Impact of IT in Global Economic- Free-Samples-Myassignmenthelp.com

Question: Discuss about the Impact and opportunities of IT in Global Economic Context. Answer: Introduction The term cloud computing funds initiated to form a base in early 90. The basic idea behind this concept was to clearly distinguish and define the infrastructure as well as the mechanisms that any system composition is made up of with different applications and setup. The concepts of clouds are designed in a manner that easily becomes scalable, be always present as well as reduces the cost of operations (Hashizume et al., 2013). Literature review Security It is important to note here that the manner in which there is a possibility to handle the security with the proper access to the systems. However, because of the basic nature of the assets is distributed and the risk associated with assets security also vary, entirely depend on the assets in usage, management of those assets with control mechanisms utilized along with the places where it is located and in the end who are people that consumes those assets. In addition, in the early time it was also mentioned the existence of multi-tenancy (Ahmed and Hossain, 2014). This further means that it includes the different resource working with the proper segmentation planning and the billing. To calculate the security concerns along with the concept of cloud provider and their offers has to be right; it is important base the research on maturity, completeness, effectiveness of the risk that can be adjusted with varied security controls that this concept implements. The concern of security can also be implemented at one or sometime more than one levels. (Almorsy et al., 2016). In addition, security can also take place at much higher level with right people, processes and duties. It is also important at this point to have clarity of the different level security accountabilities that CPs and what an end user has. Sometimes different CPs is surrounded by different security based accountabilities. Security benefits Following are the detailed discussion of the security benefits that arise because of the use of cloud computing: - The benefit of scale and security: while executing security on a huge system, the overall costs for its execution is actually shared all platforms and as an outcome, the overall investment end up being more impactful along with cost saving. Market differentiators in security: since the concept of integrity, confidentiality and resilience is important and treated as priority for many end users, the overall decision on whether to choose one CP over another is made based on the overall reputation that CP has on security challenges. Therefore, competition among CPs is common and further made them provide with services on high level (Modi et al., 2013). Interface is standardized for managing security services: the concept usually uses a standardized interface in order to properly manage the level of security based services for cloud computing market in order to gain advantages from uniform and well evaluated outcomes that are introduced to them. Smart level of scaling for the resources: the concept of cloud computing is also considered to be well resilient since it has the capacity to properly reallocate the resources in order to filter, shaping of the traffic and encryption and authentication. Gathering the evidence and right auditing techniques: because of the existence of virtualization that is used to accomplish the concept of Cloud computing, it is easy to collect all the information related to audits that people require to proceed with right kind of analysis in forensic without any kind of downtime at the time of gathering the process (Stojmenovic and Wen, 2014). Effective, timely and impactful updates: the concept of cloud computing gain advantages from the concept of virtualization in the present virtual based machines that can be timely patched and it get hardened with all the latest updates. In case of fault on configuration or disaster can be caused by transformation made on VM and one must also rollback to last state of stability. Advantages of resource concentration: by having all the resources focusing to make the service less cheap in order to maintain and permit the access in physical space to make it much easier (Hashem et al., 2015). Security risks Following are the risks in cloud computing: - Loss in governance: as a user, it is important to understand the physicality possessed by any kind of resources and the concept therefore can take proper control on number of other resources as well. When those kinds of resources are not properly covered here, the risk in security arises. Lock-in: this is a fact that there is no standardization on the concept of moving data as well as resources among diverse CPs. This further means that a user should take decision to move from a CP to any other or even in order to migrate to different services in-house and sometimes impossible to do so because of number of incompatibilities that exist between different parties. This further develops a sense of dependency of the users to a specific CP (Kshetri, 2013). Failure in Isolation: one of the biggest disadvantages of the shared resources along with multi-tenancy occurs especially when the resource in isolation methods fails to divide the resources among different users. That can also happen either because of an attack or because of a design of poor mechanism. In the current day, attacks of the types are rarely compared with the traditional one. However, it also ensures that company cannot depend on just on simple facts (Verma and Mahajan, 2014). There are categories of risks that also cover failure in the mechanisms with separate storage, routing, memory and reputation that exist between different tenants. Risks of compliance: there is also an option that while investing on accomplishing certification that can be put under the radar of risk because of the following factors: - The CP never provides any evidence associated with their compliance with important needs. The