Running head: TAKING A DEEPER LOOK AT THE CLOUD: SOLUTION OR 1



Similar documents
See Appendix A for the complete definition which includes the five essential characteristics, three service models, and four deployment models.

IS PRIVATE CLOUD A UNICORN?

The NIST Definition of Cloud Computing

East African Information Conference th August, 2013, Kampala, Uganda. Security and Privacy: Can we trust the cloud?

Cloud Computing. Course: Designing and Implementing Service Oriented Business Processes

Managing Cloud Computing Risk

Cloud Computing; What is it, How long has it been here, and Where is it going?

The Magical Cloud. Lennart Franked. Department for Information and Communicationsystems (ICS), Mid Sweden University, Sundsvall.

ITL BULLETIN FOR JUNE 2012 CLOUD COMPUTING: A REVIEW OF FEATURES, BENEFITS, AND RISKS, AND RECOMMENDATIONS FOR SECURE, EFFICIENT IMPLEMENTATIONS

Technology & Business Overview of Cloud Computing

The NIST Definition of Cloud Computing (Draft)

Cloud Security Introduction and Overview


Kent State University s Cloud Strategy

OWASP Chapter Meeting June Presented by: Brayton Rider, SecureState Chief Architect

Cloud Security Implications for Financial Institutions By Scott Galyk Director of Software Development FIMAC Solutions, LLC

Cloud Computing. What is Cloud Computing?

CLOUD COMPUTING GUIDELINES FOR LAWYERS

Cloud Computing and Security Risk Analysis Qing Liu Technology Architect STREAM Technology Lab

Cloud definitions you've been pretending to understand. Jack Daniel, Reluctant CISSP, MVP Community Development Manager, Astaro

LEGAL ISSUES IN CLOUD COMPUTING

The HIPAA Security Rule: Cloudy Skies Ahead?

Perspectives on Moving to the Cloud Paradigm and the Need for Standards. Peter Mell, Tim Grance NIST, Information Technology Laboratory

Cloud Computing: What needs to Be Validated and Qualified. Ivan Soto

White Paper on CLOUD COMPUTING

Standardizing Cloud Services for Financial Institutions through the provisioning of Service Level Agreements (SLAs)

Capability Paper. Today, aerospace and defense (A&D) companies find

Enhancing Operational Capacities and Capabilities through Cloud Technologies

Security Considerations for Public Mobile Cloud Computing

Flying into the Cloud: Do You Need a Navigator? Services. Colin R. Chasler Vice President Solutions Architecture Dell Services Federal Government

AskAvanade: Answering the Burning Questions around Cloud Computing

Cloud Computing Submitted By : Fahim Ilyas ( ) Submitted To : Martin Johnson Submitted On: 31 st May, 2009

10/25/2012 BY VORAPOJ LOOKMAIPUN CISSP, CISA, CISM, CRISC, CEH Agenda. Security Cases What is Cloud? Road Map Security Concerns

Daren Kinser Auditor, UCSD Jennifer McDonald Auditor, UCSD

Cloud Computing for SCADA

NETWORK ACCESS CONTROL AND CLOUD SECURITY. Tran Song Dat Phuc SeoulTech 2015

Cloud Computing: Background, Risks and Audit Recommendations

Module 1: Facilitated e-learning

CLOUD SECURITY SECURITY ASPECTS IN GEOSPATIAL CLOUD. Guided by Prof. S. K. Ghosh Presented by - Soumadip Biswas

Soft Computing Models for Cloud Service Optimization

Security Issues in Cloud Computing

The Cloud in Regulatory Affairs - Validation, Risk Management and Chances -

Strategies for Secure Cloud Computing

Securing and Auditing Cloud Computing. Jason Alexander Chief Information Security Officer

Perspectives on Cloud Computing and Standards. Peter Mell, Tim Grance NIST, Information Technology Laboratory

What is Cloud Computing? First, a little history. Demystifying Cloud Computing. Mainframe Era ( ) Workstation Era ( ) Xerox Star 1981!

Validation of a Cloud-Based ERP system, in practice. Regulatory Affairs Conference Raleigh. 8Th September 2014

Cloud Computing in the Federal Sector: What is it, what to worry about, and what to negotiate.

Bringing the Cloud into Focus. A Whitepaper by CMIT Solutions and Cadence Management Advisors

6 Cloud computing overview

Clinical Trials in the Cloud: A New Paradigm?

