ITC596-IT RISK MANAGEMENT
ASSESSMENT-3
Submitted By:
Student Name:
Student ID:
2
Table of Contents
EXECUTIVE SUMMARY ……………………………………………………………………………………………… 3
THREATS, VULNERABILITIES AND CONSEQUENCES………………………………………………. 6
THREATS………………………………………………………………………………………………………………….. 8
SECURITY CONTROL MECHANISM………………………………………………………………………. 11
PROTCTION MECHANISM…………………………………………………………………………………………. 13
REFERENCES …………………………………………………………………………………………………………….. 15
3
CLOUD SECURITY
EXECUTIVE SUMMARY
Cloud computing technology is one of the emerging technologies which are used in most
of the organization because it has lots of advantages and it gives complete security system of the
particular network. There are many techniques, methods and functions are applying in this cloud
network with the help of cloud resources and IT services through the internet. It can provide the
proper security on the cloud data by using separate infrastructure which can make the elastic
environment for sharing the data. Cloud network must have the service provider for the purpose
of giving the services from multitenant framework. From this, it will get many benefits to the
specific organization which is using cloud environment. In this report, we are going to know
about the cloud security in cloud computing environment, how it was providing security to the
entire network and what kind of technology had used this domain as well.
IT infrastructure services are associated with the cloud network that is in the form of
storage capacity, proper network, services over the servers in the network. Some applications are
playing main role while communication such as infrastructure as a service in which gives proper
database with platform deploy application. And also, it can enable with some other applications
such as software as a service for providing update version of software, platform as a service for
providing robust platform and software are merging with subscription oriented application.
Hence, the management has to create the cloud service providers who are already working.
IaaS has to making multiple customers for scaling the services whereas the service
providers should compute the pay as you go application for every organization. Each any every
enterprise should maintain the financial sectors for monitoring their finance-oriented things in
the network infrastructure which will select to construct the public and private cloud, IT
infrastructure, management team for doing self-services. It must be concentrated more on quality
of the service, provisioning for on demand process, scalable performance and chargeback like
pay as you go. Every enterprise is supposed to construct the private cloud service and public
4
cloud service with the relevant applications which are all considered in cloud model and the
application want to be belonging in the data migration process in the cloud computing network
infrastructure.
In public cloud network, there is the possibility to having some authority for cloud
providers to do the specific operations such as decision-making capacity while migration and
accessing the application. Data migration process brings the netter performance to the cloud
service providers in which process is based on the cloud application. This process will affect the
security control, not giving the successful performance and ease of data migration, which is
damaged the client service experience in future. Then only, the network environment will go for
data centers for assisting this entire process in an effective manner. The major responsibility of
data centers is implementing the applications that are already processed in cloud computing
technology and triggering the infrastructure for provide some benefits like resiliency of the
service and scalable performance. Sometimes it may create the security issues when existing
application are running over the network infrastructure. In cloud security, some possible ways
are affecting the network while migrate the relevant application to the network which can’t
correct any issues like scalable and reliable performance through intrinsic software.
Most of the IT organization has the capacity to solve these issues by using some
functional operations and proper financial sector services. The legacy server is sharing the
information to the cloud database by using this strategy on the whole network. By making the
fresh infrastructure, the applications are redeploying with the platform through the service with
the help of service provider. The IT management team should build the coordination control for
overall environment for setting the cut over time period which is fixed by the management. This
team is supposed to collect the basic requirements for recompilation process to avoid migration
by using the approval applications over the compatible platform. In data centers, the cloud data is
stored in the separate data storage for achieving the targeted data in cloud network in which
comes under the targeted infrastructure. It may be in many forms such as public data cloud,
private data cloud as well as hybrid data cloud and it should give the transparent service to the
client by organization. (Zissis & Lekkas, 2010 – Essay Writing Service: Write My Essay by Top-Notch Writer)
The organizational network has to use physical to virtual migration for data migration
process during the platform using existing application to virtual data. The identified application
5
can understand the service on business factors by the cloud data providers with the help of
technical assistance which is very important. The implementation cost is the major problem
when built the cloud infrastructure. So, it should reduce the cost estimation and the agility for
enterprise with the business factor through application while migration process. The cloud
service providers have the significant services for the purpose of providing the large storage
because of the main resources should utilize the standard application by the output which will
need some automation technology. By using IT services, it needs to be enabling with the cloud
computing models which will bring some rapid delivered platform and efficient services for the
growth of business. It should accept the latest version innovative applications and make the
opportunities for developing their service and increasing the financial status. There are multiple
resources are used in cloud computing network which are all leading services for producing little
more resources over the cloud data performance and financial sector services.
