Cloud Computing Challenges

(Ashraf Ullah)1), (Adnan)1),2, Awais Adnan,Dr.AliComputer Science,IMsciences,Pakisan

Computer Science,Bradford,UKmarwat_ims@yahoo.com,A.adnan1@bradford.ac.uk

Abstract— Cloud computing is a major emerginginformation and communications technology (ICT) trendacting as a key technology and market development themefor the industry and ICT users in 2011. Due to the immensebusiness opportunities, it emerged an efficient model fortoday’s business enterprises and renowned large businessportal engines. This technology is still in its initial phase andis not mature enough, facing various problems andchallenges. Today, however, to address these issues, manydiverse but un-coordinated, efforts are underway of both theacademic and industrial research communities. This paperhighlights some major issues and challenges like security,storage, data center and technical issues. A newcryptographic scheme based on elliptic curves is thepromising future direction for solving key managementproblem in cloud computing.

Keywords- Distribution;Flexibility; Network;Virtualization

I. INTRODUCTION

The development of technology with a new concept inthe use of internet has emerged to be called as ‘CloudComputing’. The provisioning of hardware and softwareresources across the internet is referred to as Cloudservices. Industry and academia observers have declaredthat cloud computing has a great developmental themeand commercial potential. Literature survey shows that ITcloud service of the Market–research firm IDC expectsspending to grow from about $16 billion in 2008 to about$42 billion by 2012 and to increase its share of overall ITspending from 4.2 to 8.5 percent [1].Cloud computing on the basis of scope and usage has threetypes.

A. Private Cloud: Private cloud is ‘internal’ network,where host services pull together limited number ofthe customers by cloud service provider over theinternet behind a firewall with full control over data.In Private cloud security and quality of service (QoS)as well as the general architecture is managed andsupervised by its own IT organization or by cloudservice provider.

B. Public Cloud: Public cloud is‘external’network,where host services pull togetherthe maximum number of customers,over the internetdynamically via web through web services from onoffsite third-party and their

Computing deployment models; generally an openarchitecture for the vendors and customers with lesscontrol over data. Security and quality of services are thehot issues in public cloud computing.

C. Hybrid Cloud: Hybrid cloud is the combination ofboth Private and Public cloud’s infrastructure as the wordhybrid clearly shows it meaning. In Hybrid cloud serviceprovider or IT organization runs non core applications onthe public cloud interface while core and sensitiveapplications are run on the private cloud. However,sharing of resources in this kind of infrastructure is verydifficult from one interface to another having differentinfrastructures.There are three common architectures for cloudcomputing.1) SaaS (Software-as-a-Service): In the earlytraditional models when applications software runs on pcuser had to pay for updating its license. Moreover,problems of incompatibility may arise with the resourcespc. The SaaS model generally supports web servicesapplications and SOA (Service-Oriented-Architecture)architecture, where updated applications, provided bydifferent vendors or cloud service providers through theinternet are hosted and you can run these applications atany resource anywhere at anytime based on “pay-as-you-go”. The following are the advantages of the SaaS model.

Users can enjoy the latest versions of differentapplications software since updates andenhancements are done automatically.

In SaaS model there is no software deployment forrunning the applications; so you can run thesoftware immediately.

2) IaaS (Infrastructure–as-a-Service): IaaS model isthe infrastructure of different hardware, software andstorage components based on virtualization with differentresources and cloud applications are provided to thecustomers by vendors and different cloud serviceproviders in distribution manner over the internet. Thefollowing are the advantages of the IaaS model.

It provides reliable internet services to multipleusers over the scalable network.

It provides scale infrastructure of storage, memory,and other resources on the network to multiplevendors on the scalable network of distribution andon demand.

3) PaaS (Platform-as-a-Service): This modelprovides a general platform for the developer wheredifferent development tools and built-in applications arehosted that allows the developer to make their ownapplications without installing any hardware or software,and can be accessed through internet via a browser. Thefollowing are the advantages of the PaaS model.

It simplifies the work of developers by enablingthem to focus only on developing regardless of anyinfrastructure.

It is also too much cheaper as it does not need anyextra installation of software and hardware by adeveloper.

