Issues on Vulnerabilities in Cloud Computing

Abstract

We have gone from a centralized (client-server, non-web-based) computing model to a distributed one and back to a virtual centralised model in the last three decades (Cloud Computing). In the world of computing, everything hinges on where your data and operations are physically stored and run. A person, on the one hand, can manage everything that happens on his or her computer. In contrast, cloud computing relies on a third-party provider to handle service and data upkeep, with the client or customer having no idea where the actual processing or data storage is taking place. In this manner, the client has nothing to do with the matter. The internet is the primary means of interaction in cloud computing. When considering cloud computing data security, the vendor must give assurance through service level agreements (SLA) to win over the client.

Organizations that rely on cloud computing as an infrastructure as a service often analyze security and privacy concerns for mission-critical but less sensitive applications with great scrutiny. However, as cloud providers provide a wide variety of services, including Software as a service (SaaS), Platform as a service (PaaS), and Infrastructure as a service (IaaS), it may be difficult, if not impossible, to ensure the security of sensitive business data stored there (IaaS). Separate security concerns affect various aspects of service operation. For the customer to comprehend the security rules being implemented the SLA must detail the many tiers of protection and the complexity associated with each service. Independent of the providers, there has to be a defined method for creating the SLA. Some businesses may find this encouraging as they contemplate moving to cloud computing. In this work, we propose some security-related items that need to be included in any SLA.