Some servers are ready to perform more operations while running the well-designed
application for avoiding workload and blowout issues in the network. Nowadays, there is a
demand of using scaling automation control service for equate the current sectors. The financial
service has to associate with the cloud data through pay by usage service which is the latest
method for reducing the security issues and risks etc. Generally, every organization can make the
private cloud service provider for the purpose of connecting all the networks with the cloud
server that will fix the economical status for investing the amount for a transaction. This process
should not be compromised on data centers which are proceeded the progress under the services.
If it is huge network infrastructure, there is a critical situation for pushing the services for
providing some inspiration to the data centers when it is depending on offshore from the
customers.
So that many organizations which had maintained the large network, it will definitely get
more benefits and also avoiding the data migration problem. Sometimes cloud security will get
strong platform and there is no more possible situation for an attackers who were affect the cloud
data. Due to these reasons, the network will reach to enhance their service to many enterprises
and financially it will get profit which can develop the business growth as well. Meanwhile, it
can make the awareness to the private sector and public sector for organizing the typical network
infrastructure with the strategy which is given by the enterprise at the same time there are some
6
advantages such as make the responsible to the client and give the approach to the service
provider.
THREATS, VULNERABILITIES AND CONSEQUENCES
In cloud computing infrastructure, the private clouds were using the data centers through
the agencies and service departments which are maintained by cloud data providers. They can
easily pass the confidential or sensitive data with the internal operations by the organization.
Sometimes, there is a chance to involve the third person like attackers for the purpose of
accessing the sensitive data or including some irrelevant data into the data storage for affect the
cloud security. Every organization will face these issues for every data transaction over the
cloud. Meanwhile, some government has to maintain the private cloud data service providers for
controlling the entire network through the data centers with their agencies. It gives the clear
infrastructure along with some approaches that should apply for the purpose of exchanging the
confidential data and changing the interaction between the business sectors. It fixes the tax for
monitoring the finance sector management team by the government. During virtualization, it is
supposed to create the statistics for denoting the software for data transition over the private
cloud network. It gives more advantages to the private cloud infrastructure but they must do the
adoption process carefully with the significant application and proper planning which are
concentrated by the organizational management. In future, there is a possible ways to achieve the
service over the network in a successful manner.
Some financial factor can be balanced the adoption process while understanding the
customer’s experience and easy to access the network without any irrelevant process. The data
adoption process had done 30% for large organization and 40% for small scale organization.
From the initial level of stage, it sets the cloud strategy with the help of organization that is used
for business development. Most of the enterprises are associated with the deployment model that
has many correlation methods through the strategies. These strategies are created the
organization through the cloud data service provider. Cloud security will be maintained by the
private and public cloud sectors in form of utilizing the services and applications in which
process need to be integrated the self-service over the cloud network infrastructure.
7
Some enterprises don’t have a proper plan or strategies for maintaining the financial
process on relying as the private cloud network which is considerable as the difficult process as
well. There are some mutual approaches are connected with all types of cloud network such as
public, private and hybrid over the IT. It makes the uplift to the network for improvising the
services with the less amount of energy because of it may help in many ways such as eliminating
the irrelevant links in the network, reducing the time provision, increment the market value and
create the flexible process etc. And also, the cloud ownership could be adjusted with the data
adoption process while sharing about the implementation cost. These are all the common reasons
for developing the cloud infrastructure without any third person access in the data storage. Every
organization has to offer some enticing prospect to their cloud network which can easily change
the cloud computing services and it has the ability to invest more money on the IT sectors.
The spending amount can be invested rather than the proper equipment or tools,
application with software and memory storage capacity with the entire resources to be used.
These components will utilize in this process with the help of utility-based model. From the
significant requirements, it must provide the proper plan on expenditure list and investment list
which are all helpful in future through the basic equipment’s on the time. The pay as you model
can bring the resources on the cloud network in which resources are ending up the economic
status from the initial stage to final stage of the process. It is supposed to considerable
advantages with the clear terms and conditions that will followed by the organization based on
the cost and services whereas the cloud computing service provider move on to the third-party
access by facilitating the approaches. It saves the time consumption, energy consumption and
cost reduction during the data transaction period. The accomplishment of energy charger should
use for energy saving process which can easily reduce the unwanted process within the network.
