1. Trang chủ
  2. » Công Nghệ Thông Tin

ASM 2 Cloud Computing 1644 FPT Greenwich (Merit Super Sale)

32 27 2

Đang tải... (xem toàn văn)

Tài liệu hạn chế xem trước, để xem đầy đủ mời bạn chọn Tải xuống

THÔNG TIN TÀI LIỆU

Thông tin cơ bản

Định dạng
Số trang 32
Dung lượng 2,77 MB

Nội dung

Điểm của bài asm còn tùy thuộc vào người chấm. Chỉ cần paraphase bài này là có thể pass. 1 trong nhưng tool paraphase mình recommend là quillbot.The submission is in the form of 1 document.● You must use the Times font with 12pt size, turn on page numbering; set line spacing to 1.3 andmargins to be as follows: left = 1.25cm, right = 1cm, top = 1cm, bottom = 1cm. Citation andreferences must follow the Harvard referencing style. ASSIGNMENT FRONT SHEET Qualification BTEC Level HND Diploma in Computing Unit number and title Unit 2: Networking Infrastructure Submission date Date Received 1st submission Resubmission Date Date Received 2nd submission Student Name Student ID Class Assessor name Student declaration I certify that the assignment submission is entirely my own work and I fully understand the consequences of plagiarism I understand that making a false declaration is a form of malpractice Student’s signature Grading grid P1 P2 P3 P4 M1 M2 D1 ❒ Summative Feedback: Grade: Lecturer Signature: ❒ Resubmission Feedback: Assessor Signature: Date: Table of Contents I Network Network definiton Ξ First of all, network also known as computer networking, which can be understand as a group of computers utilizing a principles of general communication protocols over digital connections for the intention of sharing resources located upon or accommodated by network nodes ... https:www.dnsstuff.comdatabreach 10 1 Dobran, B., 2 019 Information Security Risk Management: Build a Strong Program Online Available at: https:phoenixnap.combloginformation security riskmanagement garg, r., 20 21 Threats... List and give examples with dates 12 Propose a method to assess and treat IT security risks (M1) 18 TASK DESCRIBE AT LEAST ORGANIZATIONAL SECURITY PROCEDURES (P2) .20 Definition... Dan Swinhoe, 20 21 The 15 biggest data breaches of the 21st century, s.l.: s.n Ohri, A., 20 21 What Is DMZ Network Online Available at: https:www.jigsawacademy.comblogscyber security whatisdmz

ASSIGNMENT FRONT SHEET Qualification BTEC Level HND Diploma in Computing Unit number and title Unit 16: Cloud Computing Submission date 31/08/2022 Date Received 1st submission Re-submission Date Date Received 2nd submission Student Name Nguyen Huy Hoang Student ID GCH200739 Class GCH0908 Assessor name Do Quoc Binh Student declaration I certify that the assignment submission is entirely my own work and I fully understand the consequences of plagiarism I understand that making a false declaration is a form of malpractice Student’s signature Grading grid P5 P6 P7 P8 M3 M4 D2 D3 Page of 32  Summative Feedback: Grade:  Resubmission Feedback: Assessor Signature: Date: Internal Verifier’s Comments: Signature & Date: Page of 32 Table of Contents A INTRODUCTION B DESIGN I Overview Solution for ATN Use-case diagram Web Screen Shots II Implement and Deployment Tools, Techniques and Frameworks Deployment 12 Code Implementation 19 Source code and website 23 III DISCUSS THE ISSUES AND CONSTRAINTS ONE CAN FACE DURING THE DEVELOPMENT PROCESS AS WELL AS CRITICALLY DISCUSS HOW ONE CAN OVERCOME THESE ISSUES AND CONSTRAINTS 23 C Issues, Constraints and Solutions to Overcome When Implementing The Code 23 Issues, Constraints and Solutions to Overcome in debugging 24 Issues, Constraints and Solutions to Overcome in deploying 24 Issues, Constraints and Solutions to Overcome in Database 25 SECURITY 25 I Some Issue Of Cloud Computing Platform 25 a) Public Cloud 25 b) Private Cloud 26 c) Hybrid Cloud 27 II Security Issues In Cloud Environments And Solution to Overcome These Issues When Building A Secure Cloud Platform 27 Data Breaches 27 Misconfigurations and inadequate change control 28 Lack of cloud security architecture and strategy 28 Data Loss/ Leakage 29 Account hijacking 29 Page of 32 III Insecure interfaces and APIs 29 How an Organization Should Protect Their Data 30 Understand the Shared Responsibility Model 30 Understand Compliance Requirements 30 Centralize Monitoring 31 Encrypt Data 31 Pick the proper data centre migration solution for the job 31 D CONCLUSION 31 References 32 List of Figures Figure 1:Use-case diagram for ATN system Figure 2: Homepage Figure 3: Product Management UI Figure 4: Searching function Figure 5: Creating function Figure 6: Editing function Figure 7: VSCode IDE Screenshot 10 Figure 8: Github 11 Figure 9: Mongo atlas 11 Figure 10: Heroku 12 Figure 11: Install Nodejs 12 Figure 12: Install Express framework 13 Figure 13: config node package manager 13 Figure 14: Mongodb atlas 14 Figure 15: config IP access 14 Figure 16: Database account 14 Figure 17: Connect noSqlbooster to this mongodb Atlas 15 Figure 18: Connect to database server via url encode with account 15 Figure 19: Github repository 16 Figure 20: Source code after being pushed into github 17 Figure 21: Create Heroku cloud 18 Figure 22: Guidance Command Lines 18 Figure 23: ATN warehouse web app 19 Figure 24: UploadProduct (1) 21 Figure 25: UploadProduct (2) 21 Page of 32 A INTRODUCTION In assignment 1, I learnt