SlideShare a Scribd company logo

Cloud computing security issues and challenges

Download as PPTX, PDF
Dheeraj Negi
Dheeraj Negi

This document discusses security issues and challenges in cloud computing. It outlines the three main cloud deployment models (private, public, hybrid cloud) and three service delivery models (IaaS, PaaS, SaaS). Key challenges discussed include costing and charging models, service level agreements, interoperability issues, and security concerns such as data loss and unauthorized access. While cloud computing provides benefits, the document cautions that security risks must be carefully understood and addressed for its safe adoption.

Education
1 of 22
Cloud Computing Security Issues and Challenges Dheeraj Singh Negi
Introduction Cloud computing is the delivery of computing as a service rather than a product, whereby shared resources, software, and information are provided to computers and other devices as a utility (like the electricity grid) over a network (typically the Internet). Clouds can be classified as public, private or hybrid.
SECURITY ISSUES IN CLOUD COMPUTING Cloud Deployments Models In the cloud deployment model, networking, platform, storage, and software infrastructure are provided as services that scale up or down depending on the demand as depicted. The Cloud Computing model has three main deployment models which are:
Cloud Deployments Models • Private cloud • Public cloud • Hybrid cloud
Cloud Deployments Models Private Cloud Public Cloud Hybrid Cloud
Cloud Computing Service Delivery Models Following on the cloud deployment models, the next security consideration relates to the various cloud computing service delivery models. The three main cloud service delivery models are: Infrastructure-as-a-Service (IaaS), Platform-as-a- Service (PaaS) and Software-as-a-Service (SaaS).
1. Infrastructure as a Service (IaaS) 2. Platform as a service (PaaS) 3. Software as a Service
Cloud Computing Service Delivery Models Infrastructure as a Service (IaaS) Platform as a service (PaaS) Software as a Service
Infrastructure as a Service (IaaS) Infrastructure as a Service is a single tenant cloud layer where the Cloud computing vendor’s dedicated resources are only shared with contracted clients at a pay-per-use fee. This greatly minimizes the need for huge initial investment in computing hardware such as servers, networking devices and processing power. They also allow varying degrees of financial and functional flexibility not found in internal data centers or with collocation services, because computing resources can be added or released much more quickly and cost-effectively than in an internal data center or with a collocation service [2]. IaaS and other associated services have enabled startups and other businesses focus on their core competencies without worrying much about the provisioning and management of infrastructure. IaaS completely abstracted the hardware beneath it and allowed users to consume infrastructure as a service without bothering anything about the underlying complexities. The cloud has a compelling value proposition in terms of cost, but ‘out of the box’ IaaS only provides basic security (perimeter firewall, load balancing, etc.) and applications moving into the cloud will need higher levels of security provided at the host.
Platform as a service (PaaS) Platform-as-a-Service (PaaS) is a set of software and development tools hosted on the provider's servers. It is one layer above IaaS on the stack and abstracts away everything up to OS, middleware, etc. This offers an integrated set of developer environment that a developer can tap to build their applications without having any clue about what is going on underneath the service. It offers developers a service that provides a complete software development life cycle management, from planning to design to building applications to deployment to testing to maintenance. Everything else is abstracted away from the “view” of the developers. Platform as a service cloud layer works like IaaS but it provides an additional level of ‘rented’ functionality. Clients using PaaS services transfer even more costs from capital investment to operational expenses but must acknowledge the additional constraints and possibly some degree of lock-in posed by the additional functionality layers [14]. The use of virtual machines act as a catalyst in the PaaS layer in Cloud computing. Virtual machines must be protected against malicious attacks such as cloud malware. Therefore maintaining the integrity of applications and well enforcing accurate authentication checks during the transfer of data across the entire networking channels is fundamental.
Software as a Service Software-as-a-Service is a software distribution model in which applications are hosted by a vendor or service provider and made available to customers over a network, typically the Internet. SaaS is becoming an increasingly prevalent delivery model as underlying technologies that support web services and service-oriented architecture (SOA) mature and new developmental approaches become popular. SaaS is also often associated with a pay-as-you-go subscription licensing model. Meanwhile, broadband service has become increasingly available to support user access from more areas around the world. SaaS is most often implemented to provide business software functionality to enterprise customers at a low cost while allowing those customers to obtain the same benefits of commercially licensed, internally operated software without the associated complexity of installation, management, support, licensing, and high initial cost. The architecture of SaaS-based applications is specifically designed to support many concurrent users (multitenancy) at once. Software as a service applications are accessed using web browsers over the Internet therefore web browser security is vitally important. Information security officers will need to consider various methods of securing SaaS applications. Web Services (WS) security, Extendable Markup Language (XML) encryption, Secure Socket Layer (SSL) and available options which are used in enforcing data protection transmitted over the Internet.
Above figure Cloud computing service delivery models Combining the three types of clouds with the delivery models we get a holistic cloud illustration as seen in Figure , surrounded by connectivity devices coupled with information security themes. Virtualized physical resources, virtualized infrastructure, as well as virtualized middleware platforms and business applications are being provided and consumed as services in the Cloud . Cloud vendors and clients’ need to maintain Cloud computing security at all interfaces. The next section of the paper introduces challenges faced in the Cloud computing domain.
CLOUD COMPUTING CHALLENGES Cloud Interoperability Issue Service Level Agreement (SLA) Charging Model Costing Model Security
Costing Model Cloud consumers must consider the tradeoffs amongst computation, communication, and integration. While migrating to the Cloud can significantly reduce the infrastructure cost, it does raise the cost of data communication, i.e. the cost of transferring an organization's data to and from the public and community Cloud and the cost per unit of computing resource used is likely to be higher. This problem is particularly prominent if the consumer uses the hybrid cloud deployment model where the organization's data is distributed amongst a number of public/private (in-house IT infrastructure)/community clouds. Intuitively, on- demand computing makes sense only for CPU intensive jobs
Charging Model The elastic resource pool has made the cost analysis a lot more complicated than regular data centers, which often calculates their cost based on consumptions of static computing. Moreover, an instantiated virtual machine has become the unit of cost analysis rather than the underlying physical server. For SaaS cloud providers, the cost of developing multitenancy within their offering can be very substantial. These include: re-design and re- development of the software that was originally used for single-tenancy, cost of providing new features that allow for intensive customization, performance and security enhancement for concurrent user access, and dealing with complexities induced by the above changes. Consequently, SaaS providers need to weigh up the trade-off between the provision of multi- tenancy and the cost-savings yielded by multi-tenancy such as reduced overhead through amortization, reduced number of on-site software licenses, etc. Therefore, a strategic and viable charging model for SaaS provider is crucial for the profitability and sustainability of SaaS cloud providers
Service Level Agreement (SLA) Although cloud consumers do not have control over the underlying computing resources, they do need to ensure the quality, availability, reliability, and performance of these resources when consumers have migrated their core business functions onto their entrusted cloud. In other words, it is vital for consumers to obtain guarantees from providers on service delivery. Typically, these are provided through Service Level Agreements (SLAs) negotiated between the providers and consumers. The very first issue is the definition of SLA specifications in such a way that has an appropriate level of granularity, namely the tradeoffs between expressiveness and complicatedness, so that they can cover most of the consumer expectations and is relatively simple to be weighted, verified, evaluated, and enforced by the resource allocation mechanism on the cloud. In addition, different cloud offerings (IaaS, PaaS, and SaaS) will need to define different SLA meta specifications. This also raises a number of implementation problems for the cloud providers. Furthermore, advanced SLA mechanisms need to constantly incorporate user feedback and customization features into the SLA evaluation framework
Cloud Interoperability Issue Currently, each cloud offering has its own way on how cloud clients/applications/users interact with the cloud, leading to the "Hazy Cloud" phenomenon. This severely hinders the development of cloud ecosystems by forcing vendor locking, which prohibits the ability of users to choose from alternative vendors/offering simultaneously in order to optimize resources at different levels within an organization. More importantly, proprietary cloud APIs makes it very difficult to integrate cloud services with an organization's own existing legacy systems (e.g. an on-premise data centre for highly interactive modeling applications in a pharmaceutical company).The primary goal of interoperability is to realize the seamless fluid data across clouds and between cloud and local applications. There are a number of levels that interoperability is essential for cloud computing. First, to optimize the IT asset and computing resources, an organization often needs to keep in-house IT assets and capabilities associated with their core competencies while outsourcing marginal functions and activities (e.g. the human resource system) on to the cloud. Second, more often than not, for the purpose of optimization, an organization may need to outsource a number of marginal functions to cloud services offered by different vendors. Standardization appears to be a good solution to address the interoperability issue. However, as cloud computing just starts to take off, the interoperability problem has not appeared on the pressing agenda of major industry cloud vendors
Security It is clear that the security issue has played the most important role in hindering Cloud computing acceptance. Without doubt, putting your data, running your software on someone else's hard disk using someone else's CPU appears daunting to many. Well-known security issues such as data loss, phishing, botnet (running remotely on a collection of machines) pose serious threats to organization's data and software. Moreover, the multi- tenancy model and the pooled computing resources in cloud computing has introduced new security challenges that require novel techniques to tackle with. For example, hackers can use Cloud to organize botnet as Cloud often provides more reliable infrastructure services at a relatively cheaper price for them to start an attack
Conclusion Although Cloud computing can be seen as a new phenomenon which is set to revolutionise the way we use the Internet, there is much to be cautious about. There are many new technologies emerging at a rapid rate, each with technological advancements and with the potential of making human’s lives easier. However, one must be very careful to understand the security risks and challenges posed in utilizing these technologies. Cloud computing is no exception. In this PPT key security considerations and challenges which are currently faced in the Cloud computing are highlighted. Cloud computing has the potential to become a frontrunner in promoting a secure, virtual and economically viable IT solution in the future.
Cloud computing security issues and challenges

