Theoretical Paper Review
Authors Name: Asoke Nath, Kanij Fatema Aleya, Madhumita Santra, Supriya Maji
Article Title: Security Issues and Challenges in Cloud Computing: A Brief Overview
Journal: International Journal of Emerging Technology and Advanced Engineering
(ISSN 2250-2459, ISO 9001:2008 Certified Journal, Volume 6, Issue 1, January 2016)
http://www.ijetae.com/files/Volume6Issue1/IJETAE_0116_50.pdf
Statement:
The article “Security Issues and Challenges in Cloud Computing: A Brief Overview” seeks to address the current security challenges, issues, and risks facing cloud computing from a consumer and provider perspective.
The problem being addressed is the inevitability of subscribing to cloud computing given the current security issues faced and risks associated with those issues while also proposing feasible solutions and mitigation plans to overcome cloud security challenges clearly stating liability and due diligence responsibility.
Method:
The article starts with an abstract that summarizes the intent of this article stating high level issues of cloud computing and security. It moves on in section I to an introduction where cloud computing is defined in terms of characteristics, types of services, and methodology. In section II, cloud security is discussed where issues are presented and discussed and a solution is presented for each. Lastly conclusion emphasizes points discussed in article authors` perspective on subject is provided.
Thoughts:
The introduction in section I where cloud computing is laid out in a simple and understandable manner to any type of reader gives a very thorough yet easy understating of cloud computing concepts in general because it explains the characteristics of the cloud without very technical words, it clears the fundamental types of cloud, and provides a view on cloud services with examples.
I totally agree with the article layout of section II in which cloud computing security issues is summarized into three types:
- Data Issues
- Privacy Issues
- Infected Application
Though unlimited types of risks apply to computing and are shared by all types of IT environments (Private, Public, & Hybrid), only those three listed issues actually are more unique and apply to public cloud computing (Daun & Kimble, 2015).
I couldn’t have said it better, the right cloud provider must be chosen, after which individual solutions to the for mentioned issues can be discussed. The solution to cloud security challenges presented are:
- Find Key Cloud Provider
- Clear Contract
- Better Enterprise Infrastructure
- Use of Data Encryption for security purpose
- Prepare chart regarding data flow
The authors` could have also added the location of Datacenter where data is to be hosted and the type of physical security applied to those datacenters including disaster recovery options. SLA is a big part of cloud computing security in addition to government legislation ensuring correct policies, procedures, and accountability is provided (European Data Protection Supervisor, 2015).
I do agree to some extent with the final statement of the author that “there is much to be cautious about” in regards to cloud computing never the less this statement applies to anything in life, the right approach would be to practice due diligence from the government in terms of legislation, from the consumer in terms of awareness, and from the vendor in terms of security.
References
Daun, S. & Kimble, A., 2015. The Privacy Challenges of Cloud Computing. [Online]
Available at: https://www.infosecurity-magazine.com/opinions/privacy-challenges-of-cloud/
[Accessed 17 Feb 2017].
European Data Protection Supervisor, 2015. Cloud Computing Security. [Online]
Available at: https://secure.edps.europa.eu/EDPSWEB/edps/EDPS/Dataprotection/QA/QA10
[Accessed 18 Feb 2017].