and discussed the basic concepts of cloud computing subject as well as analyzed and provided the solution and tech stack for the ATN web project( a Vietnamese company which is selling toys to teenagers in many provinces all over Vietnam) The completion of my task in assignment also is the premise for assignment The implementation will be given based on the ATN scenario and architectural design from the first assignment The implementation only offers a few sample functions of the scenario due to the assignment's time limitations Additionally, in this assignment, I will discuss the security concern in cloud computing/platforms and their solution How organizations could protect their Data in cloud also will be discussed Page of 32 B DESIGN I Overview Solution for ATN After overviewing and analyzing the positive statistic that Cloud Computing brings about, I decided to choose Cloud Computing to hosting and develop the ATN warehouse web app, which only be used by staff of ATN Use-case diagram Figure 1:Use-case diagram for ATN system The primary use-cases as well as functions of ATN web app that are: Manage Products(Search/ add/ edit/ delete/ view detail) Web Screen Shots 3.1 Main UI Page of 32 Figure 2: Homepage This is the main UI of ATN web app It always appears when user access to this web app via ATN’s address 3.2 Product Management UI Figure 3: Product Management UI This is the product management UI of ATN web app It shows all products of ATN database and provide some buttons(CTA) and text field which are in charge of primary functions of its system Page of 32 such as searching, editing, deleting, creating The design of this site is quite friendly and invisible not only for staff but also even any customer could use this one Figure 4: Searching function The searching function has real-time searching hint 3.3 Creating and Editing product Figure 5: Creating function Page of 32 Click on create button on the top-left to open this site This site has text fields to enter the attribute of a product Image of product could be uploaded from staff’s disk storage and staff could upload multiple images one time Figure 6: Editing function Click on create button in the bottom-left of a product to open this site This site has text fields to enter the attribute of a product and the data of product will fill them However, images of product now not yet be uploaded because it’s in maintainance now II Implement and Deployment Tools, Techniques and Frameworks a) IDE For implementing this web application, Visual Studio Code is chosen obviously This is because: ☺ Its adaptability and contemporary features Heroku CLI and Git CLI are supported ☺ JavaScript and TypeScript provide enhanced built-in support for Node.js development in VS Code, which is supported by the same underlying technologies as Visual Studio ☺ The most effective features of web, native, and language-specific technologies are combined in Visual Studio Code's architecture Page of 32 ☺ It is a cross-platform, open source, and free editor that runs on Windows, Linux, and macOS so that work regardless of the platform that the device is built on Figure 7: VSCode IDE Screenshot b) Framework For building the web server, Expressjs which is an open-source backend framework for Node.js is a good choice for developing the backend of this web application It is built on top of the Node.js framework (Web, 2020 ) The majority of codes have already been written Developers will code more easily if they it in this manner I use Express.js because of its great scalability, speed, and overall performance, to name a few factors It is built on top of the Node.js framework The majority of codes have already been written Typically, developers will code more easily if they it in this manner Any app development project must have Page 10 of 32 d) Deploy on Heroku To deploy on the Heroku cloud, I need to make the Port of this server could dynamically change itself The port will be got in process.env Figure 21: Create Heroku cloud Create new heroku cloud by clicking on the new button in heroku homepage To complete the deployment process, I just follow these commands to uploads and deploy my server on Heroku Figure 22: Guidance Command Lines Page 18 of 32 After deploying the ATN server to Heroku by utilizing Heroku CLI with the commands line above, the web now can access from every where on internet: Figure 23: ATN warehouse web app Code Implementation Because the source code is quite verbose and it’s hard to present, describe and explain all of the code phrases in the source code in only one assignment, this section only shows the code implementation of the primary atc function which is Upload Product function and the main.js code in the ATN back-end server a) Upload product code implement: In upload product code, for the good practice of this function, the image is no longer being uploaded via online image URL, it will be uploaded as a file and sent to the server To make this function, I use the “Multer” middleware for handling the upload files task Install multi by the node package manager Page 19 of 32 Firstly, I needed to create a middleware handling the determine of the storage location for image when being uploaded Multer provides the option to store the file to disk storage Here, the storage