concept never permits audit that happens by cloud customers. Management interface settlement: the concept helps in providing the users with a management interface in order to gain resources on public infrastructure for cloud. This further makes the interface present over the internet that permit with remote access based applications or browsers based vulnerabilities to permit the access on different resources from so many unauthorized users (Wei et al., 2014). Protection of data: the concept is also possible to save the data in different ways that are not known to the user because of the user can lose control over the governance of data. The issue becomes even more common especially when data can be transferred that exists often between diverse locations. On the other hand, there are abundance of CPs that can provide with relevant data on how it can be handled by them with other form of CPs in addition to different addition summaries of certificates on the data that can be processes and under security operations. Insecure data deletion: there are many types of system that is based on request of the resource deletion will not wiped completely. These are the cases with cloud computing also. In addition, challenges can delete the resources on time and will arise because of multi-tenancy or because of the facts that many copies of such resources are present for multiple redundancy factors. In such cases, risk can add to the protection of data of the user is common (Rittinghouse and Ransome, 2016). Malicious insiders: the possibility that any insider can intentionally causes damage and for the same reason, a policy specified with roles for every user should also be present. The risk discussed above consist of top level of security challenges and risks of cloud computing in addition to categories based risks into diverse policies and organization risks, legal, technical and in the end specific kind of risks (Inukollu et al., 2014). Vulnerabilities There are lists of diverse vulnerability that can be followed and does not cover the complete possibility of cloud computing vulnerabilities and it is done with the help of different details. AAA vulnerabilities: it is important to understand that special care must be taken in case of authentication, accounting systems and authorization that CPs will be utilized. Poorly designed AAA systems can also result in different authorized users to have proper access on different set of resources with unwanted solution for the users as well as CP. User based provision and vulnerabilities: customers have no control on process of provision and identity of the consumers is not rightly verified at registration process. There are also delays in the synchronization process that exist between the current cloud system elements and there are multiple as well as unsynchronized copies for the identity of data (Dinh et al., 2013). It is also important to note here that the credentials are vulnerable by nature to intercept as well as replay. De-provisioning vulnerabilities of user: because of the delay in time, the credentials of the user have earlier logged out and can make it appear to be valid. Management interface and remote access to it: in theoretical sense, this permits all kind of vulnerabilities with end point machines in order to make a settlement the infrastructure of the cloud. For instance, weak authentication of responses and varied requests associated with it (Rong et al., 2013). Hypervisor vulnerabilities: in the current of virtualization, hypervisor is actually a small piece of middleware that is utilized to be able to maintain control of the physical resources can assign for every VM. Exploiting the hyper vision layer comes with solution on exploitation with each single VM on a physical based system. Resource isolation: there are resources used by one consumer can impact resource used by another consumers. For instance, infrastructure of IaaS uses different systems on which present physical resources are shared among VMs and this is why there are different or multiple users (Xiao and Xiao, 2013). Lack in reputation isolation: the shared resources can further come out as an outcome where on user act in a way that the actions influence the reputation for other users. Vulnerabilities through communication based encryption: data should move across the internet or among diverse locations that exist within the premises of CP and it is possible that someone might read the data when the authentication is poor with fewer acceptances of self signed certificates. Lack of encryption of archives and data: in connection with the above discussion, there is a failure in encrypting the data present in the transit and data is also held as per the databases and archives with virtual level machine based images, forensic image as well as the data with sensitive logs and other data at rest for people those at risk (Puthal et al., 2015). Bad key management process: the infrastructure of cloud computing needs the management and storage of many kinds of keys. For instance, it consists of session based keys to save the data in transit with file encryption keys, identifying key pairs for cloud providers and many more. Since, virtual machinery does not have a fixed kind of hardware based infrastructure and cloud related content tends to get distributed in geographic manner. It is also challenging to apply such kind of standard based controls like hardware security model based storage and with varied keys on cloud infrastructure (Ali et al., 2015). Key generation: there is low level of entropy for some random number of generation and this combination of standard system based image with virtualization methods also lack input devices which also means that the present system have less entropy than any physical RNGs. Lack of solutions and standard technologies: this is actually the case of lock-in risk where the user is unable to move across different kind of providers because of lack in standards. No vulnerability assessment process: when CP is not able to save the users from any kind