A Study on Analysis and Implementation of a Cloud Computing Framework for Multimedia Convergence Services

Verifying Correctness of Trusted data in Clouds

OVERVIEW Cloud Deployment Services

Security & Trust in the Cloud

The Hybrid Cloud: Bringing Cloud-Based IT Services to State Government

Cloud Computing Security Issues

2011 Morrison & Foerster LLP All Rights Reserved mofo.com. Risk, Governance and Negotiation in the Cloud: Capture Benefits and Reduce Risks

Cloud Computing and Records Management

Cloud Services Overview

Student's Awareness of Cloud Computing: Case Study Faculty of Engineering at Aden University, Yemen

Orchestrating the New Paradigm Cloud Assurance

SURVEY OF ADAPTING CLOUD COMPUTING IN HEALTHCARE

Customer Security Issues in Cloud Computing

Cloud for Credit Unions Leveraging New Solutions to Increase Efficiency & Reduce Costs Presented by: Hugh Smallwood, Chief Technology Officer

Enterprise Governance and Planning

Clouds on the Horizon Cloud Security in Today s DoD Environment. Bill Musson Security Analyst

Secure Cloud Computing through IT Auditing

CHAPTER 8 CLOUD COMPUTING

CHOOSING THE RIGHT CLOUD COMPUTING SOLUTION FOR YOU

Legal Issues in the Cloud: A Case Study. Jason Epstein

Mobile Cloud Computing Security Considerations

BUSINESS MANAGEMENT SUPPORT

Cloud Computing Guide & Handbook. SAI USA Madhav Panwar

agility made possible Steven Romero Robert E Stroud

CLOUD COMPUTING ISSUES FOR SCHOOL DISTRICTS. Presented to the 2013 BRADLEY F. KIDDER LAW CONFERENCE. October 2, 2013

A COALFIRE PERSPECTIVE. Moving to the Cloud. NCHELP Spring Convention Panel May 2012

Cloud Computing. Bringing the Cloud into Focus

Overview of Cloud Computing and Cloud Computing s Use in Government Justin Heyman CGCIO, Information Technology Specialist, Township of Franklin

INTRODUCTION TO CLOUD COMPUTING CEN483 PARALLEL AND DISTRIBUTED SYSTEMS

Cloud Computing: The Next Computing Paradigm

Strategic Compliance & Securing the Cloud. Annalea Sharack-Ilg, CISSP, AMBCI Technical Director of Information Security

Cloud Computing Technology

VMware vcloud Powered Services

Data Privacy, Security, and Risk Management in the Cloud

What Cloud computing means in real life

Getting Familiar with Cloud Terminology. Cloud Dictionary

Securing The Cloud. Foundational Best Practices For Securing Cloud Computing. Scott Clark. Insert presenter logo here on slide master

A Study on Service Oriented Network Virtualization convergence of Cloud Computing

Is it Time to Trust the Cloud? Unpacking the Notorious Nine

IT Risk and Security Cloud Computing Mike Thomas Erie Insurance May 2011

Transcription:

Running head: TAKING A DEEPER LOOK AT THE CLOUD: SOLUTION OR 1 Taking a Deeper Look at the Cloud: Solution or Security Risk? LoyCurtis Smith East Carolina University

TAKING A DEEPER LOOK AT THE CLOUD: SOLUTION OR SECURITY RISK? 2 Abstract As the technology industry begins its shift from mobile computing back to central computing, data goes from being stored on devices to being stored in the cloud. In this day and age whether you are a smartphone user, tablet user, or a company, there is a possibility that you have some sensitive information being managed at a remote site by a cloud service provider. While your information is being managed at this remote site, one may wonder what the security posture of the cloud service provider is and more importantly how secure is your information. The main benefits of utilizing cloud services for a company is saving money due to less power consumption and equipment purchasing as well as having more space to utilize for more employees locally, but at what cost? With entities like the government and Apple, which are perceived to have an immaculate security posture, being hacked into, cloud computing can be seen as creating more of a vulnerability than a solution for an entity. The cloud services solution, as it is being marketed, needs to be scrutinized and evaluated more in the sense of security. Placing a closer eye on the group of companies that are providing cloud services, on the companies that are shifting to or using cloud services, and on the users that are contemplating the shift, would allow the security vulnerabilities that are inherit in the cloud to be met with solutions, which will provide a more secure solution to cloud users. Introduction Due to the on the go lifestyle introduced to the world by mobile computing, the typical employee, student, business, and etc. in today s society needs access to particular resources throughout all parts of the day with whichever device that they may be using at the time whether a laptop, a tablet, a smartphone, or a desktop. At this current time the main solution with the capability to supply this demand of nonstop availability is cloud computing. According to