is the uploads folder where all the images uploaded will be stored and they will be provide the new format for each image file Update single image is quite obsolete, this function need to be able to upload multiple files each time The middleware store(exported from the multer middleware above) has been located between the end point “/add” and the function upload product in productController module The built-in operation “array()” will take the image files, save files in filename(in multer middleware above) with a fieldName and store them to the next middleware via req.files Param ‘images’ is shared name of any image files uploaded the ‘12’ params is the maximum files can be uploaded each time For store either product data and images data, it need two create two collection in mongoDb One is “products” collection and the other is “images” Page 20 of 32 Figure 24: UploadProduct (1) Firstly, we need store the product data The product also need to store one of the image files uploaded to quickly and easily retrieve and display the represented image to product site The data of the first image will be handled by SingleImageData(self-defined) method The other product data are sent from “add-product” form Figure 25: UploadProduct (2) To get the img data in the files array stored by multer middleware, map() function is used to get data from each element of files array these data will be encode to base64 Page 21 of 32 Those data will be returned to imgArray and then the imgArray will be called with map() function to use the storeImage(self-defined method to store image data to mongoDb) This function runs through each element of imgArray and return a promise, this promise will be resolved when the image data is stored successfully in mongoDb Promise.all() will only be resolved and response the json when all promises in ‘result’ are resolved b) Main.js(where the server is set up) Figure 26: Main.js In this source code, the libraries, modules and middlewares are imported and utilized to help the web operate properly The set for the view engine, the views directory, etc also configured here Some handlebar helpers also are set up here Page 22 of 32 Source code and website For a realistic perspective, here is the link directly to the web app and GitHub repository code AlthoughtThe update and delete products functions of the web are maintained and developed, this also contains some necessary functions such as search, add, and view detailed products Website link: ATN warehouse Source code: imsimpla2209/ATN_SToy: Asm for Cloud Computing (github.com) III DISCUSS THE ISSUES AND CONSTRAINTS ONE CAN FACE DURING THE DEVELOPMENT PROCESS AS WELL AS CRITICALLY DISCUSS HOW ONE CAN OVERCOME THESE ISSUES AND CONSTRAINTS Issues, Constraints and Solutions to Overcome When Implementing The Code a) Constraints: Honestly, because I rarely work with javascript or specifically node.js, getting an assignment using node.js to develop a web app lead to some constraints when I developing an ATN warehouse code server First of all, since I have learnt mostly the separate/multi-thread language such as JAVa, C# and even PHP before, the complexity and differences of single-thread language(javascript), the concepts from synchronous, asynchronous to their handling ways such as call-back, promise and async-await make me got confused Moreover, handling the request or getting the input, output or anything relating to handling data also need to be proficient or at least have a sufficient understanding of sync as well as async approaches (call-back, async-await and promise) So, this one took me time to get dive into these concepts before starting to develop the ATN warehouse web app Secondly, node.js have a very active developing community which means it has so much way to develop even for a function When I focus to learn JavaScript as well as nodejs runtime environment and its framework, the recommendation system of google gives me a plethora of tutorials and each of them is quite different to the other It partly gives me bad practice when developing the ATN server because it looks like a jumble of different methods, syntax or name conventions I have learnt from various online resources, which leads to the structure of code getting incongruence Additionally, The libraries of node.js also gave me some confusion because of their name when installed For instance, when I installed the MongoDB library but forgot the actual name of this one: These three libraries also got installed successfully but sometimes I really didn’t know what is the actual MongoDB library to import The use of modular programming in nodes also gave me some constraints b) Solution on how one can overcome these issues and constraints: To deal with the concepts of synchronous and asynchronous, I decided to dive into how javascript works I started with the basic concept of how even loop, call stack and the priority of Page 23 of 32 microtask queue and macro task queue work and interact with each other It helped me partly understand the way call back, promise and async-await handle the asynchronous code Thereby, when implementing code I partly could use the async-await inappropriate location(in function which has the need of I/O) Although I still learnt the tutorials from various resources, I try to