II. BACK GROUND KNOWLEDGE

The word internet was used for the first time in 1960by the American research department to share sensitiveinformation at a small-scale for research purposes calledARPANET and was based on the packet switchingtechnology. The enhancement of internet technologies anddynamic expertise in the field of IP-based networks, anew concept was introduced called Cloud computing [2].Cloud computing is a new and emerging trend forbusiness enterprise. With the emergence of this concept,new deployment models like SaaS (Software-as- Service),PaaS (Platform-as-a-Service), HaaS (Hardware-as-Service), FaaS (Framework–as-a-Service), OaaS(Organization- as-a-Service), XaaS (Everything-as-a-Service) has replaced the existing traditional models.Now-a-days, most of the web-based applications likeEC2, Amazon, Azhur, IBM Blue Cloud, and GoogleApple Engine (GAE) etc; use Cloud deployment modelsfor various applications over the internet. However,having no standard taxonomy and its open architectureresults in different issues like storage, data accessibility,performance, security, management of the data flow anddata operations.

Security concerns are important for the privacy andpreservation of confidential data from un-authorizedaccess and use. Cloud developers must add developmenttools in cloud deployment models that ensure updatedsecurity with the passage of time so that security levelsmay be progressively enhanced to provide fine-grainedand trustworthy service across multiple platforms. Thesesteps will solve issues of scalability, interoperability andsoftware deployment and it will ensure efficient modelsfor today’s business enterprises and large business portalengines. This technology is still a far cry to facilitate largebusiness enterprises. It is still in its early stages and is notmature enough to face successfully so many problems andchallenges [3] [4].

III. CLOUD COMPUTING ISSUES

A. Security Issues in Cloud ComputingSecurity is to be considered very important in such

type of network where resources are accessed by multipleusers simultaneously from different heterogeneousnetworks. However due to open structure and no standardtaxonomy about 87.5% of security threats yet remainsunresolved in cloud computing from differentperspectives [5].Some security concerns are listed below[6] [7].

1) Key ManagementCloud customers and vendors are needed to be guard

to protect his/her data from the data loss and theft. Strongencryption with key management is the core mechanismthat can be used by cloud computing system to protecthis/her out sourced confidential data form data loss andintruders is still hot concern in cloud computing due tointeroperability, data confidentiality and overheadproblems [8] [9] [10].

a) Interoperability ProblemExisting cloud service provider uses basic schemes forsecurity of the cloud applications and resources and theirprotection level up to the customers with lack of theinteroperability. While now OASIS (Advanced-Open–Standard-for-Information-Society) [11] adopts KMIP (KeyManagement Interoperability Protocol) where differentcloud users having different APIs store and access theoutsourced confidential data dynamically. It is in its initialstage and needs more work for adoption.

b) Data confidentiality IssueCloud computing is the heterogeneous base network whereeach network has its own applications and protocols forcommunication, and offer the services to users at publicnetwork (rather than private), revealing the system to moreattacks. We heard this multiple time “My sensitive corporatedata will never be in cloud” due to no standard taxonomy andinteroperability problem with key management in cloudcomputing with data from one network to another networkcauses the loss of confidentiality due to no open standardprotocol for communication between different networks.

2) Shared ResourcesCloud computing is the internet base application network

where, softwares are used to separate systems logically fromone another. And these softwares causes vulnerability thatleads to complete access to your system .e.g. cloud burstattack module which was developed by the immunityresearchers that allow the attacker to access the cloud guestoperating system[5][12] and can creates vulnerabilities insystem. The share of the resources in cloud computing due to,

a) VirtualizationVirtualization is the new emerging concept for the ICT userswhere, we separate computers logically not physically throughsoftware’s like OpenVZ, Xen or VMware. It is up to youwhich one you use for the virtualization. If you use Eucalyptus[13]-software infrastructure for the cloud computingimplementation then you must use Xen in all of the systems.There are number of the security threats with differentvirtualization product like Xen [14] [15]. Due to thiscommon technique the hackers modified the hypervisor on thehost O.S, and it create easy job for self to access it directly andcan easily install root kit on it. To protect against, you mustuse updated version of virtualization software products andmust check on the website about vulnerability andpatching.The virtualization facing the following challenges incloud computing.

VULNERABILITY WITH GUEST O.S IN VIRTUALIZATION

Each customer in cloud have privileges that he can delete,modify and create the VPS(Virtual-Private-Server).The

Fig 1: Clearly illustrates research artifacts and cloud challenges dimensions

benefit of the virtualization that you can use multipleoperating systems on the single machine, but it is easy job forthe hacker that they could create bugs and find vulnerabilityin any one of the operating system. Every customer isresponsible for their VPS and they are allowed to update,maintain and patch all type of software by their own. This issomething with default configuration that leads the hole forthe attackers that can challenge the security of your VPS andmake your VPS configuration lethal.Another issue with guest O.S system is that customer of thevarious business vendor companies use httpd such as Apache,with open and free website solution such as Word Press [16].But recently it has been found that Word Press have a numberexperience of security exploits [17].It is not easy job toprotect customers from these security exploits, but one waythat you can inform them with your updated O.S and latestversion of the different applications and softwares.