TAKING A DEEPER LOOK AT THE CLOUD: SOLUTION OR SECURITY RISK? 3 National Institute of Standards and Technology (NIST) Special Publication 800-146: Cloud Computing Synopsis and Recommendations, cloud computing allows computer users to conveniently rent access to fully featured applications, to software development and deployment environments, and to computing infrastructure assets such as network accessible data storage and processing (Badger, Grance, Patt-Corner, & Voas, 2012). Cloud computing services are currently able to be used in multiple scenarios that assist most businesses with their daily requirements as well as those that assist some consumers with the daily requirements of their personal lives. Its uses range from remote storage for a business s information or a person s information to cutting costs and/ or distributing liability with the outsourcing of either a single service or multiple services that either the subscribing company uses internally or provides its customers This multifaceted solution has become the hot topic of the information technology field as well as many other areas in multiple ways. In 2009, cloud computing services brought in 58.6 billion dollars in revenue, which increased to 68.3 billion in 2010 (Bizarro & Garcia, 2012). Typically the terms the cloud and cloud computing are tossed around in several conversations, however, many do not know the true dynamics of the cloud, what the cloud really is, nor what it encompasses. Most individuals if asked to define the cloud would either sum it up as being a remotely hosted service or group of services or they would be unable to define it at all. In the Basics of Cloud Computing, Huth and Cebula define it as a subscription-based service where you can obtain networked storage space and computer resources (Huth & Cebula, 2011). However, one can find a more in-depth definition in NIST Special Publication 800-145: The NIST Definition of Cloud Computing, cloud computing is defined as a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly

TAKING A DEEPER LOOK AT THE CLOUD: SOLUTION OR SECURITY RISK? 4 provisioned and released with minimal management effort or service provider interaction (Mell & Grance, 2011). The following topics will be covered in this paper: an in depth look into the cloud and what all it encompasses (essential characteristics, deployment models, and service models) and the risks associated with subscribing to cloud computing services to include both the legal risks and the security vulnerabilities. What is the Cloud? The cloud is a multifaceted system that includes a myriad of services that are offered to subscribers in many different formats. For a cloud consumer to accurately purchase the correct subscription, to meet all of their personal or business needs or for an entity to accurately be able to provide security for their subscription, an in depth view of cloud computing is necessary. The definition in its different variations only does the following: states what it is, gives a surface view of its composition, and relays the concept of the technology. However, the definition fails to reveal what it encompasses in entirety. In an International Journal of Advanced Research in Computer Science research paper titled, A Panoramic Perspective on Cloud Computing, the authors state that the cloud architecture refers to the following required components and subcomponents : front end platform, back end platforms, a cloud based delivery and a network (Kumar, and et al, 2015.). This multifaceted technology is composed of several different deployment models that can be utilized by a subscriber. NIST Special Publication 500-291: Cloud Computing Road Map, states that the model is composed of five essential characteristics, three service models, and four deployment models (Cloud Computing Road Map, 2013). NIST Special Publication 500-299: Cloud Computing Security Reference Architecture, states that deployment models describe the relationship between the cloud services Provider and the cloud Consumer(s) (Cloud Computing Security Reference Architecture, 2013).

TAKING A DEEPER LOOK AT THE CLOUD: SOLUTION OR SECURITY RISK? 5 Essential Characteristics On-demand self-service Broad network access Resource pooling Rapid elasticity Measured Service Table 1. Essential Characteristics Essential Characteristics Table 1 lists the five essential characteristics of cloud computing: on-demand selfservice, broad network access, resource pooling, rapid elasticity, and measured service. NIST 800-146 defines the essential characteristics as: On-demand self-service is when a consumer has the ability to provision computing capabilities, such as server time or network storage, as needed and/or automatically without requiring any human interaction from the service provider. Broad network access is the availability of cloud capabilities over the network and the ability to access those capabilities through standard mechanisms that promotes use by heterogeneous thin or thick platforms such as mobile phones, tablets, laptops, and workstations. Resource pooling is the pooling of a provider s computing resources, which allows the service of multiple consumers through the use of a multi-tenant model, with different physical and virtual resources dynamically assigned and reassigned according to consumer demand.

