Cloud computing is the dawn of the budding computer technology that obtains its benefits from the processing power and the computing resources of many akin, topographically distanced computers connected via Internet.
Cloud computing administers three fundamental service models which will be infrastructure as a service (IaaS), platform as a service (PaaS), and software as a service (SaaS). From these services the major problems with cloud computing gets initiated. The problems are classified on the basis of the service models because if we know the root we get the solution to uproot the problem from its root level.
The first problem is called as Guest-hopping attack. It is defined as any partition failure between shared infrastructures an attacker will try get the key rout to one virtual machine by cutting another virtual machine hosted in the same hardware. One possible solution is using High Assurance Platform (HAP) which provides a high
Degree of separation between virtual machines.
The next problem with cloud computing can be headed as ‘SQL injection’. Most of the times it is used in order to attack major websites to inject such viral commands in the database which corrupts the database.
Side channel attack is one of the next issues that create a threat to the cloud computing server. When the attacker places a malevolent virtual machine on the same physical machine as the affected machine then the attacker can get all the confidential information on the affected machine.
The fourth problem with cloud computing isMaliciousInsider. Which means that data centers of the service providers when their employee are granted exposure to delicate data of some or all customers administrators then the privileges in the system can expose these information to security threats. Strict privileges’ planning, security auditing are some of the possible solutions that can reduce this major problem.
Data storage security which in the world of cloud computing means that user’s data which is stored in the Cloud Service Provider (CSP) set of servers are running in a concurrent and segregated manner. Ensuring data integrity and confidently is might be a possible solution to curb this problem.
Coming to the next problem which would be Address Resolution Protocol (ARP) Cache Poisoning. Address Resolution Protocol (ARP) is used in the TCP/IP stack to fix the purpose of an IP address at the sender side into MAC address which at the addresses at the receiver side. In order to mitigate this attack the possible solution might be to use static ARP entries.
The next problem would be ‘Network Level Security attacks’.
Cloud computing depends mainly on the formation of networks framework such as LAN, MAN and WAN; that is the reason why cloud computing is bared to the same security attacks which may be commenced from users outside the cloud or
International Journal of Computer Networks & Communications.
Coming to the other section of problems which can be headed as ‘Domain Name System (DNS) attacks’. In the Internet, hosts are known by names that are easy to remember by humans, while
Computers deal with numbers. Each connected system to the Internet has a globally exclusive Internet Protocol (IP). The Domain Name System (DNS) changes host names into corresponding
Internet Protocol (IP) addresses which is done by using a distributed database scheme.
Domain hijacking is one of the major problems faced by cloud computing which may be defined as wavering the name of a domain without the knowledge or acknowledgement from the domain’s owner or creator. Domain hijacking facilitates infiltrators to get a direct exposure to corporate information and perform illegal activity such as phishing in which a website is replaced by a similar website that records private information. The best possible way to get a possible solution to this problem would be to assign a
Corporation for Assigned Names and Numbers (ICANN) which puts a stop of 60 days waiting period between a modification in registration information and a transfer to another registrar. In the whole operation the domain creator will be most likely to get discovered any change in that period. Another possible solution is using Extensible Provisioning Protocol (EPP) that is used by many domain registries. EPP uses an legitimate code issued especially to the Domain registrant as a security measure.
Thus, these are some of the possible problems and their solutions that are faced in the cloud computing sector.