This document summarizes a paper presented at the 2014 World Congress on Computing and Communication Technologies about data security issues in cloud environments and potential solutions. The paper discusses how data security is a major concern for cloud computing due to users' data being stored on servers outside of their direct control. It analyzes common data security and privacy threats in cloud computing like trust management of third-party providers, privacy protection when data is scattered across data centers, and uncertainty around data location. The paper also examines the types of data that need protection, such as personal information, sensitive data, usage data, and device identities. Overall, the document outlines the data security challenges in cloud computing and potential areas for security solutions.
This document summarizes a paper presented at the 2014 World Congress on Computing and Communication Technologies about data security issues in cloud environments and potential solutions. The paper discusses how data security is a major concern for cloud computing due to users' data being stored on servers outside of their direct control. It analyzes common data security and privacy threats in cloud computing like trust management of third-party providers, privacy protection when data is scattered across data centers, and uncertainty around data location. The paper also examines the types of data that need protection, such as personal information, sensitive data, usage data, and device identities. Overall, the document outlines the data security challenges in cloud computing and potential areas for security solutions.
This document summarizes a paper presented at the 2014 World Congress on Computing and Communication Technologies about data security issues in cloud environments and potential solutions. The paper discusses how data security is a major concern for cloud computing due to users' data being stored on servers outside of their direct control. It analyzes common data security and privacy threats in cloud computing like trust management of third-party providers, privacy protection when data is scattered across data centers, and uncertainty around data location. The paper also examines the types of data that need protection, such as personal information, sensitive data, usage data, and device identities. Overall, the document outlines the data security challenges in cloud computing and potential areas for security solutions.
2014 World Congress on Computing and Communication Technologies
Data Security Issues in Cloud Environment and Solutions
Dr. P. Dinadayalan 1 S. Jegadeeswari 2 Dr. D. Gnanambigai 3 Department of Computer Science Department of Computer Science and Applications Department of Computer Science K.M.Centre for P.G. Studies, Rajiv Gandhi Arts and Science college, ndira Gandhi College of Arts and Science, Puducherr! p d inadayalan@ho tmai l.com Puduche rr! j ega"sath!a#!ahoo.co.in Puduche rr! om Abstract Cloud com!uting is an internet based model t"at enable convenient# on demand and !ay !er use access to a !ool o$ s"ared resources. It is a new tec"nology t"at satis$ies a user%s re&uirement $or com!uting resources li'e networ's# storage# servers# services and a!!lications# Data security is one o$ t"e leading concerns and !rimary c"allenges $or cloud com!uting. ("is issue is getting more serious wit" t"e develo!ment o$ cloud com!uting. )rom t"e consumers% !ers!ective# cloud com!uting security concerns# es!ecially data security and !rivacy !rotection issues# remain t"e !rimary in"ibitor $or ado!tion o$ cloud com!uting services. ("is !a!er analyses t"e basic !roblem o$ cloud com!uting and describes t"e data security and !rivacy !rotection issues in cloud. Keyword Cloud Computing, Cloud Computing Security, Data Security, Privacy protection. I. I*(+,D-C(I,* A Cloud is a type of parallel and distributed system consisting of a collection of inter-connected and irtuali!ed computers that are dynamically proisioned and presented as one or more unified computing resources based on serice- leel agreements established through negotiation bet"een the serice proider and consumers#21$. Cloud Computing is a paradigm that focuses on sharing data and computations oer a scalable net"or% of nodes. &'amples of such nodes include end user computers( data centers( and Cloud )erices. The term such a net"or% of nodes as a Cloud .Cloud computing is one of hot topic in the field of information technology currently. *o"eer( cloud computing faces many critical issues. +ear the brunt of them is data security( "hich has become an important factor restricting the deelopment of cloud computing. As cloud serices data "as stored in the computer that do not o"ned or operated by users( this leads to data security issues( and easily drifted a"ay from the user,s control. Cloud computing emerges as a ne" computing paradigm "hich aim to proide reliable( customi!ed and -o) .