TAKING A DEEPER LOOK AT THE CLOUD: SOLUTION OR SECURITY RISK? 6 Rapid elasticity is when capabilities can be rapidly and elastically provisioned, in some cases automatically, to scale rapidly outward and inward based on the customer s demand. Measured service is the automatic control and optimization of resource use of a cloud system by leveraging a metering capability at some level of abstraction appropriate to the type of service (e.g., storage, processing, bandwidth, and active user accounts) (Badge & et al, 2012). Service Models Cloud Software as a Service (SaaS) Cloud Platform as a Service (PaaS) Cloud Infrastructure as a Service (IaaS) Table 2. Service Models Service Models Table 2 reveals the service models that are available for consumer subscription: Cloud Software as a Service (SaaS), Cloud Platform as a Service (PaaS), and Cloud Infrastructure as a Service). According to Kulkarni, Mandhare, Bendale, Belsare, and Patil in their paper Software as service cloud, the serviced models are defined as: Software as a Service: a subscription in which the cloud infrastructure to include networks, servers, operating systems, storage, individual application capabilities and etc. are managed by the cloud service provider. The cloud consumer is able to access the service provider s applications via the Internet. Examples would be Amazon Web Services (AWS), Google search, and Salesforce.com.

TAKING A DEEPER LOOK AT THE CLOUD: SOLUTION OR SECURITY RISK? 7 Platform as a Service: a cloud service in which the cloud subscriber can control the change in the application and the hosting environment such as system software. Customer can deploy onto the cloud infrastructure consumer-created or acquired applications created using programming languages and tools supported by the provider. Infrastructure as a Service: subscription in which the consumer has the capability to provision processing, storage, networks, and other fundamental computing resources where the consumer is able to deploy and run arbitrary software such as operating systems and applications. The physical infrastructure is still owned by the provider (Kulkarni, Mandhare, Bendale, Belsare, and Patil, 2012). Deployment Models Private Cloud Community Cloud Public Cloud Hybrid Cloud Table 3. Deployment Models Table 3 displays the last important piece of cloud computing, the 4 deployment models: Private, Community, Public, and Hybrid. NIST 800-145 defines the deployment models as follows: Private cloud: cloud infrastructure is provisioned for a single organization and its multiple business units. The organization and/or a third party may own manage, and operate it themselves. It may exist onsite or offsite. Community cloud: a cloud infrastructure that is provisioned for a community of organizations with shared interests/concerns to include mission, security requirements, policy, and compliance considerations. Any company in the

TAKING A DEEPER LOOK AT THE CLOUD: SOLUTION OR SECURITY RISK? 8 community and/or a third party may own, manage, and operate it. It may exist onsite or offsite. Public cloud: The cloud infrastructure is provisioned for no one in particular and is open to the public. It may be owned, managed, and operated by a business, academic, government organization, or a combination of the listed. This will exist on the cloud provider s premises. Hybrid cloud: a combination of two or more of the private, public, or community cloud infrastructures. It remains a unique entity however, it is bound together by standardized or proprietary technology that enables data and application portability (Mell & Grance, 2011). Cloud Risks Information technology inherently involves some type of risk especially when it is connected to the Internet. The cloud computing concept sounds very promising and beneficial for regular users and business users, however one must first know what risks are being assumed by subscribing to it. Cloud risks are broken up into two categories: legal risk and security risk/vulnerabilities. Legal Risks When subscribing to cloud computing services an entity must pay close attention to the contract of the cloud service provider, especially in regards to major public cloud service providers. According to Dan Burge in his Computer Weekly article titled Legal Risk of Cloud Computing, major public cloud providers typically will keep performance assurances and warranties to a minimum, offer their products on an as is basis drawn from consumer services

TAKING A DEEPER LOOK AT THE CLOUD: SOLUTION OR SECURITY RISK? 9 where they started, may also retain the right to suspend service at any time in the event of any unanticipated downtime or availability, and even in the occurrence of a breach most cloud service providers require a broad exclusion of liability. Cloud service providers will also seek indemnities for the following: if any claim is made against the provider for any information, data, or electronic material placed into their cloud which causes it to breach a third party s intellectual property rights, the protection of suppliers against losses suffered from a customer breach of the service agreement, failures to secure passwords, as well as the permitting of unauthorized access to the cloud computing service (Burge). There also lies compliance issues. According to Geopfert in The Important Risks of Cloud Computing, a host of compliance issues arise when a company decides to migrate into the cloud. The industry specific regulatory issues are Payment Card Industry (PCI), Health Insurance Portability and Accountability Act (HIPAA), and Financial Industry Regulatory Authority (FINRA). Due to these regulations constantly change a consultation with legal counsel and its internal audit functions are necessary prior to the deployment of a cloud strategy (Geopfert, 2012). Cloud subscribers must pay close attention to the service level agreement (SLA). NIST 800-144 Guidelines to Security and Privacy in Public Cloud Computing defines the service agreement as what defines the terms and conditions for access and the use of services offered by the cloud provider. The SLA also establishes a period of service, conditions of termination, and disposition of data (preservation period) upon termination. It represents the understanding between the cloud service provider and cloud service subscriber about the expected level of service to be delivered as well as the compensation available to the consumer if the provider fails to deliver the service at the level specified (Wayne & Grance, 2011). Security Risks