The organizational management needs to be created the maintenance team and
controlling team for removal of irrelevant and damaged raw data in the data storage to the
network. The financial services are delivering the low cost services and reduction process over
cloud computing network infrastructure. Due to these reasons, the cloud network can easily
adopt with the data centers for the providing some application over the internet to the clients
network. Sometimes, the time duration is the heavy process by sharing the information and to
other networks for sends the virtual data. It has to increase some features such as,
8
 Integrity
 Scalability
 Reliability
THREATS
Threats are most avoidable one in cloud computing network which comes under from
third party accessibility and there is no assurance to control in which is the network such as
arrangements of outsourced data and traditional information in the data storage. But some of the
common network like security standards will make the challenges to the cloud network
infrastructure for accepting all the conditions via internet connections. This process is handled by
the cloud data vendors who are implemented the security standard with the help of technologies
and proprietary applications in various types of cloud security models. The cloud data vendor are
the taking the responsibility to take over the network security with the cloud models which can
ultimately slow down the process by the client from the attackers. Data adoption process is
monitoring by the organization with complete policies and conditions over the requirements
which are given by the cloud data provider. It will create this process for some reasons such as
diligence, activity based on assurance control and risk assessments.
Every enterprise should face the security challenges from the attackers that could faced
by the cloud provider with the radical manner. Nowadays, it can easily manage those situations
with the proper application standards and criteria. There are two types of threats are creating
these problems on cloud network environment such as internal and external which are used in
many ways in the form of acceptance of risks and data migration. In external threats, the
organizations need to apply the statistical information by adopting the security challenges
through the private cloud through the assurance activities. The public cloud has to design the
application among the cloud vendor while implementing the security control mechanism by
owned organization. From the own cloud network, the enterprise had examined the capable
network with the attack. The emerging technology must follow some rules and regulations for
control the security issues on their network and avoiding the risk assessments.
The cloud network countermeasures are associating the technology which is based on
security risk avoidance method as strategy. In cloud environment, the sensitive information are
9
residing the risks and threats. By using cloud security models and cloud delivery models, the
data can build the infrastructure with the assist components and design the parameters. Due to
the appearance of the vulnerable data, it will make the unavoidable threats into the cloud data
network. Both the models are provided the same categories such as, reliability, confidentiality
and scalability. There are many ways to attack the network through two types of attackers such
as,
 Internal Attacker
 External Attacker
INTERNAL ATTACKER
Generally, confidentiality is one of the main key threat agents which are in the form
insider user threats or internal attacker. It can enter into the network with the help of malicious
code that can classify into three types such as cloud provider or user, third party user and cloud
customer. The cloud customer can send the data by internal attacker who will assign the models
to the largest organizational network for introducing the service structures like IaaS, PaaS and
SaaS. Here, the admin of the cloud data network infrastructure is supposed to test all the services
and applications by the help of developers and cloud mangers. The cloud platform is focused
with the consultant and manger for reducing the third-party access.
EXTERNAL ATTACKER
External attacker can trigger the threat on the network for affecting the software and
application in the cloud environment and also it was monitoring the network infrastructure.
There are many software and hardware components are using for making the proper network
framework through the combinations of software and application and monitor as well. (Bowen,
2011)The cloud provider user is associated with the social engineering with the customer or user.
This could have the perceived data during the period of sharing information to the cloud data and
it makes the threats with the help of external attacker in both the cloud types such as private
cloud and public cloud. The cloud delivery model has the capacity to connect the various types
of multiple resources without affecting the network at the end point level by pin point.
10
The group of enterprises with the reserved data has more sensitive and confidential
information in the cloud data service providers. It may create the problem of data leakage in the
data storage and insert the threats because of attackers. The cloud data need the back up and it
can create the failure in the physical layer in the network with the help of assisting on electronic
transport system. From the multiple resources, there are lots of multiple domain are joining
together for accessing the right across for avoiding the failure of security level. By the presence
of data leakage, the threats can easily spread the unavoidable irrelevant data in the large cloud
data network with the organizational network. The cloud data service provider has to recover the
human errors for leading the development process and misuse the confidential data and sensitive
data. Some of the main problems are noticed in which are such as data leakage problem, data
mislead, misuse the information and affect the network. Hence both the types of attackers are
making many security problems and it can make the challenges to the network that is maintained
by organization.
