Cloud Computing: Common Issues and Security Risks with Solutions, Exercises of Project Management

Download Cloud Computing: Common Issues and Security Risks with Solutions and more Exercises Project Management in PDF only on Docsity! 1 | P a g e ASSIGNMENT 2 Qualification BTEC Level 5 HND Diploma in Computing Unit number and title Unit 16: Cloud Computing Submission date 19/8/2022 Date Received 1st submission Re-submission Date Date Received 2nd submission Student Name Pham Lam Thai Student ID BHAF200110 Class PBIT17102 Assessor name Le Van Thuan Student declaration I certify that the assignment submission is entirely my own work and I fully understand the consequences of plagiarism. I understand that making a false declaration is a form of malpractice. Student’s signature Thai Grading grid P5 P6 P7 P8 M3 M4 D2 D3 2 | P a g e  Summative Feedback:  Resubmission Feedback: Grade: Assessor Signature: Date: Signature & Date: 5 | P a g e Content 1. Configure and Implement a Cloud Computing Platform SBTEC 7 Table of contents Push Source Deploy on Connect to Functions Code on Github Heroku database on EC2 Application | “GitHub ~~ a a > Amazon EC2 First, I will download and install GIT on my personal 7 computer. Once it's successfully installed, I will upload my Service source to the Github repository and continue to connect Git De loyment with Heroku to deploy the previously uploaded source Lee code. Once done, I will the link to the database resides in Amazon's existing EC2 server. * 6|Page  Push Source-Code on Github —= First, when in GitHub main screen, click the plus icon in the top right corner of the screen and ie select a new repository. Then enter the name and press Create 7|Page  és m oO when I push the code to github, I will go to heroku to create a new app and deploy to heroku as follows: Jump to Favorites, Apps, Pipelines, Spaces. Create New App App name (ome _asm2-cloudcomputing is avilable Choose a region NEXT Deployment metnos App comectes to Gti Automatic sep ‘Seppe ape Manu deploy estoy he cares rancho nit 9° Comectato RuemlASUO cowsomastg by 1 Pamiants “= Paes eget nko OI teen comm © somaya tom B wa {annow ange ou man depo ranch om mater tomar fore mans and stoma deo eae (eto tn actors © Patomatc deploys trom B ‘puntos wt poy Deploy ctu branch ‘hi nt ety te cent sate ofr arch ou tec blo aun a chone a ranch dept roe =a 10|Page NEXT Deploy a GitHub branch This will deploy the current state of the branch you specify below. Learn more. Choose a branch to deploy B main Receive code from GitHub Build main beves4ee Release phase Deploy to Heroku Your app was successfully deployed. This is my website when connected to Heroku without databases ‘BTEC 11|Page After successfully deploying the source code, I will proceed with the database on EC2. Firstly, I would use Xshell 5 to access the existing EC2 server as shown: New Seezcn Propartes aegere = Connection © Authentication Lage pep Loan Sorts ose Sect tunnel ng SAP qaNer ALoGIN SERAL Connect to DB on EC2 ceed — vane [nar ] ree: — Host: 3:132.234.1571 otramie: [a1 [| | 2worret (Cerne atria it erection i emit uepececly erat 0 Eanes 0] an Totes (Clusenege's agp x New Session Properties Category: ‘Connection Sel an ado ee ad hie: tld perros This seco a session propety is prvi fr wane ronventene login pocea= ‘Toleav ‘is elds empty rcommended f secunty a vary mpertane ams cae i ra "Note: Puble Ka anc Kayboard Intracve ae aafable fer SSH/SH1P protec only / Ee) Cee 12|Page ‘BTEC te ed N Thaipl.* TO ‘Thaipl'@'%' IDENTIFIED BY ‘1 affected (0,005 sec mysql -u root -pl. ect Note: Should give the user full rights MariaDB [(none)]> GRANT ALL PRIVILEGES ON *.* TO 'Thaipl'@'% Query OK, © rows affected (8.001 sec) After having the data in the database, | proceed to change the path in the php files that have been uploaded to Github and then push those files again after completing the changes. <?php (elses if(!$connect){ Not c i Finally, after uploading the new codes to G and connecting to heroku again with the database, we get the following results: 15|Page ‘BTEC e ms Functions First, the registration function will be like the picture below and the user oe just needs to fill in the content and press Register to be ok 16|Page ‘BTEC Next, when the user has an account and also just needs to enter the account name and password in the form below and click Login is ok. (Username. For the search function, when you search for keywords you need to find as follows: 17|Page  20 | P a g e 2. Common Cloud issues and Security issues in Cloud Environment 2.1.Common Cloud issues  Data security and Privacy Data security is a major concern when switching to cloud computing. User or organizational data stored in the cloud is critical and private. Even if the cloud service provider assures data integrity, it is your responsibility to carry out user authentication and authorization, identity management, data encryption, and access control. Security issues on the cloud include identity theft, data breaches, malware infections, and a lot more which eventually decrease the trust amongst the users of your applications.  Cost Management Even as almost all cloud service providers have a “Pay As You Go” model, which reduces the overall cost of the resources being used, there are times when there are huge costs incurred to the enterprise using cloud computing. When there is under optimization of the resources, let’s say that the servers are not being used to their full potential, add up to the hidden costs. If there is a degraded application performance or sudden spikes or overages in the usage, it adds up to the overall cost.  