Iaetsd design and implementation of secure cloud systems using

Design and Implementation of secure cloud systems using

Meta cloud

Perumalla Gireesh

M.Tech 2nd year, Dept. of CSE, ASCET, Gudur, India

Email:[email protected]

_____________________________________________________________________________________

Abstract – Cloud computing has recently emerged

as a new paradigm for hosting and delivering

services over the Internet. Cloud computing is

attractive to business owners as it eliminates the

requirement for users to plan ahead for

provisioning, and allows enterprises to start from

the small and increase resources only when there

is a rise in service demand. However, despite the

fact that cloud computing offers huge

opportunities to the IT industry, the development

of cloud computing technology is currently at its

infancy, with many issues still to be addressed. In

this paper, we present a survey of cloud

computing, highlighting its key concepts,

architectural principles, and state-of-the-art

implementation as well as research challenges.

Meta cloud based on a combination of existing

tools, concepts and provides the convenient to

organize the private clouds. This can consider the

only vendor lock-in problem of different vendors

in cloud. For that Meta cloud provides an abstract

way from existing schemes to solving this problem

effectively. But it does not consider the users data

privacy in transforming Meta cloud. To address

this problem, we introduce Business Continuity

Management (BCM). This is defined as a holistic

management process that identifies to an

organization and reduces the impacts of data

leakage issues.

Index terms – Meta cloud, Cloud Privacy, private

clouds, security.

I. INTRODUCTION

With the rapid development of processing and

storage technologies and the success of the

Internet, computing resources have become

cheaper, more powerful and more ubiquitously

available than ever before. This technological

trend has enabled the realization of a new

computing model called cloud computing, in

which resources (e.g., CPU and storage) are

provided as general utilities that can be leased and

released by users through the Internet in an on-

demand fashion.

127

INTERNATIONAL CONFERENCE ON CURRENT INNOVATIONS IN ENGINEERING AND TECHNOLOGY

INTERNATIONAL ASSOCIATION OF ENGINEERING & TECHNOLOGY FOR SKILL DEVELOPMENT

ISBN: 378 - 26 - 138420 - 5

www.iaetsd.in

The cloud computing paradigm has achieved

widespread adoption in recent years. Its

success is due largely to customers’ ability to

use services on demand with a pay-as-you go

pricing model, which has proved convenient

in many respects. Low costs and high

flexibility make migrating to the cloud

compelling. Despite its obvious advantages,

however, many companies hesitate to “move

to the cloud,” mainly because of concerns

related to service availability, data lock-in,

data security and legal uncertainties.

A previous study considers the data lock-in

problem and provides a convenient way to

solve this using Meta cloud. The problem is

that once an application has been developed

based on one particular provider’s cloud

services and using its specific API, that

application is bound to that provider;

deploying it on another cloud would usually

require completely redesigning and rewriting

it. Such vendor lock-in leads to strong

dependence on the cloud service operator.

The Meta cloud framework contains the

following components: Meta cloud API, Meta

cloud proxy, resource monitoring and so on.

But sometimes, transforming cloud as meta

cloud data security issues are raised which are not

consider in the previous study.

a) The Key Challenges

Being virtual in concept, the cloud environment

generates several questions in the minds of users

with respect to confidentiality, integrity and

availability. The key challenges for the adoption

of the cloud are as given below:

Assurance of the privacy and security

The cloud users are wary of the security and

privacy of their data. The multi-tenant

environment of the cloud is causing concerns

amongst enterprises. As the same underlying

hardware may be used by other companies and

competitors, it may lead to a breach of privacy.

Moreover, any data leakage or virus attack would

have a cascading effect on multiple organizations.

Reliability and availability

Instances of outages at the facilities of the cloud

service providers have raised concerns over the

reliability of the cloud solutions. Enterprises are

recognizing that they would have to deal with

some level of failures while using commodity-

based solutions. Also, the cloud providers cannot

give an assurance on the uptime of their external

internet connection, which cloud shut all access to

the cloud.

