A Review on AWS - Cloud Computing Technology

Abstract

Cloud computing is something simple we can define as maintaining data centers and data servers and also u can access technology services by computing power, storage, and database using cloud computing technology AWS(Amazon Web Services). It is an emerged model which is already popular among almost all enterprises. It provides us the concept of on-demand services where we are using and scaling cloud resources on demand and as per demand respectively. AWS Cloud computing is a cost-effective model. The major concern in this model is Security and Storage in the cloud. This is one of the major reasons many enterprises of choosing AWS cloud computing. This paper provides a review of security research in the field of cloud security and storage services of the AWS cloud platform. After security and storage, we have presented the working of AWS (Amazon Web Service) cloud computing. AWS is the most trusted provider of cloud computing which not only provides excellent cloud security but also provides excellent cloud storage services. The main aim of this paper is to make cloud computing storage and security a core operation and not an add-on operation. As per the increase in the Service provider and related companies, this AWS Cloud Platform plays a vital role in service industries by giving its best web services, so, therefore, choosing the cloud service providers wisely is the basic need of the industry. Therefore we are going to see how AWS fulfills all these specific needs.

Introduction

I. INTRODUCTION

The term "cloud" was used by Google CEO Eric Schmidt to describe the online business service delivery model in 2006. Expressing different ideas the word cloud is used as a marketing term [1]. Cloud separation is done as public, private, and hybrid. Three types of services are provided by cloud providers Platform as a Service (PaaS), Software as a Service (SaaS), and Infrastructure as a Service (IaaS) [2]. Cloud computing is focused on increasing the efficiency of shared assets. Cloud computing has some features such as speed, low cost, easy maintenance, reliability, security, analytical, etc. Cloud computing involves the interconnectedness of a network that connects many parts of the cloud. Some of the security issues facing cloud computing include sensitive data access, data sharing, privacy, authentication, hacking, recovery, accountability, account control [3] [4].

A. What is Cloud Computing?

It is one of the most controversial terms in the IT industry - users are deploying their applications and data to remote clouds for easy and complete access.

Clouds are divided into two groups:

1. Based on the cloud computing environment.
2. On the based one of services provided.

B. Based on The Location of the Cloud

This is also divided into:

1. Private Cloud: These are assigned to a particular organization and are not divided between any particular firm. Private clouds have higher costs and security compared to public clouds. Other types of private clouds are private clouds and private clouds hosted externally.
2. Public Cloud: In the public cloud, at the vendor site, the computer infrastructure is hosted by cloud vendors. The user does not have the precision and control of the computer interface. The computer base is shared between other companies.
3. Hybrid Cloud: This type of cloud is economical and growing. When we combine the use of public and private clouds it is called a hybrid cloud. This is aimed at minimizing change.

C. Based on the Service Provided

This is categorized as follows:

1. Infrastructure as a Service (IaaS): Using cloud computing principles, hardware-related services are provided. This includes backup services or virtual servers.
2. Platform as a Service (PaaS): Cloud development platform is provided by them. Different vendors offer incompatible platforms.
3. Software as a service (SaaS): Complete software services are provided in the cloud. The software application can be accessed by users hosted by a cloud vendor on a per-payment basis as peruse. The nomenclature of cloud computing contains a component known as Software as a virtual method. [5]

II. LITERATURE REVIEW

A. AWS (Amazon Web Service)

AWS is a cloud compiler provider. This service is a perfect example of true cloud computing that not only offers excellent cloud services but also offers privacy; integrity and availability of customer data [6].AWS provides the required resources. IT services are available at affordable prices and no pre-investment is required on the services. The customer must pay for the services they use regularly. AWS provides flexibility depending on the number of services the customer needs. If they need more than what they want they can easily go up and if they don't need the services they have they can close them off and stop paying. Another advantage of AWS is that it makes the job easier and faster. With traditional builds, it was difficult to upgrade the application as it takes a lot of time to find the server. But with AWS cloud computing one can use hundreds or thousands of servers without any delay. AWS, therefore, allows for faster development and feeds off the system, and allows the team to try again and again.