b) Virtualization Security level steps

VMS MONITORING FROM HOST

Monitoring comprise various control actions e.g. (restart,pause, shutdown, start the VMs) is very important in cloudcomputing in sense where multiple applications are running byhypervisor on single machine, and there is equal chance forCSP and authorize users who have privileges to control thebackend and misuse the control actions. Xenaccess [18] is atool that allows the CSP or system administrator to run userlevel process in DomO (Privilege-Domain-In-Xen). Thispermit the system administrator to way in the customer VMmemory at the runtime and it was only developed to run onXen which is now adopted by the different cloud serviceproviders like Citrix and Amazon EC2 due this significance.

VMS MONITORING FROM VMS

We know that monitoring VMs from the other VMs breach theprivacy and security [19] but new CPU architecture is basedon memory protection integrated features that prevent theprivacy and security violation. The hypervisor employ it toavert VMs monitoring memory resources from other VMs,

and right to use the other VMs Virtual disk sited on the host.But as we know that in physical network host computers areconnected physically through some dedicated channels.However in virtual network host computers are connectedvirtually by the virtual switch. Unfortunately, in both casesARP distorting and packets sniffing are occur between themachines. An encryption schemes such that IPSec (Secure-Internet-Protocol)[20] and TLS[21] (Transport-Layer-Security) is used to solve the confidentiality. To make achange in the packet data, it will necessary to make changes inthe DomO Kernel code that control the software bridge. Askernel code Part of TCB (Trust-Computing-Base), anychanges cause the integrity measurement. We know thatencryption provide strong and strictly defense against networkintegrity attacks, however using VPN [22] network softwareis to be efficient against the integrity and confidentiality fromDom0-admin.We can say from the above scenario that VPNnetwork is equivalent to the physical network when thesenetworks are connected to an untrusted network. However inconventional network using IDS tools [23] [24] to solve theseproblems but in cloud computing it will not be suitablesolution to identified the suspicious activity due to Self-services, dynamicity and self-management infrastructure.

SECURE VIRTULIZATION AGAINST DDOS ATTACKS

Now ADVOS (Anti-Dos-Virtualization-Operating-System)operating System [25] was recently proposed to secure cloudnetwork from DDOS attacks. ADVOS use anti-DDOScapability by applying packet filtering on source computer inthe network to identify malicious traffic. It is not yet proposedin cloud computing but it will be good and feasible solutionagainst DOS and DDOS attacks in cloud computing network.There different approaches and mechanism applied in cloudcomputing for security level in cloud computing forcommunication between host and VMs, communicationbetween VMs, monitoring VMs from other VMs in cloudcomputing to protect cloud computing infrastructure from theunauthorized user access [26].

TABLE 1.

Figure 1.1.The below table show the various solutions for the thethreats that orignate from VMs and host

3) Data IntegrityData Integrity ensures and applies during any operationsuch a storing, updating and retrieval. To address thisissue it is important to understand the logic and rules thatwere applied for construction of the data bases. Due to nostandard classification and lack of integrity control at thedata level security cause the data redundant [5].e.g. willapplication in cloud computing that allow the studentrecord in student table without updating first Professorrecord in professor table? However there is no yetcommon standard define in cloud computing for integritywhile storing, accessing the data by cloud users.

4) Security attacksa) Cloud Botnet

There is an equal opportunity of worms, viruses andbotnets being first, second and third-party threats. Due tocloud open standard, Botnet will be the biggest threat forlaunching denial of service (DOS), distributed denial ofservice (DDOS) [26] and other complicated attacks likesensitive information theft, identity theft and fraud [27]etc. The criminals wants to make the SaaS services isunavailable in order to cutoff the income of SaaSproviders and they about $10,000 to $50,000 extortingpayment to prevent their services from launching ofDDOS attacks. Such type of attacks use large “botnet”that rent bot from the black market of Rs$0.3 per bot(usually bogus simulated users)[28] per week. In order toprevent himself from DDOS attacks many SaaS providersprovide an opportunity to defend against DDOS attacksSuch that an EC2 instances can handle up to 500 botswhile another side the attacks launch, that generate1GB/second an extra bogus network and about 500,000bots. This will be one of the darker side of the cloudcomputing and the upcoming new designed botnets willbe a big challenge. Since the new designed botnetsarchitecture is too much resilient and is not easy to bedetected.

a) Bugs in large scale of the distributed systemCloud computing is a distribution model for the largescale of usage resources. Problem with distributionsystems is that bugs are not reproduced in smallconfiguration of the cloud Infrastructure, so debuggingmust be at large scale of the data centers in cloudcomputing.One opportunity is that must reliance on the VM in cloudcomputing, but the another side many traditional SaaSproviders has developed their Infrastructure without usingvirtual machines, either due to recent popularity of theVMs or they are not able of the performance of the VMshits due to vulnerability attacks. So VMs are just derigueur in cloud computing, the level of the virtualizationin cloud computing to make possible to capture valuableand important information in way that are reallyimplausible without VMs.

