Ensuring the safety of customers information in the cloud network
The concept of cloud computing. Types of clouds. Advantages and disadvantages of using the network technology. Examining the main parts of the computing system. Studying the protection problems of information security in corporate and public systems.
Рубрика | Программирование, компьютеры и кибернетика |
Вид | реферат |
Язык | английский |
Дата добавления | 20.03.2016 |
Размер файла | 25,1 K |
Отправить свою хорошую работу в базу знаний просто. Используйте форму, расположенную ниже
Студенты, аспиранты, молодые ученые, использующие базу знаний в своей учебе и работе, будут вам очень благодарны.
Размещено на http://www.allbest.ru/
Content
- Introduction
- Chapter 1. Characteristics of services in the cloud
- 1.1 The concept of cloud computing
- 1.2 Types of clouds
- 1.3 Advantages and disadvantages of using cloud technology
- 1.3.1 Advantages
- 1.3.2 Disadvantages
- Chapter 2. Protection problems
- 2.1 Hardware components of the data center
- 2.2 Telecommunications section of the access to the resources of the data center
- 2.3 Users and their software and hardware
- 2.4 Middleware
- 2.5 Application services
- 2.6 Storage Systems
- Conclusion
- Bibliography
Introduction
Nowadays Information technologies are developing quickly. There is an immense development of software. Earlier developed applications were distributed on physical media, and then they had to be installed on a computer. Software developers are exhibited the minimum system requirements that a computer should correspond to for all programs correct functioning. The Internet is evolving, servers are constantly being upgraded. At some point, it turned out that the processing power can be combined with support software services. This was the starting point of the cloud computing development.
The widespread using of computers and based on them all kinds of administrative and technical ("human-machine") systems, such as "cloud" computing, arise information security problems.
Information security issues take a special place in society and attract to themselves increasing attention. The success of any activity largely depends on the ability to dispose such value, as information. The Russian Federation Law "On Information, Informatization and Protection of Information" emphasizes that "information resources are objects owned by citizens, organizations, associations, the state".
This study is the first chapter version of the Graduate Qualification Work on the topic: "Ensuring the Safety of Customers Information in the Cloud Network".
According to the information given above the graduation work is aimed at building the information security ensuring system of cloud computing services. In order to meet the goal it was necessary to solve the following tasks:
ь to analyze theoretical aspects of cloud computing;
ь to study the cloud types;
ь to examine the system advantages and disadvantages;
ь to analyze information security data specificity by studying the problem of cloud computing protection.
Chapter 1. Characteristics of services in the cloud
1.1 The concept of cloud computing
Cloud computing is the technology of distributed data processing, in which computing resources and capacities are available to the user as an Internet service. The essence of cloud computing is to provide computing resources and applications (including operating systems and infrastructure) to users with remote access through the Internet.
The term "cloud computing" is applicable to any services that are provided over the Internet. Cloud computing is a powerful approach for calculations resource. It becomes more and more popular. Anyone has ever used the services provided with the opportunity to work with applications without installing them on their computer.
1.2 Types of clouds
Since the cloud is a collective term, it makes sense to classify them according to some criteria. There are two classifications of clouds below, where one is suggested publication InfoWorld, and other - business manager Parallels, one of the market leaders in virtualization.
Analysts from InfoWorld propose to divide all the clouds into six types:
1) SaaS - Software as a Service (for example, Zoho Office and Google Apps);
2) Utility computing, for example, virtual servers;
3) Web service in the cloud - optimized online services for virtual environments (for example, Internet banking);
4) PaaS - Platform as a Service (for example, Live Mesh from Microsoft);
5) MSP - Managed Service Provider (for example, built-in virus scanner for email portals);
6) Commercial platform for services - union PaaS and MSP (for example, Cisco WebEx Connect).
Clouds can also be public or private. Public cloud services can be used by anyone. At the moment, Amazon Web Services is the most famous and largest provider in the public cloud. The main difference between private and public cloud is providing services from the cloud in a closed from public access infrastructure to a limited number of users. Under such a structure, part of customer data is stored and processed by the resources of its own infrastructure, and another part by the resources of the external provider. Service from Amazon called Amazon Virtual Private Cloud (Amazon VPC) is an example of a virtual private cloud.
1.3 Advantages and disadvantages of using cloud technology
1.3.1 Advantages
· Cheap computers for users. Users do not need to buy expensive computers with more memory and disk drives to use the program through the web interface. There is also no need for CD and DVD drives, because all the information and programs are held in the "cloud." Users can switch from conventional computers and laptops to a more compact and convenient netbooks.