Recommended

Security Issues of Cloud Computing
Security Issues of Cloud ComputingSecurity Issues of Cloud Computing
Security Issues of Cloud ComputingFalgun Rathod
 
Cloud Security And Privacy
Cloud Security And PrivacyCloud Security And Privacy
Cloud Security And Privacytmather
 
Cloud Computing Security
Cloud Computing SecurityCloud Computing Security
Cloud Computing SecurityNinh Nguyen
 
Cloud Computing
Cloud ComputingCloud Computing
Cloud ComputingInternational School Of Management Excellence
 
Cloud Security: A New Perspective
Cloud Security: A New PerspectiveCloud Security: A New Perspective
Cloud Security: A New PerspectiveWen-Pai Lu
 
Cloud Computing for college presenation project.
Cloud Computing for college presenation project.Cloud Computing for college presenation project.
Cloud Computing for college presenation project.Mahesh Tibrewal
 
Cloud Computing
Cloud ComputingCloud Computing
Cloud ComputingNaveed Farooq
 
Cloud computing
Cloud computingCloud computing
Cloud computingAditya Dwivedi
 

Recommended

Security Issues of Cloud Computing
Security Issues of Cloud ComputingSecurity Issues of Cloud Computing
Security Issues of Cloud ComputingFalgun Rathod
 
Cloud Security And Privacy
Cloud Security And PrivacyCloud Security And Privacy
Cloud Security And Privacytmather
 
Cloud Computing Security
Cloud Computing SecurityCloud Computing Security
Cloud Computing SecurityNinh Nguyen
 
Cloud Computing
Cloud ComputingCloud Computing
Cloud ComputingInternational School Of Management Excellence
 
Cloud Security: A New Perspective
Cloud Security: A New PerspectiveCloud Security: A New Perspective
Cloud Security: A New PerspectiveWen-Pai Lu
 
Cloud Computing for college presenation project.
Cloud Computing for college presenation project.Cloud Computing for college presenation project.
Cloud Computing for college presenation project.Mahesh Tibrewal
 
Cloud Computing
Cloud ComputingCloud Computing
Cloud ComputingNaveed Farooq
 
Cloud computing
Cloud computingCloud computing
Cloud computingAditya Dwivedi
 
Eucalyptus, Nimbus & OpenNebula
Eucalyptus, Nimbus & OpenNebulaEucalyptus, Nimbus & OpenNebula
Eucalyptus, Nimbus & OpenNebulaAmar Myana
 
Cloud security ppt
Cloud security pptCloud security ppt
Cloud security pptVenkatesh Chary
 
Cloud computing
Cloud computingCloud computing
Cloud computingDebrajKarmakar
 
Multi-Cloud Strategy for Unrestricted Possibilities
Multi-Cloud Strategy for Unrestricted PossibilitiesMulti-Cloud Strategy for Unrestricted Possibilities
Multi-Cloud Strategy for Unrestricted PossibilitiesHarsh V Sehgal
 
cloud computing ppt
cloud computing pptcloud computing ppt
cloud computing ppthimanshuawasthi2109
 
