Machine Learning Techniques and Analytics for Cloud Security. Группа авторов
changing nowadays. Earlier distinction between private and public clouds can be done on the location and ownership information, but currently, public clouds are running in on-premise data centers of customer and private clouds are constructed on off premise rented, vendor-owned data centers as well. So, the architecture is becoming complex. Hybrid cloud reduces the potential exposure of sensitive or crucial data from the public while keeping non-sensitive data into the cloud. Thus, secure access to data while enjoying attractive services of the public cloud is the key factor in hybrid cloud. Here, we have done a survey on hybrid cloud as it is one of the most promising areas in cloud computing, discuss all insight details. Security issues and measures in hybrid cloud are also discussed along with the use of artificial intelligence. We do not intend to propose any new findings rather we will figure out some of future research directions.
Keywords: PaaS, SaaS, IaaS, SLA, agility, encryption, middleware, AI
1.1 Introduction
Cloud computing is catering computing services such as storage, networking, servers, analytics, intelligence, and software though the internet on demand basis. We typically have to pay for only for the services we use. IT is a growing industry and catering its service requirement is challenging. On-premise resources are not sufficient always, so leveraging attractive facilities provided by cloud service providers is often required. Typical services provided by cloud computing are Platform as a service (PaaS), Software as a service (SaaS), and Infrastructure as a service (IaaS). But all the clouds are not same and no one particular cloud can satisfy all the customer. As a result, various types of services are emerging to cater the need of any organization. The following are the facilities cater by cloud computing.
Scalability: IT services are not restricted to offline resources anymore, online cloud services can do a wonder. Any business can be extended based on the market need through the use of cloud computing services. A client needs almost nothing but a computer with internet connection, rest of the services can be borrowed from cloud vendors. Business can grow according to the requirement. Scalability is the key factor in adoption of any new paradigm. An organization meant for 100 people can be easily scaled up to 1,000 (ideally any number) people with the help of the cloud computing services.
Cost: Since cloud provides services pay as you use basis, cost of setting up a business has reduced manifolds. Capital expense in buying server, software, and experts for managing infrastructure is not mandatory anymore; vendors can provide all these services. Cost saving is one of the most lucrative features of cloud computing. Any startup company can afford the cost of the setup price required for the orchestration of public cloud; thus, they can engage their selves exclusively for the development of their business.
Speed: Cloud computing helps to speed up the overall functioning of any organization. Several lucrative easy-to-use options are just one click away, so designers and programmers can freely think about their innovations, and as a result, the speed and performance can be enhanced. Moreover, since most of the background hazards are handled by the cloud service providers as a result implementation of any advanced thinking can be made possible quickly and effortlessly.
Reliability: Reliability is a key factor where huge data need to handle all the time. Periodic data backup and use of disaster recovery methods helps to increase the data reliability in cloud computing. Also, since space is not a constraint anymore, clients can keep mirrored data. A reliable system often leads to a secure system. Any organizations need to handle huge user centric sensitive data as well as business related data. Maintaining the reliability in the data need several rules and regulations to be enforced.
Performance: Improved operation, better customer support, and flexible workplace aid companies to perform better than conventional on-premise system. Amazon helps Car company Toyota to build cloud-based data centers. The company is going to use the behavioral data of the user of the car, and based on that, they will send service and insurance related data [1]. User can also use Facebook or Twitter in their car dashboard. This is only an example; there is lot more. Adaptation of advanced technology excels the performance of existing system as cloud plays a crucial role here.
Security: Cloud service providers use many security mechanisms like encryption, authentication of user, authorization, and use of some Artificial Intelligence (AI)–based method to secure their app, data, and infrastructure from possible threats.
A combination of secure open source technologies along with integrated network may be used for secure hybrid cloud deployment like it does in HCDM [16]. But, before deployment, the customer need to determine what type of cloud computing architecture is best suitable. There are three different ways to organize cloud: private, public, and hybrid. Here, we will discuss about hybrid cloud, its benefits, and security aspects.
Thus, motivation of this review is to provide a broad details of hybrid cloud computing, why it is gaining popularity, how business is going to be affected through the use of cloud adaption in near future, what security aspects need to dealt by vendors, and how AI can help in this regard. The following sections deal with all this topics.
1.2 Hybrid Cloud
If we go by the definition of National Institute of Standards and Technology [3], hybrid cloud is a “composition of two or more different types of cloud infrastructure that are bind together with the help of proprietary and standardized technology for the purpose of data and application portability. So, Simple amalgamation of cloud and on-premise data should not misinterpret as hybrid cloud. It should also provide the following facilities [2]:
Workload distribution by portability.
Networking between system and devices, by the use of LAN, WAN, or VPN.
Use of a comprehensive unified automation tool.
A complex powerful middleware for abstracting the background details.
Incorporating availability and scalability of resources.
Integrating disaster management and recovery strategies.
Thus, it enables the customer to extend their business by leveraging the attractive services provided by public cloud as well as securing the delicate data through the use of private cloud. When the demand of a business fluctuates that may be sudden peak in the business come or sudden fall down, in those scenarios, hybrid cloud is the best possible option as it has that flexibility [8]. Organizations can seamlessly use public cloud amenities without directly giving access to their data centers which are part of their on-premise servers. So, business critical data and applications can be kept safe behind, while computing power of the public cloud can be used for doing complex tasks. Organizations will only have to pay for the services it is using without considering the capital expenditure involve in purchasing, programming and maintaining new resources which can be used for a short span of time and may remain idle for long. Private cloud on the other hand is more like public cloud, but generally installed on clients datacenter and mainly focus on self-servicing, scalable structure. Single tone service nature, service-level agreement (SLA), and similar association make the relationship between client and cloud stronger and less demanding [33, 34].
1.2.1 Architecture
There may be any combination of cloud services when to deploy a hybrid cloud. It may the client has its own on-premise private cloud as IaaS and leverage public cloud as SaaS. Private cloud may be on premise or sometimes off premise on a dedicated server [10]. There is no fixed fits for all architecture. Private clouds can be made individually, whereas public cloud can be hired from vendors like Amazon, Microsoft, Alibaba, Google, and IBM. Next, a middleware is required to combine public and private cloud mostly provided by the cloud vendors as a part of their package. Figure 1.1 gives general diagram of a hybrid cloud.
In case of hybrid cloud architecture, the following