· Increased performance of customer computers. Most of the programs and services are run remotely through Internet. Therefore, computers with a smaller number of programs start and run faster. One good example is Panda Cloud Antivirus, which allows you to scan data for viruses remotely on powerful servers and thus twice reduces the load on the user's computer.
· Reduce costs and increase the efficiency of IT infrastructure. Ordinary server loaded on the average of 10-15 %. In some periods of time there is a need for additional computing resources, in others these costly resources are idle. Using the required amount of computing resources in the cloud (for example, Amazon EC2), at any time, companies reduce the cost of equipment and maintenance up to 50 %. The flexibility of production in a constantly changing economic environment always increases. If a sufficiently large firm is concerned that valuable information will be stored and processed on the side, company can build its own cloud and enjoy all the benefits of virtualization infrastructure.
· Less service problems. Because of physical servers with the introduction of Cloud Computing becomes smaller, they become faster and easier to maintain. Software is automatically updated in the cloud.
· Less costs with software purchasing. Instead of purchasing software packages for each local user, companies buy the right software in the cloud. These programs will be used only by users which are required to use programs in their work. Moreover, the price of programs for the Internet access is much lower than their counterparts for PCs. The costs of updating and support programs are reduced to zero.
· Software update. At any time, when user starts the remote program, he can be sure that the program has the latest version - without the need to reinstall or pay something for the upgrade.
· The increase in computing capacities. Compared to a personal computer, computing power of cloud is limited only by its size, that is, the total number of remote servers. Users can deal with more difficult problems with a large number of necessary memory space for your data.
· Unlimited amount of storage. Storage in the "cloud" can be flexibly and automatically adjusted to the user's needs. When storing the information in the "cloud," users can forget about the limitations imposed by conventional disks - "cloud" dimensions reach billions of gigabytes of free space available.
· Operating system compatibility. Operating systems do not play any role in cloud computing. Unix users can share documents with users of Microsoft Windows, and vice versa, without any problems. Access to programs and virtual machines occurs using a Web browser or other means of access, installed on any personal computer with any operating system.
· Increased document format compliance. If the same "cloud" software to create and edit documents is used, format compliance problem will not arise. A good example of this compliance is an office suite Google Docs.
· Simple work within a user group. While working with documents in the "cloud" it is not necessary to send the document version or edit it constantly. Users can be sure that they have the latest version of the document, and any change made by one user is seen by all the others.
· Widespread access to documents. If the documents are stored in the cloud, they can be available to users any time and everywhere. Users do not face such thing as a forgotten file because if there is the Internet, files are always available.
· Access from various devices. Cloud Computing users have wide choice of devices to access documents and programs. It is possible to choose between a standard PC, laptop, Internet tablet, PDA, smartphone or netbook.
· Saving the natural resources. Cloud computing allows to save on electricity, computing resources, the physical space occupied by the servers. Moreover, cloud computing spends natural resources reasonably. Data centers can be placed in a cooler climate. Users can replace heavy, demanding computers and laptops on easy and economical netbooks. This saves not only energy and space, but also the materials that those devices are made from.
· Stability of data loss or theft of equipment. If data is stored in the cloud, copies are automatically distributed across multiple servers, which may be located on several continents. Theft or damage to the user's PC does not cause the loss of valuable information, because it can be found by any other user.
1.3.2 Disadvantages
· Permanent connection to the Internet. Cloud Computing is almost always requires a connection to the Internet. Some of the cloud programs downloaded to the local computer and used at a time when the Internet is not available. In other cases, if there is no access to the Internet - no work, programs, and documents. This is probably the strongest argument against the cloud computing.
· Bad working with slow Internet access. Many of the cloud programs require a good Internet connection with high bandwidth. But these days, access speeds are increasing, and prices - are falling.
· Programs may run slower than on a local computer. Some programs that require the transfer of a significant amount of information will work on your computer faster not only because of the restrictions on Internet connection speed, but due to busy remote servers and problems in the way between you and the cloud.
· Not all programs or their properties are available remotely. Cloud analogues lose in functionality. For example, Google Docs table have far fewer features and functions than Microsoft Excel.
· Data security can be under the threat. It all depends on who provides "cloud" services. If the cloud provider encrypts the data, always back-up copies should be made. With more than a year working experience on the market of such services and good reputation a company does not have any data security risk.
