Transactions Parallel Distributed Systems †Myassignmenthelp.Com

Question: Discuss About The Transactions Parallel Distributed Systems? Answer: Introduction Webbs Stores that operates in Australia and New Zealand has decided to integrate cloud computing in their daily operations. In order to do so, they are planning to close their Auckland data center and the existing data center would be moved to cloud (Li et al., 2015). The report discusses the risks and security issues associated with a hybrid cloud approach. The different risks and associated with backing up of data to cloud and the effects on cloud backup on their DR plan are elaborated in the following paragraphs. Migration of MS SQL Server 2012 R2 database to IaaS Webbs Stores is planning to migrate their MS SQL Server 2012 R2 database to an IaaS instance in a hybrid cloud environment. However, there are certain risks associated with storing the database in a hybrid cloud environment and therefore, proper risk mitigation policy is needed to be undertaken. The major types of security that Webbs Stores can deploy in order to protect the critical database are encryption of data and authenticated use of data apart from other strategies, which include data masking and back up of the data (Hashizume et al., 2013). Encryption is a process of converting a data into cipher text or unreadable text in order to prevent the unauthorized use and access of data. Through the process of encryption, the electronic data is converted into cipher text. The primary aim of enabling an encryption process in to protect the confidentiality of the digital data stored over the cloud, in this case, it is the database of Webbs Stores. Different encryption algorithm can be used in order to severe the database. Confidentiality of data is one of the primary aims of encryption and therefore, this method will be very effective in securing the database (Malawski et al., 2013). Authentication is often used to ensure that only the registered candidates are allowed to access the data. Authentication allows any user to access the data only if he is registered to use that data. Different authentication techniques can be used to protect unauthorized use and access of data (Boyd Mathuria, 2013). Therefore, the Webbs Stores must necessarily deploy these two security techniques as a primary security feature. Although the hybrid environment is safe to be used, the Webbs Stores must implement these two security essentials for securing their data after moving their MS SQL server 2012 R2 database to an IaaS instance in cloud. Benefits and Issues with the deployed security measure The security measures deployed for securing the data in cloud approach is encryption and authentication. The different benefits that is associated with the deployment of these information security are as follows- 1) Security of all data types: Data is generally more vulnerable when it is moved to a different location. The same is the case for Webbs Stores as well. Encryption works in the process of data transferring as well. The protects the data from being stolen, as even if an attacker gets access to the data, it would be unreadable for them since it is encrypted (Chen Zhao, 2012). 2) Data Integration is maintained in Encryption: Maintaining the integrity of data is essential. Encryption helps in maintaining the integrity of the data (Doan, Halevy Ives, 2012). 3) Privacy of data is protected: The personal and the confidential data of the Store is properly protected through the method of encryption. This is possible because, with the method of encryption only the authorized person is able to access the data (Zissis Lekkas, 2012). Apart from this, deployment of these security standards would further allow other advantages that are discussed below- 1) Flexibility: the deployment of this security policy would offer a high flexibility in the use of database. 2) High security: the process of encryption coupled with the authentication provides high security of the database (Arora, Parashar Transforming, 2013). 3) Cost Effective: The deployment of this security policy is a cost effective solution with a very low maintenance cost. However, with these advantages, there are certain issues that are associated with the process of encryption and authentication. The issues associated with the security measures of the organization is listed below (Tao et al., 2014)- 1) Complex structure: The method of encryption is complex and therefore proper research is necessary for implementing this structure. 