One of the most captious cloud computing challenges pertaining mostly to cloud consumers who use IT resources situated in public clouds are prepared and channelized. Few of the most challenges faced can be broadly classified under four categories which shall firstly be Increased Security Vulnerabilities second being Reduced Operational Governance Control the third being Limited Portability Between Cloud Providers and the last categorie being Multi-Regional Regulatory and Legal Issues.
Now coming to the first challenge being “Increased Security Vulnerabilities”.The transfer of business data to the cloud means that the obligation over data security becomes shared with the cloud provider. The mere usage of IT resources needs an expansion of trust boundaries by which the cloud consumers has to include their data in the external cloud. It is difﬁcult to establish a security infrastucture which can ensuure hundred percent security that spans such a trust boundary without letting the vulnarabilities entering into the cloud, unless cloud consumers and cloud providers happen to support the similar or adaptable security frameworks which is not the same with public clouds.
Coming to the other consequence of overlying trust boundaries relating to the cloud provider’s privileg to have an access to cloud consumer data. The limit to which the data is secure is now limited to the security managemnt and guidelines applied by both the cloud consumer and cloud provider. Besides, there can be overlapping trust boundaries from a number of other cloud consumers due to the fact that cloud-based IT resources are generally shared.
The overlying of trust boundaries and the elevated revealation of data can provide malevolent cloud consumers which might include human and automated robot softwares, with an increased opportunity to attack IT resources and peculate or impare business data. Siting an illustration where in a scenario we take two organizations examining the same cloud service are required to prolong their respective trust horizon to the cloud, giving rise to overlying trust perimeter. Which can be demanding for the cloud provider to offer survellience that can welcome the security requirements of both cloud service consumers.
The second challenge generally faced in cloud computing is ‘Reduced Operational Governance Control’.Cloud consumers are usually entrusted with a level of governance control that is much less than that of over on requirement IT resources. This reduced the level of governance control can lead to entering of danger linked with how the cloud provider functions its cloud, as well as the foreign connections that are required in order to ensure communication between the cloud and the cloud consumer.
The third problem would be the ‘Limited Portability Between Cloud Providers’. The lack of established industrial standards within the cloud computing industry, public clouds are generally exposed to various extents giving rise to its legitimacy.In case of cloud consumers that have custom-built clarification with responsibleness on these proprietary situations, it can be provoking to move from one cloud provider to another.
Coming to the last challenge in cloud computing filed would be ‘Multi-Regional Regulatory and Legal Issues’.External party who is the third party to the cloud providers would every now and then establish data centers in economical or favourable geographical locations. Cloud consumers would generally not be aware of the physical position of their IT resources and data when recieved by public clouds. Some of the organizations, can pose serious legal concern relating to the industry or government regulations that fix certain data privacy and storage regulations.Giving an example of the same, some UK laws state that personal data belonging to UK citizens are to be kept within the countries territories.
One more important problem reagrding the legal issue pertains to the convinience and disclosure of data. Countries have laws that require some types of data to be revealed to certain government agencies or to the susceptible of the data. For example, a European cloud consumer’s data which is situated in the U.S. can be more lucidly accessed by government agencies when related to data located in many European Union countries.
Most governing frameworks diagnose that cloud consumer organizations are suo moto responsible for the security, honesty, and chache of their own data, even when it is held by an foreign cloud provider.