INTERNATIONAL CONFERENCE ON CURRENT INNOVATIONS IN ENGINEERING AND TECHNOLOGY
ISBN: 378 - 26 - 138420 - 5
Design and Implementation of secure cloud systems using Meta cloud Perumalla Gireesh M.Tech 2nd year, Dept. of CSE, ASCET, Gudur, India Email:perum.giri7@gmail.com _____________________________________________________________________________________
Abstract – Cloud computing has recently emerged
way from existing schemes to solving this problem
as a new paradigm for hosting and delivering
effectively. But it does not consider the users data
services over the Internet. Cloud computing is
privacy in transforming Meta cloud. To address
attractive to business owners as it eliminates the
this problem, we introduce Business Continuity
requirement
Management (BCM). This is defined as a holistic
for
users
to
plan
ahead
for
provisioning, and allows enterprises to start from
management
the small and increase resources only when there
organization and reduces the impacts of data
is a rise in service demand. However, despite the
leakage issues.
fact
Index terms – Meta cloud, Cloud Privacy, private
that
cloud
computing
offers
huge
opportunities to the IT industry, the development
process
that
identifies
to
an
clouds, security.
of cloud computing technology is currently at its
I. INTRODUCTION
infancy, with many issues still to be addressed. In With the rapid development of processing and
this paper, we present a survey of cloud computing,
highlighting
its
architectural
principles,
and
key
storage technologies and the success of the
concepts,
Internet,
state-of-the-art
computing
resources
have become
cheaper, more powerful and more ubiquitously
implementation as well as research challenges.
available than ever before. This technological trend has enabled the realization of a new
Meta cloud based on a combination of existing
computing model called cloud computing, in
tools, concepts and provides the convenient to
which resources (e.g., CPU and storage) are
organize the private clouds. This can consider the
provided as general utilities that can be leased and
only vendor lock-in problem of different vendors
released by users through the Internet in an on-
in cloud. For that Meta cloud provides an abstract
demand fashion.
INTERNATIONAL ASSOCIATION OF ENGINEERING & TECHNOLOGY FOR SKILL DEVELOPMENT
127
www.iaetsd.in
INTERNATIONAL CONFERENCE ON CURRENT INNOVATIONS IN ENGINEERING AND TECHNOLOGY
ISBN: 378 - 26 - 138420 - 5
The cloud computing paradigm has achieved
a) The Key Challenges
widespread adoption in recent years. Its
Being virtual in concept, the cloud environment
success is due largely to customers’ ability to
generates several questions in the minds of users
use services on demand with a pay-as-you go
with respect to confidentiality, integrity and
pricing model, which has proved convenient
availability. The key challenges for the adoption
in many respects. Low costs and high
of the cloud are as given below:
flexibility make migrating to the cloud
Assurance of the privacy and security
compelling. Despite its obvious advantages,
The cloud users are wary of the security and
however, many companies hesitate to “move
privacy
to the cloud,” mainly because of concerns
environment of the cloud is causing concerns
related to service availability, data lock-in,
amongst enterprises. As the same underlying
data security and legal uncertainties.
hardware may be used by other companies and
A previous study considers the data lock-in
competitors, it may lead to a breach of privacy.
problem and provides a convenient way to
Moreover, any data leakage or virus attack would
of
their
data.
The
multi-tenant
have a cascading effect on multiple organizations.
solve this using Meta cloud. The problem is that once an application has been developed
Reliability and availability
based on one particular provider’s cloud
Instances of outages at the facilities of the cloud
services and using its specific API, that
service providers have raised concerns over the
application
provider;
reliability of the cloud solutions. Enterprises are
deploying it on another cloud would usually
recognizing that they would have to deal with
require completely redesigning and rewriting
some level of failures while using commodity-
is bound to that
based solutions. Also, the cloud providers cannot
it. Such vendor lock-in leads to strong
give an assurance on the uptime of their external
dependence on the cloud service operator.
internet connection, which cloud shut all access to
The Meta cloud framework contains the
the cloud.
following components: Meta cloud API, Meta Data Security is Key Concern
cloud proxy, resource monitoring and so on. But sometimes, transforming cloud as meta
There are a number of concerns surrounding the
cloud data security issues are raised which are not
adoption of the cloud especially because it is a
consider in the previous study.
relatively new concept. Assuring customers of data security would be one of the biggest challenges for cloud vendors to overcome. The
INTERNATIONAL ASSOCIATION OF ENGINEERING & TECHNOLOGY FOR SKILL DEVELOPMENT
128
www.iaetsd.in
INTERNATIONAL CONFERENCE ON CURRENT INNOVATIONS IN ENGINEERING AND TECHNOLOGY
II.