Cloud Encryption
Cloud EncryptionCloud Encryption
Cloud EncryptionRituparnaNag
 
Cloud Computing Architecture
Cloud Computing ArchitectureCloud Computing Architecture
Cloud Computing ArchitectureAnimesh Chaturvedi
 
Cloud Computing Security Challenges
Cloud Computing Security ChallengesCloud Computing Security Challenges
Cloud Computing Security ChallengesYateesh Yadav
 
Cloud security and security architecture
Cloud security and security architectureCloud security and security architecture
Cloud security and security architectureVladimir Jirasek
 
Community cloud
Community cloud Community cloud
Community cloudSNKN-CloudComputing
 
Virtualization in cloud computing ppt
Virtualization in cloud computing pptVirtualization in cloud computing ppt
Virtualization in cloud computing pptMehul Patel
 
Cloud Computing
Cloud ComputingCloud Computing
Cloud ComputingImane SBAI
 
Migrating into a cloud
Migrating into a cloudMigrating into a cloud
Migrating into a cloudANUSUYA T K
 
Top 10 cloud service providers
Top 10 cloud service providersTop 10 cloud service providers
Top 10 cloud service providersVineet Garg
 
Multi Cloud Architecture Approach
Multi Cloud Architecture ApproachMulti Cloud Architecture Approach
Multi Cloud Architecture ApproachMaganathin Veeraragaloo
 
Cloud computing and Cloud security fundamentals
Cloud computing and Cloud security fundamentalsCloud computing and Cloud security fundamentals
Cloud computing and Cloud security fundamentalsViresh Suri
 
Cloud security Presentation
Cloud security PresentationCloud security Presentation
Cloud security PresentationAjay p
 
Hybrid Cloud and Its Implementation
Hybrid Cloud and Its ImplementationHybrid Cloud and Its Implementation
Hybrid Cloud and Its ImplementationSai P Mishra
 
Fog computing
Fog computing Fog computing
Fog computing Pachipulusu Giridhar
 
Infrastructure as a Service ( IaaS)
Infrastructure as a Service ( IaaS)Infrastructure as a Service ( IaaS)
Infrastructure as a Service ( IaaS)Ravindra Dastikop
 
Cloud Computing
Cloud ComputingCloud Computing
Cloud ComputingArwa
 
Cloud computing-security-issues
Cloud computing-security-issuesCloud computing-security-issues
Cloud computing-security-issuesAleem Mohammed
 

More Related Content

What's hot

Eucalyptus, Nimbus & OpenNebula
Eucalyptus, Nimbus & OpenNebulaEucalyptus, Nimbus & OpenNebula
Eucalyptus, Nimbus & OpenNebulaAmar Myana
 
Multi-Cloud Strategy for Unrestricted Possibilities
Multi-Cloud Strategy for Unrestricted PossibilitiesMulti-Cloud Strategy for Unrestricted Possibilities
Multi-Cloud Strategy for Unrestricted PossibilitiesHarsh V Sehgal
 
Cloud Computing Security Challenges
Cloud Computing Security ChallengesCloud Computing Security Challenges
Cloud Computing Security ChallengesYateesh Yadav
 
Cloud security and security architecture
Cloud security and security architectureCloud security and security architecture
Cloud security and security architectureVladimir Jirasek
 
Virtualization in cloud computing ppt
Virtualization in cloud computing pptVirtualization in cloud computing ppt
Virtualization in cloud computing pptMehul Patel
 
Cloud Computing
Cloud ComputingCloud Computing
Cloud ComputingImane SBAI
 
Migrating into a cloud
Migrating into a cloudMigrating into a cloud
Migrating into a cloudANUSUYA T K
 
Top 10 cloud service providers
Top 10 cloud service providersTop 10 cloud service providers
Top 10 cloud service providersVineet Garg
 
Cloud computing and Cloud security fundamentals
Cloud computing and Cloud security fundamentalsCloud computing and Cloud security fundamentals
Cloud computing and Cloud security fundamentalsViresh Suri
 
Cloud security Presentation
Cloud security PresentationCloud security Presentation
Cloud security PresentationAjay p
 
Hybrid Cloud and Its Implementation
Hybrid Cloud and Its ImplementationHybrid Cloud and Its Implementation
Hybrid Cloud and Its ImplementationSai P Mishra
 
Infrastructure as a Service ( IaaS)
Infrastructure as a Service ( IaaS)Infrastructure as a Service ( IaaS)
Infrastructure as a Service ( IaaS)Ravindra Dastikop
 

What's hot (20)

Eucalyptus, Nimbus & OpenNebula
Eucalyptus, Nimbus & OpenNebulaEucalyptus, Nimbus & OpenNebula
Eucalyptus, Nimbus & OpenNebula
 
Cloud security ppt
Cloud security pptCloud security ppt
Cloud security ppt
 
Cloud computing
Cloud computingCloud computing
Cloud computing
 
Multi-Cloud Strategy for Unrestricted Possibilities
Multi-Cloud Strategy for Unrestricted PossibilitiesMulti-Cloud Strategy for Unrestricted Possibilities
Multi-Cloud Strategy for Unrestricted Possibilities
 
cloud computing ppt
cloud computing pptcloud computing ppt
cloud computing ppt
 
Cloud Encryption
Cloud EncryptionCloud Encryption
Cloud Encryption
 
Cloud Computing Architecture
Cloud Computing ArchitectureCloud Computing Architecture
Cloud Computing Architecture
 
Cloud Computing Security Challenges
Cloud Computing Security ChallengesCloud Computing Security Challenges
Cloud Computing Security Challenges
 
Cloud security and security architecture
Cloud security and security architectureCloud security and security architecture
Cloud security and security architecture
 
Community cloud
Community cloud Community cloud
Community cloud
 
Virtualization in cloud computing ppt
Virtualization in cloud computing pptVirtualization in cloud computing ppt
Virtualization in cloud computing ppt
 
Cloud Computing
Cloud ComputingCloud Computing
Cloud Computing
 
Migrating into a cloud
Migrating into a cloudMigrating into a cloud
Migrating into a cloud
 
Top 10 cloud service providers
Top 10 cloud service providersTop 10 cloud service providers
Top 10 cloud service providers
 