FIRE WALL

Cloud computing service provider must provide completefirewall solution to cloud user while accessing inboundand outbound traffic. e.g. EC2 (Amazon-Elastic-Provider)

[29] provide inbound mandatory configured firewall totheir customers in default deny mode where customersexplicitly allow traffic on port. This traffic must berestricted by the service port, protocol or by IP address.The firewall remain control on the Amazon EC2 systemand not run on the host (instance), if customer change thesetting on his instance, must required key and X.509certificate[30].Amazon is also encourages their customers to comeforward and apply per-instances filter such that IP tablesfor restriction both outbound and inbound traffic on eachinstance.My observation is the current status of the firewall inAmazon and EC2 will provide secure platform against theDDOS and DOS attacks while customers accessing theresources of these vendor companies.

UPDATED SOFTWARE

Software security is important aspect in cloud computing.Software is the application program written by the allkinds of different programmers, and some of the softwareis actually free. Free software is generally open platformbase software, so one as a hacker, developer can accessthe code and create bugs. So user always should run thelatest version of their different application programs andservices.

5) Security Management in cloud computinga) SLA And CSP Role In Cloud Computung

SLA(Service Level Agreement):A SLA is documentwhich defines the releation ship between CSP(Cloud-Service-Provider) and cloud users.Their responsibilitesare

Define and identified the customer’s need Simplify and evaluate the complex issue Minimize the area conflict Provide infrastructure for understanding

CSP(Cloud Service Provider):Is the DBA(Database-Adminstrator) or system administrator that provide cloudservices to cloud end users.Their responsibilites are

Provide privileges to user while accessingresources

Performance measurement Problem management Customer duties

In order to solve the security issue in cloud computing the

cloud CSP and SLA must give updated proper guideline

to the end users that contain brief description of the

polices about the cloud vendor companies and their

applications having,

SECURITY AWERNESS

Cloud computing is the new emerging technology andnow adays most of the business organizations use cloudcomputig models as a business tool for various businessactivities on the internet. But due to the security issues,cloud computing technolgy is not mature enough and

about 87.5% cloud applications facing the security threatsfrom different perspective, in order to solve this issue,Security awerness is to be considered very important forthose end users and vendors who have no knowledgeabout the usage of cloud computing applications.CSP andSLA must answer the following security pops questionsfor both vendors and users that lead towards successiveuse of the cloud applications.

How to maintain the user identity in case ofmerge and demerge of the data?

Resources Locality: In cloud computingresources are shared with other and user did notknow where his resources are running.

Is there strong access control privileges define byservices provider for the users while accessingoutsourced confidential data from large storagearea network by passing untrusted servers?

Ensuring the integrity of data, not yet commonstandard for the data integrity exist.

Make sure that security is available at all locationwhile accessing out sourced confidential datafrom large storage area network.

User in cloud computing join or leave the cloudsystem dynamically, so there must dynamicallytrust relationship between users and SLAs, whilein cloud computing more of the SLAs are static.

Is there open standard key management schemein cloud computing where users of the differentnetworks standards should store and accessconfidential data in secure manner with lowcomputation head?

How to assure that CSP is trusted and mustsecure from internal and external attacks.

POLICY AND STANDARDS

The cloud service provider and security team must addsuch type of the templets and documents for those userswho have no knowledge about the cloud applications andtheir usage or feel hesitation due to different securitythreats.These templates and documents contain usersecurity and policy guidline should be review at regularinterval and must be enhance when there is any changeoccur in IT envirnoment or business.

EDUCATION AND TRAINING

Program must be developed that provide a base line forthe security management and risk management knowledgeand skill to their internal partner and security team.

DATA PRIVACY COMMITTE

A privacy steering committee should be developed thatmake decision about data related to privacy, if the securitycompliance team is not familiar with data privacy, hiresecurity experts that train the security member properly.This will ensure that organization will meet the dataprivacy demand of its customers.

B. Data Center Challenges in Cloud ComputingData center is the physical infrastructure of the cloud

computing where one cloud network remotely connectswith the other to make large scale network. A highpercentage of cloud data center facing the problems incloud computing.