Figure 1 shows the chart of the key barriers to cloud adaptation.
ISBN: 378 - 26 - 138420 - 5
PROPOSED WORK
In this section we introduce a novel solution Business continuity management (BCM) and provide the overview of the Business Continuity Management. a) Business Continuity Management (BCM) The BCMS will use to Plan Do Check Act approach. The PDCA approach can be applied to every element of the BCM lifecycle. Business Continuity leads (BC leads)
Figure 1 Chart of the key barriers
Leads for business continuity management will be
To address this problem this paper introduce
appointed in each directorate, regional, area team
the Business Continuity Management (BCM)
and hosted bodies within the strategy.
is defined as a holistic management process that
BC leads will perform the following:
identifies to an organization and reduces the Promote business continuity Management
impacts of data leakage issues. This contains following stages Project initiation, understand the
Receive BC training
organization, BC strategies, develop Business continuity planning, and Apply BCP. The
Facilitate the completion of BIAs
Business Continuity Planning is shown in the
Develop BCPs
following Figure 2. Ensure that BCPs are available during incident response Ensure that incident responders receive training appropriate to their role Ensure that plans are tested, reviewed and updated Participate in the review and development of the BCMS. Figure 2 Business Continuity Management Overview
INTERNATIONAL ASSOCIATION OF ENGINEERING & TECHNOLOGY FOR SKILL DEVELOPMENT
129
www.iaetsd.in
INTERNATIONAL CONFERENCE ON CURRENT INNOVATIONS IN ENGINEERING AND TECHNOLOGY
Business Continuity working Groups
Stage 1- Understanding the Organization
Working groups may be established to:
Understanding
Take control of resource allocation Set priorities Set
continuity
organization’s
strategies objectives
in and
line
ISBN: 378 - 26 - 138420 - 5
with
the business
is
essential
in
developing an appropriate BCM Programme. A
the
detailed understanding of what processes are
responsibilities
essential to ensure continuity of prioritized
Establish the measures that will be used to assure
activities to at least the minimum business
the BCMS remains current and relevant Report to
continuity objective level will be achieved by
top management on the performance of the
undertaking BIA. The BIA will incorporate
BCMS.
continuity requirements analysis which may
Emergency preparedness resilience and response
include
(EPRR)
qualifications required for prioritized activities.
The business continuity program will have close
BIAs will describe as follows:
links to EPRR because both desciplines aim to
the
staff
skills,
competencies
and
The prioritized activities of departments/
ensure the organization is resilient and able to
teams;
respond to threats and hazards. The BCMS described in this strategy will ensure that the
The impact that the incidents will have on
organization is able to manage risks and incidents
prioritized activities
that directly impact on its ability to deliver
How long we could continue using the
business as usual.
emergency measures before we would have to
Assurance
restart our normal activities;
The National support centre will maintain an
A description of the emergency measures
overview of the BCMS. BC leads will be reuired
we have in place to deal with an incident;
to report on progress within their areas. The threats to the continued delivery of BCM Documentation
priority activate.
The National Support Centre will be given access Stage 2 – Determining BCM strategy
to related documentation by areas within the scope, such as BCPs, training records, incident
BIAs
records and exercises to facilitate the sharing of
organizations
good practice throughout the organization. The
and business continuity risks. This information
Business
will be used to:
Continuity
management
has
the
will create a picture of the dependencies,
vulnerabilities
following stages:
INTERNATIONAL ASSOCIATION OF ENGINEERING & TECHNOLOGY FOR SKILL DEVELOPMENT
130
www.iaetsd.in
INTERNATIONAL CONFERENCE ON CURRENT INNOVATIONS IN ENGINEERING AND TECHNOLOGY
ISBN: 378 - 26 - 138420 - 5
To assist in deciding the scope of the
continuity plans will be based on different levels
BCM programme.
of response and escalation.