Multi Cloud Architecture Approach
Multi Cloud Architecture ApproachMulti Cloud Architecture Approach
Multi Cloud Architecture Approach
 
Cloud computing and Cloud security fundamentals
Cloud computing and Cloud security fundamentalsCloud computing and Cloud security fundamentals
Cloud computing and Cloud security fundamentals
 
Cloud security Presentation
Cloud security PresentationCloud security Presentation
Cloud security Presentation
 
Hybrid Cloud and Its Implementation
Hybrid Cloud and Its ImplementationHybrid Cloud and Its Implementation
Hybrid Cloud and Its Implementation
 
Fog computing
Fog computing Fog computing
Fog computing
 
Infrastructure as a Service ( IaaS)
Infrastructure as a Service ( IaaS)Infrastructure as a Service ( IaaS)
Infrastructure as a Service ( IaaS)
 

Viewers also liked

Cloud Computing
Cloud ComputingCloud Computing
Cloud ComputingArwa
 
Cloud computing-security-issues
Cloud computing-security-issuesCloud computing-security-issues
Cloud computing-security-issuesAleem Mohammed
 
Issues in cloud computing
Issues in cloud computingIssues in cloud computing
Issues in cloud computingronak patel
 
Top challenges in cloud computing
Top challenges in cloud computingTop challenges in cloud computing
Top challenges in cloud computingTISEE
 
Cloud Computing - Benefits and Challenges
Cloud Computing - Benefits and ChallengesCloud Computing - Benefits and Challenges
Cloud Computing - Benefits and ChallengesThoughtWorks Studios
 

Viewers also liked (6)

Cloud Computing
Cloud ComputingCloud Computing
Cloud Computing
 
Cloud computing-security-issues
Cloud computing-security-issuesCloud computing-security-issues
Cloud computing-security-issues
 
Issues in cloud computing
Issues in cloud computingIssues in cloud computing
Issues in cloud computing
 
Top challenges in cloud computing
Top challenges in cloud computingTop challenges in cloud computing
Top challenges in cloud computing
 
Cloud Computing Security Issues
Cloud Computing Security Issues Cloud Computing Security Issues
Cloud Computing Security Issues
 
Cloud Computing - Benefits and Challenges
Cloud Computing - Benefits and ChallengesCloud Computing - Benefits and Challenges
Cloud Computing - Benefits and Challenges
 

Similar to Cloud computing security issues and challenges

Cloud Computing: Business Trends and the Challenges
Cloud Computing: Business Trends and the ChallengesCloud Computing: Business Trends and the Challenges
Cloud Computing: Business Trends and the Challengesidescitation
 
Cloud computing with services
Cloud computing with servicesCloud computing with services
Cloud computing with servicesSuresh Kumar
 
A Breif On Cloud computing
A Breif On Cloud computingA Breif On Cloud computing
A Breif On Cloud computingRaja Raman
 
describing-the-significant-use-of-cloud-computing-service-models-cuneiform
describing-the-significant-use-of-cloud-computing-service-models-cuneiformdescribing-the-significant-use-of-cloud-computing-service-models-cuneiform
describing-the-significant-use-of-cloud-computing-service-models-cuneiformCuneiform Consulting Pvt Ltd.
 
Oruta phase1 report
Oruta phase1 reportOruta phase1 report
Oruta phase1 reportsuthi
 
Design & Development of a Trustworthy and Secure Billing System for Cloud Com...
Design & Development of a Trustworthy and Secure Billing System for Cloud Com...Design & Development of a Trustworthy and Secure Billing System for Cloud Com...
Design & Development of a Trustworthy and Secure Billing System for Cloud Com...iosrjce
 
Cloud computing architecture
Cloud computing architectureCloud computing architecture
Cloud computing architecturemeenalkakkar
 
Understanding the cloud computing stack
Understanding the cloud computing stackUnderstanding the cloud computing stack
Understanding the cloud computing stackSatish Chavan
 
How to Cloud - The Ultimate Guide to Cloud Computing
How to Cloud - The Ultimate Guide to Cloud ComputingHow to Cloud - The Ultimate Guide to Cloud Computing
How to Cloud - The Ultimate Guide to Cloud ComputingAwesome Developers UG
 
2.evaluating cloud platforms
2.evaluating cloud platforms2.evaluating cloud platforms
2.evaluating cloud platformsDrRajapraveenkN
 

Similar to Cloud computing security issues and challenges (20)

Cloud Computing: Business Trends and the Challenges
Cloud Computing: Business Trends and the ChallengesCloud Computing: Business Trends and the Challenges
Cloud Computing: Business Trends and the Challenges
 
Cloud computing with services
Cloud computing with servicesCloud computing with services
Cloud computing with services
 
A Breif On Cloud computing
A Breif On Cloud computingA Breif On Cloud computing
A Breif On Cloud computing
 
Cloud Computing
Cloud ComputingCloud Computing
Cloud Computing
 
describing-the-significant-use-of-cloud-computing-service-models-cuneiform
describing-the-significant-use-of-cloud-computing-service-models-cuneiformdescribing-the-significant-use-of-cloud-computing-service-models-cuneiform
describing-the-significant-use-of-cloud-computing-service-models-cuneiform
 
A Review on Data Protection of Cloud Computing Security, Benefits, Risks and ...
A Review on Data Protection of Cloud Computing Security, Benefits, Risks and ...A Review on Data Protection of Cloud Computing Security, Benefits, Risks and ...
A Review on Data Protection of Cloud Computing Security, Benefits, Risks and ...
 
Cloud Computing-notes.doc
Cloud Computing-notes.docCloud Computing-notes.doc
Cloud Computing-notes.doc
 
Oruta phase1 report
Oruta phase1 reportOruta phase1 report
Oruta phase1 report
 
Design & Development of a Trustworthy and Secure Billing System for Cloud Com...
Design & Development of a Trustworthy and Secure Billing System for Cloud Com...Design & Development of a Trustworthy and Secure Billing System for Cloud Com...
Design & Development of a Trustworthy and Secure Billing System for Cloud Com...
 