If the data in the cloud is lost, they are lost forever. This is a fact. But to lose the data in the cloud is much more difficult than to lose it on a local computer.
Despite the fact that there are more advantages than disadvantages, still, each time it's a particular case needed to be observed.
Chapter 2. Protection problems
Recent years, the question aimed on the development of cloud computing, considering their prospects, arises more often. Only for the 2011 business growth in this area was more than 25 %. The main principle of computing in the cloud is based on the implementation of various wishes of the users by providing the different services. The main goal of this approach is to move from the problems by the choice of hardware and supporting software applications to provide guaranteed data storage providers in the cloud service process. Data center construction is the basis solution of this strategy. This makes it possible to provide enormous computing resources, the ability to store and provide instant access to data for average user of the Internet or ordinary employee who has access to the corporate network. In such conditions, user's side of the process is most important. In this situation, the issue of information security pushed into the background. An intensive advertising campaign represents cloud computing as something new, the decision problem of information security is postponed at a later time. User data and the stability of the entire structure as a whole are at risk. This situation is reminiscent of the development of electronic "banking" in the last ten years, where the question of information security has been intensively considered due to large losses which reached 10-15 % of the profits.
Analogy processes of cloud computing can be seen in large computer systems, the 80's of the last century, where the main difference was a breadth of opportunities for high-speed user access to the data center resources. And such access was possible only within individual organizations that have used these centers for computing. But already in the 90's, when the computing speed exceeded the speed of processing and preparation of the information in peripherals, possibility of parallel tasks on a computing device was realized.
The process of development of cloud computing began a few decades ago. At the same time began to consider the problems of information security. Basic principles of information security in computer systems that have developed over the last 20 years, can be used in cloud computing. Baranov A.P. in his article "Is it possible to protect confidential information within a cloud?" discusses the use of this opportunity and reveals unresolved problems that hinder the development of the information security for computing in the cloud.
For the analysis considered the organization of the cloud computing which based on the data center, that implements the principle of virtualization computing.
The author divides the computing system in a cloud on the six main parts:
1. Hardware components of the data center;
2. Telecommunications section of the access to the resources of the data center;
3. Users and their software and hardware;
4. Middleware;
5. Application services provided by data centers as a layer of application software for the guest operating systems;
6. Storage Systems (primarily databases).
In article the author examines the problem of information security in each of the above parts, dividing the use each of them in two possible directions: corporate and public system. cloud network advantage security
2.1 Hardware components of the data center
For corporate networks that handle confidential information, the principles of selection and certification of hardware parts are well known and is to ensure the reliability and stability of operation that give manufacturers. Also, these principles are reflected in number of organizational measures to ensure no access hackers to the hardware components of a data center. If the side effects of radiation or electromagnetism appear, exploration activities on the side signals and protective measures should be conducted by known methods. Similar events are held, as a rule, for a system of public cloud computing.
2.2 Telecommunications section of the access to the resources of the data center
Telecommunications is based either on the open traffic or on IP-packet encryption by software or hardware. The personal data are processed in a corporate network typically require confidentiality. Therefore, to keep access to IP-based networks applies encryption at the IP-packets. In order to minimise costs to encryption, corporate network can be built in a tree structure of ties and form a dedicated VPN (virtual private network) for one hundred thousand users. Through this network structure it is sufficient to ensure simultaneous communication with a small number of users. The situation is more complicated in the systems of public cloud computing. In contrast to the corporate network, public system must provide Internet network access to more than one million people, workplaces which can constantly change the IP-address. Packets may arrive with a delay on the Internet. This creates a serious burden on the computer system data center. Obviously, there are a number of human activity areas in which these restrictions are unacceptable. Therefore, increasing the speed of IP-encryption is currently relevant and perspective task.
2.3 Users and their software and hardware
Encryption of IP-flow in the workplace by using SSL by software and especially hardware at 1Mbit /s is not a problem. In the market a number of companies are offering certified products. More complex, but solvable problem for the corporate cloud is the protection of keys, operating system and information within the workplace user. Workplace can be equipped with special tools such as electronic locks, etc., the operation of which can be controlled by the user of this place, as well as information security services of the company. The situation is more difficult for the public system. A cracker may be officially registered user has a legal right of access to the system, and he can try to overcome the security system, in particular, access control system, using special equipment installed on workplaces. Practically it is impossible to control the user workplace composition in public networks. Obviously, the safety equipment in the data center of public systems should be highly effective and the requirements for them are very stringent.