-uality of )erice/ guaranteed computing dynamic enironments for end- users. The basic principle of cloud computing is that user data is not stored locally but is stored in the data center of internet. The companies "hich proide cloud computing serice could manage and maintain the operation of these data centers. The users can access the stored data at any time by using Application 0rogramming 1nterface .A01/ proided by cloud proiders through any terminal e2uipment connected to the internet. 3ot only are storage serices proided but also hard"are and soft"are serices are aailable to the general public and business mar%ets. The serices proided by serice proiders can be eerything from the infrastructure( platform or soft"are resources #4$#55$. &ach such serice is respectiely called 1nfrastructure as a )erice .1aa)/( 0latform as a )erice .0aa)/ or )oft"are as a )erice .)aa)/ #2$. There are three types cloud 6eployment models that "idely used in cloud computing are7 0riate Cloud 8The cloud infrastructure is o"ned or leased by a single organi!ation and is operated solely for that organi!ation. Community Cloud- )eeral organi!ations that hae similar polices( ob9ecties( aims and concerns share the cloud infrastructure. 0ublic Cloud-A large organi!ation o"ns the cloud infrastructure and sells cloud serices to industries or public. *ybrid Cloud-1t is combination of t"o or more clouds. 1t enables data and application probability. 1n 200:( the ma9or cloud computing endors successiely faced seeral accidents. Ama!on,s )imple )torage )erice "as interrupted t"ice in ;ebruary and <uly 200:. This accident resulted in some net"or% sites relying on a single type of storage serice. 1n =arch 200:( security ulnerabilities in >oogle 6ocs een led to serious lea%age of user priate information #10$. 1t "as e'posed that there "as serious security ulnerability in ?= "are irtuali!ation soft"are for =ac ersion in =ay 200:#:$( #1@( 24$. The rest of the paper is organi!ed as follo"s7 )ection II describes "hy the data need to be protected. )ection III discusses "ith the issues in cloud data storage. )ection 1. e'plains different security principles in cloud computing. )ection . deals "ith current security solutions in data security and priacy protection. This paper concludes the arious discussion and issues of data security in Cloud Computing. II. D/(/ *EED (, 0E P+,(EC(ED 6ata security issues may be significant for users "ho play on introducing cloud computing. This may be potentially disastrous for all different types of cloud computing serices( unless security principles and security technological mechanisms to eliminate users concerns are adopted. ;or e'ample( the most cloud serices userAs complaints are that their priate data is used for other purposes or sent to other cloud serice proiders "hich they are not "illing to do. The user data need to be protected that includes the follo"ing #5( 54$. They are personally identifiable information( sensitie information( usage data( and uni2ue deice identities. /. Personally identity in$ormation1 ;irst( it includes any information that could be used to identify or discoer an indiidual( such as name( 16 number and address( etc. )econd( it also includes information that may be correlated "ith other information to identify or locate an indiidual( for e'ample( social relations information( postal code( 1nternet 0rotocol address( card number of credit. :BC-1-4B::- 2CBB-4D14 E51.00 F 2014 1&&& 6G1 10.110:DWCCCT.2014.45 2014 World Congress on Computing and Communication Technologies :BC-1-4B::-2CB4-BD14 E51.00 F 2014 1&&& 6G1 10.110:DWCCCT.2014.45 2014 World Congress on Computing and Communication Technologies :BC-1-4B::-2CB4-BD15 E51.00 F 2015 1&&& 6G1 10.110:DWCCCT.2014.45 2014 World Congress on Computing and Communication Technologies CC CC CC :BC-1-4B::-2CBB-4D14 E51.00 F 2014 1&&& CC 6G1 10.110:DWCCCT.2014.45 0. Sensitive in$ormation1 )ensitie information re2uires additional safeguards. 