2) Brute Force Attack: It is a method of trial and error method that can be used by an attacker to decode an encrypted data stored in a database (Wei et al., 2014). Therefore, it can be said that the process of encryption is associated with the risk of Brute Force attack as it can result in data leak and loss of data. These are the two major issues associated with the security measure deployed by the organization apart from the other minor issues that includes, the method of data storage, and process of proper encryption of the data (Garg, Versteeg Buyya, 2013). Risks Associated with the migration of database to cloud There are certain risks that are associated with the migration of database in cloud. Furthermore, Webbs Stores is planning to migrate their MS SQL server 2012 R2 database to an IaaS instance in cloud. The risk associated with the migration of the database in cloud environment are listed below- 1) The major risk in migration of data to a cloud database is the risk of data loss. This is because, migrating the whole R2 database is prone is very complex and if proper measures are not taken, few or all data may face this risk (Hashem et al., 2015). Therefore, Webbs Stores must ensure proper strategic plan before the migration of data in order to avoid this risk. 2) Another risk associated with migrating the database to IaaS instance is data loss due to corruption of data. This is a common risk associated with data migration and therefore, proper measures are needed to be taken by the Webbs Stores in order to eliminate the risk of data corruption. The Risk IaaS Infrastructure The different risk associated with the migration of Webbs Stores MS SQL server 2012 R2 database to an IaaS instance are listed below- 1) Privacy and security Risk: One of the major concerns associated with adopting the IaaS infrastructure is security of confidential data. This is because, the database is hosted on a public server managed by a vendor, and therefore Webbs should ensure that the vendor is trusted enough to protect the data from unauthorized access. This risk can be termed as risk from insider as well (Hashizume et al., 2013). Since the vendor would be able to access the data, it is essential for Webbs Stores to keep a track of their database. 2) Risk of downtime and technical difficulties- The IaaS Infrastructure is a bit complex and therefore, it is probable that the structure would face technical difficulty, which may freeze the operational work of the Store. Furthermore, the whole IaaS setup is largely dependent of an internet connection and therefore, any connectivity or network related issue might render the entire setup useless. 3) The risk of Vulnerability: Any cloud-based solution has a high chance of being attacked or exploited by malicious users and hackers. Nothing is completely secure on internet and the interdependency of cloud systems may lead to the loss and leakage of important data (Zissis Lekkas, 2012). 4) Limited Flexibility and control: Another issue associate with the IaaS instance is that, it is controlled by a third party vendor and therefore, it offers little control and low or negligible flexibility. 5) Denial of Service Attack: The cloud storage is prone to external attack, one of which may be denial of service attack. This attack is generally implemented to make the resources unavailable for the legitimate users. Public cloud environment is more prone to this attack (Malawski et al., 2013). The Risk in communication between Webbs and IaaS database The different risks that is associated with the communication between Webbs and iaaS database in cloud are listed below- 1) The major risk associated with the communication is that, an attacker can intercept or breach the data during an ongoing communication. 2) The data might be lost due to some technical error while an ongoing communication. This is another risk associated with communication (Fernando, Loke Rahayu, 2013). 3) Any technical error may render the data unavailable, thus freezing the operations of the Webbs Stores. Risk associated with data archival and Data back up i) The risks associated with the backing up of data in the cloud are listed below- Security: One of the major concerns or risks in backing up of data in cloud is the security risk. This is because, while backing up of data in cloud, The Webbs Stores will have to rely on the IaaS Vendor thus inviting a risk of unauthorized access of data (Gonzalez et al., 2012). Data Loss: The cloud storage while backing up of data, overwrite the previous version of the files, which saves the time and bandwidth. However, this leads to the delete of the previous versions of the data and in case if the Store needs an old data, it may find itself in a problem (Hashem et al., 2015). Therefore, the procedure of backing up of data leads to data loss. ii) The risks associated with the storage of data in cloud after backing up described below- Security Risk: Since the vendor has access