The Cloud: Understanding the Security, Privacy and Trust Challenges

Our research investigated the security, privacy and trust aspects of cloud computing and determined whether these were sufficiently distinct to warrant public policy intervention. On the whole, cloud computing brings into acute focus many security and privacy challenges already evident in other domains such as outsourcing or behavioural advertising.

[1]  J. Rössl Above the Clouds , 2012 .

[2]  P. Mell,et al.  The NIST Definition of Cloud Computing , 2011 .

[3]  Christopher Millard,et al.  Contracts for clouds: comparison and analysis of the Terms and Conditions of cloud computing services , 2011, Int. J. Law Inf. Technol..

[4]  Sadie Creese,et al.  Inadequacies of Current Risk Controls for the Cloud , 2010, 2010 IEEE Second International Conference on Cloud Computing Technology and Science.

[5]  Frank Gens,et al.  Cloud Computing Benefits, risks and recommendations for information security , 2010 .

[6]  Frederik Vercauteren,et al.  Fully Homomorphic Encryption with Relatively Small Key and Ciphertext Sizes , 2010, Public Key Cryptography.

[7]  P. Schwartz From Victorian Secrets to Cyberspace Shaming , 2009 .

[8]  Daniele Catteddu,et al.  Cloud Computing: Benefits, Risks and Recommendations for Information Security , 2009 .

[9]  Siani Pearson,et al.  A Privacy Manager for Cloud Computing , 2009, CloudCom.

[10]  Kevin Fu,et al.  HICCUPS: health information collaborative collection using privacy and security , 2009, SPIMACS '09.

[11]  Markus Jakobsson,et al.  Controlling data in the cloud: outsourcing computation without outsourcing control , 2009, CCSW '09.

[12]  Hovav Shacham,et al.  Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds , 2009, CCS.

[13]  Wenke Lee,et al.  Secure in-VM monitoring using hardware virtualization , 2009, CCS.

[14]  Alexander Scolnik Protections for Electronic Communications: The Stored Communications Act and the Fourth Amendment , 2009 .

[15]  Hong Shen,et al.  Efficient and secure protocols for privacy-preserving set operations , 2009, TSEC.

[16]  Ivan Damgård,et al.  A correction to 'efficient and secure comparison for on-line auctions' , 2009, Int. J. Appl. Cryptogr..

[17]  Muli Ben-Yehuda,et al.  The Reservoir model and architecture for open federated cloud computing , 2009, IBM J. Res. Dev..

[18]  Ying Luo,et al.  Anonymous Biometric Access Control based on homomorphic encryption , 2009, 2009 IEEE International Conference on Multimedia and Expo.

[19]  Roel Wieringa,et al.  Security Implications of Virtualization: A Literature Study , 2009, 2009 International Conference on Computational Science and Engineering.

[20]  Robbert van Renesse,et al.  Toward a cloud computing research agenda , 2009, SIGA.

[21]  David A. Couillard Defogging the Cloud: Applying Fourth Amendment Principles to Evolving Privacy Expectations in Cloud Computing , 2009 .

[22]  Rajkumar Buyya,et al.  Article in Press Future Generation Computer Systems ( ) – Future Generation Computer Systems Cloud Computing and Emerging It Platforms: Vision, Hype, and Reality for Delivering Computing as the 5th Utility , 2022 .

[23]  Craig Gentry,et al.  Fully homomorphic encryption using ideal lattices , 2009, STOC '09.

[24]  Richard Wolski,et al.  The Eucalyptus Open-Source Cloud-Computing System , 2009, 2009 9th IEEE/ACM International Symposium on Cluster Computing and the Grid.

[25]  Daniel J. Gervais The Tangled Web of UGC: Making Copyright Sense of User-Generated Content , 2009 .

[26]  Eugene Ciurana,et al.  Developing with Google App Engine , 2009 .

[27]  Rafal Wojtczuk,et al.  Another Way to Circumvent Intel ® Trusted Execution Technology , 2009 .

[28]  Kevin D. Werbach The Centripetal Network: How the Internet Holds Itself Together, and the Forces Tearing it Apart , 2009 .

[29]  J. IBMT.,et al.  virtualization and hardware-based security , 2009 .