3ormally( it includes information on religion or race( health( se'ual orientation( union membership or other information that is considered priate. 1t also includes personal financial information( 9ob performance information and 1nformation considered being sensitie personally identifiable information( e.g. biometric information or collections of sureillance camera images in public places. C. -sable data1 1t consists of information collected from computer deices such as printers( input habits. 1t also includes behaioural information( for e'ample ie"ing habits for digital content( users, recently isited "ebsites( product usage history( fre2uented place or social interaction. D. -ni&ue device identities1 Gther types of information that might be uni2uely traceable to a user deice( e.g. 10 addresses( Hadio ;re2uency 1dentity .H;16/ tags( uni2ue hard"are identities. III. C2,-D D/(/ S(,+/GE ISS-ES Cloud Computing moes the application soft"are and databases to the large data centers( "here the management of the data and serices may not be fully trust"orthy #4(C$. $rust management% Trust management is defined as reliance on the integrity( strength( ability and surety of a person or thing. &ntrust your data on to a third party "ho is proiding cloud serices is an issue. Security provider: Cloud serice proiders employ data storage and transmission encryption( user authentication( and authori!ation. =any clients "orry about the ulnerability of remote data to criminals and hac%ers. Cloud proiders are enormously sensitie to this issue and apply substantial resources to mitigate this problem. Privacy protection% 6ifferent from the traditional computing model( cloud computing utili!es the irtual computing technology( usersA personal data may be scattered in arious irtual data center rather than stay in the same physical location( een across the national borders( at this time( data priacy protection "ill face the controersy of different legal systems #2C$. Ownersip: Gnce data has been relegate to the cloud( some "orry about losing their rights or being unable to protect the rights of their customers. =any cloud proiders address this issue "ith "ell-s%illed user-sided agreements. According to the agreement( users "ould be "ise to see% adice from their faorite. Data location and !elocation% Cloud Computing offers a high degree of data mobility. Consumers do not al"ays %no" the location of their data #25$. "ultiplat#orm Support: =ore an issue for 1T departments using managed serices is ho" the cloud based serice integrates across different platforms and operating systems( e.g. G) I( Windo"s( Jinu' and thin clients. =ultiplatform support re2uirements "ill ease as more user interfaces become "eb-based. Data integrity: With proiding the security of data( cloud C: C: C: serice proiders should implement mechanisms to ensure data integrity and be able to tell "hat happened to a certain dataset and at "hat point #24$. Data recovery% An incident such as a serer brea% do"n may cause damage or loss to users, data. To aoid this( data should be bac%ed up to be recoered in future. Cloud users can %eep a bac%up of critical data on a local computer. Per#ormance and Availability: +usiness organi!ations are "orried about acceptable leels of performance and aailability of applications hosted in the cloud. Data $ac%up% Cloud proiders employ redundant serers and routine data bac%up processes( but some people "orry about being able to control their o"n bac%ups. =any proiders are no" offering data dumps onto media or allo"ing users to bac% up data through regular do"nloads. Data Portability and Conversion: )ome people hae concerns li%e( s"itching serice proiders there may be difficulty in transferring data. 0orting and conerting data is highly dependent on the nature of the cloud proiderAs data retrieal format( particular in cases "here the format cannot be easily reealed. I.. D/(/ SEC-+I(3 P+I*CIP2ES All the data security techni2ue is built on confidentiality( integrity and aailability of these three basic principles. Confidentiality