Cloud security: Emerging threats and current solutions

Coppolino, Luigi; D’Antonio, Salvatore; Mazzeo, Giovanni; Romano, Luigi

doi:10.1016/j.compeleceng.2016.03.004

Cited by 125 publications

(63 citation statements)

References 6 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…network-level attacks that can affect the confidentiality and integrity of every networked system are: packet sniffing, IP spoofing, ARP spoofing and Man In The Middle attacks (MITM) [27,85,62]. Among network level issues that can affect integrity and confidentiality, MITM attacks are much more critical and deserve special attention.…”

Section: Confidentiality and Integrity Issues Well-known Examples Ofmentioning

confidence: 99%

Cyber-Storms Come from Clouds: Security of Cloud Computing in the IoT Era

et al. 2019

View full text Add to dashboard Cite

The Internet of Things (IoT) is rapidly changing our society to a world where every "thing" is connected to the Internet, making computing pervasive like never before. This tsunami of connectivity and data collection relies more and more on the Cloud, where data analytics and intelligence actually reside. Cloud computing has indeed revolutionized the way computational resources and services can be used and accessed, implementing the concept of utility computing whose advantages are undeniable for every business. However, despite the benefits in terms of flexibility, economic savings, and support of new services, its widespread adoption is hindered by the security issues arising with its usage. From a security perspective, the technological revolution introduced by IoT and Cloud computing can represent a disaster, as each object might become inherently remotely hackable and, as a consequence, controllable by malicious actors. While the literature mostly focuses on security of IoT and Cloud computing as separate entities, in this article we provide an up-to-date and well-structured survey of the security issues of Cloud computing in the IoT era. We give a clear picture of where security issues occur and what their potential impact is. As a result, we claim that it is not enough to secure IoT devices, as cyber-storms come from Clouds.

show abstract

Section: Confidentiality and Integrity Issues Well-known Examples Ofmentioning

confidence: 99%

Cyber-Storms Come from Clouds: Security of Cloud Computing in the IoT Era

et al. 2019

View full text Add to dashboard Cite

show abstract

“…Cloud operating systems are up to date on patches and upgrades, redundancy in disks ensures rapid recovery from hardware failures, tools such as Docker can containerize an entire environment and allow for rapid restarts in case of problems, and the fact that cloud systems need to meet commercial level security/data confidentiality requirements drives additional levels of system resilience. Coppolino et al (2017) provide a good review of cloud security. While their paper is aimed more at business needs, their observations and conclusions are equally valid for scientific data.…”

Section: Securitymentioning

confidence: 99%

From the Oceans to the Cloud: Opportunities and Challenges for Data, Models, Computation and Workflows

et al. 2019

View full text Add to dashboard Cite

Intent: Explores integrating the use of cloud-based data and how scientists can access large volumes of diverse, current and authoritative data, addresses the problem of locating and using large amounts of scientific data. The Section "Architectures for Real-Time Data Management and Services for Observations" describes streaming data and an architecture for making it easy to gather data. Also see Johanson et al. (2016). Cloud-Based Management of Scientific Data-Storing Data in the Cloud Intent: Explores storing and managing data in the cloud. Addresses the problem of ever increasing data quantities with decreasing budgets for data management. Explores the ways scientific projects can meet data access and dissemination requirements such as the U.S. Public Access to Research Results (PARR) mandate (Holdren, 2013). The section on the NOAA Big Data Project and open data and archiving are examples of this pattern. Also see Meisinger et al. (2009). Computing Infrastructure for Scientific Research Intent: Explores the ways in which cloud computing, in the form of PaaS or IaaS could be used as part of a research program and for teaching. It addresses the need for larger computational capabilities, especially under constrained budgets. The modeling efforts described in later sections are examples of this pattern.

show abstract

“…This foothold in the visualized environment could be extended to target the shared data storage, further compromising the confidentiality, integrity, and availability of the entire infrastructure [3][4][5]. Insider threats are a real possibility and nothing new in the computer world but with the cloud the risks are greater due to the unprecedented amount of information and multiclients data [17]. The Cloud Security Alliance (CSA) affectionately calls its top cloud threats in 2016 the treacherous twelve, 12 security concerns associated with cloud technology [18].…”

Section: Vulnerabilities In Cloudmentioning

confidence: 99%

Securing Cloud Hypervisors: A Survey of the Threats, Vulnerabilities, and Countermeasures

Barrowclough

Asif

2018

Security and Communication Networks

View full text Add to dashboard Cite

The exponential rise of the cloud computing paradigm has led to the cybersecurity concerns, taking into account the fact that the resources are shared and mediated by a ‘hypervisor’ that may be attacked and user data can be compromised or hacked. In order to better define these threats to which a cloud hypervisor is exposed, we conducted an in-depth analysis and highlighted the security concerns of the cloud. We basically focused on the two particular issues, i.e., (a) data breaches and (b) weak authentication. For in-depth analysis, we have successfully demonstrated a fully functional private cloud infrastructure running on CloudStack for the software management and orchestrated a valid hack. We analyzed the popular open-source hypervisors, followed by an extensive study of the vulnerability reports associated with them. Based on our findings, we propose the characterization and countermeasures of hypervisor’s vulnerabilities. These investigations can be used to understand the potential attack paths on cloud computing and Cloud-of-Things (CoT) applications and identify the vulnerabilities that enabled them.

show abstract

Cloud security: Emerging threats and current solutions

Cited by 125 publications

References 6 publications

Cyber-Storms Come from Clouds: Security of Cloud Computing in the IoT Era

Cyber-Storms Come from Clouds: Security of Cloud Computing in the IoT Era

From the Oceans to the Cloud: Opportunities and Challenges for Data, Models, Computation and Workflows

Securing Cloud Hypervisors: A Survey of the Threats, Vulnerabilities, and Countermeasures

Contact Info

Product

Resources

About