A SURVEY OF CLOUD COMPUTING SECURITY OVERVIEW OF ATTACK VECTORS AND DEFENSE MECHANISMS

Enterprises are more and more moving to the cloud to take advantages of its economic and technological model. However, Privacy and Security issues are often cited as the main obstacle to the adoption of cloud computing for enterprises; hence we need to have a clear understanding of security needs in the cloud in order to achieve solutions. The aim of this paper is twofold: firstly, to distinguish general security issues from cloud-related, and secondly, to provide an overview of attack vectors and defense strategies.

[1]  Dirk Fox,et al.  Open Web Application Security Project , 2006, Datenschutz und Datensicherheit - DuD.

[2]  An Investigation of Heuristics of Human Judgment in Detecting Deception and Potential Implications in Countering Social Engineering , 2007, 2007 IEEE Intelligence and Security Informatics.

[3]  P. Mell,et al.  The NIST Definition of Cloud Computing , 2011 .

[4]  Khaled Salah,et al.  EDoS-Shield - A Two-Steps Mitigation Technique against EDoS Attacks in Cloud Computing , 2011, 2011 Fourth IEEE International Conference on Utility and Cloud Computing.

[5]  Emmanuel Aroms NIST Special Publication 800-53 Revision 3 Recommended Security Controls for Federal Information Systems and Organizations , 2012 .

[6]  Michael K. Reiter,et al.  Cross-VM side channels and their use to extract private keys , 2012, CCS.

[7]  Sugata Sanyal,et al.  A New Trusted and Collaborative Agent Based Approach for Ensuring Cloud Security , 2011, ArXiv.

[8]  Krishnaveer Abhishek Challa Cloud Computing Security Issues with Possible Solutions , 2012 .

[9]  杨泽明,et al.  云计算安全 : 架构、战略、标准与运营 = Securing the cloud : cloud computer security techniques and t , 2013 .

[10]  Sawan Kumar,et al.  Ensuring data storage security in Cloud Computing , 2009, 2009 17th International Workshop on Quality of Service.

[11]  Jörg Schwenk,et al.  On Technical Security Issues in Cloud Computing , 2009, 2009 IEEE International Conference on Cloud Computing.

[12]  Matthew Metheny,et al.  Security and Privacy in Public Cloud Computing , 2013, CloudCom 2013.