refers to the so-called hidden the actual data or information( especially in the military and other sensitie areas( the confidentiality of data on the more stringent re2uirements. ;or cloud computing( the data are stored in Kdata CenterK( the security and confidentiality of user data is een more important. The so-called integrity of data in any state is not sub9ect to the need to guarantee unauthori!ed deletion( modification or damage #24(2B$. The aailability of data means that users can hae the e'pectations of the use of data by the use of capacity. )igure 1. Security Princi!les to !rotect data in Cloud Com!uting The nine %ey data security principles "ere analy!ed in depth on the basis of a comprehensie summary of the data need to be protected #50(51(54$. They are L Announcement( openness and transparency. L Hight( license and authority. L =inimi!ation. 5 L Accuracy. L )ecurity safeguards. L Compliance. L 0urpose. L Jimiting use-disclosure and retention. L Accountability Mey data security principles may be summed up in nine facets #50(51(54$7 /nnouncement# o!enness and trans!arency1 Cloud computing serice proiders must e'plain some attention in detail to them "ho "ant to use the data stored in cloud. ;or e'ample( "hat data they can use( ho" they use it( ho" long they "ill %eep it( and "ith "hom "ill they share it( and any other uses they intend for the information. They must also "arn the users if they "ant to change the use of information. 1f the information to be passed to a third party( it should also remind the users. 6ata security policies must be open to customers through the net"or% or other forms( and easy to understand and use #12(1B(1C$. +ig"t# license and aut"ority7 Cloud serice proiders must gie the user the right "hether can gather their information or not. Jicense of collection( use and disclosure of personally identifiable information must be gien. +ut the cloud serice proiders still hae the control authority. 4inimi5ation1 6ata that is needed to carry out the e'tent permitted should be collected in collection( used shared or disclosure. At the same time( the aailable information and the use scope must be minimi!ed. /ccuracy1 1nformation o"ners must be able to get access to personal information( to see "hat is being staged about them( "ho are using them( and to chec% its accuracy. All disbursement must be made to guarantee that the personal information staged is accurate( and they hae not been modified. Security sa$eguards1 6ata security re2uires safe guards( such as standardi!ation( regulatory approach and la"s and regulations( to preent unauthori!ed access( disclosure( copying( use or modification of personally identifiable information. Com!liance1 A client must be able to challenge an agency,s data security procedures. Transactions must comply "ith data security legislation. Pur!ose1 There must be a clearly specified purpose for the collection and sharing of personal information. 6ata usage has to be limited to the purpose "hich the o"ners of data agree. 2imiting use6disclosure and retention1 6ata can only be used or disclosed for the purpose for "hich it "as collected and should only be diulge to those parties authori!ed to receie it. 0ersonal information should only be %ept as long as is necessary. :0 :0 :0 /ccountability1 Cloud )erices proiders must arrange for someone to ensure the implementation of data security policies. And also has a reasonable audit function "hich must be present to monitor all data access and modification. These measures are accountability. .. C-++E*( SEC-+I(3 S,2-(I,*S ),+ D/(/ SEC-+I(3 /*D P+I./C3 P+,(EC(I,*. 1+= deeloped a fully homomorphic encryption scheme in <une 200:. This scheme allo"s data to be processed "ithout being decrypted #11$. Hoy and Hamadan applied decentrali!ed information flo" control .61;C/ and differential priacy protection technology into data generation and calculation stages in cloud and put forth a priacy protection system called air at#1$ #22$. This system can preent priacy lea%age "ithout authori!ation in =ap-Heduce computing process. A %ey problem for data encryption solutions is %ey =anagement. Gn the one hand( the users hae not enough e'pertise to manage their %eys. Gn the other hand( the cloud serice proiders need to maintain a large number of user %eys. The Grgani!ation for the Adancement of )tructured 1nformation )tandards .GA)1)/ Mey =anagement 1nteroperability 0rotocol .M=10/ is trying to sole such issues #14$. About data integrity erification( because of data communication( transfer fees and time cost( the users cannot first do"nload data to erify its correctness and then upload the data. And as the data is dynamic in cloud storage( traditional data integrity solutions are no longer suitable. 