Security issues and control mechanisms in Cloud

The responsibility of providing cost-effective, elastic and on-demand access to computing and storage resources lies with the Cloud Service Providers. As for the end-user, it provides an abstraction of reliable and infinite resource availability. Infinite resource availability is based on virtualization technology and availability of a shared pool of computational and storage resources. It is this very nature of the cloud - of being a black box to the end user - that is posing a threat to its faster adoption and growth in the market. Several issues have been raised on the aspects of legal, security and compliance requirements in the public cloud. Legal issues concern with the applicable laws according to the physical location of data. Regulatory issues such as provision of log files provided by the Cloud Service Provider (CSP) for audits. Security issues are concerned with the safety of cloud environment against any form of security attacks. Other major concerns include, but are not limited to - availability, recovery and privacy. Identifying measures and control mechanisms to address and resolve such issues could help in standardizing the Cloud environment from the Cloud Service Provider's end. This paper explores the major issues identified in the Private cloud and the existing control mechanisms.