Cloud Computing and Privacy
1.1 Research Area
The main aim of this research is to identify privacy and security issues which are brought about by cloud computing. This is due to the fact that many organizations are using cloud computing due to its convenience. Cloud computing is a technology process which utilizes internet and central remote server to maintain data and applications. Many organizations find cloud computing convenient to use because is more efficient since it allows centralizing storage, memory, processing and bandwidth. Cloud computing brings problems of data protection/security and piracy. The cloud is a single center/point of access of all the information which for customers’ computing needs (WordPress 2011). Since information must be protected, security and privacy of information in the cloud has always been a key concern. The trustworthiness of cloud providers have been a worry to many. However, many organizations have been able to provide their own private cloud to ensure security of their information. In the discussion of the dissertation, security issues which are brought about by cloud computing will be discussed. It will also highlight ways by which cloud computing can ensure privacy and security provided especially from customers.
1.2 Research Problem
Cloud computing has made it easy for organizations to provide information to its computers from centralized point (Furth & Escalante 2010). However, the main problem is the privacy and security of information provided through cloud computing. The aim of every organization is to ensure that all the information pertaining the organization and its customers is private and used for right purposes only. Misuse of information for criminal purposes has been n the rise, this is why security and privacy are very crucial. The problem is the probability of having unauthorized individuals access information from the cloud.
1.3 Research Question
The main research question to be addressed in the dissertation is what are the privacy and security threats posed by cloud computing mostly when it comes to accessing the information. The main aim of the research is to identify information privacy and security problems brought about by cloud computing. The research will also go to an extend of identifying ways by which organizations can come up their own private cloud computing to ensure security and privacy of their information. It will also identify ways by which public clouds like Amazon and Google can formulate to ensure that information contained in their clouds is secure.
1.4 Research Hypothesis
The main hypothesis of the research is that cloud computing makes information insecure and easily accessible even by unauthorized individuals. This has contributed to the increased rates of information related crimes. This is based on the assumption that especially public clouds like Google and Amazon do not have any security measures to ensure that information is protected. It is assumed that all information in public clouds does not have limitations to access. There is another hypothesis that information in both public and private clouds can be secured and made private. This is based on the assumption that, there are measures which can be taken to improve security and privacy of information in clouds.
1.4.1 Operational Definition
There will be definitions of what cloud computing is all about and security and privacy issues associated with it. There will also be definition on the measures which can be taken to improve security of information provided in clouds. Definitions will also be provided on how these measures will be applied.
The methodology to be used will be depended on the hypothesis of the research. In order to know whether or not there are security risks in the information provided in clouds, direct observation will be used to find out whether there is information in the clouds which can aid in committing a crime or damaging the image of an organization or an individual. Additionally, questionnaires will be administered to individuals and organizations in order to find out whether there is any particular time they felt their information provided in the clouds was insecure or if the was any time their information provided in cloud was used for criminal or ill purposes. Experiments will also be carried out on the potential measures for improving security on the information in clouds to find out the ones which can work in improving security and privacy. Secondary methods will also be utilized to find out about the security issues of cloud.
1.6 Project Plan
The project will be divided in to different steps which will lead to the completion of the whole process;
1. WP1: Literature Review
At this stage existing information will be collected regarding to security problems which occur due to clouds. It will also address cases while security issues of information have arisen due to cloud computing. Expected duration is 21 days, staring from June 23, 2011 to July 4th, 2011. Deliverable: after this a compiled write up on cases of security issues due to cloud computing will given to the lecturer and discussions with the lecturer on the already done work will be conducted.
2. WP2: Hypothesis Definition and Experiments
(a) In hypothesis definition, there will be highlighting of security and privacy problems which have arisen due to cloud computing. Highlighting of appropriate measures which reduce these problems.
(b) In experiment, data will be collected and experiments carried out to validate the hypothesis. This experiment will be conducted using a simulated dataset that comprises situations and events devised to compromise the security of the information provided by cloud computing. Expected duration: 42 days. Starting from July 15th, 2011 to August 4th, 2011. Deliverable: a document defining hypothesis to be validated in the research and a worksheet to show the stages followed in the experiments and in collecting data. It will also consist of results from the experiments and how validation of hypothesis was done. There will also be a discussion with the lecturer on what I will have done so far.
3. WP3: Results analysis
The results obtained from experiments and data collection will be analyzed in relation to the previous information to find out if security is a cloud problem or not. Data analyzing software like SPSS will be utilized. Expected duration: 15 days. Starting from August 26th, 2011 to September 8th, 2011. Deliverable: a comprehensive discussion on the results of the research. The results will be based on the security issues brought about by cloud computing and possible measures to address them. Recommendations and conclusions will also be given.
Timeline of the different stages in the project
1.7 Risks and Contingencies
There is no probability of encountering any risk since this information is readily available and people want to give it out anticipating for a solution. The risk which might occur is when collecting information related to information related criminal aspects.
Evaluation is going to be based on the results obtained. We will be able to know whether or not cloud information has security and privacy issues. There will also be an evaluation of measures which private clouds are using and other measures which can be applied even for public cloud.
The greatest impact for this research is that information provided by cloud computing will be private and secure. Information related crimes will reduce due to security and protection of the information. Both private and public clouds will be able to find new measures to adopt in order make their information secure and private.
Furth, B & Escalante, 2010, Handbook of Cloud Computing, Springer, New York
Jaatun, M, 2009, Cloud Computing: First International Conference, CloudCom, 2009, Beijing, China, December 2009 Proceedings, Springer, New York
Krutz, R & Vines, R, 2010, Cloud Security: A Comprehensive Guide to Secure Cloud Competing, John Wiley & Sons,
Mather, T et al, 2009, Cloud Security and Privacy: An Enterprise Perspective on Risks and Compliance, O’Reilly Media, Sebastopol
Sobh, T, 2010, Innovations in Computing Science and Software Engineering, Springer, New York
Sullivan, D, 2010, The Shortcut Guide to Prioritizing Security Spending, Realtimepublishers.com, San Francisco
Wordpress, 2011, My Private Cloud, viewed on June 20, 2011 from http://cloudresearch.jiscinvolve.org/wp/2011/03/