Oviedo Garcia, Luis Carlos
Encouraging the adoption of PaaS cloudbased applications: Security and privacy concerns on google app engine data storage.
[Dissertation (University of Nottingham only)]
Cloud computing can be considered as “Computing as Utility”, offering on-demand and “pay as you go” services that provides business benefits due to scalability and elasticity features. Nowadays, the cloud computing model is the focus of great attention since these benefits allow reduction in the user’s capital costs. Moreover, users only need to invest limited up-front costs (Armbrust et al., 2010) since it is better for users to outsource the additional resources required from the Cloud Service Provider (CSP) rather than develop their own IT infrastructure (Kim et al., 2009). As a result, cloud computing allows users to reduce their service costs and focus on their core business (Khorshed et al., 2012). Despite the aforementioned benefits, the Industry and IT user community have concerns about the security and privacy risks inherent in storing their valuable information on the CSP premises (Zardari and Bahsoon, 2011, CSA, 2011). Internal attacks in the public cloud are security threats affecting the customer data in terms of data confidentiality (Winkler, 2011). Malicious insiders such as the CSP itself or system administrators can abuse of their full privileged access to misuse customer data (Cong Wang et al., 2010). Therefore, it is important to consider protection mechanisms of valuable customer data whilst stored on the CSP premises (Yau and An, 2010). There are not available solution to protect customer data at rest on CSP premises similar than to protect data in transit (Rjaibi et al., June 2013). Actually, no documentation by Google has been found that suggests how to deploy a solution in GAE using Python to overcome the aforementioned problem. It has been found, as expected, that client-side encryption help to protect data confidentiality in the cloud because CSPs are not directly able to see customer data stored on their premises. In addition, it helps to prevent unauthorised disclosure of data when data sanitisation is not granted. On the other hand, the results also shown the critical importance of key management as well as the overhead created in terms of data stored on cloud premises and the computing resources consumed on the end-point device.
Actions (Archive Staff Only)