Analysis of Risks and Security Requirements in Public Cloud
Keywords:Risk assessment, mitigation mechanism, service level agreement, security requirements, public cloud.
To enjoy the full benefits of cloud computing, it is necessary to have built-in security, privacy, compliance and legal requirements for the cloud implementation and use. Each industry has its own risk levels that it could work within. A company, which is planning to use public cloud services, should be conscious of the regulations and industry risks and need to monitor it and abide by the same. This is due to multi-tenant and open to all nature of public cloud. A thorough risk analysis must be done initially with a public cloud provider. The main objective is to identify the existing vulnerabilities and to implement the measures to counter those threats. There are a variety of risks such as vendor lock-in, non-compliance, poor provisioning, unauthorized access, loss of control, Service Level Agreement (SLA) violations, Internet attacks, etc. To alleviate the risks, there are several measures that could be deployed. This paper deals with mitigation mechanism, security requirements and various risks associated with public cloud.
 Khan AU, Oriol M, Kiran M, Jiang M & Djemame K, â€œSecurity risks and their management in cloud computingâ€, IEEE 4th International Conference on Cloud Computing Technology and Science (CloudCom), (2012), pp.121-128.
 Luna J, Suri N, Iorga M & Karmel A, â€œLeveraging the potential of cloud security service-level agreements through standardsâ€, IEEE Cloud Computing, Vol.2, No.3,(2015), pp.32-40.
 Priyanka Reddy, G. S., & Surendar, S. M. A. (2017, January 1). A review article on performance comparison of CNTFET based full adders. Journal of Advanced Research in Dynamical and Control Systems.
 Djemame K, Armstrong D, Guitart J & Macias M, â€œA Risk Assessment Framework for Cloud Computingâ€, IEEE Transactions on Cloud Computing, Vol.4, No.3, (2016).
 Benfateh A, Gharnati F & Agouti T, â€œISA-based model for risk assessment in cloud computing environmentâ€, 5th International Conference on Multimedia Computing and Systems, (2016), pp. 377-383.
 Durga MG, â€œStudy on data security mechanism in cloud computingâ€, 2nd International Conference on Current Trends in Engineering and Technology (ICCTET), (2014), pp.13-17.
 Alani MM, â€œSecuring the Cloud: Threats, Attacks and Mitigation Techniquesâ€, Journal of Advanced Computer Science and Technology, (2016).
 Castiglione A, Choo KKR, Nappi M & Narducci F, â€œBiometrics in the cloud: Challenges and research opportunitiesâ€, IEEE Cloud Computing, Vol.4, No.4,(2017), pp.12-17.
 Patil TA, Pandey S & Bhole AT, â€œA review on contemporary security issues of cloud computingâ€, 1st International Conference on Intelligent Systems and Information Management (ICISIM), (2017), pp.179-184.
 Gartner Security and Risk Management, 2018, (Internet Source).
 Bouchaala M, Ghazel C, Saidane LA & Kamoun F, â€œEnd to End Cloud Computing Architecture Based on A Novel Classification of Security Issuesâ€, IEEE/ACS 14th International Conference on Computer Systems and Applications, (2017), pp.303-310.
 Sharma PK, Kaushik PS, Agarwal P, Jain P, Agarwal S & Dixit K, â€œIssues and challenges of data security in a cloud computing environmentâ€, IEEE 8th Annual Ubiquitous Computing, Electronics and Mobile Communication Conference (UEMCON), (2017), pp.560-566.
 A Mukanbetkaliyev, S Amandykova, Y Zhambayev, Z Duskaziyeva, A Alimbetova (2018). The aspects of legal regulation on staffing of procuratorial authorities of the Russian Federation and the Republic of Kazakhstan OpciÃ³n, AÃ±o 33. 187-216.
 G Cely Galindo (2017) Del Prometeo griego al de la era-biÃ³s de la tecnociencia. Reflexiones bioÃ©ticas OpciÃ³n, AÃ±o 33, No. 82 (2017):114-133