Cloud Computing
Cloud computing is the on-demand availability of computer system resources, in particular data storage (cloud storage) and computing power, without direct active management by the user. Large clouds often have functions distributed over several locations, with each location being a data centre. Cloud computing relies on the sharing of resources to achieve consistency and economies of scale, typically using a 'pay-as-you-go' model that can help reduce capital expenditure, but can also lead to unforeseen operational expenses for unsuspecting users.
Advocates of public and hybrid clouds note that cloud computing allows companies to avoid or minimise upfront IT infrastructure costs. Advocates also say that cloud computing allows businesses to get their applications up and running faster, with better manageability and less maintenance, and that it allows IT, teams, to more quickly adjust resources to meet fluctuating and unpredictable demand by providing the capability for burst computing: high computing power during certain periods of peak demand.
In the 1990s, telecommunications companies, which previously offered mainly point-to-point dedicated data circuits, began offering virtual private network (VPN) services with comparable quality of service, but at a lower cost. By changing traffic at will to balance server usage, they could use the overall network bandwidth more effectively. They began to use the cloud symbol to indicate the demarcation point between what the provider was responsible for and what the users were responsible for. Cloud computing extended this boundary to cover all servers and network infrastructure. As computers became more ubiquitous, scientists and technologists explored ways to make large-scale computing power available to multiple users through time-sharing. They experimented with algorithms to optimise the infrastructure, platform and applications to prioritise CPUs and increase efficiency for end users.
Cloud computing poses privacy issues because the service provider can access the data that is in the cloud at any time. It could accidentally or deliberately alter or delete the information. Many cloud providers may share information with third parties if necessary for law and order purposes without a warrant. This is allowed in their privacy policies, which users must agree to before they start using cloud services. Privacy solutions include policy and legislation, as well as end-user choices about how data is stored. Users can encrypt data that is processed or stored in the cloud to prevent unauthorised access. Identity management systems can also provide practical solutions to privacy issues in cloud computing. These systems distinguish between authorised and unauthorised users and determine the amount of data accessible to each entity. The systems work by creating and describing identities, recording activities and getting rid of unused identities.
According to the Cloud Security Alliance, the top three threats in the cloud are insecure interfaces and APIs, data loss and leakage, and hardware failure, which account for 29 per cent, 25 per cent and 10 per cent of all cloud security breaches respectively. Together, these constitute shared technology vulnerabilities. In a cloud provider platform shared by several users, there may be a possibility that information belonging to different customers resides on the same data server. In addition, Eugene Schultz, chief technology officer at Emagined Security, said hackers are spending considerable time and effort looking for ways to penetrate the cloud. "There are some real Achilles heels in the cloud infrastructure that are creating big holes for the bad guys to get into." Because the data of hundreds or thousands of companies can be stored on large cloud servers, hackers can theoretically gain control of huge stores of information through a single attack - a process he called "hyperjacking". Examples of this include the Dropbox security breach and the 2014 iCloud leak. Dropbox had been breached in October 2014, having over 7 million of its users' passwords stolen by hackers in an attempt to obtain monetary value from Bitcoin (BTC). By having these passwords, they are able to read private data as well as have this data be indexed by search engines (making the information public).