Data integrity threats are caused by configuration of incorrect process through the virtual
machines during on sharing of virtual data. Though the appearance of security perimeters, it
should compromise the incorrect configuration process which is defined by cloud data provider.
In cloud environment, the data integration process is considered as more difficult to access the
SaaS infrastructure with configuration software from the multiple resources for the customer
satisfaction. Some threats are going to interrupt the network which is against the cloud server and
it is easily segregating the source in an effective manner for decreasing the performance while
communication over the network.
Changes in management make threats in two ways such as change the infrastructure and
change the customer services which are depending on cloud data network, customers, third party
or unauthorized access and cloud data providers. It can create the impact among them during the
penetration testing for the customers or clients. Due the changes in management, it will have
some responsibility to increase the models like cloud data delivery model by cloud service
providers. Hence, the threats are changing the development in to the cloud service in which is
introducing negative process in both the components such as software and hardware. The next
threat is denial of service, through DNS in the network, distribution network in network
bandwidth and applications over the data.
11
In cloud service, the public cloud is directly involved in external network of key threat
agent with the help of cloud computing resources which is affected the cloud security. It can
easily affect the models, service, components and communication etc. The one more threat is
disruption in to physical layer in which kind of threat is dangerous. It affects the physical access
over the IT services by the disruption process with the cloud customer. In WAN, the third party
is disrupting the network by the cloud service provider. Generally, the cloud service can enter
into the network for the purpose of induce the disruption in physical layer components and it will
make the difference in the data centers for protecting the facility by resilience. But it can affect
the internal and external components of physical layer through remote accessing that is used for
monitoring the work place with the standard perception. During the exploiting procedure, the
recovery of weal data will affect which is caused by attacker. The cloud data provider from the
attacker whose are connected with the business invocation and find any disaster into the recovery
process. (Anthens, 2010 – Essay Writing Service: Write My Essay by Top-Notch Writer)
Incident management is one of the threats which is caused by the inadequate process of
recovering the data by the cloud providers and destroy the procedures, applications and
management. It is the initial stage for affect the sensitive data and confidential data during the
transaction among in both service providers on public cloud data network by using parallel
management technique. The third party has to attack the significant data during the recovery time
which makes the impact of other network providers and customers as well.
SECURITY CONTROL MECHANISM
Security control mechanism will be provided the centric security for the sensitive and
confidential information for the organizational network. It is for extending the control
mechanism over the cloud data to make the approach with the help of data protection technique.
Through the intelligence, there are some self-protection model which is for requiring the basic
data cloud and defending the self-data for describing the information over the data environment
process. It is regarding by the data protection control by securing the network infrastructure for
reducing the maximum attempts in the cloud environment. This process must take the time for
verification because it is trustworthiness process to create the cloud framework without any
interruption and attack with the help of using trusted technology in cloud computing domain.
12
Due to the business intelligence appearance, the privacy will be enhanced by the cloud
data provider which is suitable for multiple resources by using the process of encryption
technique for the purpose of controlling the retailed data, creating the limited resource in cloud
computing network infrastructure. Encryption process has done by the cryptographers for hiding
the personalized and confidential information which is considered as the most complicated
process and the operation of their process is also little bit critical during the compilation with the
help of cipher text key. It is most effective process for sustaining the security in cloud data
infrastructure. In current days, there are number of new cryptographic techniques are applying
for encryption process which gives many possible solutions and goes to the right direction over
the deployment model for providing cloud security.
The attestation between the cloud provider and customer are connected with the common
network server for monitoring the high assurance data. The business organization need not
behave any discouraging the attack in the cloud network for keeping the security level higher
than other network. Sometimes, it causes the lack of application, lack of transparency and lack of
security control. Data owners must do the auditing process over the network who can handle the
cloud data effectively and they are not allowing the abused data and leaked information in to the
cloud network infrastructure. This is the main responsibility of data owner in the network.
Trusted computing technology is the common technology which is especially made for
cloud network for the purpose of monitoring the cloud server and checking the data transmission
process on the server by using the operation before the auditing process. It is supposed to have
some proof of compliance with some guarantee card for accessing the trusted computing data
over the policies and conditions. (M Carroll, 2011)Because of, it will produce the requirements
for the process of proof compliance during data processing in to the cloud server and giving the
current statement for that execution. The proof compliance has to pass to the data owner of the
network after completing the auditing process who will receive the data compulsory. It should
monitor the data and verify the personalized information with the help of coding by the cloud
data server that has to be accessed over the terms and conditions.
