With the advancements in the field of mobile cloud computing, security is a major issue. As discovered while reviewing the existing and proposed frameworks of Mobile Cloud Computing, several major issues and challenges of mobile cloud computing were being synthesized. Here we present some of the major security challenges in mobile cloud computing that have been classified into an array of relevant categories:
Security Challenges in Mobile Cloud Computing
Data Security and Privacy Issues In Mobile Cloud Computing
The most serious concern about storing data in cloud worries every mobile cloud user. Data security is one of the major challenges faced in the field of mobile cloud computing. It is intimidating to transfer important data to the cloud because of the following data concerns that are very common in the cloud:
- Risk of data theft
- Violation of privacy rights
- Loss of physical security
- Handling of encryption and decryption keys
- Security and auditing issues of virtual machines
- Lack of standard to ensure data integrity
- Services incompatibility due to the involvement of different vendors
The privacy of data stored in the cloud belongs to its customers. In case you want to encourage the use of cloud data services, it is extremely important to standardize the concerns in cloud computing around data life cycle. This includes the standardization of the generation of data, data transfer, use and share of data, data storage and the archival and destruction of data.
Attacks at End-User Mobile Device
Also, you need to protect the data on the cloud from any attack at end user mobile device as well. It is important to protect the data from the threats of device data theft, virus and malware attacks via wireless devices and the misuse of access rights from information security point of view in the cloud.
Information Security Issues
Some common information security issues of cloud computing are:
- System security of server and database
- Networking security
- User authentication
- Data protection
- System and storage protection
Architecture and Cloud Service Delivery Models Issue
Mobile cloud computing also faces some general challenges in terms of their architecture. These include the challenge of computing off-loading, security for mobile users, applications or data, improvement in efficiency rate of data access, the context-aware mobile cloud services, migration and interoperability, service level agreement and the cost and pricing.
- PaaS model security issues: structured query language related, application programming interface security
- SaaS model security issues: data security management, web application vulnerability and scanning
Mobile Cloud Infrastructure Issues
Due to the lack of the mobile cloud infrastructure, a variety of security attacks is possible on the cloud. These attacks again harm the security of the data of the cloud users. Some of these possible attacks from the cloud infrastructure point of view are attacks on virtual machines, vulnerabilities at the platform level, phishing, authorization and authentication and attacks from local users.
Mobile Cloud Communication Channel Issues
The area of mobile cloud communication channel requires having a lot of improvement at various levels. The following attacks are possible at communication channel:
- Access control attacks
- Data integrity attacks
- Attacks on authentication
- Attacks on availability
Low bandwidth, latency problems, availability of desired services, heterogeneity, and limited resources are other major challenges faced at the communication level.
For actually encouraging the use of mobile cloud computing, it is extremely important to overcome all of these security challenges in mobile cloud and making it a completely safe channel. Only then, users will be comfortable storing their crucial data on the cloud.