A017620123
A017620123A017620123
A017620123
 
Cloud notes 1
Cloud notes 1Cloud notes 1
Cloud notes 1
 
P18 2 8-5
P18 2 8-5P18 2 8-5
P18 2 8-5
 
Cc unit 3 updated version
Cc unit 3 updated versionCc unit 3 updated version
Cc unit 3 updated version
 
Cloud computing architecture
Cloud computing architectureCloud computing architecture
Cloud computing architecture
 
Sem rep edited
Sem rep editedSem rep edited
Sem rep edited
 
Cloud computing
Cloud computingCloud computing
Cloud computing
 
Understanding the cloud computing stack
Understanding the cloud computing stackUnderstanding the cloud computing stack
Understanding the cloud computing stack
 
Cloud Computing
Cloud ComputingCloud Computing
Cloud Computing
 
How to Cloud - The Ultimate Guide to Cloud Computing
How to Cloud - The Ultimate Guide to Cloud ComputingHow to Cloud - The Ultimate Guide to Cloud Computing
How to Cloud - The Ultimate Guide to Cloud Computing
 
2.evaluating cloud platforms
2.evaluating cloud platforms2.evaluating cloud platforms
2.evaluating cloud platforms
 

More from Dheeraj Negi

Intellectual property rights (IPR) and digital
Intellectual property rights (IPR) and digitalIntellectual property rights (IPR) and digital
Intellectual property rights (IPR) and digitalDheeraj Negi
 
Job satisfaction among library professional
Job satisfaction among library professionalJob satisfaction among library professional
Job satisfaction among library professionalDheeraj Negi
 
The ict based library and information services
The ict based library and information servicesThe ict based library and information services
The ict based library and information servicesDheeraj Negi
 
4 g technology in digital
4 g technology in digital4 g technology in digital
4 g technology in digitalDheeraj Negi
 
Basic mgmt skills for Librarians
Basic mgmt skills for Librarians Basic mgmt skills for Librarians
Basic mgmt skills for Librarians Dheeraj Negi
 
Networking and Communication
Networking and Communication Networking and Communication
Networking and Communication Dheeraj Negi
 
Management information systems
Management information systemsManagement information systems
Management information systemsDheeraj Negi
 
Library Database management system
Library Database management system Library Database management system
Library Database management system Dheeraj Negi
 
Stress among library Professional
Stress among library Professional Stress among library Professional
Stress among library Professional Dheeraj Negi
 
Whats app for smart Librarians
Whats app for smart LibrariansWhats app for smart Librarians
Whats app for smart LibrariansDheeraj Negi
 
7 ps marketing strategies of Libraries
7 ps marketing strategies of Libraries7 ps marketing strategies of Libraries
7 ps marketing strategies of LibrariesDheeraj Negi
 
International Standard Book Number
International Standard Book NumberInternational Standard Book Number
International Standard Book NumberDheeraj Negi
 
Bookless Libraries
Bookless LibrariesBookless Libraries
Bookless LibrariesDheeraj Negi
 
Moocs in higher education
Moocs in higher educationMoocs in higher education
Moocs in higher educationDheeraj Negi
 
Mobile apps for librarian
Mobile apps for librarianMobile apps for librarian
Mobile apps for librarianDheeraj Negi
 
Effective training Development
Effective training Development Effective training Development
Effective training Development Dheeraj Negi
 
Negotiation skill for librarian
Negotiation skill for librarianNegotiation skill for librarian
Negotiation skill for librarianDheeraj Negi
 
Open access journals LIS
Open access journals LIS Open access journals LIS
Open access journals LIS Dheeraj Negi
 
Collection development
Collection developmentCollection development
Collection developmentDheeraj Negi
 

More from Dheeraj Negi (20)

Intellectual property rights (IPR) and digital
Intellectual property rights (IPR) and digitalIntellectual property rights (IPR) and digital
Intellectual property rights (IPR) and digital
 
Job satisfaction among library professional
Job satisfaction among library professionalJob satisfaction among library professional
Job satisfaction among library professional
 
The ict based library and information services
The ict based library and information servicesThe ict based library and information services
The ict based library and information services
 
4 g technology in digital
4 g technology in digital4 g technology in digital
4 g technology in digital
 
Basic mgmt skills for Librarians
Basic mgmt skills for Librarians Basic mgmt skills for Librarians
Basic mgmt skills for Librarians
 
Networking and Communication
Networking and Communication Networking and Communication
Networking and Communication
 
Management information systems
Management information systemsManagement information systems
Management information systems
 
Library Database management system
Library Database management system Library Database management system
Library Database management system
 
Stress among library Professional
Stress among library Professional Stress among library Professional
Stress among library Professional
 
Whats app for smart Librarians
Whats app for smart LibrariansWhats app for smart Librarians
Whats app for smart Librarians
 
7 ps marketing strategies of Libraries
7 ps marketing strategies of Libraries7 ps marketing strategies of Libraries
7 ps marketing strategies of Libraries
 
International Standard Book Number
International Standard Book NumberInternational Standard Book Number
International Standard Book Number
 
Bookless Libraries
Bookless LibrariesBookless Libraries
Bookless Libraries
 
Moocs in higher education
Moocs in higher educationMoocs in higher education
Moocs in higher education
 
Mobile apps for librarian
Mobile apps for librarianMobile apps for librarian
Mobile apps for librarian
 
Effective training Development
Effective training Development Effective training Development
Effective training Development
 
Negotiation skill for librarian
Negotiation skill for librarianNegotiation skill for librarian
Negotiation skill for librarian
 
Web OPAC
Web OPAC Web OPAC
Web OPAC
 
Open access journals LIS
Open access journals LIS Open access journals LIS
Open access journals LIS
 
Collection development
Collection developmentCollection development
Collection development
 

Recently uploaded

Transaction Management in Database Management System
Transaction Management in Database Management SystemTransaction Management in Database Management System
Transaction Management in Database Management SystemChristalin Nelson
 
ESP 4-EDITED.pdfmmcncncncmcmmnmnmncnmncmnnjvnnv
ESP 4-EDITED.pdfmmcncncncmcmmnmnmncnmncmnnjvnnvESP 4-EDITED.pdfmmcncncncmcmmnmnmncnmncmnnjvnnv
ESP 4-EDITED.pdfmmcncncncmcmmnmnmncnmncmnnjvnnvRicaMaeCastro1
 
Narcotic and Non Narcotic Analgesic..pdf
Narcotic and Non Narcotic Analgesic..pdfNarcotic and Non Narcotic Analgesic..pdf
Narcotic and Non Narcotic Analgesic..pdfPrerana Jadhav
 
Expanded definition: technical and operational
Expanded definition: technical and operationalExpanded definition: technical and operational
Expanded definition: technical and operationalssuser3e220a
 
