{"title":"确保云存储信息安全","authors":"Natalya Viktorovna Bespalova, S. Nechaev","doi":"10.25136/2409-7543.2023.2.40770","DOIUrl":null,"url":null,"abstract":"\n The subject of the study is cloud storage. The object of the study is the information security of cloud systems. In the course of the work, the regulatory framework was determined, which allows regulating work with cloud technologies at the legislative level. The Russian and foreign statistical data on the use of cloud technologies by corporate clients and individuals were analyzed, the main specific security problems of cloud solutions were identified, such as data storage, the use of modular infrastructure in the cloud, the vulnerability of virtual machines to malware infection, connection instability, access rights differentiation, unbalanced actions of the client and the cloud service provider. In the course of the work, the concept of building multi-level security of cloud systems was formulated. This approach will not only increase the time spent, but also the complexity of the process of infiltration of an attacker into the system, which will increase the chances of timely recognition and prevention of various types of attacks. A solution for building a security system was proposed, which includes the following steps: choosing reliable encryption and authentication methods, using a firewall to filter traffic and prevent intrusions, ensuring data transmission over the Internet in a secure execution, using an intrusion detection and prevention system.\n","PeriodicalId":150406,"journal":{"name":"Вопросы безопасности","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2023-02-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Ensuring information security of cloud storages\",\"authors\":\"Natalya Viktorovna Bespalova, S. Nechaev\",\"doi\":\"10.25136/2409-7543.2023.2.40770\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"\\n The subject of the study is cloud storage. The object of the study is the information security of cloud systems. In the course of the work, the regulatory framework was determined, which allows regulating work with cloud technologies at the legislative level. The Russian and foreign statistical data on the use of cloud technologies by corporate clients and individuals were analyzed, the main specific security problems of cloud solutions were identified, such as data storage, the use of modular infrastructure in the cloud, the vulnerability of virtual machines to malware infection, connection instability, access rights differentiation, unbalanced actions of the client and the cloud service provider. In the course of the work, the concept of building multi-level security of cloud systems was formulated. This approach will not only increase the time spent, but also the complexity of the process of infiltration of an attacker into the system, which will increase the chances of timely recognition and prevention of various types of attacks. A solution for building a security system was proposed, which includes the following steps: choosing reliable encryption and authentication methods, using a firewall to filter traffic and prevent intrusions, ensuring data transmission over the Internet in a secure execution, using an intrusion detection and prevention system.\\n\",\"PeriodicalId\":150406,\"journal\":{\"name\":\"Вопросы безопасности\",\"volume\":null,\"pages\":null},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2023-02-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Вопросы безопасности\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.25136/2409-7543.2023.2.40770\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Вопросы безопасности","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.25136/2409-7543.2023.2.40770","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
The subject of the study is cloud storage. The object of the study is the information security of cloud systems. In the course of the work, the regulatory framework was determined, which allows regulating work with cloud technologies at the legislative level. The Russian and foreign statistical data on the use of cloud technologies by corporate clients and individuals were analyzed, the main specific security problems of cloud solutions were identified, such as data storage, the use of modular infrastructure in the cloud, the vulnerability of virtual machines to malware infection, connection instability, access rights differentiation, unbalanced actions of the client and the cloud service provider. In the course of the work, the concept of building multi-level security of cloud systems was formulated. This approach will not only increase the time spent, but also the complexity of the process of infiltration of an attacker into the system, which will increase the chances of timely recognition and prevention of various types of attacks. A solution for building a security system was proposed, which includes the following steps: choosing reliable encryption and authentication methods, using a firewall to filter traffic and prevent intrusions, ensuring data transmission over the Internet in a secure execution, using an intrusion detection and prevention system.