Identify and explain the security laws which are implemented to secure data in a cloud. a. What is the use of API’s in cloud services?
`Hey,
Note: Brother in case of any queries, just comment in box I would be very happy to assist all your queries
With the numbers of cloud users escalating every year and people placing their complete trust in cloud storage, it has indeed become important to know ways to secure your data and applications in the cloud. Whether it is financial documents or ID scans or family albums you will store them in the cloud. There are really no universal laws regarding data security in the cloud; laws in the realm of information privacy mainly consist of proposals and declarations but these are not binding legally. You can make use of the following tips to secure data in the cloud:
• It may be a good idea to avoid storing very sensitive data in the cloud. You can choose to keep critical information far away from this virtual world.
• When you are not clear about how the storage works, you should carefully review the user agreements. You must be aware of the risks of choosing to store applications in the cloud and this is why you need to understand the vendor’s Service Level Agreement.
• It is important to attach a lot of value to passwords. Incidentally, all passwords may be cracked within 90 seconds; this shows how frequently accounts can be hacked. It is also a great blunder to use the same password for all your services like cloud storage accounts, Facebook accounts etc. This is because all the login and password related data will come to your inbox.
• Before you store data in the cloud, it may be wise to construct a threat model for every application. You can identify the potential threats, regardless of whether these actually take place. You can then define the usage scenarios where such threats are likely to occur.
• Encrypting the data and applications is the best and most effective way to protect it. Generally speaking, you create a file and use software for creating a password for this file after which you move the file to the cloud. No other person can view this file unless he knows the password. It is advisable to use an encrypted cloud service provider. You will come across many vendors which will offer local decryption-encryption of files besides data storage and data backups. This means that even the service providers themselves will not have access to your file.
• Since chances of errors are very high when you are forced to remember multiple passwords for different applications, you can have an Identity Federation with User Directory of the organization. This will leverage existing authentication and make sure that only users having authority to connect to this organization can connect to the provider.
What is the use of API’s in cloud services?
Continued adoption of cloud computing and growth of cloud services has encouraged system administrators to look for additional ways to integrate with cloud models. Cloud computing is witnessing some direct use scenarios, that require higher levels of customization.
The environment of Cloud Application Programming Interface (API) owes its existence to the ability of enhancing cloud experience and a greater level of compatibility across different clouds.
A cloud API is a type of Application Programming Interface that facilitates development of services as well as applications for provisioning cloud platforms, hardware, and software. It acts as a service gateway to enable indirect and direct cloud software and infrastructure services to cloud users.
Cross platform and cloud provider APIs help cloud users gain ability to access cloud resources not only from their principal cloud provider but from others as well. Since organizations are able to access workloads and cloud resources from other cloud platforms and providers, these APIs enable saving of development efforts and time.
Infrastructure APIs in IaaS facilitate control distribution of specific cloud services such as instant provisioning and de-commissioning of cloud resources. Infrastructure APIs are also used in workload management and network configurations.
Software as a Service APIs are application level APIs and designed to enable connectivity and interaction with a suite of applications. Their objective is to establish connection between the application layer with cloud and its underlying IT infrastructure. Application APIs are extensively used in ERP or CRM applications for creating cloud application extension for specific environment.
In order to provision back-end architecture, Platform as a Service APIs are used. These help build feature rich and intensive applications. These are also used for provisioning access and functionality for cloud environment. The multiple use cases can be listed as integration with messaging systems, portals, databases and storage components.
Kindly revert for any queries
Thanks.
Identify and explain the security laws which are implemented to secure data in a cloud. a....
Who is responsible for the security of an organization's data on the cloud? Is the cloud REALLY secure?
State laws regarding data privacy and breach notification laws. Please discuss and explain state laws that protect electronic data. Are the laws broad and lack security specifics? What is the problem due to no one comprehensive federal data privacy or security law.
This week we look at authorization and authentication as a means of keeping data secure. Security is, of course, essential when accessing or moving data from client side to server-side and back again. Explore the differences between authorization and authentication and the instances in which they would be appropriate to use. When discussing with peers, look for areas in which you hold a different perspective and explain why.
(20) Question #2 What is Security Engineering? Discuss at least 5 data breaches incidents in cloud computing. Briefly explain the best Security Engineering strategies for cloud computing that have been highlighted by IBM, Microsoft and other organizations.
6 Kshetri, N. (2013). Privacy and security issues in cloud computing: The role of institutions and institutional evolution. Telecommunications Policy, 37(4-5), 372. doi:http://dx.doi.org.cyrano.ucmo.edu:2048/10.1016/j.telpol.2012.04.011. 7 R. Latif, H. Abbas, S. Assar, Q. Ali, "Cloud computing risk assessment: a systematic literature review," Future Information Technology, pp. 285-295, Springer, Berlin, Germany, 2014 10 Privacy-preserving multi-keyword ranked search over encrypted cloud data Ning Cao; Cong Wang; Ming Li; Kui Ren; Wenjing Lou.IEEE Transactions on Parallel and Distributed Systems Vol. 25, Iss. 1, (Jan 2014):...
Analyze the advantages and disadvantages of using cloud storage. Include in your security concerns, costs, and a comparison between two different cloud storage offerings. Which company offers the better arrangement? Why? Explore one other area of cloud computing, such as SaaS (software as a service), and determine how the service might benefit the shop. Find three providers of the cloud service and compare prices, user reviews, and features. List the risks and benefits of using the cloud for storage and...
Topic: Cloud-Based Organizations Overview: Your company is interested in learning more about cloud computing and the varying services offered. Your organization wants to start small by transitioning from Exchange to a cloud-based corporate email and calendar application with a service provider that can eventually support all other internal productivity programs. The head of the IT department has handed you a list of cloud-based organizations because he doesn’t have time to put together a report for the CEO that explains what...
Please help Network Security Fundamentals You are reviewing logs and notice that a large amount of outbound traffic from 1:00am - 4:00am. Your company works a traditional 8:00am - 5:00pm and uses an in house backup solution. What could this be a sign of? Cloud backup Bad login information Aliens Data Exfiltration Which of the following can help protect against an insider threat? Select all that apply DLP Seperation of duties Aliens Job/Position rotation Social media can introduce considerable risk...
Which criminal laws are most relevant for security professionals?
You and your colleague develop a proposal for migrating your department's resources to a public cloud and then present it to the department's IT services director. he is immediately concerned about security. Some of the data derived from experiments, including gene sequencing information, is stored on your server's hard disks and is strictly confidential. a data leak would lead to great embarrassment, and possibly lawsuits. Not only that, but the IT services director believes that if data were stolen from...