Decoding the Tweet _ Practical Criticism in the Age of Hashtag.pptx
Decoding the Tweet _ Practical Criticism in the Age of Hashtag.pptxDecoding the Tweet _ Practical Criticism in the Age of Hashtag.pptx
Decoding the Tweet _ Practical Criticism in the Age of Hashtag.pptxDhatriParmar
 
Daily Lesson Plan in Mathematics Quarter 4
Daily Lesson Plan in Mathematics Quarter 4Daily Lesson Plan in Mathematics Quarter 4
Daily Lesson Plan in Mathematics Quarter 4JOYLYNSAMANIEGO
 
4.11.24 Mass Incarceration and the New Jim Crow.pptx
4.11.24 Mass Incarceration and the New Jim Crow.pptx4.11.24 Mass Incarceration and the New Jim Crow.pptx
4.11.24 Mass Incarceration and the New Jim Crow.pptxmary850239
 
Team Lead Succeed – Helping you and your team achieve high-performance teamwo...
Team Lead Succeed – Helping you and your team achieve high-performance teamwo...Team Lead Succeed – Helping you and your team achieve high-performance teamwo...
Team Lead Succeed – Helping you and your team achieve high-performance teamwo...Association for Project Management
 
31 ĐỀ THI THỬ VÀO LỚP 10 - TIẾNG ANH - FORM MỚI 2025 - 40 CÂU HỎI - BÙI VĂN V...
31 ĐỀ THI THỬ VÀO LỚP 10 - TIẾNG ANH - FORM MỚI 2025 - 40 CÂU HỎI - BÙI VĂN V...31 ĐỀ THI THỬ VÀO LỚP 10 - TIẾNG ANH - FORM MỚI 2025 - 40 CÂU HỎI - BÙI VĂN V...
31 ĐỀ THI THỬ VÀO LỚP 10 - TIẾNG ANH - FORM MỚI 2025 - 40 CÂU HỎI - BÙI VĂN V...Nguyen Thanh Tu Collection
 
Concurrency Control in Database Management system
Concurrency Control in Database Management systemConcurrency Control in Database Management system
Concurrency Control in Database Management systemChristalin Nelson
 
How to Fix XML SyntaxError in Odoo the 17
How to Fix XML SyntaxError in Odoo the 17How to Fix XML SyntaxError in Odoo the 17
How to Fix XML SyntaxError in Odoo the 17Celine George
 
Reading and Writing Skills 11 quarter 4 melc 1
Reading and Writing Skills 11 quarter 4 melc 1Reading and Writing Skills 11 quarter 4 melc 1
Reading and Writing Skills 11 quarter 4 melc 1GloryAnnCastre1
 
4.16.24 21st Century Movements for Black Lives.pptx
4.16.24 21st Century Movements for Black Lives.pptx4.16.24 21st Century Movements for Black Lives.pptx
4.16.24 21st Century Movements for Black Lives.pptxmary850239
 
Indexing Structures in Database Management system.pdf
Indexing Structures in Database Management system.pdfIndexing Structures in Database Management system.pdf
Indexing Structures in Database Management system.pdfChristalin Nelson
 
Q4-PPT-Music9_Lesson-1-Romantic-Opera.pptx
Q4-PPT-Music9_Lesson-1-Romantic-Opera.pptxQ4-PPT-Music9_Lesson-1-Romantic-Opera.pptx
Q4-PPT-Music9_Lesson-1-Romantic-Opera.pptxlancelewisportillo
 
Scientific Writing :Research Discourse
Scientific Writing :Research DiscourseScientific Writing :Research Discourse
Scientific Writing :Research DiscourseAnita GoswamiGiri
 
Beauty Amidst the Bytes_ Unearthing Unexpected Advantages of the Digital Wast...
Beauty Amidst the Bytes_ Unearthing Unexpected Advantages of the Digital Wast...Beauty Amidst the Bytes_ Unearthing Unexpected Advantages of the Digital Wast...
Beauty Amidst the Bytes_ Unearthing Unexpected Advantages of the Digital Wast...DhatriParmar
 

Recently uploaded (20)

Transaction Management in Database Management System
Transaction Management in Database Management SystemTransaction Management in Database Management System
Transaction Management in Database Management System
 
ESP 4-EDITED.pdfmmcncncncmcmmnmnmncnmncmnnjvnnv
ESP 4-EDITED.pdfmmcncncncmcmmnmnmncnmncmnnjvnnvESP 4-EDITED.pdfmmcncncncmcmmnmnmncnmncmnnjvnnv
ESP 4-EDITED.pdfmmcncncncmcmmnmnmncnmncmnnjvnnv
 
INCLUSIVE EDUCATION PRACTICES FOR TEACHERS AND TRAINERS.pptx
INCLUSIVE EDUCATION PRACTICES FOR TEACHERS AND TRAINERS.pptxINCLUSIVE EDUCATION PRACTICES FOR TEACHERS AND TRAINERS.pptx
INCLUSIVE EDUCATION PRACTICES FOR TEACHERS AND TRAINERS.pptx
 
Paradigm shift in nursing research by RS MEHTA
Paradigm shift in nursing research by RS MEHTAParadigm shift in nursing research by RS MEHTA
Paradigm shift in nursing research by RS MEHTA
 
Narcotic and Non Narcotic Analgesic..pdf
Narcotic and Non Narcotic Analgesic..pdfNarcotic and Non Narcotic Analgesic..pdf
Narcotic and Non Narcotic Analgesic..pdf
 
Expanded definition: technical and operational
Expanded definition: technical and operationalExpanded definition: technical and operational
Expanded definition: technical and operational
 
Decoding the Tweet _ Practical Criticism in the Age of Hashtag.pptx
Decoding the Tweet _ Practical Criticism in the Age of Hashtag.pptxDecoding the Tweet _ Practical Criticism in the Age of Hashtag.pptx
Decoding the Tweet _ Practical Criticism in the Age of Hashtag.pptx
 
Daily Lesson Plan in Mathematics Quarter 4
Daily Lesson Plan in Mathematics Quarter 4Daily Lesson Plan in Mathematics Quarter 4
Daily Lesson Plan in Mathematics Quarter 4
 
4.11.24 Mass Incarceration and the New Jim Crow.pptx
4.11.24 Mass Incarceration and the New Jim Crow.pptx4.11.24 Mass Incarceration and the New Jim Crow.pptx
4.11.24 Mass Incarceration and the New Jim Crow.pptx
 
Team Lead Succeed – Helping you and your team achieve high-performance teamwo...
Team Lead Succeed – Helping you and your team achieve high-performance teamwo...Team Lead Succeed – Helping you and your team achieve high-performance teamwo...
Team Lead Succeed – Helping you and your team achieve high-performance teamwo...
 
