23.

4 CLOUD COMPUTING AND DATA SECURITY RISK

The cloud computing model opens up old and new data security risks. By its very
definition, Cloud computing is a development that is meant to allow more open
accessibility and easier and improved data sharing. Data are uploaded into a
cloud and stored in a data center, for access by users from that data center; or in
a more fully cloud-based model, the data themselves are created in the cloud and
stored and accessed from the cloud (again via a data center). The most obvious
risk in this scenario is that associated with the storage of that data. A user
uploading or creating cloud-based data include those data that are stored and
maintained by a third-party cloud provider such as Google, Amazon, Microsoft,
and so on. This action has several risks associated with it: Firstly, it is
necessary
to protect the data during upload into the data center to ensure that the data do
not get hijacked on the way into the database. Secondly, it is necessary to the
stores the data in the data center to ensure that they are encrypted at all times.
Thirdly, and perhaps less obvious, the access to those data need to be controlled;
this control should also be applied to the hosting company, including the
administrators of the data center. In addition, an area often forgotten in the
application of security to a data resource is the protection of that resource
during
its use�that is, during a collaboration step as part of a document workflow
process. Other issues that complicate the area of hosted data include ensuring
that the various data security acts and rules are adhered to; this becomes
particularly complicated when you consider the cross border implications of
cloud computing and the hosting of data in a country other than that originating
the data.
Data security risks are compounded by the open nature of cloud computing.
Access control becomes a much more fundamental issue in cloud-based systems
because of the accessibility of the data therein. If you use a system that provides
improved accessibility and opens up the platform to multi-node access, then you
need to take into account the risks associated with this improvement. One way
this can be done is by adding an element of control, in the form of access control,
to afford a degree of risk mitigation. Information-centric access control (as
opposed to access control lists) can help to balance improved accessibility with
risk, by associating access rules with different data objects within an open and
accessible platform, without losing the inherent usability of that platform.
A further area of risk associated not only with cloud computing, but also
with traditional network computing, is the use of content after access. The risk
is potentially higher in a cloud network, for the simple reason that the
information is outside of your corporate walls; for example, a user printing
off a sensitive document within an office of a company is more likely to think
twice about doing so if her colleagues can see her actions than if she prints out
that document in the privacy of her own home or within the anonymity of an
Internet cafe.
Recent research by Gartner, on the top 10 �disruptive technologies,�
outlined these as being key transformation technologies for the industry. The
576 DATA SECURITY IN THE CLOUD
technologies included Cloud and Web ecosystems as well as virtualization and
social software [2]. Gartner predict that by 2010, Mashups, used to create
composite applications to share and combine internal and external data
sources, will be used as the dominant mode of creation for enterprise
composite, applications [3]. In addition to this, corporate blogs are being
heavily touted as a means of disseminating and collaborating on information:
Technorati research for the 2008 State of the Blogosphere report puts corporate
blogging at 12% of the total blogs [4],1 and a Universal McCann study shows
that consumers think more positively about companies that have blogs [5];
Statistics suggest that this media will become more heavily used within a
corporate context.
A recent survey by Citrix which polled UK IT directors and managers
showed that two-thirds of UK companies were computing in the cloud. Of
those polled, one-third said they thought there were security risks and 22% said
they had concerns over the control of their data in the cloud [6]. However,
coupled with these improvements in computing capabilities come new technical
challenges and hurdles, in particular in the area of security because of the highly
complex manner in which security applications need to operate and interoperate. The
Internet and mobile devices have effectively opened up new points
at which data can leak; and as new methods of communicating emerge, they
will open up even more potential for information loss.
The development of Web 2.0 technologies has created a new and more
dynamic method of communicating information; blogs, social networking sites,
Web conferencing, wikis, podcasts and ultimately cloud computing itself offer
new and novel methods of getting information from a to b; unfortunately, this
can also often be via x, y, and z.
Since cloud computing has come to the fore, there has been a general
consensus that data within this domain are more at risk. While on the one hand
these new technologies are being met with a degree of enthusiasm, there is also
an equal degree of fear in terms of securing data and risk management [7].
Compliance with data security directives and acts still needs to be met, no
matter what platform for communication is being used. The lack of security
and privacy within a cloud computing environment is hotly debated over
whether this problem is perceived or real. However, reports by IT industry
analysts suggest that this is a real problem and must be overcome to allow full
utilization of cloud computing. A recent report by IDC which surveyed 244
respondents identified security as the main challenge for cloud computing, with
74.6% of the vote stating this as a stumbling block to the uptake of the
technology [8]. Reports by Gartner and Gigacom, specifically on cloud security,
also confirms this [9, 10].
With new technologies come new exploits; and cloud computing, being by
definition a more open way of performing information technology operations,
will bring security challenges that will leave Internet-based data vulnerable. As
1
Universal McCann (March 2008) have put the figures for live blogs at 184 million,
worldwide.
23.4 CLOUD COMPUTING AND DATA SECURITY RISK 577
previously mentioned, mashups have been identified as being a security
concern. Data-centric mashups�that is, those that are used to perform
business processes around data creation and dissemination�by their very
nature, can be used to hijack data, leaking sensitive information and/or
affecting integrity of that data. An InfoWorld article summed up this fear:
�... megabytes of valuable customer or financial data could be compromised in
just a few seconds if a rogue data-centric mashup is created� [11].
Cloud computing, more than any other form of digital communication
technology, has created a need to ensure that protection is applied at the
inception of the information, in a content centric manner, ensuring that a
security policy becomes an integral part of that data throughout its life cycle.
Encryption is a vital component of the protection policy, but further
controls over the access of that data and on the use of the data must be met.
In the case of mashups the controlling of access to data resources, can help
alleviate the security concerns by ensuring that mashup access is authenticated.
Linking security policies, as applied to the use of content, to the access control
method offer a way of continuing protection of data, post access and
throughout the life cycle; this type of data security philosophy must be
incorporated into the use of cloud computing to alleviate security risks.
We can thus conclude that the risk profile of an organization, or individual,
using the cloud to store, manage, distribute, and share its information has
several layers. Each layer can be seen as a separate, but tied, level of risk that
can be viewed independently, but these risks should be approached as a whole,
to make sure that areas constituting a �weakest link� do not end up built into
the system.