1) Cloud Server Failure and Recovery:Cloud computing is the large scale model for businessenterprise where different instances have multipleapplications are running on multiple VMs.How to utilizethe fault handling mechanism from one instance to healthe same fault occurred on the neighbor sibling instance,is to ensure high availability services [31]is achallanging issue in cloud computing.

TABLE 2.Service and outage Duration Date

Gmail: site was unavailable dueto outage of the contactsystem[32]

1.5 hours 8/11/2008

AppEngine: Programmingerror[33]

5hours 6/17/2008

S3: single bit error[34] 6-8hours 7/20/2008

S3:authentication serviceoverloaded[35]

2hours 2/15/2008

Figure 1.2. shows explaination for outages records ofGmail,AppEngine,S3(Simple-Storage-Service)in year 2008.

As large ISP(Internet-Service-Provider) use muliplenetwork provider so failure among one will not madepublic,we belive that possability of high avilability incloud computing are prolong although cloud serviceprovider companies followed the miracle “no singleresource failure”. As we know that in cloud computingservices management is done by single company so anyfailure cause the “single point failure”, how ever if thecompany have multiple data center in differentgeographical area with different providers, but it may bethe common account system and software infarstructureso in case of problem occurance it become very difficultfor the company to maintain the two stack of thedependant softwares, one possible solution is thatindependent software stack that use by the multiple CSPto offer business to cloud customers.Other wise the largecustomers will be unwilling to move around to cloudcomputing due to with out business continuity plane forsuch reason.

2) Distributed Load BalancingCloud computing is the large scale network for businessenterprise where cloud vendors and their users access thecloud applications as services with much benefits andthese benefits are expected to further drive the cloudservices demand, increasing both the cloud infrastructureinstallation and cloud users. This implies for manytechnical issues in SOA (Service-Oriented-Architecture)and IOS (Internet-Of-Services) types applications;

including fault tolerance and scalability. Effective loadbalance [36] with dynamic scheduling [37] is the effectivetechnique now used by the researcher to solve the delayand fault tolerance issue in cloud computing.

3) Congestion and Packet lossThe data access in cloud computing in virtualization (nophysical existence of the server) and the information’saccess in distributed manner. Cloud computinginfrastructure is made of hundred and thousand of nodeswhere, manage distribution time and network load causeby distribution, to destination is the critical factor. Due toinconsiderate and simple distribution method cloudcomputing which offer large scale resources atdistribution manner cause the congestion, packet loss thatprevent the network from the continuous utilization of theresources: if the network between clusterscheduler/resource manager and computer nodes iscongested the execution of the task or new command isprevented or even delay [38].One prospect is to improve the O.S and architecture thatshould efficiently virtualize the I/O channels andInterrupts.Another prospect is to usage of the Flash memory thatdecrease the I/O interference and provide fast access anduses less energy for preserving the information. Itmaintain more I/O/second/gigabyte of storage then disk,so multiple VMs with confliction random I/O work loadcould be coexist better with mechanical disks withoutinterference on the same physical computer.

C. Data Storage Issues in Cloud ComputingData storage represents the physical data structure of

the cloud computing where information is accessed andstored in flexible and distributed manner. About 80.2% arethe interoperability issues in cloud computing, whiledifferent vendors and cloud computing users access thecloud applications from different platforms on demand [5].The storage issue in cloud computing due to,

1) Interoperability:Cloud computing is the largeStorage Area Network(SAN), where different data centersremotely connected with each other, due to the differentstorage structure, applications and standards in such typeof the heterogeneous environment, interoperability is aproblem. e.g. company in cloud computing cannot movetheir applications and data to another platform that isbetter than first one they using. This issue arise becauseeach platform in cloud computing use distinct hypervisor(software used in virtualization technology which runseveral OS at same time on same hardware) and VMtechnologies where different applications are configureddifferently .e.g. Microsoft use Hyper and citrix work onXenServer.

a) Steps for solving Interoperability issue in cloudcomputing

INTERMEDIARY LAYER

Due to heterogeneity concept in cloud computing mostrecent work provide an intermediary layer between thecloud user and resources .e.g. Sotomayor etal.[39]proposed Open Nebula(Virtual infrastructure)management to replace the native Virtual Machine API

interaction in order to provide platform to accommodatemultiple hybrid or private cloud for an organization.Different form of the Open Nebula e.g. Harmer at al. [40]develop high level abstraction layer. This provides singleuser usage authentication model and API to covering thecloud provider heterogeneity that delay cloud providerdevelopment independent applications.