to the data stored in IaaS infrastructure, there is a high possibility of security risk and data loss. The chances of sensitive and confidential data being stolen are high in storage of data in cloud (Wei et al., 2014). Lack of data Standardization: The data stored will be can be accessed by the third party vendor and there is lack of proper standardization and protocol in limiting the access of data. This is another concern of data storage in a cloud environment (Dinh et al., 2013). Data Theft of data loss: another major concern associated with the storage of data in the cloud environment is that it is prone to data theft. Malware infections: Third party vendors use cloud services for data ex filtration, which can result in malware infections (Chou, 2013) iii) The risk that Webbs Stores might face while retrieving the data are listed below- Snooping: One of the major risks associated with the retrieval of data in cloud is snooping. The stored data is transmitted over internet, which is a primary risk factor. The possibility of intercepting of data on route is high during the data retrieval and therefore it possesses a significant amount of risk (Leippold Lohre, 2012). Data leakage: Retrieval of data is dependent is largely dependent on internet connection and therefore, the risk of data leakage is considerably high during the data retrieval. Cloud back up and DR plans The disaster recovery concept in cloud involves the storage and maintenance of the copies of electronic records in cloud environment. The primary aim of DR is proving an organization a way to recover its important data in case of data loss (Li et al., 2013). The migration of the entire database to cloud will definitely help in developing a better DR plan for Webbs Stores. This is because, the process of data recovery us very simple in case of cloud environment (Phillips, 2015). The primary advantage of migrating the data in cloud and deploying a cloud back up strategy is that it keeps a copy of the data in an offsite server as well (Rahimi et al., 2014). The Iaas infrastructure allows this facility of periodic data backup and therefore, data recovery becomes easier. The backup and restore strategy will definitely change as a result of this service. This is because the process of data recovery and back up in cloud is very simple and Webbs Stores need not have to worry about the backup as well. This is because; the cloud provider will control the regular data backup (Sanaei et al., 2014). A proper DR plan eliminates the risk of data loss during migration, retrieval or storage. Therefore, this strategy will be helpful for the Webbs Stores in data recovery. Access protection on moving to cloud Access control and access protection is very essential for protection of data from unauthorized access. Access control limits the access of data only to the authorized person thus eliminating the risk of data theft and data loss. The recommendation for protecting the access to IaaS infrastructure, database, cloud network infrastructure and cloud backup and restore are elaborated below (Khan, 2012)- IaaS Infrastructure The IaaS infrastructure should be properly protected in order to avoid the risks associated with the loss of data and data theft. The recommendations for ensuring access protection for IaaS Infrastructure are elaborated below- 1) Controlling the physical access to the IaaS infrastructure is an effective method of ensuring access control in IaaS Infrastructure. Use of multifactor authentication, which includes OTP, tokens and smart cards, will help in reducing the risk of unauthorized access to the infrastructure. 2) The access of IaaS infrastructure with unsecure API is one of the primary reasons of malware infection and data threat. Only secure and authorized utilization of API should be ensured in order to protect the data in IaaS infrastructure (Xiao, Song Chen, 2013). MS SQL Server 2012 R2 Cloud Instance The contents of MS SQL Server R2 cloud instance can be protected ensuring a proper access control methodology. The access control procedures recommended for SQL server are elaborated below- 1)Only the registered users should be able to access the database. This should be controlled by the Webbs Stores to ensure that an employee with a sufficient permission will only be allowed to access the database and the servers. 2) Proper encryption standards can help in preventing the unauthorized access to the data. The person having the decryption key can only decrypt encrypted data and therefore, this strategy helps in controlling the access to the database (Biham Shamir, 2012). Cloud network infrastructure The recommendations in ensuring the access control in cloud network infrastructure are listed below- 1) The only useful approach of ensuring the access control in cloud network infrastructure is monitoring the cloud database server. This will help in keeping a tract of users accessing the data and can further help in eliminating the risk of data theft (Whaiduzzaman et al., 2014). 