CLOUD SECURITY

Securing the Cloud for the Enterprise Level Business

By

TABLE OF CONTENTS

Introduction1

Problem Statement3

Rationale4

Background4

Aim8

Objectives8

Research Questions8

Research Method9

Secondary Research10

Qualitative Research10

Literature Search11

Plan of Work11

Timescale13

Ethical Consideration13

Intellectual Challenges14

Expected Deliverables15

References16

Securing the Cloud for the Enterprise Level Business

Introduction

Emerging trends in the field of cloud computing have started a new era for enterprise level business. The advent of powerful processors at cheaper rates along with use of “software as a service (SaaS)” has been able to transform the data centres into a form of computing service at a high level (Armbrust, 2010). In addition to this, the advancement in information technology has provided the opportunity to business sector for the access of high quality services for software as well as data that is only resided from remote data centres. Due to its various advantages and ease of operation, many enterprises want to tap into this technology and the services it provides in enterprise level business. It has evolved to become a vigorous field waiting to be exploited by many enterprises to acquire quality services from quality service providers (Jamil & Zaki, 2011).

With the help of cloud computing, enterprises can now incorporate e-governance to add new capabilities dynamically without having to invest on infrastructure, personnel training and new software licenses. In the last few years cloud computing has influenced many enterprises ranging from small to large scale enterprises to shift to this paradigm causing a lot of IT research work to be done in this field. Cloud computing has evolved from being just a business concept to a mainstream division of the IT industry (Jamil & Zaki, 2011). Cloud computing is composed of five essential characteristics, three service models and four deployment models. Essential characteristics include on-demand self-service, broad network access, resource pooling, rapid elasticity and measured service (Wood et al. 2009).

Cloud computing can be broken down into three service models; Software as a Service (SaaS), Platform as a Service (PaaS) and Infrastructure as a Service (IaaS) (Mather et al. 2009). A number of key elements should be considered in SaaS application such as data security, network security, data integration, data segregation, data access, data locality, authentication and data confidentiality and many more. Deployment models consist of Private Cloud which is a restricted cloud and is maintained by an organization or any third party, Public Cloud is open to general public or employees of a large organization and is owned and maintained by an organization that provides cloud services, Hybrid Cloud is a composition of two or more heterogeneous clouds that are interconnected by service agreements and are open to application and data portability (Wood et al. 2009). Community Cloud is a composition of several enterprises which have similar interests such as security requirements, compliance requirements etc. it is maintained by an organization or any third party (Jamil & Zaki, 2011).

These are part of a cloud and each of these service models has different security requirements. IaaS is the base or the foundation of the cloud services followed by PaaS built upon it and finally SaaS built upon the PaaS layer ...