AWS not only provides system development services but also helps to deploy the system globally at a low cost. Traditionally it was difficult for a company to provide performance to distributed users so that they could focus on only one area at a time. But with the help of, AWS this problem was solved and now one can send its use worldwide and show better information to customers. [7]

AWS provides a wide range of cloud computing services that assist in the development of complex applications.

B. AWS Security Process

In AWS, Confidentiality, Integrity, and Accessibility (CIA) [6,8] of user data is a very important task. The purpose of AWS is to maintain customer confidence and trust.

1. AWS Infrastructure: AWS infrastructure is an infrastructure that is designed or designed based on security processes that are critical to protecting customer data. AWS infrastructure contains hardware, operating software, security standards, network, and other essential resources. AWS data centers have very new structures due to their extensive knowledge of designing and building data centers. A high level of security exists during the physical access of AWS data centers. Professional security personnel is monitored for data security. They use electronic devices such as video surveillance, CCTV cameras, intruders, etc. Visitors or contractors must submit their ID signed by authorized staff and are allowed to access it if they have business needs. The location of the data centers is controlled

a. Automatic fire detection and compression equipment to reduce risk.

b. 24 * 7 Uninterruptible Power Supply.

c. Climate control is in place to maintain the operating temperature of servers and other computer systems.

d. All equipment is handled, so if a matter is raised it should be identified immediately.

C. Network Security

AWS has outstanding network security as it has outstanding network configurations that are properly controlled and managed. The following are reasons for building AWS world-class network:

1. Secure Network Architecture
2. Secure Access Points
3. Transmission Protection
4. Amazon Corporate Segregation
5. Fault-Tolerant Design
6. Network Monitoring and Security

Secure Network Architecture is accessible by. network devices such as a firewall that controls and controls the network boundary. Traffic flow policies, access control lists (ACL), are designed to control the flow of information approved by Amazon Information Security. Secure Access Point indicates that AWS has a limited number of access points to perform appropriate communication monitoring. Customer access points are called API endpoints. These access points help secure HTTP (HTTPS) access. Transfer Protection: -A person can connect to the AWS access point using HTTS using the SSL (Secure Socket Layer) protocol. This process provides many security services such as protection against fraudulent messages, interference, etc. The following is the division of Amazon companies which means the division of the Amazon Production network into the Amazon Corporate network by network devices. Engineer or manager cannot directly access network devices even with configuration. They need access through the AWS ticket system. Once authorized staff can access the AWS network with the help of a bastion host. Fault-Tolerant Design: -AWS has designed its architecture in such a way that in the event of any hardware or software failure it should have minimal impact on the customer. Network monitoring and protection: -AWS has a world-class monitoring and control system as it has an automatic monitoring system that automatically detects errors; any unauthorized access and any unusual activity. Other instruments are available to assist with monitoring.

D. Amazon S3

A. Amazon S3 Amazon is one of the leading cloud computing providers and has the benefit of gaining customer trust in cloud computing. Amazon also recommended this trust by following safety standards. The following describes how Amazon maintained a good position during the security period in use. Amazon uses the Identity Access Management (IAM) framework to control access to its services. IAM is a framework used to identify, authenticate and authorize users/users, processes/groups, or groups to access AWS resources [9, 10, 11]. The framework supports a centralized view of user management, passwords, access keys, and policies. This configuration for AWS users, permissions, and services/services define which user can access the pre-defined authorized device [2, 12]. The framework works as follows:

1. When a user first registers with an email address and password, the account created is considered a root account with full access to all available resources and services in AWS. It is considered the best way to use IAM to build users, teams, and roles.
2. The created IAM user can be set to obtain a username, password, access key, and a set of access permissions for a specific account. IAM user roles are encouraged to ensure that no user can access all root account resources and verify the different login credentials for the assigned accounts [3].
3. The IAM group can be created based on daily activities or level of access. Those groups can be set to have a different set of access policies. It is recommended to set permissions based on user-level not based on user level for better access management [2, 13, 14].