carefully choose and analyze the possibility of the appropriate ways to develop my web project To avoid the confusing installation of libraries, I come to read the nodejs documentation to find what is correct libraries and search for the libraries npm in google to install the correct libraries In addition, the bad structure of code in the ATN server will be a bad practice So, instead of coding in a way that doesn’t really care about the code structure, I stick to the MVC model to refactor my code structure in a way that I could maintain and update this source in the future Some routes and controllers are separated into different files and this may help me easily extend the function based on the requirement of ATN Issues, Constraints and Solutions to Overcome in debugging a) Constraints: In other projects, I work with other languages(JAVa, C#, PHP) and other IDE(visual studio, IntelliJ, Php Storm), debugging code is integrated and available in IDE and I could easily debug to trace the errors However, when working with nodejs(which uses the V8 engine of the browser), I not find a way to debug code initially Thereby, The program has many implicit errors and I could not detect and fix them b) Solution on how one can overcome these issues and constraints: I found that Expressjs has a helpful tool – Nodemon which provides many useful functionalities such as automatically restarting the node application when files changed In my case, nodemon provides the debugging directly in the browser via the dev tool To active the debug function, I just need to enter the –inspect switch in the package.json file like below: And to open debug screen, I click on this icon on the devtool in the browser From there, I could trace the error of my web app in development process more easily Issues, Constraints and Solutions to Overcome in deploying a) Constraints: Page 24 of 32 Because this is the first time I have deployed my web app onto the Heroku cloud, this platform gives me some confusion When I try deploying my web app onto this platform for the first time, I have not installed CLI and I only push my code onto GitHub and selected this server repository to deploy it directly onto Heroku Because there is no Heroku CLI installed on my pc when running the web app in Heroku, this platform informs me of an error and I cannot find why this error happened I just thought that this error happen because of a mistake when uploading code and it took me hours to find the solution and got no appropriate result Not only web server, but database server deployment also gave me some constraints The connection of MongoDB sometimes got some mistakes because I config the connection function in the web server in the wrong way b) Solutions on how one can overcome these issues and constraints: For detecting the Heroku errors, installing the Heroku CLI is the best way for me Each time I got some errors and my web app cannot be opened in Heroku, I typed “heroku logs” command in the terminal(which cd to the server directory) My web app’s errors when hosted in Heroku are also logged here Thereby, I could know what are the errors and could find the fixing way more straightforwardly Issues, Constraints and Solutions to Overcome in Database a) Constraints: ATN requires to use MongoDB which is NoSQL to be the main database and because I only got some experience in RDBMS such as MySQL and SQL Server MS, there are some constraints in adopting to MongoDB The difficulty comes in using it in the right places in the right way The first time, I thought that MongoDb is quite like MySQL I try to bring the principles of Relational Databases such as fixed tables, normalization, and support for expressive queries in MySQL And then, all I got back was the fact that MongoDB databases entirely differ from MySQL based on the type of NoSQL database (Document Database, Key-Value Database, Graph Database & etc.) such as some of the principles with MySQL such as not storing every information in the database still applies for MongoDB Additionally, the query language also is very different when starting with MongoDB b) Solutions on how one can overcome these issues and constraints: One of the good solutions for me to overcome this constraint is reading and overviewing the documentation of MongoDB and trying to find the answer to some questions such as “what is the schema design”, “what is the collection and document”,… Then, I start practising some basic queries via available samples in the “NoSQL booster for MongoDB” desktop app When having a minor familiarity with this one, I try to apply it to some simple nodejs web apps to practice with MongoDB C SECURITY I Some Issue Of Cloud Computing Platform a) Public Cloud Page 25 of 32  Issue  One of the major issues that business organizations encounter when it comes to cloud computing is data privacy and security issues According to IDG, 36 per cent of small and mid-sized businesses and 42% of enterprises find it difficult The security of both business and customer data will remain an essential problem in the future  For many small and medium-sized enterprises, protecting cloud resources is difficult The use of secure cloud services, comprehension of user agreements, the implementation of privacy settings, the use of strong passwords, the