Computer engineers in the US writing in the International Journal of Communication Networks and Distributed Systems have reviewed the research literature to get a clear picture of cloud computing, its adoption, use and the security issues it faces.
Cloud computing is the use of remote computers accessed via the Internet to store, manage, and process data. The concept allows users to use their data from anywhere with internet access rather than relying on being able to connect to local computers or servers. Web-based email, media streaming systems, online data storage and backup, content delivery networks for websites and blogs and many other functions are now available as cloud computing applications and services.
Cloud computing, however, is still in its infancy and is evolving rapidly as new services come and go and offer individual users and companies new ways to work with their data and networks. As this cloud computing moves forward there is the ubiquitous issue of privacy and security to consider and how they are in some quarters holding back more widespread adoption.
Joseph Idziorek and Mark Tannian of the Department of Electrical and Computer Engineering, at Iowa State University in Ames, have considered six essential aspects of security, as defined by veteran information security researcher Donn Parker, in the context of cloud computing. These are:
- Confidentiality (data kept secret)
- Integrity (data unaltered without permission)
- Availability (data accessible to those authorized to use it)
- Utility (data can be processed by those authorized to access it)
- Authenticity (validation that data is genuine)
- Possession (authorized users have full control over their data)
The researchers suggest that in theory cloud computing users must take into account all six security elements when choosing to use such services, but in practice users decide on the priority of each depending on their personal needs. It is perhaps deficits, real or perceived, in one or more of these six areas that dissuades some from adopting cloud computing whereas the early adopters recognize that such systems are ever-changing and may never be perfect. As with much in life it is a case of weighing up the pros and cons and reaching a compromise to make the most of the tools available or in the opposite sense to choose not to use those tools at all and to adhere to the standard computing paradigm. Fundamentally, those with their head the clouds can still keep their feet firmly on the ground and vice versa.
“Security analysis of public cloud computing” in Int. J. Communication Networks and Distributed Systems, 2012, 9, 4-20.