STANDARD

Standardization lead a good solution in order to solve theissue related to any domain. However, in cloud computinginteroperability is a big issue and not appeared on theagenda of the largest cloud vendor enterprise companies.e.g. neither Amazon nor Microsoft support the UCI(United Cloud-Interface) project proposed by the CCIF(Cloud-Computing-Interoperability-Forum)[41]. Thisstandardization process will not complete if these largestbusiness vendor companies are not agree on intermediatepolices for sharing resources with each other.

2) CompatibilityThe data and resources are organized from differentheterogeneous network platforms and each has differentsecurity policies in the cloud computing. According tothe given situation, compatibility is a challenge .e.g.Amazon is incompatible with Xenserver due to differentapplications.

a) Steps for solving Compatability issue in cloudcomputing

SYSTEM PORTABILITY

Future major concern for the cloud computing is vendorlock-in. In cloud computing there is no standard definedfor process and element such as API, storage serverimage, data import and export .e.g. If the company is notsatisfied with one cloud computing services and it wantedto transfer its services to another service provider, this isnot easy job. Company would reformat their data andapplications and then transfer to new service provider.In future it should be open format to adopt the openstandards, in order to avoid the problems of theincompatibility and lock-in. One if the initiatives is takenof Open Cloud Manifesto[42] to bring the cloudinfrastructure on open standard, although some of themost cloud base largest company infrastructures with suchstandard find as with overlay restrictive[43].

D. Technical obstacles issue in cloud computingThere are various technical issues in cloud computing thatare really obstacle for the growth of the cloud computinginfrastructure these are,

1) Data transfarred Bottleneck:Data transferred costis an important issue in cloud computing while data ispulled apart across to different cloud boundaries.Normally at 100 to 150 dollars are to pay for transferredper terabyte data in cloud computing. Therefore cloudusers and cloud service provider must think about thecloud applications and traffic usage at every level of thesystem in order to minimize the cost.

a) Steps for solving the Data transfarred Bottleneckin cloud computing

SHIP DISK

In order to solve this issue in cloud computing, Jim Grayfound that ship disk is the good way by which we cansend a lot of the data through overnight delivery services[44]. Although there is question mark about the reliabilityof the ship disk, and he experienced that in 400 attemptsonly one will be failed. To precede his analysis heassumes that I want to send 10 TB from UC.Berkeley toAmazon in Seattle Washington. Garfinkel found averagebandwidth of S3 5 to 18 Megabytes/seconds. He supposesif we get 20 Megabytes/seconds of average bandwidthover the Wide Area Network (WAN). It will take10 * 1012 Bytes / (20 * 106 bits/second) = (8 * 1013)=(2 *107) seconds = 4,000,000 seconds which, will take timemore than 45days, and more over Amazon will charge$1000 network transferred fees when you access that data.So in this scenario if we send ten of 1tera byte diskthrough overnight delivery services, so it will take lessthan a day in order to transferred 10 terabytes and costabout $400 and bandwidth required about1500Mbit/seconds. Which really show high bulk of thecost and infrastructure for transferring the data in cloudcomputing.

2) Software licensingThe current status of software license restricted thecomputer from software running due to users have tohigh pay for software utilize fees as well as pay annualmaintenance fees. SAP (System-Applications- and-Products) annual maintenance fee would increase 22% ofthe software purchase, which is equal to Oracle pricing[45]. So many cloud computing service providers rely onthe open source software that is incompatible withcommercial software licenses. It is key chance for thecommercial software companies to change its licensingstructure to cloud computing infrastructure. e. g.Amazon and Microsoft offers “pas-as-you-go” softwaremodel for window SQL server and window server on theEC2.An EC2 instance running Microsoft windows at costof $0.15 per/hour while traditional running at cost $.10per/hour the open source software version.Due to so many obstacles in the traditional softwarecompanies it is encourage by the cloud computing serviceproviders to sell the products as “pas-as-you-go” insteadof quarterly or monthly .There is a good opportunity tomake the plane by the cloud service provider for bulk usesale products at a discount. e.g. Oracle seller sale 100,000instances hours while using Oracle and these hour can beused for next two years at cost less while customer100,000 instances hours by own. It would really showgood affect on the cloud computing users when these bigcloud vendor companies like Amazon, IBM Blue Cloud,and Google Apple Engine (GAE) are come forward andoffers the services just like Oracle.