Setting access to the minimum access right is also recommended. With minimal rights, and to avoid the escalation of rights, the IAM Role can be used instead. IAM roles, unlike passwords or access keys, support the use of temporary security information [8]. IAM policies are usually set to limit a particular source of access or time, based on other circumstances.

Amazon S3 offers accessibility policy options such as resource-based (bucket and object), user-based policies (power policies). Users can choose to override app-based policies by setting up power policies or use both policies to manage Amazon S3 service access permissions [4]. To ensure data availability, users are encouraged to use it to make changes and duplicates. The version will be needed to restore the old version. Additionally, in the AWS service console management and Amazon S3 APIs, SSL / TLS secure connections are set between the console storage and the client browser. In the case of Amazon S3 APIs with an HTTP connection, all download traffic will be put into a secure session [2]. Amazon also uses the integrity check to verify the application and verify the integrity of the data, using custom configurations in one of the following ways: Message Verification Codes (SHA-1 / SHA-2), or Authenticated Encryption (AES-GCM), or Hashed Verification CodeThe message, digital signatures [2, 7].

In line with the standard security, Amazon enforces the use of Multi-factor authentication (MFA). AWS currently supports virtu, al, SMS, and MFA 390 device hardware. The virtual device can be sent via a smartphone or tablet device that supports the Time-Based One-Time Password Algorithm (TOTP) while the hardware can be delivered with the key -Tamper-evident hardware, provided by an external company (Gemalto). MFA can be used in conjunction with the root account and the IAM user account [2, 15]. This method works when the user successfully enters the correct email details and password, the user will be asked to enter the 6-digit codes sent to the user or the visual or hardware device [2, 3].

E. AWS EC2 Instances

It can serve as an unlimited set of virtual machines (VMs).Amazon offers a variety of scenarios with different CPU configurations, memory, storage, and communication resources to suit users' needs. Each type is available in a variety of sizes to meet specific workload requirements. Circumstances created from Amazon Machine Images (AMI). Machine images are like templates. They are activated by the operating system (OS) and other software, which determines the user's work environment. Users can choose AMI provided by AWS, the user community, or through the AWS Marketplace.

Types of EC2 models:

Types of events are grouped based on target app profiles. These groups include the following:

1. Normal Purpose: A common goal is for example a VM designed to handle a lot of work. Typical objective conditions are developed to have a higher number of CPU cores, much much-needed and memory. Other common uses for common purposes include web server hosting and software development and testing.
2. The Calculation is Set: Advanced computer environments are used to run large data applications that require greater processing power and memory in the AWS cloud. These scenarios are designed and optimized to use computational and data applications that require fast network performance, wide availability, and high input/output (I / O) per second (IOPS) functionality. Examples of types of applications include scientific and financial modeling and simulation, machine learning, business data storage, and business intelligence.
3. Graphics Processing Unit (GPU): These scenarios provide a way to use applications that take pictures faster than standard EC2 scenarios. Systems that rely on GPUs include games and design work.

a. Memory is well made - Memory modes use a high-speed, robust drive to provide quick access to data and deliver high performance. These scenarios are ideal for applications that require extra memory and minimal CPU power, including open-source data, real-time data analysis, and memory repositories.

b. Storage is configured - Storage conditions are ideal for applications that require high I / O performance, such as NoSQL websites that store and retrieve data in real-time. They are also well suited for most memory-intensive applications such as data processing, data storage, analytics task loading, and logging.

c. Micro-A small example is designed for applications with a low output. The small example model can serve as a small website server, as a software testing platform, or as a web server that does not require high purchase prices.

F. Methodology Design

III. COMPARISON BETWEEN AWS AND OTHER CLOUD COMPUTING PLATFORM

Table I. Comparison of IOT cloud platform vendors according to available HUBS

Table II. Comparison of iot cloud platform vendors for security services

IV. FUTURE SCOPE OF AWS TECHNOLOGY

1. AWS number 1 Used by Public Cloud.
2. AWS is a fast-growing Community Cloud.
3. Amazon web services should effectively manage customer queries and generate the most relevant answers for them.
4. Amazon web service as we do not have a lot of portable storage, virtual storage devices are not expensive.