2) The cloud network infrastructure would be accessible to the cloud service vendor and therefore, protection against the internal threats is necessary (Rittinghouse Ransome, 2016). The traffic in the system should be regularly monitored and any suspecting communication or transaction should be immediately tracked. Cloud backup and restore infrastructure The recommendations from protecting the access to cloud backup and restore infrastructure are listed below (Rahimi et al., 2014)- 1) One of the most useful security measures for protecting the access to backup data is to encrypt the data. The encryption will help in preventing any unauthorized access to the backup data (Avram, 2014). 2) The process of data restoring should ensure password protection. This indicates that the data restoring will be enabled only after providing a valid password (Botta et al., 2016). Conclusion Therefore, from the above discussion it can b concluded that the migration of database to an IaaS instance would definitely benefit the Webbs Stores. However, there are certain issues that are associated with the data migration that should be properly dealt with. The report provides certain recommendation in ensuring data protection in hybrid cloud and secure access of data. References Arora, R., Parashar, A., Transforming, C. C. I. (2013). Secure user data in cloud computing using encryption algorithms.International journal of engineering research and applications,3(4), 1922-1926. Biham, E., Shamir, A. (2012).Differential cryptanalysis of the data encryption standard. Springer Science Business Media. Boyd, C., Mathuria, A. (2013). Protocols for authentication and key establishment. Springer Science Business Media. Chen, D., Zhao, H. (2012, March). Data security and privacy protection issues in cloud computing. In Computer Science and Electronics Engineering (ICCSEE), 2012 International Conference on (Vol. 1, pp. 647-651). IEEE. Chou, T. S. (2013). Security threats on cloud computing vulnerabilities. International Journal of Computer Science Information Technology, 5(3), 79. Dinh, H. T., Lee, C., Niyato, D., Wang, P. (2013). A survey of mobile cloud computing: architecture, applications, and approaches.Wireless communications and mobile computing,13(18), 1587-1611. Doan, A., Halevy, A., Ives, Z. (2012). Principles of data integration. Elsevier. Fernando, N., Loke, S. W., Rahayu, W. (2013). Mobile cloud computing: A survey.Future generation computer systems,29(1), 84-106. Garg, S. K., Versteeg, S., Buyya, R. (2013). A framework for ranking of cloud computing services.Future Generation Computer Systems,29(4), 1012-1023. Gonzalez, N., Miers, C., Redigolo, F., Simplicio, M., Carvalho, T., Nslund, M., Pourzandi, M. (2012). A quantitative analysis of current security concerns and solutions for cloud computing. Journal of Cloud Computing: Advances, Systems and Applications, 1(1), 11. Hashem, I. A. T., Yaqoob, I., Anuar, N. B., Mokhtar, S., Gani, A., Khan, S. U. (2015). The rise of big data on cloud computing: Review and open research issues.Information Systems,47, 98-115. Hashizume, K., Rosado, D. G., Fernndez-Medina, E., Fernandez, E. B. (2013). An analysis of security issues for cloud computing.Journal of Internet Services and Applications,4(1), 5. Khan, A. R. (2012). Access control in cloud computing environment. ARPN Journal of Engineering and Applied Sciences, 7(5), 613-615. Leippold, M., Lohre, H. (2012). Data snooping and the global accrual anomaly. Applied Financial Economics, 22(7), 509-535. Li, J., Li, Y. K., Chen, X., Lee, P. P., Lou, W. (2015). A hybrid cloud approach for secure authorized deduplication. IEEE Transactions on Parallel and Distributed Systems, 26(5), 1206-1216. Malawski, M., Juve, G., Deelman, E., Nabrzyski, J. (2015). Algorithms for cost-and deadline-constrained provisioning for scientific workflow ensembles in IaaS clouds.Future Generation Computer Systems,48, 1-18. Phillips, B. D. (2015). Disaster recovery. CRC press. Tao, F., Cheng, Y., Da Xu, L., Zhang, L., Li, B. H. (2014). CCIoT-CMfg: cloud computing and internet of things-based cloud manufacturing service system.IEEE Transactions on Industrial Informatics,10(2), 1435-1442. Wei, L., Zhu, H., Cao, Z., Dong, X., Jia, W., Chen, Y., Vasilakos, A. V. (2014). Security and privacy for storage and computation in cloud computing.Information Sciences,258, 371-386. Zissis, D., Lekkas, D. (2012). Addressing cloud computing security issues. Future Generation computer systems, 28(3), 583-592.