IV. ELLIPTIC CURVE CRYPTOGRAPHY: A WAY AHEADFOR SECURITY IN CLOUD COMPUTING:

Elliptic Curve Cryptography (ECC) is considered to bethe next generation cryptography, providing promisinginformation security for diverse application. It provideuser level security in cloud computing, to carry and store

user confidential data with low overhead and generatepublic key at the irreducible polynomial which becomevery difficult for the hacker .Since Elliptic Curve Cryptography is not proposed yet incloud computing for key management so I suggest it avery promising future direction for information security incloud computing. ECC provides stronger security then theother traditional cryptographic schemes like RSA etc.ECC increase the level of security while reducing theoverhead. The table below clearly demonstrates thecomparison among different cryptographic schemes andshows that ECC provides added security over DSA/RSAwith minimal overhead.

TABLE 3.SymmetricCipher keylength

ECC keylength forequivalent

security

DSA/RSA keylength forequivalent

security80 160 1024

112 224 2048128 256 3072192 384 7680256 512 15360

Fig 1.3. ECC, DSA and RSA comparisons made by Lopez and Dahabin May 2009.

CONCLUSION:As cloud computing is an emerging technology and hasgreat development theme. This technology basicallyfacilitates both the customers and the business ownersfrom different perspectives but is in its early stage facingmany challenges. A synthesized view of existing cloudissues is noticeably highlighted. The security level ofcloud computing technology is not up to the level and isstill a very hot research area. As information securityplays a vital role so there must be some advancements andthis area must be upgraded.ECC in the way ahead forsecurity in cloud computing will be a promising futuredirection for information security in cloud computing.

REFERENCE:1. Ran.Li, Shoulian Tang, Ce Gue, Xiaowei Hu, “Thinking the Cloud

computing in China,” 2010 2nd IEEE International Conference onInformation Management and Engineering (ICIME).

2. Tim Mather, Subra Kumaraswarmy, Shahed Latif, “Cloud Securityand Privacy Book,” September 2009 First Edition.

3. Ammar Khalid,“Cloud computing: Applying Issues in Small,”2010 International Conference on Signal Acquisition andProcessing.

4. Tharam Dillon, Chen Wu and Elizabeth Chang, “Cloudcomputing: Issues and challenges,” 2010 24th IEEE InternationalConference on Advanced Information Networking andApplication”.

5. Kresimir Popovic, Zeljko Hocenski, “Cloud computing securityissues and challenges,” MIPRO, 2010 33rd IEEE internationalconvection.

6. Eystein Mathisen,“Security Challenges and Solution in cloudcomputing,” 2011 5th IEEE International Conference on DigitalEcosystems and Technology

7. Sameera Abdurrahman Amulla, Chan Yoeb Yeun,“CloudComputing Security Management,” 2010 2nd IEEE on engineeringsystems Management and Its Application (ICESMA).

8. Nadia Bennani, Ernesto Damiani, Stelvio Cimato, “TowardsCloud-based key management for outsourced database,” 2010 34Annual IEEE Computer Software and applications conferenceworkshop.

9. Yuan Zhang,Yonglou Shen,Sang Keun Lee, “A Cluster –BasedGroup key Management Scheme for the Wireless SensorNetwork,” 2010 12 International Asia –Pacific Web Conference.

10. Hogben G. (2009), “Privacy, Security and Identity in the Cloud,”European Network and Information Security Agency (ENISA),June2009, at http://www.enisa.europa.eu/act/res/other-areas/cloud-computing/cloud_Identity _Hogben.pdf.

11. http://www.oasis-open.org/committees/kmip/.12. Andrew J.Younge, Gregor von Laszewski, Lizhe Wang,“Efficient

Resource Management for Cloud computing Environment,”.13. Eucalyptus: http://open.eucalyptus.com/. Accessed May 2009.14. BlackHatUSA: Subvertingthe Xen hypervisor.

Http://blackhat.com/html/bh-usa-08/bh-usa-08-speakers.html#Wojtczuk, 2008.

15. BlackHatUSA: Detecting and Preventing the Xen HypervisorSubversions.http://blackhat.com/html/bh-usa-08/bh-usa-08-speakers.html# Rutkowska, 2008.

16. WordPress.org: http://wordpress.org. Accessed May 2009.17. MILWORM: Wordpress vulnerabilities.

http://milw0rm.com/search.php?Dong=word press. Accessed May2009.

