Risk Assessment Report For A Cloud Security Project

Background

The cloud security could be defined as the significant security as well as protection of any specific type of sensitive or confidential information, which is being stored online (Rong, Nguyen & Jaatun, 2013). Some of the most significant and important risks and threats are present for this specific type of cloud security, which majorly includes the loss of data, intercepting the network traffics, insecure application program interfaces or APIs, sensitive data or information breaching, lack of options for the several providers of the cloud storages, shared technology and many more. The company of Gigantic Corporation has subsequently taken the core decision of execution a distinct project of the distributed denial of service detection and prevention system within the cloud security (Almorsy, Grundy & Müller, 2016). This report will be describing a detailed discussion about this particular organization as well as the project they have decided to execute. A proper assessment of risks is being completed for each and every identified risk as well as the respective consequences of these risks as per a respective control framework of information technology. Moreover, some protection mechanisms will be provided here.

Cloud security refers to the significant collection of controls, technologies and policies that are to be deployed for the proper protection of data, related infrastructure and the applications of the specific technology of cloud computing. This cloud security is the sub domain of network security, information security and data security. Several important and significant issues related to security are eventually present that are closely linked to the storage providers and cloud computing. This technology of cloud computing is considered as the fastest and the most effective service that is helpful for the purpose of providing few of the significant functionalities that are same as this traditional security of information technology. The various important and noteworthy functionalities of cloud computing subsequently involve the proper protection of any critical and sensitive information from all types of data theft, data leakage as well as data deletion. Safety and security are the two important benefits of this cloud security.

The organization has hired their risk assessment leading consultant regarding the information technology to properly identify as well as prevent the most significant risks related to information technology in the subsequent project of making the system of detection and prevention of distributed denial of service attacks. The specific system is the basic collection of techniques as well as tools, which are helpful for resisting and preventing the total impact of the several attacks on the cloud and cloud services, which are attached with the connectivity of Internet either by protecting their target or by simply securing the networks. The respective normal conditions could be recognized for each and every type of network traffic after perfectly defining the several patterns of the network traffic. The specified system of this distributed denial of service detection or prevention also requires the major identification or recognition of the incoming and outgoing network traffic to separate this traffic from bots and also from the hacked web browsers. There is a major process that is to be completed either by the signature comparison and the examination of the network traffic attributes such as IP addresses, cookie variations, HTTP headers and even Javascript footprints.

The Importance of Cloud Security

The DDoS attack is the most vulnerable attack in cloud computing and for the cloud security. The particular company of Gigantic Corporation selected the project of distributed denial of service attack detection as well as prevention system within the core area of this cloud security. Some other important and popular types of risks and threats within cloud computing are the blocking of the respective IP addresses of any authenticated user and the lack of proper synchronization of the SYN packets that are sent to their targeted system. The report has assessed the risks and various mitigation and the various protection mechanisms are also provided here.

Various Threats and Vulnerabilities for the Cloud Security in Gigantic Corporation

The respective cloud computing technology is one of the most important and a noteworthy technology that is responsible for safe and secured data transfer. However, in spite of having of such important advantages and benefits, few of the threats, vulnerabilities and threats are subsequently present for this particular technology that are quite dangerous and risky for the company of Gigantic Corporation (Aljawarneh, 2013). Amongst them, the major risks are provided below:

1. i) Unauthenticated Utilization of Data: The most significant threat for the cloud security within the company of Gigantic Corporation is the unauthorized and unauthenticated utilization of sensitive information and data (Krasnyanskaya & Tylets, 2015). The newer services can be promptly provisioned and thus all the aspects of the on demand self servicing that would be help the staffs of this organization for the purpose of enabling the various services without even taking consent of IT experts.
2. ii) Compromise in theInternet Accessible Management APIs: Another important and significant risk for the cloud security for the company of Gigantic Corporation is the respective compromise within the accessible or manageable APIs. A collection of the application programming interface can easily manage or interact with various cloud services and hence few issues are being faced here (Chou, 2013).

iii) Reduction in the Visibility and Control of Data: This is the next popular and noteworthy risk within cloud security in the company of Gigantic Corporation. The hacker often reduces the major visibility as well as control of the confidential or sensitive data. This type of issue could even bring out the casualties in the data.

1. iv) Stealing of the Credentials: The various credentials are often stolen by this threat in cloud security and hence this particular risk is to be mitigated eventually within the company of Gigantic Corporation (Zhao, Li & Liu, 2014).
2. v) Insiders Threats: The staffs or the employees of the company of Gigantic Corporation could also bring out major vulnerabilities either intentionally or unintentionally.
3. vi) Deletion of Data: When the sensitive data is being deleted within the company of Gigantic Corporation, the sensitive data is lost subsequently (Mishra et al., 2013). This particular risk can also cause some of the basic infrastructure issues for the organization and hence an important significance is required here.

