CONCEPTUAL MODEL DEPICTING RISK FACTORS INFLUENZING CLOUD DATA SECURITY
Keywords:Cloud Data Security, Risk Factors, Human Intervention, Conceptual Model, Data Privacy, Architectural And Design Flows
Cloud Platform has the data stored in a remote server and accessed with the help of services provided by cloud service providers. The primary objective is to provide data security due to the confidentiality of data transmitted to the remote server, over an unmonitored and multi-tenancy channel (internet). The major components of cloud platform are application, service, runtime cloud, storage and infrastructure. This is a conceptual paper trying to explain the risk factors to be deemed in a cloud environment. The benefits include scalability, availability, reliability, flexibility, increased collaboration, competitive edge, sustainability, reduced proportional cost. Risk factors influencing the data security and Integrity are identified up to three level of sub-constructs.. All the risk factors including hackers, mishandling of passwords, risk of data accessed from public /unmonitored sources, security in communication channels, intentional and unintentional data security threats created due to human interference are included in the scope of this paper. In this paper, the identification of sub factors of cloud data security risk components is achieved. The futuristics scope of this paper is to identify early risk prediction and mitigation strategies to all the identified risk factors related to data security by implementing SEM methodology.
AlJahdali, H., Albatli, A., Garraghan, P., Townend, P., Lau, L., & Xu, J. (2014). Multi-tenancy in Cloud Computing. 2014 IEEE 8th International Symposium on Service Oriented System Engineering. Retrived from https://doi.org/10.1109/SOSE.2014.50 DOI: https://doi.org/10.1109/SOSE.2014.50
Chonka, A., Xiang, Y., Zhou, W., & Bonti, A. (2011). Cloud security defence to protect cloud computing against HTTP-DoS and XML-DoS attacks. Journal of Network and Computer Applications, 34(4), 1097-1107. Retrived from https://doi.org/10.1016/j.jnca.2010.06.004 DOI: https://doi.org/10.1016/j.jnca.2010.06.004
G. Xu, H. Li, H. Ren, K. Yang and R. H. Deng (2019), "Data Security Issues in Deep Learning : Attacks, Countermeasures, and Opportunities," in IEEE Communications Magazine, vol. 57, no. 11, pp. 116-122, November, Retrived from https://doi.org/10.1109/MCOM.001.1900091 DOI: https://doi.org/10.1109/MCOM.001.1900091
Gheyas, I.A., Abdallah, A.E. (2016) Detection and prediction of insider threats to cyber security: a systematic literature review and meta-analysis. Big Data Anal 1, 6. Retrived from https://doi.org/10.1186/s41044-016-0006-0 DOI: https://doi.org/10.1186/s41044-016-0006-0
Hoyle, R. H. (Ed.). (1995). Structural equation modeling : Concepts, issues, and applications. Sage Publications, Inc.
Jansen, W. A. (2011). Cloud Hooks: Security and Privacy Issues in Cloud Computing. 2011 44th Hawaii International Conference on System Sciences. Retrived from https://doi.org/10.1109/HICSS.2011.103 DOI: https://doi.org/10.1109/HICSS.2011.103
Kaufman, L. M. (2009). Data Security in the World of Cloud Computing. IEEE Security & Privacy Magazine, 7(4), 61-64. Retrived from https://doi.org/10.1109/MSP.2009.87 DOI: https://doi.org/10.1109/MSP.2009.87
Khorshed, M. T., Ali, A. B. M. S., & Wasimi, S. A. (2012). A survey on gaps, threat remediation challenges and some thoughts for proactive attack detection in cloud computing. Future Generation Computer Systems, 28(6), 833-851. Retrived from https://doi.org/10.1016/j.future.2012.01.006 DOI: https://doi.org/10.1016/j.future.2012.01.006
L.M. Vaquero, L. Rodero-Merino, J. Caceres, and M. Lindner. (2008) A break in the clouds: towards a cloud definition, in: ACM SIGCOMM Computer Communication Review,.p.50-55. Retrived from https://doi.org/10.1145/1496091.1496100 DOI: https://doi.org/10.1145/1496091.1496100
M.B. Mollah, K.R. Islam, and S.S. Islam. (2012) Next generation of computing through cloud computing technology, in : 25th IEEE Canadian Conference on Electrical Computer Engineering (CCECE), May 2012.p.1-6. Retrived from https://doi.org/10.1109/CCECE.2012.6334973 DOI: https://doi.org/10.1109/CCECE.2012.6334973
MacCallum, R. C., & Austin, J. T. (2000). Applications of structural equation modeling in psychological research. Annual Review of Psychology, 51, 201-226. Retrived from https://doi.org/10.1146/annurev.psych.51.1.201 DOI: https://doi.org/10.1146/annurev.psych.51.1.201
Olusola Akinrolabu, Jason R.C. Nurse, Andrew Martin, Steve New (2019), Cyber risk assessment in cloud provider environments: Current models and future needs,Computers & Security,Volume 87 ,101600,ISSN 0167-4048, Retrived from https://doi.org/10.1016/j.cose.2019.101600 DOI: https://doi.org/10.1016/j.cose.2019.101600
Pragati Priyadarshinee, Rakesh D. Raut, Manoj Kumar Jha, Bhaskar B. Gardas, (2017) Understanding and predicting the determinants of cloud computing adoption : A two staged hybrid SEM - Neural networks approach,Computers in Human Behavior,Volume 76, Pages 341-362,ISSN 0747-5632, Retrived from https://doi.org/10.1016/j.chb.2017.07.027. DOI: https://doi.org/10.1016/j.chb.2017.07.027
Rao, R. V., & Selvamani, K. (2015). Data Security Challenges and Its Solutions in Cloud Computing. Procedia Computer Science, 48, 204-209. Retrived from https://doi.org/10.1016/j.procs.2015.04.171 DOI: https://doi.org/10.1016/j.procs.2015.04.171
Rigdon, E. E. (1998). Structural equation modeling. In G. A. Marcoulides (Ed.), Modern methods for business research (pp. 251-294). Lawrence Erlbaum Associates Publishers.
Shucheng Yu, Cong Wang, Kui Ren, and Wenjing Lou (2010). Achieving secure, scalable and fine-grained data access control in cloud computing, in: IN-FOCOM, Proceedings IEEE, 2010.p.1-9.
Subashini, S., & Kavitha, V. (2011). A survey on security issues in service delivery models of cloud computing. Journal of Network and Computer Applications, 34(1), 1-11. Retrived from https://doi.org/10.1016/j.jnca.2010.07.006 DOI: https://doi.org/10.1016/j.jnca.2010.07.006
X. Zhang, N. Wuwong, H. Li and X. Zhang (2010), "Information Security Risk Management Framework for the Cloud Computing Environments," 2010 10th IEEE International Conference on Computer and Information Technology, pp. 1328-1334, Retrived from https://doi.org/10.1109/CIT.2010.501 DOI: https://doi.org/10.1109/CIT.2010.501
Zissis, D., & Lekkas, D. (2012). Addressing cloud computing security issues. Future Generation Computer Systems, 28(3), 583-592. Retrived from https://doi.org/10.1016/j.future.2010.12.006. DOI: https://doi.org/10.1016/j.future.2010.12.006
How to Cite
Copyright (c) 2021 Remya Nair, Dr. J. Meenakumari
This work is licensed under a Creative Commons Attribution 4.0 International License.