SECURE CLOUD COMPUTING INFORMATION SYSTEM FOR CRITICAL APPLICATIONS
Authors: Sergiy Gnatyuk, Vitaliy Kishchenko, Andriy Tolbatov, Yuliia Sotnichenko
Affiliation: NAU Cybersecurity R&D Lab National Aviation University, Kyiv, Ukraine
Keywords: information technology, cloud computing, security, critical applications, cyber attack.
ABSTRACT. The usage of cloud computing has gained a significant advantage due to the reduced cost of ownership of IT applications, extremely fast entry into the services market, as well as rapid increases in employee productivity. Everything can be implemented in the cloud service: from data storage to data analysis, applications of any scale or size. Employees also implement their own cloud applications for work, contributing to the development of their own cloud culture (BYOC). In addition, the use of cloud services is now available not only for large enterprises, but also for companies in medium and small businesses, which makes cloud technologies one of the main environments for the operation of their information systems. However, such an increase in the efficiency of working with cloud technologies has led to increased attention to the problems of cyber threats, the growth of which is inseperably linked with the growth of IT technologies. A cloud service user can deploy their own applications, build their infrastructure, or simply process data, but in any case, they trust their confidential data to the cloud service provider and want to be sure that their data is secure. Providing information security IS in a cloud environment is the responsibility of the provider, and therefore their systems must meet a number of requirements of both national and international law and international recommendations. Therefore, the main scientific and technical problem can be formulated as follows: data security may be compromised and there is a risk of mass data loss by many users due to the possibility of conducting cyber threats in cloud services. Because information is not only stored in the cloud, but is also processed, users must be confident in the security and availability of their data. The solution to this problem can be provided by using various methods of cyber threat detection, IDS / IPS systems, cyber incident response modules, etc.
1.R. Abidar, K. Moummadi, F. Moutaouakkil, H. Medromi, Intelligent and Pervasive Supervising Platform for Information System Security Based on Multi-Agent Systems, International review on computers and software. – 2015. – Vol. 10, Issue 1. – p. 44–51.
2.The 6 Major Cyber Security Risks to Cloud Computing [Електронний ресурс]. – Режим доступу: World Wide Web. – URL: http://www.adotas.com/2017/08/the-6-major-cyber-security-risks-to-cloud-computing/
3.Google Security Whitepaper for Google Cloud Platform [Електронний ресурс]. – Режим доступу: World Wide Web. – URL: https://habrahabr.ru/post/183168/
4.Data Mining for Network Intrusion Detection / P. Dokas, L. Ertoz, V.Kumarhttps // Recent Advances in Intrusion Detection. – 2014. – Vol. 15(78). – P. 21-30.
5.Ahmed P. An intrusion detection and prevention system in cloud computing:A systematic review / Р. Ahmed // Journal of Network and Computer Applications. – 2016. – Vol. 11. – P. 1-18.
6.Anderson J.P. Computer Security Threat Monitoring and Surveillance / James P. Anderson // Technical Report Contract. – 1982. – Vol. 36. – P. 179-185.
7.Carl G, Kesidis G, Brooks RR, Rai S. Denial-of-service attack-detection techniques. Internet Computing, IEEE, 2006;10:82–9
8.How to build physical security into a data center [Електронний ресурс] / S.D. Scalet. – Режим доступу: World Wide Web. – URL: http://www.csoonline.com/article/2112402/physical-security/physical-security-19-ways-to-build-physical-security-into-a-data-center.html?page=3
9.Al-Mamory S, Zhang H. New data mining technique to enhance IDS alarms quality. Journal in Computer Virology 2010;6:43–55
10.Breaking down what's in your cloud SLA [Електронний ресурс]. – Режим доступу: World Wide Web. – URL: http://searchcloudcomputing.techtarget.com/essentialguide/Breaking-down-whats-in-your-cloud-SLA
11.ISO/IEC 27035:2011 – Information technology – Security techniques – Information security incident management, 2011. – 69 p.
12.Antonopoulos N. Cloud Computing: Principles, Systems and Applications / N. Antonopoulos // Springer Science Business Media. –2010. – Vol. 13(6). – P. 26-38.
13.Byrski A, Carvalho M. In: Bubak M, van Albada G, Dongarra J, Sloot P, editors. Agent-Based Immunological Intrusion Detection System for Mobile Ad-Hoc Networks Computational Science—ICCS 2008, 5103. Berlin/Heidelberg: Springer; 2008. p. 584–93.
14.AWS Global Infrastructure [Електронний ресурс]. – Режим доступу: World Wide Web. – URL: https://aws.amazon.com/about-aws/global-infrastructure/?nc1=h_ls