Data Security is Key Concern

There are a number of concerns surrounding the

adoption of the cloud especially because it is a

relatively new concept. Assuring customers of

data security would be one of the biggest

challenges for cloud vendors to overcome. The

128



ISBN: 378 - 26 - 138420 - 5

www.iaetsd.in

Figure 1 shows the chart of the key barriers to

cloud adaptation.

Figure 1 Chart of the key barriers

To address this problem this paper introduce

the Business Continuity Management (BCM)

is defined as a holistic management process that

identifies to an organization and reduces the

impacts of data leakage issues. This contains

following stages Project initiation, understand the

organization, BC strategies, develop Business

continuity planning, and Apply BCP. The

Business Continuity Planning is shown in the

following Figure 2.

Figure 2 Business Continuity Management

Overview

II. PROPOSED WORK

In this section we introduce a novel solution

Business continuity management (BCM) and

provide the overview of the Business Continuity

Management.

a) Business Continuity Management (BCM)

The BCMS will use to Plan Do Check Act

approach. The PDCA approach can be applied to

every element of the BCM lifecycle.

Business Continuity leads (BC leads)

Leads for business continuity management will be

appointed in each directorate, regional, area team

and hosted bodies within the strategy.

BC leads will perform the following:

Promote business continuity Management

Receive BC training

Facilitate the completion of BIAs

Develop BCPs

Ensure that BCPs are available during

incident response

Ensure that incident responders receive

training appropriate to their role

Ensure that plans are tested, reviewed and

updated

Participate in the review and development

of the BCMS.

129



ISBN: 378 - 26 - 138420 - 5

www.iaetsd.in

Business Continuity working Groups

Working groups may be established to:

Take control of resource allocation Set priorities

Set continuity strategies in line with the

organization’s objectives and responsibilities

Establish the measures that will be used to assure

the BCMS remains current and relevant Report to

top management on the performance of the

BCMS.

Emergency preparedness resilience and response

(EPRR)

The business continuity program will have close

links to EPRR because both desciplines aim to

ensure the organization is resilient and able to

respond to threats and hazards. The BCMS

described in this strategy will ensure that the

organization is able to manage risks and incidents

that directly impact on its ability to deliver

business as usual.

Assurance

The National support centre will maintain an

overview of the BCMS. BC leads will be reuired

to report on progress within their areas.

BCM Documentation

The National Support Centre will be given access

to related documentation by areas within the

scope, such as BCPs, training records, incident

records and exercises to facilitate the sharing of

good practice throughout the organization. The

Business Continuity management has the

following stages:

Stage 1- Understanding the Organization

Understanding the business is essential in

developing an appropriate BCM Programme. A

detailed understanding of what processes are

essential to ensure continuity of prioritized

activities to at least the minimum business

continuity objective level will be achieved by

undertaking BIA. The BIA will incorporate

continuity requirements analysis which may

include the staff skills, competencies and

qualifications required for prioritized activities.

BIAs will describe as follows:

The prioritized activities of departments/

teams;

The impact that the incidents will have on

prioritized activities

How long we could continue using the

emergency measures before we would have to

restart our normal activities;

A description of the emergency measures

we have in place to deal with an incident;

The threats to the continued delivery of

priority activate.

Stage 2 – Determining BCM strategy

BIAs will create a picture of the

organizations dependencies, vulnerabilities

and business continuity risks. This information

will be used to:

130



ISBN: 378 - 26 - 138420 - 5

www.iaetsd.in

To assist in deciding the scope of the

BCM programme.

To provide the information from which

continuity options can be identified and

evaluated.

To assist the preparation of detailed plans

Decisions that determine business continuity

strategies will be made at an appropriate level

Recovery

People

Premises

Technology and information

Suppliers and partners

Stage 3 – Developing and implementing a BCM

response

This stage considers the incident reporting

structure, business continuity plans, and

Prioritized activity recovery plans.