The risk assessment of all the identified risks for this cloud security is provided below (Salah et al., 2013):

This IT control framework has the ability of organizing and categorizing the organizational internal controls within the organization to create business values and reduction of risks (Sachdev & Bhansali, 2013). Several policies and procedures are present here. The consequences of identified risks, which are derived according to the IT control framework, are provided below:

The project of distributed denial of service detection and prevention system is considered as one of the major and a basic project that would be much effective and efficient for the organization of Gigantic Corporation (Tari, 2014). However, with the help of some recommendations, the cloud security would be eventually benefitted and secured. The two suitable recommendations for the cloud security in this company are provided below:

1. i) Utilizing Virtual Private Networks: The most important recommendation for Gigantic Corporation is to use the VPN or virtual private network within their information systems (Tirthani & Ganesan, 2014). It is the private network, which eventually enables all the users to send as well as receive the confidential data within the public and shared networks.
2. ii) Utilizing Parallel Networking: Another significant suggestion for the cloud security in this company is using parallel networking (Kalaiprasath, Elankavi & Udayakumar, 2017). This particular network has ability of easily detecting the significant problem of the attacks of distributed denial of service and hence the issues could be eventually mitigated without many complexities.

Two significant techniques for mitigation for all the identified risks and threats within the cloud devices are provided below:

1. i) Deployment of the Antivirus Software and Undertaking Regular Updates: This is the first and the most important technique for mitigating the identified risks or threats within the cloud devices (Aljawarneh, Alawneh & Jaradat, 2017). Antivirus software is responsible for detecting and removing all the risks or malware that are vulnerable for any specific information system. A proper up gradation is required in this case for getting updates of all the new and innovative risks. This particular software has the core capability of detecting as well as preventing the attacks of distributed denial of service or any other attack like computer viruses and malwares. It is the basic computer program, which can easily prevent, detect and removal of malware and other vulnerabilities. A basic protection is required from each and every threat such as DDoS attack, Trojan horse and many more (Sarwar & Khan, 2013). The web browser is also protected with this particular type of software.

Figure 1: Deployment of Antivirus Software

(Source: Khalil et al., 2013)

1. ii) Deployment of Firewall: The next significant technique to properly mitigate the several threats in the cloud computing will be major deployment of the firewalls (Popa et al., 2013). Since, this firewall is responsible for the proper detection as well as prevention of several threats and risks; it could be easily utilized by the organization of Gigantic Corporation. The incoming or the outgoing network traffics are easily monitored and controlled after taking into consideration all the security regulations of IT control framework. This deployment of firewalls will also be helpful in the establishment of the barrier within the untrusted external network and the trusted internal network (Khan & Tuteja, 2015). Firewalls should be implemented by this particular organization to reduce the various identified risks and threats with perfection.

Figure 2: Deployment of Firewalls

(Source: Donald, Oli & Arockiam, 2013)

Protection Mechanisms Required for Information Security in this Project

As per Jouini and Rabai (2016), the protection of the various systems and devices from each and every type of risks like data leakage, data theft and data deletion is possible by the incorporation of the several important and vital protection mechanisms. There are various methodologies or techniques present that help to provide security and privacy within the cloud like the tokenization, obfuscation, proper implementation of virtual private networks or VPNs, significant implementation of firewalls as well as antivirus software, penetration testing, basic avoidance of the use of the public connection of the Internet and many more. According to Gordon et al. (2015), this cloud security can be termed as one of the vital or important securities for every user, who is subsequently worried about the safety of their data that are stored in those cloud services. It has been seen that this type of data is completely safe and secured over the localized servicers and hence comprise of the explicit and major control over the confidential data and information. However, this data that is being stored in the cloud may be much more secured or safe as the providers of cloud service comprise of the better security measure. There are some other threats also present for these cloud devices such as social engineering attacks or the malware (Tari, 2014). DDoS detection and prevention system project of Gigantic Corporation is responsible for mitigating all the identified risks within the cloud services. The major protection mechanisms for the proper reduction of each and every such issue in the cloud services and also to maintain the security of the information are provided below:

1. i) Deployment of the Virtual Private Networks: Salahet al. (2013) state that, the most significant and important protection mechanism or methodology for the cloud security would be significant implementation or deployment of several VPNs or virtual private network. This specific virtual private network can be stated as the significant extension of the private networks in a public network to enable their users for either sending or for receiving the sensitive information in the shared or the public networks as the various computing devices could be directly connected to the respective private networks. Hence, virtual private network is responsible for enabling the several users to securely access the applications and network resources.

The Gigantic Corporation Project and Risks

Figure 3: Working Procedure of Virtual Private Networks

(Source: Tirthani & Ganesan, 2014)

1. ii) Utilization of Encryption Techniques: The most simplified process that helps to encode or hide the specified information or message in such a way that only authenticated or authorized users can access that data or information (Chou, 2013). This type of encryption technique is responsible for preventing the proper interference as well as denying the respective contents for these interceptors. Two distinct algorithms are present for the processes of encryption as well as decryption.