implementation of two-factor authentication, and the installation of firewalls are just a few examples of best practices that can help prevent unauthorized access (Roomi, 2020)  Solution  While some workloads are better suited for private infrastructure, some are better suited for public clouds A hybrid, multi-cloud strategy will produce the greatest benefits for the majority of enterprises (Intel, n.d.) To make sure you can utilize your desired mix of public and private cloud resources, Intel collaborates with ecosystem partners including VMWare - Intel Virtualize ASAP, Red Hat, and Microsoft, as well as leading cloud service providers (CSPs) like AWS, Google Cloud, and Microsoft Azure  Intel offers a solid basis for cloud computing both on-premises and in the cloud Since the inception of the cloud computing industry more than ten years ago, we've worked in partnership with CSPs and other players in the ecosystem to optimize and provide coengineered solutions with the workload-optimized performance our customers have come to expect b) Private Cloud  Issue  In actuality, virtual private clouds (VPCs) and public clouds are more secure than private clouds  They are maintained by several security experts who are skilled at addressing cloud security issues The use of the same back-end technology by all of their clients allows the third-party cloud service provider to ensure that everything is operating properly and safely They need to maintain happy customers As a result, trustworthy cloud service providers will devote more time to keeping their cloud servers' security level high  A private cloud server is not what is meant by a true cloud The genuine definition of cloud technology is that it is both elastic and scalable There isn't any more hardware you need to purchase You must purchase more hardware to enhance the capacity if you are managing your cloud server  Solution  Establish clear, shared security policies: Cloud deployment ought to start with clearly defined and followed security procedures Recognize that security is a shared duty Page 26 of 32 between staff and the cloud provider and know which rules are applied to the provider Having a solid security policy in place It will be preferable if build security rules with aspects like remote working, employee-tier access, etc in mind  Authenticate users and assure complete, consistent security without purchasing expensive hardware or networking equipment or increasing IT complexity c) Hybrid Cloud  Issue  Lack of Data Migration Readiness It takes time and effort to transition from another cloud or data centre to a hybrid system (VELIMIROVIC, 2020)  Depending on the business and area, a corporation may be required to follow a certain data usage and storage rule or regulation For example, if you work in the healthcare industry, you must adhere to HIPAA regulations If you keep financial information about users, your system must adhere to the Payment Card Industry Data Security Standard (PCI DSS)  A hybrid configuration employs both public and private clouds, as well as on-premises dedicated servers Multiple infrastructures and technology stacks in a single design can quickly lead to tool and process incompatibilities  Solution  If the organization is subject to specific legislation, make sure the team incorporates it into the initial workload and storage planning  Examine each hybrid section as a separate entity as well as a component of a larger system Even if a component is compliant in a vacuum, the interplay of subsystems might pose dangers  Analyze operational and performance burden characteristics  Create a capacity strategy and remove any unused or underused services  Plan the provisioning of data, storage, network, security, and application stacks  Employees should not be required to manually enter passwords onto encrypted disks II Security Issues In Cloud Environments And Solution to Overcome These Issues When Building A Secure Cloud Platform Data Breaches a) Issue Description  Data breaches, which are the responsibility of both CSPs and their customers, were named the top cloud security threat again this year in the CSA report Over the years, the cloud has been blamed for a number of data breaches, the most notable of which was Capital One's cloud misconfigurations (Antonenko, 2021)  A data breach can bring a company to its knees, causing irreversible damage to its reputation, financial woes due to regulatory implications, legal liabilities, incident response costs, and decreased market value b) Solution when building a secure cloud platform Page 27 of 32     Defining the worth of data and the consequences of its loss Encrypting data and having a solid, well-tested incident response strategy Performing procedures for data input and output integrity Using the concept of least privilege to manage access and developing policies and processes for safe data removal and destruction  Employee education on data security best practices is a wonderful idea, but so is selecting to store only information that is truly important for your organization Misconfigurations and inadequate change control a) Issue Description:  When assets are configured incorrectly, they are vulnerable to attack For example, the Capital One breach was traced back to a web application firewall