Scribd
Upload
2K views4 pages

Brokered Cloud Storage Access

The document discusses brokered cloud storage access. It describes a system where a cloud broker manages access to cloud storage on behalf of clients. The broker stores the data and uses encryption keys to control access, providing an additional layer of security beyond what clients could implement themselves. Cloud brokers provide services like aggregating multiple storage options, balancing usage across providers, and adding security and management capabilities. Using a broker improves interoperability, portability, continuity, and can reduce costs.

Uploaded by

Isha Thakur
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
2K views4 pages

Brokered Cloud Storage Access

The document discusses brokered cloud storage access. It describes a system where a cloud broker manages access to cloud storage on behalf of clients. The broker stores the data and uses encryption keys to control access, providing an additional layer of security beyond what clients could implement themselves. Cloud brokers provide services like aggregating multiple storage options, balancing usage across providers, and adding security and management capabilities. Using a broker improves interoperability, portability, continuity, and can reduce costs.

Uploaded by

Isha Thakur
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 4

Brokered cloud storage access

Cloud Broker is an entity that manages the use, performance and delivery
of cloud services, and relationships between cloud providers and cloud
consumers.

All the data stored in the cloud. It can be located in the cloud service
provider’s system used to transfer data from sent and received. The cloud
computing has no physical system that serves this purpose. To protect the
cloud storage is the way to isolate data from client direct access. They are
two services are created. One service for a broker with full access to
storage but no access to the client, and another service for a proxy with
no access to storage but access to both the client and broker. These
important two services are in the direct data path between the client and
data stored in the cloud. Under this system, when a client makes a request
for data, here’s what happens:

1. The request goes to the external service interface of the proxy.


2. The proxy using internal interface, forwards the request to the
broker.
3. The broker requests the data from the cloud storage system.
4. The storage system returns the results to the broker.
5. The broker returns the results to the

The proxy completes the response by sending the data requested to the
client.
Even if the proxy service is compromised, that service does not have
access to the trusted key that is necessary to access the cloud storage. In
the multi-key solution, not eliminated all internal service endpoints, but
proxy service run at a reduced trust level is eliminated. The creation of
storage zones with associated encryption keys can further protect cloud
storage from unauthorized access.

Storage zone with encrypted keys


Cloud brokers provide services in three categories:

Aggregation: A cloud broker combines and integrates multiple services


into one or more new services.

Arbitrage: This is similar to service aggregation, except that the services


being aggregated are not fixed.

Intermediation: The cloud broker give service by improving capability


and providing value added services to cloud consumers. The
improvement can be managing access to cloud services, identity
management, performance reporting, enhanced security, etc.

Benefits of using a cloud broker

Benefits of using a cloud broker for a business or technical purpose


include the following:

 Cloud interoperability - Integration between several cloud


 Cloud portability - Move application between different cloud
 Increase business continuity by reducing dependency from one
cloud
 Cost

Storage location and tenancy

Cloud service providers as per their Service Level Agreements, need to


contractually store and process data in locations that are predetermined by
their contract. It gets the commitment for specific data site storage the
cloud vendor is under contract to conform to privacy laws.

Because data stored in the cloud is usually stored from multiple tenants
the each vendor has its own unique method for segregating one
customer’s data from another. It’s important to understand how the
specific service provider maintains data segregation. Cloud storage
provider provides privileged access to storage. Most cloud service
providers store data in an encrypted form to protect the data used in
security mechanism. Hence, data cannot be accessed by the unauthorized
user.

It is important to know what impact a disaster or interruption occur on the


stored data. Since data are stored across multiples sites, it may not be
possible to recover data in a timely manner.

You might also like