Conclusion

AWS (Amazon Web Service) has outstanding performance on cloud computing due to its excellent performance in the area of data security. One of the functions of AWS is to 1) Provide network security 2) Create a slide window dashboard in real-time over data transmissiom 3) AWS Disaster Recovery (DR). [20] 4) Scale security: login to AWS. 5) Encryption of data encryption 6) How to Copy and Recover Backup These security services provided by AWS are a reason why customers have confidence in their services. Therefore building trust by providing security services should be the main goal of cloud computing. AWS services are easy to use in the Linux platform area and offer additional features in the Virtual Linux machines. AWS has a higher acquisition value than any other cloud services available and is in its league and more common among beginners while IBM gains market share but is still a long way off. AWS has disk performance and has better RAM speed than IBM. And AWS has the added protection feature of the RSA security system while IBM is lagging in this feature. AWS is mostly a mid-priced option and IBM is more expensive than AWS models. The distinguishing feature between the two is that IBM web conditions can work in AWS EC2 and the opposite does not happen. This research paper is about storing data and about the security provided in AWS. To provide additional security in the repository we store our data in the AWS Cloud. We were able to successfully use limited access to sensitive data after user verification. Users can access S3 data using MFA.

References

[1] Qi Zhang, Lu Cheng, RaoufBoutaba. Cloud Computing: Advances and Research Challenges. J Internet ServAppl (2010). [2] Rabbi Prasad Padhy, ManasRanjanPatra, Suresh Chandra Satyapathy. Cloud Computing: Security Issues and Research Challenges. IJCSITS Vol. 1, No. 2, December 2011. [3] Meiko Jensen, JorgSehwenk et al.,pp 109-116, October 2009. [4] Mladen A. Vouk, Journal of Computing and Information Technology -CIT 16, 4, pp 235-246, 2008. [5] SumitKhurana, Anmol Gaurav Verma. IJECT Vol. 4. April-June 2013. [6] Hui NM, Chieng LB, Ting WY, Mohamed HH, Arshad MR. Cross-platform mobile apps for android and iOS. In6th Joint IFIP Wireless and Mobile Networking Conference (WMNC) 2013 Apr 23 (pp. 1-4). IEEE. [6] John Harauz, Lori M. Kaufman, Bruce Potter. IEEE July / August 2009. [7] http://aws.amazon.com/what-is-aws/ [8] Amazon Web Services: Overview of Security Procedures. June 2014 White Papers. [9] Understanding How IAM Works, 6 2018. [Online]. Available: https://docs.aws.amazon.com/IAM/latest/UserGuide/introstructure.html. [10] Manage access permissions for your Amazon S3 devices. [online]. Available: https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-accesscontrol.html [11] IAM roles, 6 2018. [Online]. Available: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles.html [12] Wang, R., “Research in Data Security Technologies Based on Cloud Storage,” Procedia Engineering174, pp.1340– 1355, 2017. [13] G. Tajadod, Taipei, 2012, pp. 539-544 [14] Chowdhury, R. R., vol.96, No.15, Jun.2014. [15] Multi-item confirmation, 6 2018. [Online]. Available: https://aws.amazon.com/iam/details/mfa [16] What is the Azure Active Directory? 6 2018. [Online]. Available at: https://docs.microsoft.com/en-us/azure/active- directory/activedirectory-whatis [17] Microsoft Azure, “Microsoft Azure Compliance Offerings,” no.56, May.2018 [18] Islam, N., and Rehman, A., \"Comparative Study of Cloud Cloud Service Providers,\" First International Conference on Information and Communication Technology, Sept.2013. [19] Aws.amazon.com/compliance/programs, ‘AWS Compliance Programs’, 2018. Available:. https://aws.amazon.com/compliance/programs. [20] Amazon Web Services, \"Amazon Web services: Risk and Compliance,\" no.81, May.2017 [21] Glen Robinson, Chris Elleman. Amazon Web Services- Using Disaster AWS Restoration. October 2014 White Papers.

Copyright

Copyright © 2022 Neha Kewate, Amruta Raut, Mohit Dubekar, Yuvraj Raut, Prof. Ankush Patil. This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.