misconfiguration that exposed Amazon S3 buckets Excessive permissions and the use of default credentials, in addition to insecure storage, are two major sources of vulnerabilities  In addition, ineffective change control can lead to cloud misconfigurations To support rapid change in on-demand, real-time cloud environments, change control should be automated  Misconfigurations and change control are new to the cloud security threat list b) Solution when building a secure cloud platform:  Paying specific attention to facts accessible via the internet  Defining the commercial value of data and the consequences of data loss, as well as developing and implementing a solid incident response strategy  Ensure that external partners follow the change management, release, and testing protocols used by internal developers  Conducting risk assessments at regular intervals and providing security awareness training to contractors, third-party users, and staff Lack of cloud security architecture and strategy a) Issue Description:  Too many businesses rush into the cloud without the necessary architecture and plan in place Customers must understand the dangers they face before moving to the cloud, how to migrate to the cloud safely (it is not a lift-and-shift procedure), and the intricacies of the shared responsibility model  This danger is new to the list and is the responsibility of the client Customers will be exposed to cyber assaults without sufficient planning, which can result in financial losses, reputational harm, and legal and compliance difficulties b) Solution when building a secure cloud platform:  Maintaining risk assessment policies includes keeping policies, processes, standards, and controls up to date Page 28 of 32  Designing, developing, and deploying business-critical/customer-impacting application and API designs and configurations, network and system components, and IT governance and service management policies and procedures  In network settings and virtual instances, communication between trustworthy and untrusted connections is restricted and monitored Data Loss/ Leakage a) Issue Description:  Data loss is frequently caused by internal issues rather than external threats You recognize that accidents happen and that human error is a problem in any technological system Nonetheless, if data is not securely safeguarded, it might be permanently lost b) Solution when building a secure cloud platform:  To avoid data loss in cloud storage, cloud computing clients should study data loss clauses and understand who is accountable for data loss when it occurs Many service providers provide data backups as part of their agreement If your data is crucial, you may even elect to store it both locally and remotely in a hybrid cloud Account hijacking a) Issue Description:  Cloud account hijacking is the revelation, unintentional leakage, exposure, or other breaches of a cloud account that is vital to the operation, administration, or maintenance of a cloud environment If these highly privileged and sensitive accounts are compromised, the repercussions can be catastrophic (Shea, 2021)  Account penetration can result in data breaches and service outages due to phishing and credential stuffing, weak or stolen credentials, and faulty coding b) Solution when building a secure cloud platform:  Keeping in mind that account hijacking involves more than just a password reset and employing defence-in-depth and IAM restrictions  Creating, documenting, and implementing a single business continuity strategy  Distinguishing between production and nonproduction situations  Maintaining and routinely updating compliance liaisons in preparation for a forensic investigation that requires immediate interaction with law enforcement Insecure interfaces and APIs a) Issue Description:  Some of the most visible components of a cloud environment are CSP UIs and APIs that allow users to interact with cloud services The security of any cloud service begins with how effectively it is secured, which is the responsibility of both clients and CSPs  Page 29 of 32  Customers must be attentive in managing, monitoring, and securely using what CSA refers to as the "front door" of the cloud This danger fell from third to fourth in the last study, but it is still critical to handle b) Solution when building a secure cloud platform:  Maintaining excellent API hygiene  Using standard and open API frameworks to avoid API key reuse  Designing, building, implementing, and testing APIs in line with industry best practices, while also complying to applicable legal, statutory, and regulatory duties  To prevent data leakage and manipulation, segregate and restrict access to audit tools that interface with the organization's information systems  Limiting utility programs' ability to override system, object, network, virtual machine, and application controls (Antonenko, 2021) III How an Organization Should Protect Their Data Understand the Shared Responsibility Model A shared responsibility approach governs cloud providers To guarantee that their migration is secure, the organization must first understand the components of this model for which they are accountable Their obligations differ depending on whether they utilize Infrastructure as a Service (IaaS), Platform