13
PROTCTION MECHANISM
Cloud data must be in secure network because it is one of the largest networks and it consists of
many technologies, methodologies and security control mechanism. These are all used to store
the secured data and information that enforces to the government and also private sector
network. There are three different types of security breaking tools are used in cloud computing
network environment such as,
 Detection and prevention technique for data migration process
 Data moving protection technique
 Cloud data protection mechanism during data transition
These techniques are managed and controlled by the help of cloud data service providers.
Data migration process needs to allow the detection technique for the purpose of
identifying the threats and risks on the network and prevention technique is used for preventing
the vulnerabilities from an attacker on the cloud. The organization has to know about the inner
process of data migration that is the challenge for that particular network infrastructure. So that
many enterprises are associating with data centers for developing their business-oriented services
for storing the confidential information by the personal unit sector. It gives the approval for
getting the notification for keeping the security control from the cloud service provider. This is
very important process while data transaction among the communication between the multiple
networks. Here, the cloud data provider plays the major role to serving the service to all the
networks which are connected to the cloud server.
The server is supposed to monitor the data and information which is moving to other
network that can make the problem of data loss and data leakage while preventing the URL
filters. During data migration process, there are some possibilities to store the huge internal
information which is also monitoring and verifying with the help of activity control. It proceeds
in two ways such as data activity monitoring technique and file activity monitoring technique in
which steps are managing the unapproved information.
Data moving protection technique is used for protecting the moving information to the
public and private cloud network for getting the service models form the multiple resource
14
networks which is for deploying the data transmission process. It gives the full-fledged security
to the cloud data network in the form of convert the information to the cloud data providers,
convert the information from multiple instances to cloud network, convert the information to the
cloud data providers form the traditional data environment. For example, the permutations of
private cloud, public cloud respectively internal and external data into the cloud network.
(Carroll, Kotzé, & Merwe, 2014: 2024 – Essay Writing Service. Custom Essay Services Cheap)
Cloud data protection mechanism, is used for protecting the large resource of data during
data transition process. Sometimes, the wide range network and long-distance network can use
heavy technology and applications for providing security control mechanism with the available
resources in the cloud environment. Meanwhile it can access the hidden information from the
database which can store the file, data and multiple texts. Some of the options are available in the
cloud infrastructure for the purpose of changing the security mechanism model for making the
content-oriented process. And also, there are some prevention technique models like content
delivery model in which can analyze the entire process and execute the tools among the
confidential data by the help of cloud data provider in cloud network. Hence, there is no
possibility to attacking the network by third parties and other unauthorized access from the
outside.
15
REFERENCES
Anthens, G. (2010 – Essay Writing Service: Write My Essay by Top-Notch Writer). “Security in the cloud”. Communications of the ACM. 53 (11): 16.
doi:10.1145/1839676.1839683 .
Bowen, J. A. (2011). Cloud Computing: Issues in Data Privacy/Security and Commercial
Considerations. Computer and Internet Lawyer Trade Journal. 28 (8), 8 .
Carroll, M., Kotzé, P., & Merwe, A. v. (2014: 2024 – Essay Writing Service. Custom Essay Services Cheap). “Securing Virtual and Cloud Environments”. In I.
Ivanov; et al. Cloud Computing and Services Science, Service Science: Research and
Innovations in the Service Economy. Springer Science+Business Media .
M Carroll, P. K. (2011). Secure virtualization: benefits, risks and constraints, 1st International
Conference on Cloud Computing and Services Science. Noordwijkerhout, The Netherlands, 7–9
May 2011 .
Zissis, D., & Lekkas. (2010 – Essay Writing Service: Write My Essay by Top-Notch Writer). “Addressing cloud computing security issues”. Future Generation
Computer Systems. 28 (3): 583. doi:10.1016/j.future.2010 – Essay Writing Service: Write My Essay by Top-Notch Writer.12.006.

Assessment Homework Help Online, Best Research Paper Topics for Examples, Dissertation Help App, Dissertation Topics & Good Thesis Ideas
Published by
Ace Tutors
View all posts