2.4 Middleware
The structure of the data center implements the concept of virtual machines. Consider the "middle" layer as the hypervisor and guest operating systems with application tasks on them. The control system is also rated as one of the virtual machines. The hypervisor is a key element of information security in the development and operation of virtual machines. Simultaneously, the hypervisor itself is an operating system that operates directly with the hardware, sometimes by delegating functions of basic systems guest. Thus, the hypervisor can be viewed as a traditional operating system. The question of creating or providing safe mode of the system is reduced to hypervisor complying with the requirements for standard operating systems.
2.5 Application services
Situation is identical certification of application software for operating systems. Typically, constraint checking to software developed during certification of operating systems with the participation of the developer for the above systems takes no more quarter. Certification of large and complex products like Word or Explorer, require one year of effort in initial certification systems. In the future, the time for certification of the following systems versions was reduced significantly. The main challenge in this area is to develop a minimum set of requirements for the application software in the certification of operating systems. The same applies to the principles of certification hypervisor.
2.6 Storage Systems
In terms of application of certified information security requirements for the storage situation is very grim. Only certified database MS SGL. Such powerful database like Oracle or DV2 must certify to the requirements FSTEC to Category 1-D. In the absence of certification must rely on the imposed protection remedies that do not affect the internal mechanisms mentioned databases. The market of protection means contains almost no proposals in this area. It appears that this situation will be maintained and supported by database vendors as long as in Russia will not create or certified alternative, quite effective database that can be applied to large data centers. Create a national database that is comparable with the products of the leading manufacturers and package business applications for it that can reduce development time of application software, is a national task, comparable to the task of creating and maintaining native operating system.
Conclusion
As a result of the research the author has made the following conclusions:
1) In the theoretical part of the research the author studied cloud computing characteristics and worked out the following advantages and disadvantages of the system:
Advantages:
· Cheap computers for users;
· Increased performance of customer computers;
· Increased performance of customer computers;
· Reduce costs and increase the efficiency of IT infrastructure;
· Less service problems;
· Less costs with software purchasing;
· Software update;
· The increase in computing capacities;
· Unlimited amount of storage;
· Operating system compatibility;
· Increased document format compliance;
· Simple work within a user group;
· Widespread access to documents;
· Access from various devices;
· Saving the natural resources;
· Stability of data loss or theft of equipment.
Disadvantages:
· Permanent connection to the Internet;
· Bad working with slow Internet access;
· Programs may run slower than on a local computer;
· Not all programs or their properties are available remotely;
· Data security can be under the threat.
2) Based on the article of A.P. Baranov, professor, Head of Information Security Management Department in National Research University Higher School of Economics, "Is it Possible to Protect Confidential Information within a Cloud", the problem of information security was examined.
3) The cloud computing process was studied and six main parts of the system were defined:
· Hardware components of the data center;
· Telecommunications section;
· Users and their software and hardware;
· Middleware;
· Application services;
· Storage Systems (primarily databases).
The author analyzed all parts of cloud computing system and found their weaknesses. In the practical part of the research the information security risks will be evaluated, and several measures aimed at minimizing those risks will be proposed.
Bibliography
1. V.F. Shangin Data Protection. \\ Effective measures. ? M.: DMK Press, 2008. - p. 544.
2. V.M. Belogrudov Cloud Computing - advantages and disadvantages \\ http://www.smart-cloud.org/sorted-articles/44-for-all/96-cloud-computing-plus-minus. 03.03.2012.
3. A.P. Baranov "Is it Possible Confidential Information within a Cloud" \\ High Availability Systems, 2012. T. 8. № 2. p. 12-15.
4. M.C. Kondrathin Cloud Computing Security \\ http://www.pcmag.ru/solutions/detail.php?ID=38248. 15.02.2010.
5. Information Security Treat \\ http://www.internet-technologies.ru/articles/article_1147.html. 3.10.2007.
Размещено на Allbest.ru
...Подобные документы
Review of development of cloud computing. Service models of cloud computing. Deployment models of cloud computing. Technology of virtualization. Algorithm of "Cloudy". Safety and labor protection. Justification of the cost-effectiveness of the project.
дипломная работа [2,3 M], добавлен 13.05.2015Information security problems of modern computer companies networks. The levels of network security of the company. Methods of protection organization's computer network from unauthorized access from the Internet. Information Security in the Internet.
