Cloud computing security: Difference between revisions

There are numerous security threats associated with cloud data services. This includes traditional threats and non-traditional threats. Traditional threats include: [[network eavesdropping]], illegal invasion, and denial of service attacks, but also specific cloud computing threats, such as side channel attacks, virtualization vulnerabilities, and abuse of cloud services. In order to mitigate these threats security controls often rely on monitoring the three areas of the CIA triad. The CIA Triad refers to confidentiality, integrity, as well as(including access controllability which can be further understood from the following.<ref>{{cite journal |last1=Tang |first1=Jun |last2=Cui |first2=Yong |last3=Li |first3=Qi |last4=Ren |first4=Kui |last5=Liu |first5=Jiangchuan |last6=Buyya |first6=Rajkumar |date=28 July 2016 |title=Ensuring Security and Privacy Preservation for Cloud Data Services |journal=ACM Computing Surveys |date=28 July 2016 |volume=49 |issue=1 |pages=1–39 |doi=10.1145/2906153 |s2cid=11126705 }}</ref>), integrity and availability.

It is important to note that many effective security measures cover several or all of the three categories. Encryption for example preventscan unauthorizedbe accessused andto asprevent aunauthorized resultaccess, ensuresand thealso confidentiality, availability, andensure integrity of the data). Backups on the other hand generally cover integrity and availability and firewalls only cover confidentiality and access controllability.<ref>{{cite web|date=2018-08-04|title=Confidentiality, Integrity and Availability - The CIA Triad|url=https://www.certmike.com/confidentiality-integrity-and-availability-the-cia-triad/|access-date=2021-11-27|website=CertMike|language=en-US}}</ref>