Cloud Storage & Data Security

Cloud Storage & Data Security

Cloud computing has emerged as an innovative approach to provide computing services. It offers numerous advantages such as fast deployment, lower costs, pay for use, rapid elasticity, scalability, ubiquitous network access, and greater resiliency. One of the primary uses of cloud computing is for data storage. Cloud storage is a model of networked online storage and can store data on multiple third-party servers. Cloud storage is an evolution of traditional hosted storage technology (FTP, WebDAV, NFS/CIFS) that involves more sophisticated APIs, namespaces, file or data location virtualization, and management tools. Wu et al. (2010) identified several benefits of using cloud storage such as ease of management, cost effectiveness, lower impact outages and upgrades, and simplified planning. So, cloud storage is convenient and offers more flexibility.

According to Borgmann et al. (2012), most cloud storage providers offer two types of services:

Basic cloud storage servicesthey are services mainly offer virtual online disk space that can be used as a normal hard drive for storing all types of data. Users cannot access these services directly. In fact, they are embedded into custom software using application programming interfaces (API). Examples of such basic cloud storage services are Amazon S3 and Google Cloud Storage.

Advanced cloud storage services: these services not only use basic cloud storage services for the actual storage of data but also they provide interfaces such as client or web applications which significantly simplify the use of the service for the customer. Many services may also provide an easy to use API to allow integration of the service’s capabilities into third-party software. An example of advanced cloud storage services is Dropbox.

The number of cloud storage providers has increased dramatically over the last couple of years so choosing the best one is a tough decision. In fact, trust, reliability, security, ease of use, cost and their support are the most important factors in choosing the best cloud storage provider. One of the crucial factors should be considered before choosing a cloud storage provider is the level of security offered by a cloud storage provider and the reputation that comes along with it. In other words, it is crucial for the cloud storage to be equipped with storage security solutions so that the whole cloud storage system is reliable and trustworthy. Unfortunately, majority of cloud storage systems do not provide security guarantees in their Service Level Agreements (SLAs). Lack of security support can be a main obstacle for the adoption of cloud services.

Cloud storage should possess four desirable security properties: confidentiality, integrity, write-serializability, and read freshness (denoted by C, I, W, F). In fact, confidentiality is achieved by encryption, data integrity is protected using message digests, non-reputation is supported by signed message-digests, freshness is achieved by periodic audit, and write-serializability is guaranteed by chain hash.Anonymized - Log - Intel

Many scholars believe that although database and document encryption can be efficient way to improve security, encryption often results in a serious server slowdown. Hence, many companies such as SK Telecom, a leading mobile telecommunication company in South Korea, have adopted another technique, anonymization, to increase the security of data in the public cloud. In fact, data anonymization is the process of changing data so that it can be processed in a useful way, while preventing that data from being linked to individual identities of people, objects, or organizations. So, data anonymization can be an effective way to protect sensitive data.

By Mojgan Afshari

Follow me

Mojgan Afshari

Mojgan Afshari is a senior lecturer in the Department of Educational Management, Planning and Policy at the University of Malaya. She earned a Bachelor of Science in Industrial Applied Chemistry from Tehran, Iran. Then, she completed her Master’s degree in Educational Administration. After living in Malaysia for a few years, she pursued her PhD in Educational Administration with a focus on ICT use in education from the University Putra Malaysia.She currently teaches courses in managing change and creativity and statistics in education at the graduate level. Her research areas include teaching and learning with ICT, school technology leadership, Educational leadership, and creativity. She is a member of several professional associations and editor of the Journal of Education.She has written or co-authored articles in the following journals: Journal of Technology, Pedagogy and Education, The Turkish Online Journal of Educational Technology, International Journal of Education and Information Technologies, International Journal of Instruction, International Journal of Learning, European Journal of Social Sciences, Asia Pacific Journal of Cancer Prevention, Life Science Journal, Australian Journal of Basic and Applied Sciences, Scientific Research and Essays.
Follow me

Latest posts by Mojgan Afshari (see all)

Comments

  1. Vicki says

    As useful as services like Dropbox are, the wild west nature of the web necessitates world class security measures. Any business using the cloud needs to prioritize this when selecting a provider…!

Add Comment Here