Question

Identify and explain the security laws which are implemented to secure data in a cloud. a. What is the use of API’s in cloud services?

Answer 1

`Hey,

Note: Brother in case of any queries, just comment in box I would be very happy to assist all your queries

With the numbers of cloud users escalating every year and people placing their complete trust in cloud storage, it has indeed become important to know ways to secure your data and applications in the cloud. Whether it is financial documents or ID scans or family albums you will store them in the cloud. There are really no universal laws regarding data security in the cloud; laws in the realm of information privacy mainly consist of proposals and declarations but these are not binding legally. You can make use of the following tips to secure data in the cloud:

• It may be a good idea to avoid storing very sensitive data in the cloud. You can choose to keep critical information far away from this virtual world.

• When you are not clear about how the storage works, you should carefully review the user agreements. You must be aware of the risks of choosing to store applications in the cloud and this is why you need to understand the vendor’s Service Level Agreement.

• It is important to attach a lot of value to passwords. Incidentally, all passwords may be cracked within 90 seconds; this shows how frequently accounts can be hacked. It is also a great blunder to use the same password for all your services like cloud storage accounts, Facebook accounts etc. This is because all the login and password related data will come to your inbox.

• Before you store data in the cloud, it may be wise to construct a threat model for every application. You can identify the potential threats, regardless of whether these actually take place. You can then define the usage scenarios where such threats are likely to occur.

• Encrypting the data and applications is the best and most effective way to protect it. Generally speaking, you create a file and use software for creating a password for this file after which you move the file to the cloud. No other person can view this file unless he knows the password. It is advisable to use an encrypted cloud service provider. You will come across many vendors which will offer local decryption-encryption of files besides data storage and data backups. This means that even the service providers themselves will not have access to your file.

• Since chances of errors are very high when you are forced to remember multiple passwords for different applications, you can have an Identity Federation with User Directory of the organization. This will leverage existing authentication and make sure that only users having authority to connect to this organization can connect to the provider.

What is the use of API’s in cloud services?

Continued adoption of cloud computing and growth of cloud services has encouraged system administrators to look for additional ways to integrate with cloud models. Cloud computing is witnessing some direct use scenarios, that require higher levels of customization.

The environment of Cloud Application Programming Interface (API) owes its existence to the ability of enhancing cloud experience and a greater level of compatibility across different clouds.

A cloud API is a type of Application Programming Interface that facilitates development of services as well as applications for provisioning cloud platforms, hardware, and software. It acts as a service gateway to enable indirect and direct cloud software and infrastructure services to cloud users.

Cross platform and cloud provider APIs help cloud users gain ability to access cloud resources not only from their principal cloud provider but from others as well. Since organizations are able to access workloads and cloud resources from other cloud platforms and providers, these APIs enable saving of development efforts and time.

Infrastructure APIs in IaaS facilitate control distribution of specific cloud services such as instant provisioning and de-commissioning of cloud resources. Infrastructure APIs are also used in workload management and network configurations.

Software as a Service APIs are application level APIs and designed to enable connectivity and interaction with a suite of applications. Their objective is to establish connection between the application layer with cloud and its underlying IT infrastructure. Application APIs are extensively used in ERP or CRM applications for creating cloud application extension for specific environment.

In order to provision back-end architecture, Platform as a Service APIs are used. These help build feature rich and intensive applications. These are also used for provisioning access and functionality for cloud environment. The multiple use cases can be listed as integration with messaging systems, portals, databases and storage components.

Kindly revert for any queries

Thanks.