Figure 4: Symmetric Encryption Technique

(Source: Aljawarneh, 2013)

There is a major impact of the two above mentioned mitigation mechanisms over the cloud devices with the implementation of DDoS detection as well as prevention system and this impact is quite higher. Thus, proper mitigation techniques are important to avoid the various risks and threats.

Conclusion

Therefore, from this above provided report, conclusion could be drawn that the attack of DDoS or distributed denial of service is considered as one of the major threat that is quite vulnerable or threatening for cloud services and hence there is always a major requirement of eradicating these types of risks and threats with utmost urgency for all organizations. The distributed denial of service attack is responsible for easily shutting down the entire service by substantially overwhelming that particular service by undertaking the major help of data with the core help of the information so that these authenticated users cannot easily access the various accounts such as the bank accounts and electronic mails. The complete storage system of the confidential data eventually becomes quite vulnerable and apart from the sensitive data, their respective onsite data may even become dangerous for these users. This report has properly demonstrated the various risks for Gigantic Corporation and a risk assessment is being done for the cloud security. Finally, the various consequences for all the identified risks are provided here with their mitigation mechanisms.

References

Aljawarneh, S. (2013). Cloud security engineering: Avoiding security threats the right way. In Cloud Computing Advancements in Design, Implementation, and Technologies(pp. 147-153). IGI Global.

Aljawarneh, S. A., Alawneh, A., & Jaradat, R. (2017). Cloud security engineering: Early stages of SDLC. Future Generation Computer Systems, 74, 385-392.

Almorsy, M., Grundy, J., & Müller, I. (2016). An analysis of the cloud computing security problem. arXiv preprint arXiv:1609.01107.

Chou, T. S. (2013). Security threats on cloud computing vulnerabilities. International Journal of Computer Science & Information Technology, 5(3), 79.

Donald, A. C., Oli, S. A., & Arockiam, L. (2013). Mobile cloud security issues and challenges: A perspective. International Journal of Electronics and Information Technology (IJEIT), ISSN, 2277-3754.

Gordon, L. A., Loeb, M. P., Lucyshyn, W., & Zhou, L. (2015). Externalities and the magnitude of cyber security underinvestment by private sector firms: a modification of the Gordon-Loeb model. Journal of Information Security, 6(1), 24.

Jouini, M., & Rabai, L. B. A. (2016). A security framework for secure cloud computing environments. International Journal of Cloud Applications and Computing (IJCAC), 6(3), 32-44.

Kalaiprasath, R., Elankavi, R., & Udayakumar, D. R. (2017). Cloud. Security and Compliance-A Semantic Approach in End to End Security. International Journal Of Mechanical Engineering And Technology (Ijmet), 8(5).

Khalil, I. M., Khreishah, A., Bouktif, S., & Ahmad, A. (2013, April). Security concerns in cloud computing. In 2013 Tenth International conference on information technology: new generations (ITNG) (pp. 411-416). IEEE.

Khan, S. S., & Tuteja, R. R. (2015). Security in cloud computing using cryptographic algorithms. International Journal of Innovative Research in Computer and Communication Engineering, 3(1), 148-155.

Krasnyanskaya, T. M., & Tylets, V. G. (2015). Designing the cloud technologies of psychological security of the person. ??????? ????????? ? ??????????, (3), 192-199.

Mishra, A., Mathur, R., Jain, S., & Rathore, J. S. (2013). Cloud computing security. International Journal on Recent and Innovation Trends in Computing and Communication, 1(1), 36-39.

Popa, D., Cremene, M., Borda, M., & Boudaoud, K. (2013, January). A security framework for mobile cloud applications. In Roedunet International Conference (RoEduNet), 2013 11th(pp. 1-4). IEEE.

Rong, C., Nguyen, S. T., & Jaatun, M. G. (2013). Beyond lightning: A survey on security challenges in cloud computing. Computers & Electrical Engineering, 39(1), 47-54.

Sachdev, A., & Bhansali, M. (2013). Enhancing cloud computing security using AES algorithm. International Journal of Computer Applications, 67(9).

Salah, K., Calero, J. M. A., Zeadally, S., Al-Mulla, S., & Alzaabi, M. (2013). Using cloud computing to implement a security overlay network. IEEE security & privacy, 11(1), 44-53.

Sarwar, A., & Khan, M. N. (2013). A review of trust aspects in cloud computing security. International Journal of Cloud Computing and Services Science, 2(2), 116.

Tari, Z. (2014). Security and Privacy in Cloud Computing. IEEE Cloud Computing, 1(1), 54-57.

Tirthani, N., & Ganesan, R. (2014). Data Security in Cloud Architecture Based on Diffie Hellman and Elliptical Curve Cryptography. IACR Cryptology ePrint Archive, 2014, 49.

Zhao, F., Li, C., & Liu, C. F. (2014, February). A cloud computing security solution based on fully homomorphic encryption. In Advanced Communication Technology (ICACT), 2014 16th International Conference on (pp. 485-488). IEEE.

Order an Essay Now & Get These Features For Free:

Turnitin Report

Formatting

Title Page

Citation

Outline

Place an Order