A Quantitative Analysis of Current Security Concerns and Solutions for Cloud Computing

Gonzalez, Nelson Mimura; Miers, Charles Christian; Redígolo, Fernando Frota; Carvalho, Tereza Cristina Melo de Brito; Simplício, Marcos A.; Näslund, Mats; Pourzandi, Makan

doi:10.1109/cloudcom.2011.39

Cited by 79 publications

(22 citation statements)

References 11 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…These advance-level security challenges can be categorized into five main classes, including safety standards, network, access control, cloud infrastructure and data categories. The safety class deals with standard bodies and authorities where the lack of safety standards, compliance risks, lack of auditing [37], lack of legal aspects (SLA) and lack of trust between CSPs and cloud consumers are the focused challenging issues [46,34]. The network category issues are considered to be the most challenging since cloud computing is more prone to network-related attacks compared to the traditional computing paradigms [105].…”

Section: Other Security Issuesmentioning

confidence: 99%

Access Control As a Service in Cloud: Challenges, Impact and Strategies

Shibli

Masood

Habiba

et al. 2014

Computer Communications and Networks

View full text Add to dashboard Cite

The evolution of service-oriented architecture has given birth to the promising cloud technology, which enables the outsourcing of existing hardware and software information technology (IT) infrastructure via the Internet. Since the cloud offers services to a variety of organizations under the same umbrella, it raises security issues including unauthorized access to resources and misuse of data stored in third-party platform. The fact that the cloud supports multiple tenants is the cause for the biggest concern among organizations: how to prevent malicious users from accessing and manipulating data they have no right to access. In this regard, various access control techniques have been proposed, which concentrate on certain authorization issues like the ease of privilege assignment or the resolution of policy conflicts, while ignoring other important weaknesses such as the lack of interoperability and management issues which arise in the dynamic cloud environment. To cover all these challenges, access control as a service (ACaaS), which stems from its significantly more popular parent, security as a service (SECaaS), is considered a viable solution for mediating cloud service consumers' access to sensitive data. In this chapter, we assist the cloud community in understanding the various issues associated with providing authorization services in the cloud that may be technical, such as privilege escalation and separation of duties, or managerial, such as the steep requirement of time and money for this purpose. ACaaS is the comprehensive

show abstract

Section: Other Security Issuesmentioning

confidence: 99%

Access Control As a Service in Cloud: Challenges, Impact and Strategies

Shibli

Masood

Habiba

et al. 2014

Computer Communications and Networks

View full text Add to dashboard Cite

show abstract

“…There is no more dependence in VLAN tags to differentiate traffic flows, for instance SDN main control-data protocol is OpenFlow, which requires a flow table in data plane switches. Flow rules poorly designed or incorrectly set priorities is an additional concern to multi-tenancy in clouds Table I HOW SDN CHARACTERISTICS SOLVES OR WORSENS THE MAIN CLOUD SECURITY ISSUES categorizations, such as [25]. Paper [26] mentions VM-level attacks, abuse and malicious use of cloud computing (due to easy registration and incomplete identification of users), loss of governance (SLAs with gaps in security parameters), lock-in (when a user is unable to migrate from one service provider to another), isolation failure, data loss or leakage, management interface compromise, compliance risk, malicious insiders, insecure interfaces and APIs, and account or service hijacking.…”

Section: Security Misconfigurationmentioning

confidence: 99%

“…In [4] as well as in [25], network related issues represent 14% of stated total. In [26], network related issues are not shown explicitly under a network class, but from our analysis, 18% are related to networking, being the other issues, in general, related to access policies, computing infrastructure, and data.…”

Section: Security Misconfigurationmentioning

confidence: 99%

“…In Table I, the first cloud network and infrastructure issue, regards the possible lack of proper installations of network firewalls, which could facilitate for hackers to access the cloud interface on behalf of legitimate users [25]. In [23], the authors propose a firewall application that runs over an OpenFlowbased SDN controller.…”

Section: Security Misconfigurationmentioning

confidence: 99%

See 1 more Smart Citation

Analysis of SDN Contributions for Cloud Computing Security

Jesus

Silva

Júnior

et al. 2014

2014 IEEE/ACM 7th International Conference on Utility and Cloud Computing

View full text Add to dashboard Cite

Cloud infrastructures are composed fundamentally of computing, storage, and networking resources. In regards to network, Software-Defined Networking (SDN) has become one of the most important architectures for the management of networks that require frequent re-policing or re-configurations. Considering the already known security issues of Cloud Computing, SDN helps to give fast answers to emerging threats, but also introduces new vulnerabilities related to its own architecture. In this paper, we analyze recent security proposals derived from the use of SDN, and elaborate on whether it helps to improve trust, security and privacy in Cloud Computing. Moreover, we discuss security concerns introduced by the SDN architecture and how they could compromise Cloud services. Finally, we explore future security perspectives with regard to leveraging SDN benefits and mitigating its security issues.

show abstract

“…Nelson et al [13] have shown many security issues in different parts of cloud computing in their study. The security issues they mentioned by other researchers are in the category of network and data security, interface, virtualization, governance, compliance and legal issues which have been discussed below.…”

Section: Introductionmentioning

confidence: 99%

Towards Secure Instance Migration in the Cloud

Syed

Musa

Rahman

et al. 2015

2015 International Conference on Cloud Computing (ICCC)

View full text Add to dashboard Cite

Hosting service providers are completely shifting towards cloud computing from dedicated hardware. However, corporates waffles to move their sensitive data to such a solution where data is no more in their control. The pay-asyou-go is primary notion of cloud service providers. However, they share infrastructure between different tenants that brings security issues. There is a need to provide trust and confidence to corporates that security mechanisms being used by the service providers are secure. Existing IaaS (Infrastructure as a Service) providers have adopted all standard software-based security solutions. However, recent research shows that softwares security solutions are itself vulnerable to attack. In this regard Trusted Computing Group (TCG) introduced hardware root-of-trust concept where highly sensitive information is stored in co-processor called Trusted Platform Module(TPM) rather than the software.Migration is an important process in cloud infrastructures. There are many solutions offered by service providers that improve performance of their client's services such as web and database. For example, CloudFront, Elastic Load Balancing (ELB) etc., offered by Amazon AWS. These services move customer's data between cloud infrastructure quit often. However, they do not provide hardware backed solutions, such as Trusted Computing, to migrate customer's data between infrastructures. In this paper we have incorporated a new component in OpenStack called Secure Instance Migration Module (SIMM). SIMM is backed by Trusted Computing constructs that protects integrity of instance data while migration takes place. By incorporation of SIMM module, cloud customers will have more confidence regarding their sensitive data. We have also discussed architecture and implementation of SIMM module.

show abstract

A Quantitative Analysis of Current Security Concerns and Solutions for Cloud Computing

Cited by 79 publications

References 11 publications

Access Control As a Service in Cloud: Challenges, Impact and Strategies

Access Control As a Service in Cloud: Challenges, Impact and Strategies

Analysis of SDN Contributions for Cloud Computing Security

Towards Secure Instance Migration in the Cloud

Contact Info

Product

Resources

About