Cloud computing is a efficient and convenient, on-demand shared pool of configurable computing resources and devices. Cloud systems require a simple installation and are user friendly.

Cloud computing is classified based on service models or deployment.

• "A Private vloud is owned or rented  by an organization. The whole cloud resource is dedicated to that organization for its private use. An example of this model is a cloud built by an enterprise to serve their business critical applications.
• A Public cloud is owned by a service provider and its resources are sold to the public. End-users can rent parts of the resources and can typically scale their resource consumption up (or down) to their requirements. Amazon, Google, Rack-space, Salesforce, and Microsoft are examples or public cloud providers.
• A Community cloud is similar to a private cloud but where the cloud resource is shared among members of a closed community with similar interest.
• A Hybrid cloud is a combination of two or more cloud infrastructures: this can be either private, public, or community clouds. The main purpose of a hybrid cloud is usually to provide extra resource in cases of high demand, for instance enabling migration some computation task from a private cloud to a public cloud.?

Traditional Security Challenges

Cloud computing is vulnerable to new attack vectors that are simple to carry out.  There is also the risk of forensics becoming more difficult, police investigators may lack inability to access hardware physically. "The availability of cloud service providers is also a big concern, since if the cloud service is dis-rupted, it affects more customers than in the traditional model. For example, the recent disruption of the Amazon cloudservice took down a number of websites including Reddit, Foursquare, and Quora."

Cloud Security Challenges

"As end-users utilize the cloud services and store their data in the provider’s infrastructure, the most critical security con-cern is about privacy and user data confidentiality. End-users want to know where their information is stored, and who is incontrol of that information in addition to the owners. They also want to be guaranteed that the critical information is notaccessed and used illegally, even by the cloud providers."

Source: www.elsevier.com/locate/compeleceng

Review of Cloud Computing

A View
of Cloud
Computing

"Cloud Computing, the long-held dream of cloud computing as a utility, has the potential to transform a large part of the IT industry, making software even more attractive as a service and shaping the way IT hardware is designed and purchased.

Cloud computing is the ability to receive services delivered through the internet and the hardware and system software in the data center to deliver the services. Software as Service (SaaS)  is a consumer using provider's applications running on the cloud infrastructure. Service providers the exclusively manage computing infrastructure and software the support services.

"Any application needs a model for computation, a model of storage, and a model of communication. The statistics of multiplexing necessary to achieve elasticity and the appearance of infinity capacity available on demand requires automatic allocation and management".

In cloud computing, security threats are a real concern from both outside and sources in the cloud. It is the responsibility among many parties, including the cloud users, the cloud vender, and any third-party vendors that rely on for security sensitive software or configurations.

Think about how expensive it is for internet transfers to process. The opportunity to overcome high Internet transfers is in shipping disk or even whole computers. "While this does not address every use case, it effectively handles the case of large delay-toleration point-to-point transfers, such as importing large data sets.

I agree that cloud computing will grow and developers should take notice. Remember a couple weeks ago news broke about Google's floating data centers on the western and eastern coast of the United States. Cloud computing will improve bandwidth and cost and processors work well with VMs and flash memory should be added to the memory heirarchy, and LAN switches and WAN routers must improve bandwidth cost.
.

Review of Automated, Secure, Reliable, & Distributed Backup of MER Tactical Data on Clouds

The Mars Exploration Rover (MER) Project in 2010 became the first to include the public cloud on is every day mission-critical operations. Lower cost could systems developed by MER have transitioned tactical data onto lower cost storage system environments.

The main goal of all backup systems are to increase the effectiveness of durability as much as possible. "Availability measures the reliability of the data store and the likelihood of which data will be available." The goal more specifically is to minimize cost significantly when compared to conservative IT solutions.

The workflow system allows the system to automatically backup, audit, and complete a system recovery. The interested parties will receive the output of each backup run by email. Discrepancies between the audit report and archive are noted and another backup process starts to refresh the cloud backup. "Finally, the recovery to storage is to perform a full restoration of files in the archive.

The process has shown promising results, extremely high performance for backups and recovery have been acknowledged. multi-threaded transfer client was able to give us transfer rates that far

exceed common means archiving data:

•Parallel transfers to S3: 70MB/s sustained

•External USB hard drives: 60MB/s sustained (theoretical based on USB specifications)

•DVD writer at 24x: 31 MB/s sustained(theoretical) 

 

"The backup process to the cloud, along with the variable cost model of cloud storage, provides a compelling alternative to traditional backup processes. The optimized data transfer client can support speeds that exceed

common data backup strategies such as using an external hard drive and DVD archiving."