as a Service (PaaS), or Software as a Service (SaaS) (SaaS) The graphic below depicts how this obligation is divided across the three models: SaaS PaaS IaaS Cloud User Cloud Provider Endpoints, data Endpoints, data, applications Endpoints, data, applications, operating system, middleware Hardware, storage, network, virtualization Hardware, storage, network, Hardware, storage, virtualization, operating network, virtualization, system, middleware, operating system, applications middleware As opposed to an on-premise system, ensuring sufficient visibility in the cloud might be more difficult Understand Compliance Requirements When migrating to the cloud, the organization must understand what regulatory restrictions, if any, apply to their data (Randall, 2019) This is especially vital if they work in a highly regulated area, such as healthcare or commerce They must determine how to fulfil storage, encryption, backup, and transfer needs Page 30 of 32 Many providers have HIPAA, PCI-DSS, and GDPR compliance certifications Even with these certifications, they may need to delete personally-identifying information before migrating Some restrictions may demand that the organization maintain data exclusively on-site While cloud providers provide tools to assist them in meeting compliance, they are the ones who will be punished if compliance is not reached Centralize Monitoring Cloud connectivity might enhance the possibilities for assaults as well as their speed and number The organization must account for these dangers while also protecting its existing systems As the organization move, and often after, they will have security tools running both on-premises and on the cloud Centralizing the administration and usage of these technologies can make life much easier for their security staff It can help them detect and respond to threats and weaknesses more quickly and reliably Consider using a Security Information and Event Management (SIEM) system to improve the efficacy of your security team SIEMs allow them to consolidate alarms and logging while also incorporating analytics, machine learning, and automation Encrypt Data When transferring to the cloud, their data must be secured both at rest and in transit Data is most susceptible when exposed to the Internet, thus employ secure transport protocols (such as HTTPS) during any data transfers The organization might also investigate transferring data via an appliance, which is available through their provider or a third party If you choose this option, ensure that data is encrypted before it leaves their facility In general, before transmitting data, they should encrypt their storage device Pick the proper data centre migration solution for the job The following critical step is selecting the appropriate tools for a safe and compliant data centre move Simply said, don't use a hammer when a chisel will suffice Their data will need to be cleaned, audited, upgraded, or modified in some other way As a result, the tools they use - or their cloud vendor - should allow the organization to the task swiftly and cost-effectively D CONCLUSION The implementation of the ATN web system has been presented clearly with images and explanations After that, it is reasonable to argue that cloud computing is gradually evolving into a new standard given Page 31 of 32 the wealth of advantages it provides to businesses Future issues like massive data management, cyber security, and quality control are being addressed via cloud computing However, the security concern of cloud computing also grows as its potential grows Solutions could be provided, but they always needed to be innovated and analyzed to keep track of security concerns which are gradually become aggression The conclusion for cloud computing is that it is a transformative technology that has aided Organizations in many authorities to supply their goods and services in a more effective manner than previously References Antonenko, D., 2021 cloud computing security issues and challenges [Online] Available at: https://www.businesstechweekly.com/cybersecurity/data-security/cloud-computing-security-issuesand-challenges/ Intel, n.d [Online] Available at: https://www.intel.com/content/www/us/en/cloud-computing/what-is-public-cloud.html Randall, E., 2019 Steps to Ensure Your Cloud Migration is Secure [Online] Available at: https://www.exabeam.com/how-to/5-steps-to-secure-your-cloudmigration/#:~:text=When%20migrating%20to%20the%20cloud%2C%20your%20data%20needs%20to%20be,HTTP S)%20during%20any%20data%20transfers Roomi, M., 2020 Advantages and Disadvantages of Public Cloud | Limitations & Benefits of Public Cloud [Online] Available at: https://www.hitechwhizz.com/2020/05/5-advantages-and-disadvantages-risks-benefits-of-publiccloud.html Shea, S., 2021 Top 11 cloud security challenges and how to combat them [Online] Available at: https://www.techtarget.com/searchsecurity/tip/Top-11-cloud-security-challenges-and-how-tocombat-them VELIMIROVIC, A., 2020 Hybrid Cloud Challenges and Hybrid Cloud Adoption [Online] Available at: https://phoenixnap.com/blog/hybrid-cloud-challenges Web, T., 2020 Why Express JS is Used in Node JS? [Online] Available at: https://tamalweb.com/why-expressjs-in-nodejs Page 32 of 32

Ngày đăng: 09/06/2023, 11:28

TỪ KHÓA LIÊN QUAN