3&C JabAs proable data integrity .061/ solution can support public data integrity erification #52$. Cong Wang proposed a mathematical "ay to erify the integrity of the data dynamically stored in the cloud #B$ .1n the data storage and use stages( =o"bray proposed a client-based priacy management tool. 1t proides a user centric trust model to help users to control the storage and use of their sensitie information in the cloud #@$. =unts-=ulero discussed the problems that e'isting priacy protection technologies .such as M anonymous( >raph Anonymi!ation( and data pre- processing methods/ faced "hen applied to large data and analy!ed current solutions #15(14$. The 3ational 1nstitute of )tandards and Technology .31)T/ )pecial 0ublication( C00-CC( gies a &Guidelines for Media Saniti'ation.N#20$.The challenge of data priacy is sharing data "hile protecting personal priacy information. Handi%e >a9anaya%e proposed a priacy protection frame"or% based on information accountability .1A/ components #1:$. The 1A agent can identify the users "ho are accessing information and the types of information they use. When inappropriate misuse is detected( the agent defines a set of methods to hold the users accountable for misuse. About data destruction( O.). 6epartment of 6efence .6o6/ @220.22-= .the 3ational 1ndustrial )ecurity 0rogram Gperating =anual/ sho"s t"o approed methods of data.destruction/ security( but it does not proide any specific re2uirements for ho" these t"o methods are to be achieed #15$. .I. C,*C2-SI,* Cloud Computing is on-demand access to a shared pool of computing resources. Cloud technologies( if used appropriately( can help to reduce cost( reduce management responsibilities( increase agility and efficiency of organi!ations. Cloud storage is one of the popular serices proided by the cloud proiders to store the customer data in a 4 remote serer. &en though the Cloud proiders adertise that the stored information "ill be secure and intact( there are security attac%s "hich lead to loss of data. To oercome the loss of data( the data security principles are implemented in different "ays to protect the data. 6ata security is not 9ust technical issues( it also inoles many other aspects( such as standardi!ation( regulatory approach( la"s and regulations( etc. With the unrelieed efforts of entire cloud computing enironment and the continuous improement of releant la"s and regulations( on implementing these solutions in cloud computing( it "ill proide secured serices for users. +E)E+E*CES #1$ Airaat7 )ecurity and priacy for =ap Heduce(K 1n7 Castro =( eds. 0roc of the Bth Oseni' )ymp. on 3et"or%ed )ystems 6esign and 1mplementation. )an <ose7 O)&31I Association( pp 2:B-512( 2010. #2$ Aroc%iam( 0arthasarathy and =oni%andan)K 0riacy 1n Cloud Computing7 A )urey( KComputer )cience P 1nformation Technology . C) P 1T /0riacy - )urey. pp. 521-550( 2012. #5$ Ayesha =ali%( =uhammad =ohsin 3a!ir .2012/ <ournal )ecurity ;rame"or% for Cloud Computing &nironment7 A Heie" of &merging Trends in Computing and 1nformation )ciences )ecurity issues 8 Heie"( ?ol. 5. #4$ +alachandra( 0. ?. Hama%rishna and A. Ha%shit KCloud )ecurity 1ssuesK( 1&&& 1nternational Conference on )erices Computing )ecurity 1ssues( pp. @1B-@20( 200:. #@$ +o"ers M6( <uels A( Gprea A. 0roofs of retrieability7 Theory and implementation. 1n7 )ion H( ed. 0roc. of the 200: AC= Wor%shop on Cloud Computing )ecurity( CC)W .200:/( Co-Jocated "ith the 14th AC= Computer and Communications )ecurity Conf.( CC) 200:. 3e" Qor%7 Association for Computing =achinery( .200:/. pp. 45-@4 #4$ C.3. *oefer and >. Maragiannis.2010/KTa'onomy of cloud computing sericesK( <-1nternet serer Applications( ppC1-:4( 2011. #B$ Cong Wang( -ian Wang( Mui Hen( and Wen9ing Jou( K&nsuring 6ata )torage )ecurity in Cloud Computing(K in 0roceedings of the 1Bth 1nternational Wor%shop on -uality of )erice( pp.1-:( 200:. #C$ 6an"ei Chen( Qan9un *e KA )tudy on )ecure 6ata )torage )trategy in Cloud ComputingK. doi7 10.41@4D9cit.ol@.issueB.25 #:$ ;u Wen Ji 'iangKThe )tudy on 6ata )ecurity in Cloud Computingbased on ?irtuali!ationK. 