REFERENCES

[1]Microsoft Azure Web Site:

http://www.microsoft.com/windowsazure/features/storage/

[2]Amazon S3

Web Site: http://aws.amazon.com/s3/

[3]CNSS Policy No. 15, Fact Sheet 1. National Policy on the

Use of the AES Standard to Protect National Security

Systems and National Security Information.

http://csrc.nist.gov/groups/STM/cmvp/documents/CNSS15FS.pdf

Important Storage Companies and their Products

"Western Digital on Monday announced that its subsidiary has begun shipping the new 6-terabyte Ultrastar Ultrastar He6 drive drive, a model that seals the spinning disk platters inside a hermetic chamber filled with helium instead of air".  The power used per terabyte drops 49 percent because helium is a low density of air reducing the turbulence caused by spinning disk and heads that constantly move above them. "HGST's Helium platform will serve as a future building block for a new growing market segments such as cold storage, a space that HGST plans to address over the next couple of years."




"The mystery surrounding a large structure built on a barge docked in San Francisco bay is deepening. Is it  floating data center? Or something else altogether. Google has been building a large structure made of shipping containers with evidence pointing that it may be a floating data center. Google itself has a patent for the concept. "The Portland (Maine) Press Herald ran a story reporting a structure built on a barge also showing up there.
Source:  CNET

Amazon Cloud Drive provides 5 GB of free storage. You are able to upload and stream up to a rather minimal 250 songs to Windows PCs, Macs, and Apple Android devices. You can purchase more from 20 to  1,000 gigabtes of 50 cent per gigabyte
Source: ZDNet

Storage companies and their products allow people and businesses up the efficiency to operate more freely and securely save their data . 

Smart Watches Offer a Shortcut to Your Phone

When Eric Migicovsky conceived of what would become the Pebble smart watch five years ago, as an industrial design student at Delft University of Technology in the Netherlands he didn't know popular his idea would become. He just wanted to ride his bicycle without risking crashing while attempting to pull his cell phone out of his pocket.

Migicovsky is now shipping 85,000 Pebble watches to eager customers who have parallel reasons as he when he for sought the product. "Pebble uses Bluetooth to connect wireless to an iPhone or Android phone and displays notifications, messages, and other simple data of the user's choosing on its small black-and-white LCD screen."

Migicscovsky and his team have purposely designed the watch so that is doesn't replace the smartphone altogether. More difficult apps will be left for smartphones to handle while the Pebble can be used to control a music playlist or run simple apps like Runkeeper, a could-based fitness tracker.

Samsung has just released the Galaxy Gear smart watch and it is currently being sold at Sprint for $299. Google will also join the team of smart accessories by attempting to replace the smart phone altogether with Google Glass. It will combine a computer and monitor into eyeglass frames so the wearers can "augment"their view of the world with data.

Source: MIT Technology Review

uProxy the Cure to Censorship?

Google announced at its Ideas Summit in New York that it is developing a browser extension that make it possible to bypass country-specific Internet censorship and make connections more private and safer.

"The tool, which was developed by the University of Washington and seeded by Google, is at its core a peer-to-peer personalized virtual private network (VPN) that redirects Internet traffic coming from and initial, less secure connection through a second, trusted connection, and then encrypts the pathway between two terminals.

Let's assume that Barry, who lives in a country with an Internet censorship, contacts Jim, who has a much safer, or uncensored, or unmonitored access to the Internet.

Jim agrees to act as a proxy for Barry, and as long as his browser is open, Barry's outgoing web traffic will be routed through Jim's connection. The connection between Barry and Jim is encrypted.

uProxy is a true P2P service, so there is no centralized server that governments can block. The data packets are encrypted so that they cannot be easily flagged by a malicious user (or government). "The service doesn't anonymize traffic like Tor, and isn't a file sharing tool as it only proxies traffic from web servers."

Source: uProxy

Clean water in developing countried using Converted Shipping Containers

Coca-Cola has launched a innovative project that will transform about 2,000 shipping containers into water purifying stations. Joining forces with Deka R&D, the shipping container module dubbed Ekocenter has been designed to provide isolated communities with solar powered energy efficient facilities to access safe drinking water and wireless internet technology.

"Each machine delivers approximately 850 liters (225 gallons) of safe drinking water per day using less electricity than a hair dryer (1 kWh)," says Coca-Cola.

"The ekocenters will be distributed throughout Africa, Asia, Latin America and North America. By the end of 2015 it's estimated that there should be enough running to produce about 500 million liters (132 million gallons) of clean water per year. Coca-Cola will employ local partners to carry out mainttenance and checks on the Ekocenter's water purifying facilities, making sure the water is safe to drink and meets international health standards."

Source: Coca-Cola, Deka R&D