[30]  Federico Etro,et al.  The Economic Impact of Cloud Computing on Business Creation, Employment and Output in Europe. An application of the Endogenous Market Structures Approach to a GPT innovation , 2009 .

[31]  Randy H. Katz,et al.  Above the Clouds: A Berkeley View of Cloud Computing , 2009 .

[32]  Javier Herranz,et al.  Additively Homomorphic Encryption with d-Operand Multiplications , 2010, IACR Cryptol. ePrint Arch..

[33]  Florian Kerschbaum,et al.  Security against the business partner , 2008, SWS '08.

[34]  Carl Hewitt,et al.  ORGs for Scalable, Robust, Privacy-Friendly Client Cloud Computing , 2008, IEEE Internet Computing.

[35]  Manoj Prabhakaran,et al.  Homomorphic Encryption with CCA Security , 2008, ICALP.

[36]  Randal C. Picker Competition and Privacy in Web 2.0 and the Cloud , 2008 .

[37]  Mladen A. Vouk,et al.  Cloud computing — Issues, research and implementations , 2008, ITI 2008 - 30th International Conference on Information Technology Interfaces.

[38]  Jeffrey M. Voas,et al.  What's in a Name? Distinguishing between SaaS and SOA , 2008, IT Professional.

[39]  Edward Lee,et al.  Warming Up to User-Generated Content , 2008 .

[40]  Ivan Damgård,et al.  Homomorphic encryption and secure comparison , 2008, Int. J. Appl. Cryptogr..

[41]  Chris Clifton,et al.  Privacy-preserving decision trees over vertically partitioned data , 2005, TKDD.

[42]  Fred Dushin,et al.  Handling Multiple Credentials in a Heterogeneous SOA Environment , 2007, IEEE Security & Privacy.

[43]  Ivan Damgård,et al.  Efficient and Secure Comparison for On-Line Auctions , 2007, ACISP.

[44]  Caroline Fontaine,et al.  A Survey of Homomorphic Encryption for Nonspecialists , 2007, EURASIP J. Inf. Secur..

[45]  Dean Kuo,et al.  Negotiating SLAs with Dynamic Pricing Policies , 2007 .

[46]  M. Schunter,et al.  Architecting Dependable Systems Using Virtualization , 2007 .

[47]  Rafail Ostrovsky,et al.  Algebraic Lower Bounds for Computing on Encrypted Data , 2007, Electron. Colloquium Comput. Complex..

[48]  Tavis Ormandy An Empirical Study into the Security Exposure to Hosts of Hostile Virtualized Environments Tavis , 2007 .

[49]  Helen J. Wang,et al.  SubVirt: implementing malware with virtual machines , 2006, 2006 IEEE Symposium on Security and Privacy (S&P'06).

[50]  A. Sood,et al.  Location matters. , 2006, Gynecologic oncology.

[51]  An Enhanced Strategy for SLA Management in the Business Context of New Mobile Dynamic VO , 2006 .

[52]  Nadir Kiyanclar A Survey of Virtualization Techniques Focusing on Secure On-Demand Cluster Computing , 2005, ArXiv.

[53]  Tal Garfinkel,et al.  When Virtual Is Harder than Real: Security Challenges in Virtual Machine Based Computing Environments , 2005, HotOS.

[54]  M. Armstrong Competition in Two-Sided Markets ¤ , 2005 .

[55]  Tal Garfinkel,et al.  Virtual machine monitors: current technology and future trends , 2005, Computer.

[56]  B. Monahan,et al.  Meaningful Security SLAs , 2005 .

[57]  Siani Pearson,et al.  Towards accountable management of identity and privacy: sticky policies and enforceable tracing services , 2003, 14th International Workshop on Database and Expert Systems Applications, 2003. Proceedings..

[58]  J. Rochet,et al.  Platform competition in two sided markets , 2003 .

[59]  Makoto Yokoo,et al.  Secure multi-agent dynamic programming based on homomorphic encryption and its application to combinatorial auctions , 2002, AAMAS '02.

[60]  Ivan Damgård,et al.  Multiparty Computation from Threshold Homomorphic Encryption , 2000, EUROCRYPT.

[61]  H. Young,et al.  The Evolution of Conventions , 1993 .