1&&& 0roc.( 2011. #10$ >robauer( T. Wallosche% and &. )tRc%er( KOnderstanding Cloud Computing ?ulnerabilitiesK ?ulnerability ol. ::( 2010. #11$ 1+= 6iscoers &ncryption )cheme That Could 1mproe Cloud )ecurity()pam;iltering(Kat http7DD""".e"ee%.comDcDaD)ecurity D1+=O ncoers-&ncryption cheme-That-Could-1mproe-Cloud-)ecurity-)pam- ;iltering-15@415D. #12$ 1nformation CommissionerAs Gffice( S01A handboo%(N 200B #15$ =untTs-=ulero ?( 3in <. 0riacy and anonymi!ation for ery large datasets. 1n7 Chen 0( ed. 0roc of the AC= 1Cth 1nt,l Conf. Gn 1nformation and Mno"ledge =anagement( C1M= 200:. 3e" Qor%7 Association for Computing =achinery( pp.211B-211C( 200:. #14$ =urat Mantarcioglu( Alain +ensoussan and )ingHu.Celine/ *oeK 1mpact of )ecurity His%s on Cloud Computing Adoption ;orty-3inth Annual Allerton Conference( 2011. #1@$ =uthunagai( Marthic and )u9atha1&&&( ?irtuali!ation Techni2ues pp. 1B4-1B( 2012. #14$ GA)1) Mey =anagement 1nteroperability 0rotocol .M=10/ TCK( ht tp7D D""".oasis-open.orgDcomm ittee sDtc Uhom e .php V"gUabbreW%mip. #1B$ Grgani!ation for &conomic Co-operation and 6eelopment .G&C6/( S>uidelines goerning the protectionof priacy and transborder flo"s of personal data(N 0aris(1:C0 and S>uidelines for consumer protection for ecommerceN(1:::. :1 :1 :1 #1C$ 0atric% and ). Menny( S;rom 0riacy Jegislation to 1nterface 6esign7 1mplementing 1nformation 0riacy in *uman-Computer 1nteractions(N H. 6ingledine .ed./( 0&T 2005( J3C) 2B40( pp. 10B-124()pringer-?erlag +erlin *eidelberg( 2005 #1:$ Handi%e >a9anaya%e( Henato 1annella( and Tony )ahama( K)haring "ith Care An 1nformation Accountability 0erspectie(K 1nternet Computing( 1&&&( ol. 1@( pp. 51-5C( 2011. #20$ Hichard Missel( =atthe" )choll( )teen )%olochen%o( Iing Ji(K>uidelines for =edia )aniti!ation(K 31)T )pecial 0ublication C00- CC()eptember 2004( h ttp7DDc sr c .nis t. goDpub licati ons Dn istpubsDC00- CCD31)T)0C00-CCUre1.pdf. #21$ Hodero-=erino( Caceres and Jindner?a2uero( NA brea% in the clouds7 to"ards a cloud definitionKAC= )1>CG== Computer Communication Cloud 6efinitions olume 5:.1/( 200: #22$ Hoy 1( Hamadan *&( )etty )T?( Mil!er A( )hmati%o ?( Witchel KAiraat7 )ecurity and priacy for =apHednce(K O)&31I Association( pp.2:B-512. 2010 #25$ ). )ubashini( ?.MaithaKA surey on security issues in serice deliery models of cloud computingK. <ournal 3et"or% Computer Application( 2010. #24$ )hengmei Juo( Xhao9i Jin( Iiaohua Chen( 2011?irtuali!ationpp. 1B4- 1BCK?irtuali!ation security for Cloud computing sericeK. 1&&& 0roc.( 2011. #2@$ )iani 0earson( STa%ing Account of 0riacy "hen 6esigning Cloud Computing )erices(N CJGO6A0:( ?ancouer( Canada( pp. 44-@2( 200: #24$ )raan Mumar H Ashutosh )a'enaK6ata 1ntegrity 0roofs in Cloud )torageK. 1&&& 0roc.( 2011 #2B$ ?i%as Mumar )"etha =.) =unesh"ara =. ). 0rof 0ra%ash KCloud Computing7 To"ards Case )tudy Gf 6ata )ecurity =echanismK( 1nternational <ournal of Adanced Technology P &ngineering Hesearch .1<AT&H/( 2012. #2C$ Wang.C( Hen. M( Jou.W P Ji KTo"ard publicly auditable secure cloud data storage serices. 3et"or%K( 1&&& 0roc. pp.1:-24( 2012. #2:$ Wayne A. <ansen201131)T( 1&&&( .2011/ )ecurity and 0riacy 1ssues pp. 1-CKCloud *oo%s7 )ecurity and 0riacy 1ssues in Cloud computingK. #50$ Iiang yang Juo( Jin Qang( Jinru =a( )hanming Chu and *ao 6ai K?irtuali!ation )ecurity His%s and )olutions of Cloud Computing ?ia 6iide-Con2uer )trategyK( 1&&& 0roc.( 2011. #51$ Iiaoling Wang( Ji <ia and Iin Xhang K)tudy on 6ata )ecurity of Cloud ComputingK2012 &ngineering and Technology .)-C&T/( .2012/ )pring- pp 1-5. 2012 #52$ Xeng M( K0ublicly erifiable remote data integrity(K 1n7 Chen J-( Hyan =6( Wang >J( eds. J3C) @50C. +irmingham7 )pringer-?erlag( 41:.454( 200C. #55$ X*AG Wei KAn 1nitial Heie" of Cloud Computing )erices Hesearch 6eelopmentK. ( 1&&& 0roc.( 2010. #54$ Xhongbin Tang( Iiaoling Wang( Ji <ia( Iin Xhang(Wenhui =an K)tudy on 6ata )ecurity of Cloud Computing K( 1&&& 0roc.( 2012. @
What Will Your Channel Be About? 2. Who Is Your Target Audience? 3. Do You Have Any Tips or Advice For Other Who Are Just Starting A Youtube Channel? 4. Top 3 Favorite Youtube?