To provide the information from which
Business Continuity Plans
continuity options can be identified and
Various plans will continue to be developed to
evaluated.
identify the actions that are necessary and the resources which are needed to enable business
To assist the preparation of detailed plans
continuity. Plans will be based upon the risks Decisions that determine business continuity
identified, but will allow for flexibility.
strategies will be made at an appropriate level
Prioritized activity recovery plans (PARPs)
Recovery
Priority activities are those activities to which priority must be given following an incident in
People
order to mitigate the impact. Activities of the Premises
highest priority are those that if disrupted, impact the organization to the greatest extent and in the
Technology and information
shortest possible time. Suppliers and partners
Stage 4 – Exercise, Audit, Marinating and reviewing
Stage 3 – Developing and implementing a BCM
Exercises
response
It is essential that regular BC exercises are carried
This stage considers the incident reporting
out to ensure that plans are tested and continue to
structure,
be effective and fit-for-purpose as operational
business
continuity
plans,
and
Prioritized activity recovery plans.
processes and technology configurations are constantly changing. Exercise will rise awareness of BCM procedures.
Incident Reporting Structure There
are
various
sources
of
information
Audit
pertaining to business continuity threats such as
To
severe, flooding and soon.
organizations BCM polices and standards
The impact of all incidents will vary. It is
To
important that the response to an incident is
solutions
appropriate to the level of impact and remains
To validate the organizations BCM plans
flexible as the situation develops. Business
To verify that appropriate exercising and
validate
review
compliance
the
with
organizations
the
BCM
maintenance activities are taking place. To
INTERNATIONAL ASSOCIATION OF ENGINEERING & TECHNOLOGY FOR SKILL DEVELOPMENT
131
www.iaetsd.in
INTERNATIONAL CONFERENCE ON CURRENT INNOVATIONS IN ENGINEERING AND TECHNOLOGY
ISBN: 378 - 26 - 138420 - 5
Business continuity exercises
highlight decencies and issues and ensure their resolution
CONCLUSION
Management Review An annual review of this strategy will be
In this paper we introduce a novel solution to
undertaken. However, events may prompt more
provide a convenient way to process to identify the
frequent re-examination, such as:
various security threats. This paper considers a
A
BIA
substantive
revision changes
which in
survey of Business continuity management (BCM)
identifies
processes
to avoid the security risks.
and
priorities; A
REFERNCES
significant
assessment
and/or
change risk
in
the
threat
appetite of
[1] ISO 22301 Societal Security - Business
the
Continuity
organization New
Management
Systems
Requirements. regulatory
or
legislative
[2] NHS England Core Standards for Emergency
requirements.
Preparedness,
Resilience
and
Response
(EPRR).
Embedding BCM in the Organization’s culture
[3]
J. Skene, D.D. Lamanna, and W. Emmerich, “Precise Service Level Agreements,” Proc.
BCM must be an accepted management
26th Int’l Conf. Software Eng. (ICSE 04),
process, full endorsed and actively promoted
IEEE CS Press, 2004, pp. 179–188.
by directors. The communication of high-level endorsement to all is essential. There are
[4] Q. Zhang, L. Cheng, and R. Boutaba, “Cloud
various ways in which this be achieved:
Computing: State-of-the-Art and Research Challenges,”
Business continuity will be part of the
J.
Internet
Services
and
Applications, vol. 1, no. 1, 2010, pp. 7–18.
organization’s induction for new starters
[5] The Route Map to Business Continuity
Participation in BIA and writing BCPs
Management: Meeting the Requirements of Communication
of
risks,
alerts
ISO 22301.
and
incidents Business continuity information will be available on the staff intranet Business continuity training
INTERNATIONAL ASSOCIATION OF ENGINEERING & TECHNOLOGY FOR SKILL DEVELOPMENT
132
www.iaetsd.in
INTERNATIONAL CONFERENCE ON CURRENT INNOVATIONS IN ENGINEERING AND TECHNOLOGY
ISBN: 378 - 26 - 138420 - 5
AUTHORS
Mr.P.Gireesh received the Vaishnavi
Instutiate
Technology,
of
Tirupathi,
B.Tech degree in computer science & engineering from the Jawaharlal Nehru technological university Anantapur, in 2011, and received the Audisankara College of Engineering and Technology, Nellore M.Tech degree in computer science engineering from
the
Jawaharlal
Nehru
technological
university Anantapur in 2014, respectively. He Participated National Level Paper Symposiums in different Networks,
Colleges. Mobile
He
interests
Computer
Computing,
Network
Programming, and System Hardware. He is a member of the IEEE.
INTERNATIONAL ASSOCIATION OF ENGINEERING & TECHNOLOGY FOR SKILL DEVELOPMENT
133
www.iaetsd.in