Performance Challenges Performance is an important factor while considering cloud-based solutions. If the performance of the cloud is not satisfactory, it can drive away users and decrease profits. Even a little latency while loading an app or a web page can result in a huge drop in the percentage of users.  Multi-cloud Environment Due to an increase in the options available to the companies, enterprises not only use a single cloud but depend on multiple cloud service providers. Most of these companies use hybrid cloud tactics and close to 84% are dependent on multiple clouds. This often ends up being hindered and difficult to manage for the infrastructure team. The process most of the time ends up being highly complex for the IT team due to the differences between multiple cloud providers.  Lack of Knowledge and Expertise Due to the complex nature and the high demand for research working with the cloud often ends up being a highly tedious task. It requires immense knowledge and wide expertise on the subject. Although there are a lot of professionals in the field they need to constantly update themselves. Cloud computing is a highly paid job due to the extensive gap between demand and supply. There are a lot of vacancies but very few talented cloud engineers, developers, and professionals.  Interoperability and Flexibility There is a lack of flexibility from switching from one cloud to another due to the complexities involved. Handling data movement, setting up the security from scratch and network also add up to the issues encountered when changing cloud solutions, thereby reducing flexibility. 21 | P a g e 2.2.Common Security issues These issues often come from two parties: Cloud Service Provider (CSP) and Cloud Service Customer (CSC). There are some areas that are at risk of being compromised and hence must be secured when it comes to cloud computing. Each area represents a potential attack vector or source of failure. By risk analysis, there are five key areas have been identified:  Organizational Security Risks: are categorized are categorized as the risks that may impact the structure of the organization or the business as an entity. If a CSP goes out of business or gets acquired by another entity, this may negatively affect their CSPs since any Service Level Agreements (SLA) they had may have changed and they would then have to migrate to another CSP that more closely aligns with their needs. In addition to this, there could be the threat of malicious insiders in the organization who could do harm using the data provided by their CSCs.  Physical Security Risks: The physical location of the cloud data center must be secured by the CSP in order to prevent unauthorized on-site access of CSC data. Even firewalls and encryption cannot protect against the physical theft of data. Since the CSP is in charge of the physical infrastructure, they should implement and operate appropriate infrastructure controls including staff training, physical location security, network firewalls. It is also important to note that the CSP is not only responsible for storing and process data in specific jurisdictions but is also responsible for obeying the privacy regulations of those jurisdictions. 22 | P a g e  Technological Security Risks: These risks are the failures associated with the hardware, technologies and services provided by the CSP. In the public cloud, with its multi tenancy features, these include resource sharing isolation problems, and risks related to changing CSPs, i.e. portability. Regular maintenance and audit of infrastructure by CSP is recommended.  Data Security Risks: There are a variety of data security risks that we need to take into account. The three main properties that we need to ensure are data integrity, confidentiality and availability. 3. Solutions for some issues 3.1. Solutions for Cloud issues  Cost issues: Design and list the necessary functions that businesses need to use for the project. From there, choose the service package that best suits your business needs. In case you need to reconfigure the cloud to suit your business, you need the IT team to work and discuss in advance about technical issues, pricing, etc.  Technical issues: Enterprises need to build and train an IT team specializing in building, debugging and handling cloud-related issues.  Security issues: Before registering and using the services of cloud service providers, enterprises need to verify whether the provider is trustworthy, information security services are safe, they have policy to ensure the security of customer information and data, etc.  Performance issues: Find out if providers have service plans with performance guarantees. In case there is no reasonable service package or there is a problem in the deployment process, it is necessary to discuss directly with the same level provider and find a reasonable solution in accordance with the needs of the business. 3.2. Solution for Security issues  Organizational Security Risks: Malicious Insiders - The risk of having malicious personnel in a CSPs staff can be mitigated by putting strict legal constraints in contracts when hiring personnel. A comprehensive assessment of the CSP by a third party, as well as a robust security breach notification process will also go a long way to preventing this.  Physical Security Risks: Physical Breach - The risk of intruders gaining physical access to devices used in the provision of cloud services can be reduced by having strong physical security deterrents in place such as armed guards, keycard access and biometric scans to restrict access to sensitive locations in the data center.