18. B. D. Payne, “Xenaccess.” [Online]. Available:http://doc.xenaccess.org/

19. J. Matthews, E. M. Dow, T. Deshane, W. Hu, J. Bongio,P. F.Wilbur, and B. Johnson, Running Xen: A Hands-onGuide to theArt of Virtualization, 2008. [Online].Available:http://books.google.com/books?id=XS-Jj7s2nhYC&pgis=1

20. S. Kent and K. Seo, “Security Architecture for the InternetProtocol.” 2005. [Online]. Available:http://www.ietf.org/rfc/rfc4301.txt

21. E. Rescorla, “The Transport Layer Security (TLS) ProtocolVersion1.1.” 2006. [Online]. Available:http://www.ietf.org/rfc/rfc4346.txt

22. E. Rosen and Y. Rekhter, “BGP/MPLS IP Virtual PrivateNetworks(VPNs),” 2006. [Online]. Available:http://www.ietf.org/rfc/rfc4364.txt

23. S. Axelsson, “Intrusion Detection Systems: A Survey andTaxonomy,”2000.

24. K. A. Jackson, “Intrusion Detection Systems (IDS): ProductSurvey,”Los Alamos National Laboratory, 1999.

25. S. Garg and H. Saran, “Anti-DDoS Virtualized OperatingSystem,”ARES, p. 7, 2008.

26. Wesam Dawoud, Ibrahim Takouna, Christoph Meinal, “Infrastructure as Service Security: Challenges and Solution,” 20107th IEEE on Information and Systems (INFOS).

27. Meiko Jensen, Jorg Schwenk,Nils Gruscka,Luigi Lo lacono,“OnTechnical Security Issues in Cloud computing,” 2009 IEEEInternational Conference on Cloud computing.

28. PAXSON, V. private communication, December 2008.29. Amazon Web Services: Overview of Security Processes. White Pa-

per. September 2008.http://s3.amazonaws.com/aws_blog/AWS_Security_Whitepaper_2008_09.pdf

30. IETF.org: RFC 4158. Internet X.509 Public Key Infrastructure:Certifi-Cation Path Building. http://tools.ietf.org/html/rfc4158.(2005).

31. Michael Armbrust, Armando Fox, Rean Griffith, AnthonyD.Joseph, Randy H.Katz, Andrew Konwinski, Gunho Lee, DavidA.Patterson, Ariel Rabkin, Ion Stoica, Matei Zahari, “Above theClouds: A Berkeley View of Cloud Computing,” February 10,2009 Electrical Engineering and Computer Sciences University ofCalifornia at Berkeley.

32. JACKSON, T. We feel your pain, and we’re sorry [online]. August2008. Available from: http://gmailblog.blogspot.com/2008/08/we-feel-your-pain-and-were-sorry.html.

33. WILSON, S. AppEngine Outage. CIO Weblog (June 2008).Available from: http://www.cio-weblog.com/50226711/appengine\_outage.php.

34. THE AMAZON S3 TEAM. Amazon S3 Availability Event: July20, 2008 [online]. July 2008. Available from:http://status.aws.amazon.com/s3-20080720.html.

35. STERN, A. Update From Amazon Regarding Friday’s S3Downtime. CenterNetworks (February 2008). Availablefrom:http://www.centernetworks.com/amazon-s3-downtime-update

36. Martin Randles, David Lamb, A.Teleb-Bendiab, “A ComparativeStudy into distributed Load Balancing Algorithms for cloudcomputing,” 2010 IEEE 24 International Conference on AdvancedInformation Networking and Applications Workshops.

37. T.R.V.Anandharajan, Dr.M.A. Bhagyaveni, “Co-operativeScheduled Energy Aware Load-Balancing Technique for anEfficient Computational Cloud,” IJCSI International Journal ofComputer Science Issues, Vol. 8, Issue 2, March 201.

38. Brian J.S.Chee and Curtis Franklin,Jr, “Cloud computingTechnologies and Strategies of the Ubiquitous Data Center book,”2010 First Edition.

39. B. Sotomayor, R. Montero, I. Llorente, and I. Foster, "VirtualInfrastructure Management in Private and Hybrid Clouds,” IEEEInternet Computing, vol. 13, pp. 14-22, 2009.

40. T. Harmer, P. Wright, C. Cunningham, and R. Perrott, "Provider-Independent Use of the Cloud," in The 15th International EuropeanConference on Parallel and Distributed Computing, 2009, p. 465.

41. "Unified Cloud Interface Project,"http://code.google.com/p/unifiedcloud/.

42. Open Cloud Manifesto: http://www.opencloudmanifesto.org/.AccessedMay 2009.

43. ComputerWeekly.com: Top Five Cloud ComputingSecurity.http://www.computerweekly.com/Articles/2009/04/24/235782/top-five-cloud-computing-security-issues.htm#6,April 2009.

44. GRAY, J., AND PATTERSON, D. A conversation with Jim Gray.ACM Queue 1, 4 (2003), 8–17.

45. SIEGELE, L. Let It Rise: A Special Report on Corporate IT. TheEconomist (October 2008).