TAKING A DEEPER LOOK AT THE CLOUD: SOLUTION OR SECURITY RISK? 10 In the cloud computing environment security is essentially a shared task with the cloud customer and the cloud service provider. The cloud provider typically dictates their role in regards to security in the contract, the subscriber can either negotiate, accept, or decline to subscribe. In the document Cloud Security Considerations, the National Security Agency (NSA) discusses the following security risks associated with the cloud: API Security: providers typically have proprietary Application Programming Interfaces (APIs) that they use to build services. The data being accessed is only as secure as the application that is accessing or modifying it. Cloud Portability and Continuity Operations: cloud subscribers will have to ensure that their data and services can be exported to a standard interchange format for continuity. The risk associated with this is the having the periodic snapshots of critical and essential data being securely stored outside the operational cloud. Data Encryption: data encryption tools need to be configured and implemented properly in the cloud architecture. Cryptographic keys will have to be properly managed, protected, and changed periodically. They should be managed separately for each cloud instance. Cloud services also experience risks associated with reliability, denial of service, and with traditional security requirements such as authentication, authorization, availability, confidentiality, identity, integrity, separation of duties, audit, security monitoring, risk assessment, active security defense, incident response, and security policy management (Cloud Security Considerations,2013). NIST 800-144 discusses the following fundamental concerns:

TAKING A DEEPER LOOK AT THE CLOUD: SOLUTION OR SECURITY RISK? 11 System complexity: it takes several components to make up a public cloud service, which creates a large attack surface. As the complexity increases the security decreases, the vulnerabilities increases, and the privacy risk increases. Shared Multi-tenant Environment: client organizations typically share components and resources with other cloud consumers that they have no association with. This separation is only in the logical sense. Software errors could lead to one consumer gaining access to another consumer s data or the owner of the information being blocked from their own information. This also allows an attacker to pose as a consumer, overcome the logical separation, and gain unauthorized access. Internet-facing Services: cloud services over the Internet delivery exposes administrative interfaces used to self-service and manage an account as well as nonadministrative interfaces used to access deployed services. Remote administration as well as moving services from a company s intranet to a cloud exposes it to risk that it was defended against initially. There is also the issue in regards to performance and quality of services delivered over the Internet. Loss of Control: cloud subscription involves external control over organizational assets. This external control amplifies the security and privacy of traditional IT (Jansen & Grance, 2011). According to the article Review of Cloud Computing Security Issues, subscribers are also vulnerable to the following: data breaches, account hijacking, abuse of cloud services, and insufficient due diligence (Kaur & Bhagat, 2014). Conclusion

TAKING A DEEPER LOOK AT THE CLOUD: SOLUTION OR SECURITY RISK? 12 In conclusion, cloud computing offers the benefit of not having to develop and maintain an IT infrastructure for a company, it offers on-demand service, accessibility through multiple platforms via the Internet, and rapid provisioning of a flexible environment. Before subscribing to any cloud computing service an organization must do research to ensure that they know what exactly cloud computing is, what all it encompasses, what to expect from a provider, what to look for in a provider s contract as well as the risks that are associated to cloud computing. An organization has the potential to save some money since the necessities of having an IT infrastructure are outsourced and managed by the provider, but at what cost? Subscribing to a cloud service, especially a public cloud service, offers an organization more risks than just those that would be associated with a non-cloud IT infrastructure managed and maintained by the organization itself. The cloud offers issues inherent in virtualization that an organization would be protected against had it not outsourced. There are risks associated with the legal aspect as well as the securing of a subscribers information that is being accessed over through the cloud. Outsourcing services exposes a company to the following risks/issues: an as is agreement that typically favors the provider, issues inherent to services being offered over the Internet to include privacy and information security concerns, less control of subcontractors that the provider may utilize, provider dictated compatibility, inadequate and unchangeable service agreements, increased single point of failure due to shared resources, lack of responsibility/liability in regards to the provider, insurance policy that covers interruption covered by vendor failure, subscriber s ability to terminate the contract in an effort to minimize interruptions, physical location of data backups, jurisdictional issues in regards to the locations of the data vs the location of the services, data access, data security laws compliance, and subjection to the cloud service provider s business continuity and disaster recovery practices (Zottola, 2012). Essentially in