Incident Reporting Structure

There are various sources of information

pertaining to business continuity threats such as

severe, flooding and soon.

The impact of all incidents will vary. It is

important that the response to an incident is

appropriate to the level of impact and remains

flexible as the situation develops. Business

continuity plans will be based on different levels

of response and escalation.

Business Continuity Plans

Various plans will continue to be developed to

identify the actions that are necessary and the

resources which are needed to enable business

continuity. Plans will be based upon the risks

identified, but will allow for flexibility.

Prioritized activity recovery plans (PARPs)

Priority activities are those activities to which

priority must be given following an incident in

order to mitigate the impact. Activities of the

highest priority are those that if disrupted, impact

the organization to the greatest extent and in the

shortest possible time.

Stage 4 – Exercise, Audit, Marinating and

reviewing

Exercises

It is essential that regular BC exercises are carried

out to ensure that plans are tested and continue to

be effective and fit-for-purpose as operational

processes and technology configurations are

constantly changing. Exercise will rise awareness

of BCM procedures.

Audit

To validate compliance with the

organizations BCM polices and standards

To review the organizations BCM

solutions

To validate the organizations BCM plans

To verify that appropriate exercising and

maintenance activities are taking place. To

131



ISBN: 378 - 26 - 138420 - 5

www.iaetsd.in

highlight decencies and issues and ensure their

resolution

Management Review

An annual review of this strategy will be

undertaken. However, events may prompt more

frequent re-examination, such as:

A BIA revision which identifies

substantive changes in processes and

priorities;

A significant change in the threat

assessment and/or risk appetite of the

organization

New regulatory or legislative

requirements.

Embedding BCM in the Organization’s

culture

BCM must be an accepted management

process, full endorsed and actively promoted

by directors. The communication of high-level

endorsement to all is essential. There are

various ways in which this be achieved:

Business continuity will be part of the

organization’s induction for new starters

Participation in BIA and writing BCPs

Communication of risks, alerts and

incidents

Business continuity information will be

available on the staff intranet

Business continuity training

Business continuity exercises

CONCLUSION

In this paper we introduce a novel solution to

provide a convenient way to process to identify the

various security threats. This paper considers a

survey of Business continuity management (BCM)

to avoid the security risks.

REFERNCES

[1] ISO 22301 Societal Security - Business

Continuity Management Systems

Requirements.

[2] NHS England Core Standards for Emergency

Preparedness, Resilience and Response

(EPRR).

[3] J. Skene, D.D. Lamanna, and W. Emmerich,

“Precise Service Level Agreements,” Proc.

26th Int’l Conf. Software Eng. (ICSE 04),

IEEE CS Press, 2004, pp. 179–188.

[4] Q. Zhang, L. Cheng, and R. Boutaba, “Cloud

Computing: State-of-the-Art and Research

Challenges,” J. Internet Services and

Applications, vol. 1, no. 1, 2010, pp. 7–18.

[5] The Route Map to Business Continuity

Management: Meeting the Requirements of

ISO 22301.

132



ISBN: 378 - 26 - 138420 - 5

www.iaetsd.in

AUTHORS

Mr.P.Gireesh received the

Vaishnavi Instutiate of

Technology, Tirupathi,

B.Tech degree in computer

science & engineering from

the Jawaharlal Nehru technological university

Anantapur, in 2011, and received the Audisankara

College of Engineering and Technology, Nellore

M.Tech degree in computer science engineering

from the Jawaharlal Nehru technological

university Anantapur in 2014, respectively. He

Participated National Level Paper Symposiums in

different Colleges. He interests Computer

Networks, Mobile Computing, Network

Programming, and System Hardware. He is a

member of the IEEE.

133



ISBN: 378 - 26 - 138420 - 5

www.iaetsd.in