of port scanning and evaluating all possible types of vulnerabilities and there is no kind of audit on the time of its usage for the user with serious infrastructure security issues can arise (Arora et al., 2013). Forensic readiness is low: it is important to note here that the cloud has the power to improve the forensic readiness and many providers do not provide right kind of services and terms of usage also helps in enabling this. Sensitivity in media based sanitization: there is a shared tenancy of present physical storage resources which also means that sensitive data can leak since the data based destruction policies can be applied at the end of a lifecycle and it is sometimes impossible to execute. For instance, media cannot be destroyed physically since there is a disk which still being utilized by another tenant with no process in place (Ryan, 2013). Contractual obligations or synchronized accountabilities are external to cloud: the cloud based customers are usually not aware of the accountabilities which are assigned to them within the terms of services. There is also a tendency towards a misplaces features of responsibility for function like archive based encryption to the varied cloud providers even when it is stated in term of contract between the two parties with no accountability (Tao et al., 2014). Cross cloud application with hidden reliance: there hidden dependencies that exist in several services like supply chain and the cloud provider architect does not always support constant operations from the cloud when the third party is involved along with subcontractor or the customer related company have been distinguished from the service provider. Conclusion The report has discussed in detail about the overview of the concept called cloud computing and there is also a discussion on security measure taken on different cloud computing means. In addition, it is also easier for the reader to be clearer about the advantages as well as risks of moving towards different cloud computing techniques. There are various kinds of vulnerabilities of cloud computing that are listed as those who can be described and permits the users to have a complete view of what are the different consideration that can be kept in mind while moving on to this concept (Pearson, 2013). It is also well known fact that exhaustive level risk along with right security measures cannot be recommended on the implementation of cloud computing. The control level should always rely on the evaluation done before. There is still some scope of open based research areas on improving the security. Reference Hashizume, K., Rosado, D.G., Fernndez-Medina, E. and Fernandez, E.B., 2013. An analysis of security issues for cloud computing.Journal of Internet Services and Applications,4(1), p.5. Ahmed, M. and Hossain, M.A., 2014. Cloud computing and security issues in the cloud.International Journal of Network Security Its Applications,6(1), p.25. Almorsy, M., Grundy, J. and Mller, I., 2016. An analysis of the cloud computing security problem.arXiv preprint arXiv:1609.01107. Modi, C., Patel, D., Borisaniya, B., Patel, A. and Rajarajan, M., 2013. A survey on security issues and solutions at different layers of Cloud computing.The Journal of Supercomputing,63(2), pp.561-592. Stojmenovic, I. and Wen, S., 2014, September. The fog computing paradigm: Scenarios and security issues. InComputer Science and Information Systems (FedCSIS), 2014 Federated Conference on(pp. 1-8). IEEE. Hashem, I.A.T., Yaqoob, I., Anuar, N.B., Mokhtar, S., Gani, A. and Khan, S.U., 2015. The rise of big data on cloud computing: Review and open research issues.Information Systems,47, pp.98-115. Kshetri, N., 2013. Privacy and security issues in cloud computing: The role of institutions and institutional evolution.Telecommunications Policy,37(4), pp.372-386. Verma, D. and Mahajan, E.K., 2014. To Enhance Data Security in Cloud Computing using Combination of Encryption Algorithms.International Journal of Advances in Science and Technology (IJAST),2(4). Wei, L., Zhu, H., Cao, Z., Dong, X., Jia, W., Chen, Y. and Vasilakos, A.V., 2014. Security and privacy for storage and computation in cloud computing.Information Sciences,258, pp.371-386. Rittinghouse, J.W. and Ransome, J.F., 2016.Cloud computing: implementation, management, and security. CRC press. Inukollu, V.N., Arsi, S. and Ravuri, S.R., 2014. Security issues associated with big data in cloud computing.International Journal of Network Security Its Applications,6(3), p.45. Dinh, H.T., Lee, C., Niyato, D. and Wang, P., 2013. A survey of mobile cloud computing: architecture, applications, and approaches.Wireless communications and mobile computing,13(18), pp.1587-1611. Rong, C., Nguyen, S.T. and Jaatun, M.G., 2013. Beyond lightning: A survey on security challenges in cloud computing.Computers Electrical Engineering,39(1), pp.47-54. Xiao, Z. and Xiao, Y., 2013. Security and privacy in cloud computing.IEEE Communications Surveys Tutorials,15(2), pp.843-859. Puthal, D., Sahoo, B.P.S., Mishra, S. and Swain, S., 2015, January. Cloud computing features, issues, and challenges: a big picture. InComputational Intelligence and Networks (CINE), 2015 International Conference on(pp. 116-123). IEEE. Ali, M., Khan, S.U. and Vasilakos, A.V., 2015. Security in cloud computing: Opportunities and challenges.Information Sciences,305, pp.357-383. Arora, R., Parashar, A. and Transforming, C.C.I., 2013. Secure user data in cloud computing using encryption algorithms.International journal of engineering research and applications,3(4), pp.1922-1926. Ryan, M.D., 2013. Cloud computing security: The scientific challenge, and a survey of solutions.Journal of Systems and Software,86(9), pp.2263-2268. Tao, F., Cheng, Y., Da Xu, L., Zhang, L. and Li, B.H., 2014. CCIoT-CMfg: cloud computing and internet of things-based cloud manufacturing service system.IEEE Transactions on Industrial Informatics,10(2), pp.1435-1442. Pearson, S., 2013. Privacy, security and trust in cloud computing. InPrivacy and Security for Cloud Computing(pp. 3-42). Springer London