MITS5002 Software Engineering Methodology - Survey Data

For this component you will be required to do a 5-10 minute presentation on a recent academic paper on a topic related to Software Engineering or Software Engineering Methodologies. Some possible topic areas include but are not limited to:

• Software Engineering for Data Warehouse systems
• Risk Analysis in Software Engineering
• Project Management methodologies
• Advances in Prototyping for software engineering
• Cleanroom methodology


Test Driven methodologies
Advanced human Interfaces
Artificial Neural Networks
Cloud Computing
Agent Oriented Software Engineering

The paper you select must be directly relevant to one of the above topics or another topic approved by your lecturer and be related to what we are studying this semester in Software Engineering. The paper can be from any academic conference or other relevant Journal or online sources such as Google Scholar, Academic department repositories, or significant commercial company involved in research such as IBM etc. All students must select a different paper, thus the paper must be approved by your lecturer before proceeding. In case two students are wanting to present on the same paper, the first who emails the lecturer with their choice will be allocated that paper.

Answer

Introduction

Security is the major issue in today’s world of information technology. As the use of information technology is increasing day by day, challenges regarding cyber security are also increasing. It is important to know about the security solutions while using cloud computing. Cloud computing is core technical part in this era due to its emergence on IT, software engineering, businesses and data storage. Traditional way of computing data was not appropriate to access them anytime and anywhere that is why cloud computing has come into existence. The topic of security issues and cloud computing in a cloud has been selected here in order to study security solution. An article has been chosen here to study in details about the security issues and cloud computing. This project provides the analysis of methods as well as findings, highlights the problems of security, the results of security issues and finally, the discussion, as well as results, will be judged.

Description of the article

The article basically provides the details on security of cloud computing along with its issues, threats as well as solutions. Cloud computing has a remarkable potential that helps in providing the consumers' services on demand having greater flexibility and cost-effectiveness over internet. For on-demand services, security is the major issue. This article provides the overview of securities issues that affect cloud computing. It also provides details of embedded system, storage system, application and issues related to clustering, public as well as private cloud and issues related to them. This article also provides the detailed requirement for managing the security in better way along with security architecture of 3-tier. Some issues along with discussion of new concepts of security and some recommendations are also provided in this article. Virtualization technique has been provided by the implementation of cloud computing that helps to provide resources to end user inefficient way. Some important features of cloud computing are its expedient, elasticity, on-demand services as well as economical. Three delivery levels of service are infrastructure, platform as well as service as a platform. Server stack of cloud has been used in cloud computing in which the server is on the back and the user is in the front. NIST is mainly responsible for the development of guidance as well as security in the environment of cloud. There are challenges of security while using cloud computing in the organisation but it has many advantages as well that is why it has been preferred by many organisations to use cloud computing to increase the efficiency as well as to reduce risks as well. 

The methodology that has been used here is attribute-driven ^[12]. A comprehensive survey has been done with various organisation has been done in cloud computing that provides the details of security issues in different organisations.

                                                                        Figure 1: Survey Data

                                                                                                 (Source: ¹²)

The article helps in finding different types of delivery models of cloud services such as infrastructure, platform, and software as a service model. There are also five deployed models of cloud such as private cloud, community cloud, public cloud, hybrid cloud and virtual private cloud. The basic components of cloud computing are virtualization, multi-tenancy, cloud storage, the hypervisor and cloud network.  The major concerns of security in cloud computing are software security, storage security, infrastructure security and network security.

The major issues or problems that have been found in the survey are embedded security issues that include isolation of virtual machine, monitoring of VM, programmability, control system for electronic access, SNMP server. Application issues include user front end, user backend, framework, license, service and parallel application. Web application includes web technology and server, protocol and standard, proxy server. Conviction and Trust issues that include human factor, forensic value, reputation, governance, trusted third party, lack of trust of consumer. Other issues are related to client management, data storage of cloud, metadata, clustering computing, operating issues and many others issues. It also describes the cloud computing security threats.

As a result, it provides many solutions as requirement of personal security, risk analysis and effective governance, disaster and backup recovery management, fault tolerance and exception handling, cryptographic algorithm, digital forensic technique and tools, secure virtualizations and many others ways of security solution.

In the discussion of security suggestion, security architecture of 3 tier has been discussed that has three levels application level, infrastructure level and middle level of cloud service. Organisation that is mostly using cloud computing for running applications of in-house that needs to modify potentially approach of software development. The organisations are moving to use application of in-house cloud in order to save their money. It also increases the efficiency as well as the security level. In case of public cloud, data is moved from the organisation or to the organisation are confidential as well as integral.

