The four levels of security can be implanted in a cloud environment is very important. Why??
Cloud computing terminology includes five major characteristics.
They are On-demand self- service, Broad network access, Resource pooling or multi-tenancy, Rapid elasticity, Measured service (pay- as – you- go) and Transitivity.
The main assessment strategies security in the cloud are security, privacy, audit and Service Level Agreement (SLA). The pre and post assessment is based on the service utilizes by the tenants and service provided to the tenants.
Four Levels of Security in the Cloud Environment
Here we discuss four levels of security that can be implanted in a cloud environment. The four levels are,
- Network Level of Security
- Server Level Security
- Login Level Security
- Data Level Security
Network Level of Security
Network Level Security is the primary level of security in the cloud. This protects the entire system from external attacks and threats.
This level lies at the periphery of the entire network.
De-Militarized Zone (DMZ) Firewall uses to protect the resources from the external world. DMZ acts as a Layer shielding the Network from the military activities. In this case, it is unnecessary intrusions and threats to the system.
Hence the “DMZ” layer is also called the “Perimeter firewall”. The way the DMZ Firewall works is that it filters the access of the external systems. This based on the regional level access that has been granted to those systems.
Hence, as a Cloud Provider, DMZ Layer, acts as the primary step in the Security. It protects network that it can offer to the Customers.
Server Level Security
The next level of security is the Server Level Security. It is the recommended server-level security in a network. Hence, the actual assets of the system like the servers, databases, applications secure.
The primary level of assets includes the actual servers (Application Servers) and the Database Servers. Application Servers are those Servers, where the Cloud Application actually resides.
The Application could be the Web Application. We can use the Hyper-V servers, Hyper-V’s are virtual or partitioned Servers.
Why Hyper-V servers for security in the cloud environment?
Cost Savings -Hyper-V’s work out much simpler and cheaper solutions. It compares with traditional servers, bringing increased savings to the cloud provider
Space Advantages – Hyper-V’s save a lot of space and hence cost is much ease of set up. They are virtual and easily configurable.
More Secure and Ease: The Hyper-V’s secures with much more ease as it combines or hosts multiple servers within itself. The Security aspects are much more advanced than the traditional standalone Severs.
Login Level Security
The first two security levels are to do with the actual and physical environments. The third level – the Login Level Security – is to do with the Cloud Application itself.
Here generates the “Timed Random Access key” Generation, during the login. In the “Random Access Key” generation, the system generates a random key. It gives a combination of alphabets, numbers and special characters.
Now, this combination of alpha-numeral along with the special characters makes the “Key” stronger and much complex to break. The “Timed” aspect signifies that the Random Access Key is valid.
It valid only for a specified amount of time (like, say, 2 minutes) as set by the Administrator.
So when an authorized (registered) user tries to login the system, the user will be prompted to enter the “Timed Random Access Key”. This key generates from the cloud network and emailed to the registered email address of the user.
The User then enters the password and then the “Random Access Key” emailed to him. This combination verifies within the time limit set and then the user grants access into the Cloud System.
Data Level Security
The first two security levels being the environment. The third on the application level. The last being on the Data Level.
The Data level deals with Customer information, Health information, and financial information etc., the Data Layer Security becomes the most sensitive and the most important aspect of the whole proposed model.
This Data Level security establishes through the following two steps,
In this functional module, the complete log information of users accessing the system captures as a log and stored in the database. The log information includes user ID accessing the system, timestamp of the login, IP address and geography of the network.
This gives a complete picture and track of users accessing the system from which we can infer the peak usage times, frequency of access of a particular user and duration of stay in the system.
Determining the frequency of access will be particularly useful because the Cloud provider [Administrator] can have a base-line the frequency and timing of the user access (for each user) and the duration of stay.
Thus, If there is a too much deviation from the base-lined version an alert provides to the primary and secondary contacts of the user. This is for to check to see if the last login is actually a valid or an authorized login.
Thus ensuring complete control over unintended or unauthorized access into the cloud system.
Clustered / Load Balanced Database Servers – Security in the Cloud Environment:
By clustering and load balancing the database server, the data mirrors in another server. Thus ensuring back-up during contingency and helps to a great extent during performance and load issues.
Even though the concept of elastic cloud storage is the beneficial proper balancing of load within the infrastructure implements.
Here, we have discussed the secured infrastructure on various layers that form an overall step-by-step authentication and validation in the cloud model.
Here’s a few links of favorite resources on this topic..