реферат [20,9 K], добавлен 19.12.2013Practical acquaintance with the capabilities and configuration of firewalls, their basic principles and types. Block specific IP-address. Files and Folders Integrity Protection firewalls. Development of information security of corporate policy system.
лабораторная работа [3,2 M], добавлен 09.04.2016The material and technological basis of the information society are all sorts of systems based on computers and computer networks, information technology, telecommunication. The task of Ukraine in area of information and communication technologies.
реферат [29,5 K], добавлен 10.05.2011IS management standards development. The national peculiarities of the IS management standards. The most integrated existent IS management solution. General description of the ISS model. Application of semi-Markov processes in ISS state description.
дипломная работа [2,2 M], добавлен 28.10.2011История Network File System. Общие опции экспорта иерархий каталогов. Описание протокола NFS при монтировании удаленного каталога. Монтирование файловой системы Network Files System командой mount. Конфигурации, обмен данными между клиентом и сервером.
курсовая работа [1,3 M], добавлен 16.06.2014Social network theory and network effect. Six degrees of separation. Three degrees of influence. Habit-forming mobile products. Geo-targeting trend technology. Concept of the financial bubble. Quantitative research method, qualitative research.
дипломная работа [3,0 M], добавлен 30.12.2015Сrime of ciber is an activity done using computers and internet. History of cyber crime. Categories and types of cyber crime. Advantages of cyber security. The characteristic of safety tips to cyber crime. Application of cyber security in personal compute
презентация [203,5 K], добавлен 08.12.2014Overview history of company and structure of organization. Characterization of complex tasks and necessity of automation. Database specifications and system security. The calculation of economic efficiency of the project. Safety measures during work.
дипломная работа [1009,6 K], добавлен 09.03.2015A database is a store where information is kept in an organized way. Data structures consist of pointers, strings, arrays, stacks, static and dynamic data structures. A list is a set of data items stored in some order. Methods of construction of a trees.
топик [19,0 K], добавлен 29.06.2009Consideration of a systematic approach to the identification of the organization's processes for improving management efficiency. Approaches to the identification of business processes. Architecture of an Integrated Information Systems methodology.
реферат [195,5 K], добавлен 12.02.2016Technical and economic characteristics of medical institutions. Development of an automation project. Justification of the methods of calculating cost-effectiveness. General information about health and organization safety. Providing electrical safety.
дипломная работа [3,7 M], добавлен 14.05.2014The need for Colvir's functional modules to avoid the costs of training and to facilitate modification and interaction of system components. Description and practical use of Citrix server and CyberPlat - integrated universal banking online payments.
доклад [505,3 K], добавлен 05.09.2011Технология протокола NAT (Network Address Translation). Особенности его функционирования, применения и основные конфигурации. Протоколы трансляции сетевых адресов. Преимущества и недостатки NAT. Основные способы его работы: статический и динамический.
курсовая работа [480,1 K], добавлен 03.03.2015Модели обслуживания облачных технологий (IaaS, PaaS, SaaS). Определение облачных технологий, их основные характеристики, достоинства и недостатки. Функции и возможности облачного решения Kaspersky Endpoint Security Cloud от "Лаборатории Касперского".
курсовая работа [626,7 K], добавлен 29.06.2017Overview of social networks for citizens of the Republic of Kazakhstan. Evaluation of these popular means of communication. Research design, interface friendliness of the major social networks. Defining features of social networking for business.
реферат [1,1 M], добавлен 07.01.2016Web Forum - class of applications for communication site visitors. Planning of such database that to contain all information about an user is the name, last name, address, number of reports and their content, information about an user and his friends.
отчет по практике [1,4 M], добавлен 19.03.2014Основные виды сетевых атак на VIRTUAL PERSONAL NETWORK, особенности их проведения. Средства обеспечения безопасности VPN. Функциональные возможности технологии ViPNet(c) Custom, разработка и построение виртуальных защищенных сетей (VPN) на ее базе.
курсовая работа [176,0 K], добавлен 29.06.2011Data mining, developmental history of data mining and knowledge discovery. Technological elements and methods of data mining. Steps in knowledge discovery. Change and deviation detection. Related disciplines, information retrieval and text extraction.
доклад [25,3 K], добавлен 16.06.2012Международный стандарт ISO/IEC 12207:1995 ”Information Technology – Software Life Cycle Processes” (ГОСТ Р ИСО/МЭК 12207-99) определяющий структуру ЖЦ, содержащую процессы, которые должны быть выполнены во время создания программного обеспечения.
презентация [519,6 K], добавлен 19.09.2016