Relevance with the given topic

Cloud computing technology helps in providing on-demand services to the customers based on their needs and requirements. This cloud computing system allows better flexibility to their customers in a cost-effective way ^[1]. The concerned article discusses the various security issues that impact cloud computing systems. 

Research study addressed security challenges

Security within embedded systems imposes major threats to the computing systems. Apart from discussing the various security issues, this paper also details about the various mitigation ways that would help the security officers to deal with their faults. Virtualization imposes a major threat to this cloud computing system ^[2]. Isolation of virtual machine could also result in data leakage as well as attack of the cross-VMs. In addition to this, application issues related to this cloud computing has also be detailed in this current chapter. User front end issues along with framework challenges also create challenges in this cloud computing system ^[9]. Furthermore, it is essential to license this cloud computing system and this also creates another major issue to the security officers ^[3]. Human factors along with governance also challenge this cloud computing system in an adverse manner. In addition to this, client management issues and cloud storage issues have also been addressed in this article ^[4]. Furthermore, operating issues like android cloud computing system also have major issues and this has also been explained in this section. Therefore, this study successfully addresses the issues of cloud computing system.

Research study addressed security threats

This research study enumerates detailed analysis of the potential threats that occur in case o cloud computing system. Repudiation and denial of services are some of the threats that occur in case of cloud computing system ^[5]. In addition to this, XSS attack, as well as wrapping attacks, is some of the other major threats that have been explained in detail in this selected article. Roll back attack is another malicious attack that affects data security of owners and this has also been explained in this specific article ^[10]. Third party intervene software by accessing IP address thereby using data and information ^[6]. Therefore, this study provides a detailed analysis of the data loss and the reasons behind such form of leakage. This study does not only highlights the root cause even provide specific interventions ^[7]. Thus, it can be said that this article provides relevant information and knowledge regarding cloud security threats and challenges faced by the officers ^[8]. These issues need to be solved and mitigated for easy accessibility by the security officers. Therefore, data provided in this research study allows the researcher to understand the various security issues and find out effective interventions to solve these security breaches.    

Conclusion

The IT industry has been changing with the cloud paradigm that is very beneficial for the organisations as well as countries. Cloud has many advantages but it is still responsible for some security issues. That is the reason why using cloud computing brings many challenges of security. The vendors, as well as customers, are aware of threats of security. It also provides the security challenges of cloud computing and various solution for the same. This article provides many vulnerabilities, attacks, security challenges that affect the use of cloud computing. The government is also thinking to use cloud-based technology in order to increase performance, innovation, quality as well as security. Architecture of 3-tier helps to enhance the security of cloud computing. Three levels of service system of cloud have been discussed along with security consideration at each level.

References

W. Rittinghouse, & J. F. Ransome. Cloud computing: implementation, management, and security.Florida: CRC press,  2016.

Mosco. To the cloud: Big data in a turbulent world. Abingdon: Routledge, 2015.

Kumar, R. S. Verma and K. Mohan, "Survey on Data Security Issues in Cloud Computing," International Journal of Advanced Research in Computer Science, vol. 8, (3), 2017. 

Fatima, S. Ahmad and S. Siddiqui, "SECURITY ISSUES IN CLOUD COMPUTING: A SURVEY," International Journal of Advanced Research in Computer Science, vol. 9, pp. 14-18, 2018.

Kaur and N. Bhardwaj, "A Review on Security Issues in Cloud Computing,"International Journal of Advanced Research in Computer Science, vol. 6, (2), 2015.

Singh, "Study on Challenges, Opportunities and Predictions in Cloud Computing," International Journal of Modern Education and Computer Science, vol. 9, (3), pp. 17-n/a, 2017.

M, "Cloud Computing: Major Challenges and Counter Acts," International Journal of Advanced Research in Computer Science, vol. 9, (2), pp. 618-625, 2018.

Singhet al, "A Review on Security Issues in Cloud Computing,"International Journal of Innovation and Applied Studies, vol. 8, (3), pp. 1090-1093, 2014

A. Hussain, M. Fatim, A. Saeed, I. Raza & R. K. Shahzad. Multilevel classification of security concerns in cloud computing. Applied Computing and Informatics, vol. 13. No. 1, pp. 57-65, 2017. [Online]. Retrieved from: https://www.sciencedirect.com/science/article/pii/S2210832716300011

E. Kushida, J. Murray & J. Zysman. Cloud computing: from scarcity to abundance. Journal of Industry, Competition and Trade, vol. 15, no. 1, pp.  5-19, 2015. [Online]. Retrieved from: https://link.springer.com/article/10.1007/s10842-014-0188-y

Singh, Y. S. Jeong & J. H. Park. A survey on cloud computing security: Issues, threats, and solutions. Journal of Network and Computer Applications, vol. 75, pp.  200-222. 2016.