TAKING A DEEPER LOOK AT THE CLOUD: SOLUTION OR SECURITY RISK? 13 regards to subscribing to cloud services the risk outweighs the benefit of cost in numerous situations. If an organization is determined to move their services to the cloud then they must do their due diligence in regards to research and the choosing of a cloud service provider.

TAKING A DEEPER LOOK AT THE CLOUD: SOLUTION OR SECURITY RISK? 14 References [1] **Badger, L., Grance, T., Patt-Corner, R., & Voas, J. (2012, May 1). Cloud Computing Synopsis and Recommendations (NIST Special Publication 800-146). Retrieved August 18, 2015, from http://www.nist.gov/customcf/get_pdf.cfm?pub_id=909505 [2] Bizarro, P. A., & Garcia, A. (2012). Cloud Computing From an Auditor's Perspective-Risks and Benefits. Internal Auditing, 27(5), 10-14, 16-17. Retrieved from http://search.proquest.com.jproxy.lib.ecu.edu/docview/1151090141?accountid=10639 [3] Burge, D. (2009). The Legal Risks of Cloud Computing. Computer Weekly, 11. Retrieved from http://search.proquest.com.jproxy.lib.ecu.edu/docview/236983820?accountid=10639 [4] **Cloud Computing Road Map (NIST Special Publication 500-291). (2013, July). Retrieved August 18, 2015, from http://www.nist.gov/itl/cloud/upload/nist_sp-500-291_version- 2_2013_June18_FINAL.pdf [5] Cloud Computing Security Reference Architecture (NIST Special Publication 500-299). (2013, May 15). Retrieved August 18, 2015, from http://collaborate.nist.gov/twiki-cloudcomputing/pub/cloudcomputing/cloudsecurity/nist_security_reference_architecture_20 13.05.15_v1.0.pdf [6] Cloud Security Considerations. (2013, October). Retrieved August 18, 2015, from https://www.nsa.gov/ia/_files/factsheets/i43v_slick_sheets/slicksheet_cloudsecurityconsidera tions_web.pdf [7] Geopfert, D. (2012). The Important Risks of Cloud Computing. Directorship, 72. Retrieved from http://search.proquest.com.jproxy.lib.ecu.edu/docview/1348580694?accountid=10639

TAKING A DEEPER LOOK AT THE CLOUD: SOLUTION OR SECURITY RISK? 15 [8] **Huth, A., & Cebula, J. (2011). The Basics of Cloud Computing. Retrieved August 18, 2015, from https://www.uscert.gov/sites/default/files/publications/cloudcomputinghuthcebula.pdf [9] Jansen, W., & Grance, T. (2011, December). Guidelines to Security and Privacy in Public Cloud Computing (NIST Special Publication 800-144). Retrieved August 18, 2015, from http://csrc.nist.gov/publications/nistpubs/800-144/sp800-144.pdf [10] **Kaur, A., & Bhagat, N. (2014). A Review on Cloud Computing Security Issues. International Journal of Advanced Research in Computer Science, 5(7), 183-186. [11] Kulkarni, G.; Mandhare, S.; Bendale, D.; Belsare, S.; Patil, N., "Software as Service Cloud," in Computer Science & Service System (CSSS), 2012 International Conference on, vol., no., pp.442-445, 11-13 Aug. 2012 [12] Kumar, P. r., Deepika, K. k., & Mounika, N. m. (2015). A Panoramic Perspective on Cloud Computing. International Journal of Advanced Research in Computer Science, 6(3), 37-41. [13] Mell, P., & Grance, T. (2011, September 1). The NIST Definition of Cloud Computing (Special Publication 800-145). Retrieved August 18, 2015, from http://csrc.nist.gov/publications/nistpubs/800-145/sp800-145.pdf [14] Zottola, A. J. (2012, Nov). Know the risks before you head to the cloud: A primer on cloud computing for nonprofits. Nonprofit World, 30, 12-13. Retrieved from http://search.proquest.com.jproxy.lib.ecu.edu/docview/1220477731?accountid=10639

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information