31 ĐỀ THI THỬ VÀO LỚP 10 - TIẾNG ANH - FORM MỚI 2025 - 40 CÂU HỎI - BÙI VĂN V...
31 ĐỀ THI THỬ VÀO LỚP 10 - TIẾNG ANH - FORM MỚI 2025 - 40 CÂU HỎI - BÙI VĂN V...31 ĐỀ THI THỬ VÀO LỚP 10 - TIẾNG ANH - FORM MỚI 2025 - 40 CÂU HỎI - BÙI VĂN V...
31 ĐỀ THI THỬ VÀO LỚP 10 - TIẾNG ANH - FORM MỚI 2025 - 40 CÂU HỎI - BÙI VĂN V...
 
Concurrency Control in Database Management system
Concurrency Control in Database Management systemConcurrency Control in Database Management system
Concurrency Control in Database Management system
 
How to Fix XML SyntaxError in Odoo the 17
How to Fix XML SyntaxError in Odoo the 17How to Fix XML SyntaxError in Odoo the 17
How to Fix XML SyntaxError in Odoo the 17
 
Reading and Writing Skills 11 quarter 4 melc 1
Reading and Writing Skills 11 quarter 4 melc 1Reading and Writing Skills 11 quarter 4 melc 1
Reading and Writing Skills 11 quarter 4 melc 1
 
4.16.24 21st Century Movements for Black Lives.pptx
4.16.24 21st Century Movements for Black Lives.pptx4.16.24 21st Century Movements for Black Lives.pptx
4.16.24 21st Century Movements for Black Lives.pptx
 
Indexing Structures in Database Management system.pdf
Indexing Structures in Database Management system.pdfIndexing Structures in Database Management system.pdf
Indexing Structures in Database Management system.pdf
 
Faculty Profile prashantha K EEE dept Sri Sairam college of Engineering
Faculty Profile prashantha K EEE dept Sri Sairam college of EngineeringFaculty Profile prashantha K EEE dept Sri Sairam college of Engineering
Faculty Profile prashantha K EEE dept Sri Sairam college of Engineering
 
Q4-PPT-Music9_Lesson-1-Romantic-Opera.pptx
Q4-PPT-Music9_Lesson-1-Romantic-Opera.pptxQ4-PPT-Music9_Lesson-1-Romantic-Opera.pptx
Q4-PPT-Music9_Lesson-1-Romantic-Opera.pptx
 
Scientific Writing :Research Discourse
Scientific Writing :Research DiscourseScientific Writing :Research Discourse
Scientific Writing :Research Discourse
 
Beauty Amidst the Bytes_ Unearthing Unexpected Advantages of the Digital Wast...
Beauty Amidst the Bytes_ Unearthing Unexpected Advantages of the Digital Wast...Beauty Amidst the Bytes_ Unearthing Unexpected Advantages of the Digital Wast...
Beauty Amidst the Bytes_ Unearthing Unexpected Advantages of the Digital Wast...
 

Cloud computing security issues and challenges

  • 1. Cloud Computing Security Issues and Challenges Dheeraj Singh Negi
  • 2. Introduction Cloud computing is the delivery of computing as a service rather than a product, whereby shared resources, software, and information are provided to computers and other devices as a utility (like the electricity grid) over a network (typically the Internet). Clouds can be classified as public, private or hybrid.
  • 3. SECURITY ISSUES IN CLOUD COMPUTING Cloud Deployments Models In the cloud deployment model, networking, platform, storage, and software infrastructure are provided as services that scale up or down depending on the demand as depicted. The Cloud Computing model has three main deployment models which are:
  • 4. Cloud Deployments Models • Private cloud • Public cloud • Hybrid cloud
  • 5. Cloud Deployments Models Private Cloud Public Cloud Hybrid Cloud
  • 6.
  • 7. Cloud Computing Service Delivery Models Following on the cloud deployment models, the next security consideration relates to the various cloud computing service delivery models. The three main cloud service delivery models are: Infrastructure-as-a-Service (IaaS), Platform-as-a- Service (PaaS) and Software-as-a-Service (SaaS).
  • 8. 1. Infrastructure as a Service (IaaS) 2. Platform as a service (PaaS) 3. Software as a Service
  • 9. Cloud Computing Service Delivery Models Infrastructure as a Service (IaaS) Platform as a service (PaaS) Software as a Service
  • 10. Infrastructure as a Service (IaaS) Infrastructure as a Service is a single tenant cloud layer where the Cloud computing vendor’s dedicated resources are only shared with contracted clients at a pay-per-use fee. This greatly minimizes the need for huge initial investment in computing hardware such as servers, networking devices and processing power. They also allow varying degrees of financial and functional flexibility not found in internal data centers or with collocation services, because computing resources can be added or released much more quickly and cost-effectively than in an internal data center or with a collocation service [2]. IaaS and other associated services have enabled startups and other businesses focus on their core competencies without worrying much about the provisioning and management of infrastructure. IaaS completely abstracted the hardware beneath it and allowed users to consume infrastructure as a service without bothering anything about the underlying complexities. The cloud has a compelling value proposition in terms of cost, but ‘out of the box’ IaaS only provides basic security (perimeter firewall, load balancing, etc.) and applications moving into the cloud will need higher levels of security provided at the host.
  • 11. Platform as a service (PaaS) Platform-as-a-Service (PaaS) is a set of software and development tools hosted on the provider's servers. It is one layer above IaaS on the stack and abstracts away everything up to OS, middleware, etc. This offers an integrated set of developer environment that a developer can tap to build their applications without having any clue about what is going on underneath the service. It offers developers a service that provides a complete software development life cycle management, from planning to design to building applications to deployment to testing to maintenance. Everything else is abstracted away from the “view” of the developers. Platform as a service cloud layer works like IaaS but it provides an additional level of ‘rented’ functionality. Clients using PaaS services transfer even more costs from capital investment to operational expenses but must acknowledge the additional constraints and possibly some degree of lock-in posed by the additional functionality layers [14]. The use of virtual machines act as a catalyst in the PaaS layer in Cloud computing. Virtual machines must be protected against malicious attacks such as cloud malware. Therefore maintaining the integrity of applications and well enforcing accurate authentication checks during the transfer of data across the entire networking channels is fundamental.
  • 12. Software as a Service Software-as-a-Service is a software distribution model in which applications are hosted by a vendor or service provider and made available to customers over a network, typically the Internet. SaaS is becoming an increasingly prevalent delivery model as underlying technologies that support web services and service-oriented architecture (SOA) mature and new developmental approaches become popular. SaaS is also often associated with a pay-as-you-go subscription licensing model. Meanwhile, broadband service has become increasingly available to support user access from more areas around the world. SaaS is most often implemented to provide business software functionality to enterprise customers at a low cost while allowing those customers to obtain the same benefits of commercially licensed, internally operated software without the associated complexity of installation, management, support, licensing, and high initial cost. The architecture of SaaS-based applications is specifically designed to support many concurrent users (multitenancy) at once. Software as a service applications are accessed using web browsers over the Internet therefore web browser security is vitally important. Information security officers will need to consider various methods of securing SaaS applications. Web Services (WS) security, Extendable Markup Language (XML) encryption, Secure Socket Layer (SSL) and available options which are used in enforcing data protection transmitted over the Internet.
  • 13.
  • 14. Above figure Cloud computing service delivery models Combining the three types of clouds with the delivery models we get a holistic cloud illustration as seen in Figure , surrounded by connectivity devices coupled with information security themes. Virtualized physical resources, virtualized infrastructure, as well as virtualized middleware platforms and business applications are being provided and consumed as services in the Cloud . Cloud vendors and clients’ need to maintain Cloud computing security at all interfaces. The next section of the paper introduces challenges faced in the Cloud computing domain.
  • 15. CLOUD COMPUTING CHALLENGES Cloud Interoperability Issue Service Level Agreement (SLA) Charging Model Costing Model Security
  • 16. Costing Model Cloud consumers must consider the tradeoffs amongst computation, communication, and integration. While migrating to the Cloud can significantly reduce the infrastructure cost, it does raise the cost of data communication, i.e. the cost of transferring an organization's data to and from the public and community Cloud and the cost per unit of computing resource used is likely to be higher. This problem is particularly prominent if the consumer uses the hybrid cloud deployment model where the organization's data is distributed amongst a number of public/private (in-house IT infrastructure)/community clouds. Intuitively, on- demand computing makes sense only for CPU intensive jobs
  • 17. Charging Model The elastic resource pool has made the cost analysis a lot more complicated than regular data centers, which often calculates their cost based on consumptions of static computing. Moreover, an instantiated virtual machine has become the unit of cost analysis rather than the underlying physical server. For SaaS cloud providers, the cost of developing multitenancy within their offering can be very substantial. These include: re-design and re- development of the software that was originally used for single-tenancy, cost of providing new features that allow for intensive customization, performance and security enhancement for concurrent user access, and dealing with complexities induced by the above changes. Consequently, SaaS providers need to weigh up the trade-off between the provision of multi- tenancy and the cost-savings yielded by multi-tenancy such as reduced overhead through amortization, reduced number of on-site software licenses, etc. Therefore, a strategic and viable charging model for SaaS provider is crucial for the profitability and sustainability of SaaS cloud providers
  • 18. Service Level Agreement (SLA) Although cloud consumers do not have control over the underlying computing resources, they do need to ensure the quality, availability, reliability, and performance of these resources when consumers have migrated their core business functions onto their entrusted cloud. In other words, it is vital for consumers to obtain guarantees from providers on service delivery. Typically, these are provided through Service Level Agreements (SLAs) negotiated between the providers and consumers. The very first issue is the definition of SLA specifications in such a way that has an appropriate level of granularity, namely the tradeoffs between expressiveness and complicatedness, so that they can cover most of the consumer expectations and is relatively simple to be weighted, verified, evaluated, and enforced by the resource allocation mechanism on the cloud. In addition, different cloud offerings (IaaS, PaaS, and SaaS) will need to define different SLA meta specifications. This also raises a number of implementation problems for the cloud providers. Furthermore, advanced SLA mechanisms need to constantly incorporate user feedback and customization features into the SLA evaluation framework
  • 19. Cloud Interoperability Issue Currently, each cloud offering has its own way on how cloud clients/applications/users interact with the cloud, leading to the "Hazy Cloud" phenomenon. This severely hinders the development of cloud ecosystems by forcing vendor locking, which prohibits the ability of users to choose from alternative vendors/offering simultaneously in order to optimize resources at different levels within an organization. More importantly, proprietary cloud APIs makes it very difficult to integrate cloud services with an organization's own existing legacy systems (e.g. an on-premise data centre for highly interactive modeling applications in a pharmaceutical company).The primary goal of interoperability is to realize the seamless fluid data across clouds and between cloud and local applications. There are a number of levels that interoperability is essential for cloud computing. First, to optimize the IT asset and computing resources, an organization often needs to keep in-house IT assets and capabilities associated with their core competencies while outsourcing marginal functions and activities (e.g. the human resource system) on to the cloud. Second, more often than not, for the purpose of optimization, an organization may need to outsource a number of marginal functions to cloud services offered by different vendors. Standardization appears to be a good solution to address the interoperability issue. However, as cloud computing just starts to take off, the interoperability problem has not appeared on the pressing agenda of major industry cloud vendors
  • 20. Security It is clear that the security issue has played the most important role in hindering Cloud computing acceptance. Without doubt, putting your data, running your software on someone else's hard disk using someone else's CPU appears daunting to many. Well-known security issues such as data loss, phishing, botnet (running remotely on a collection of machines) pose serious threats to organization's data and software. Moreover, the multi- tenancy model and the pooled computing resources in cloud computing has introduced new security challenges that require novel techniques to tackle with. For example, hackers can use Cloud to organize botnet as Cloud often provides more reliable infrastructure services at a relatively cheaper price for them to start an attack
  • 21. Conclusion Although Cloud computing can be seen as a new phenomenon which is set to revolutionise the way we use the Internet, there is much to be cautious about. There are many new technologies emerging at a rapid rate, each with technological advancements and with the potential of making human’s lives easier. However, one must be very careful to understand the security risks and challenges posed in utilizing these technologies. Cloud computing is no exception. In this PPT key security considerations and challenges which are currently faced in the Cloud computing are highlighted. Cloud computing has the potential to become a frontrunner in promoting a secure, virtual and economically viable IT solution in the future.