Cloud Security: State of the Art

Throughout the end of the first half and during the second half of the past century, advances in technology allowed scientists to develop computer systems. In the beginning, mostly between the forties and the sixties, single computers would fill large rooms with electronics that would consume as much power as several hundreds of modern desktop computers.

[1]  Alan T. Sherman,et al.  Acquiring forensic evidence from infrastructure-as-a-service cloud computing: Exploring and evaluating tools, trust, and techniques , 2012, Digit. Investig..

[2]  Zhi Wang,et al.  DKSM: Subverting Virtual Machine Introspection for Fun and Profit , 2010, 2010 29th IEEE Symposium on Reliable Distributed Systems.

[3]  Markus Jakobsson,et al.  Controlling data in the cloud: outsourcing computation without outsourcing control , 2009, CCSW '09.

[4]  Jianhua Che,et al.  Study on the Security Models and Strategies of Cloud Computing , 2011 .

[5]  Gilles Grimaud,et al.  Large-Scale Coordinated attacks: Impact on the Cloud Security , 2012, 2012 Sixth International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing.

[6]  Gary Mcgraw Software security , 2004, IEEE Security & Privacy Magazine.

[7]  Balachandra Reddy Kandukuri,et al.  Cloud Security Issues , 2009, 2009 IEEE International Conference on Services Computing.

[8]  Luis Miguel Vaquero Gonzalez,et al.  Locking the sky: a survey on IaaS cloud security , 2010, Computing.

[9]  Luay A. Wahsheh,et al.  Different facets of security in the cloud , 2012, SpringSim.

[10]  Martin Gilje Jaatun,et al.  Monitoring Intrusions and Security Breaches in Highly Distributed Cloud Environments , 2011, 2011 IEEE Third International Conference on Cloud Computing Technology and Science.

[11]  John Viega,et al.  Cloud Computing and the Common Man , 2009, Computer.

[12]  Cyrille Artho,et al.  Memory deduplication as a threat to the guest OS , 2011, EUROSEC '11.

[13]  Michael McIntosh,et al.  XML signature element wrapping attacks and countermeasures , 2005, SWS '05.

[14]  Gail-Joon Ahn,et al.  Security and Privacy Challenges in Cloud Computing Environments , 2010, IEEE Security & Privacy.

[15]  Wanlei Zhou,et al.  Cloud security defence to protect cloud computing against HTTP-DoS and XML-DoS attacks , 2011, J. Netw. Comput. Appl..

[16]  Ravi Pendse,et al.  Security in multi-tenancy cloud , 2010, 44th Annual 2010 IEEE International Carnahan Conference on Security Technology.

[17]  F. J. Corbató,et al.  Introduction and overview of the multics system , 1965, AFIPS '65 (Fall, part I).

[18]  Zhifeng Xiao,et al.  Security and Privacy in Cloud Computing , 2013, IEEE Communications Surveys & Tutorials.

[19]  Paula Kotzé,et al.  Secure Virtualization - Benefits, Risks and Controls , 2011, CLOSER.

[20]  Ralf Steinmetz,et al.  Threat as a Service?: Virtualization's Impact on Cloud Security , 2012, IT Professional.

[21]  Jiann-Min Yang,et al.  Analysis on Cloud-Based Security Vulnerability Assessment , 2010, 2010 IEEE 7th International Conference on E-Business Engineering.

[22]  Tal Garfinkel,et al.  When Virtual Is Harder than Real: Security Challenges in Virtual Machine Based Computing Environments , 2005, HotOS.

[23]  Abhinav Mishra,et al.  Cloud computing security considerations , 2011, 2011 IEEE International Conference on Signal Processing, Communications and Computing (ICSPCC).

[24]  Steve Mansfield-Devine Cloud Security: Danger in the clouds , 2008 .

[25]  Hovav Shacham,et al.  Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds , 2009, CCS.

[26]  Sudhir N. Dhage,et al.  Intrusion detection system in cloud computing environment , 2011, ICWET.

[27]  Cyrille Artho,et al.  Software Side Channel Attack on Memory Deduplication , 2011, SOSP 2011.

[28]  Sadie Creese,et al.  Insider Attacks in Cloud Computing , 2012, 2012 IEEE 11th International Conference on Trust, Security and Privacy in Computing and Communications.

[29]  Meiko Jensen,et al.  Expressiveness Considerations of XML Signatures , 2011, 2011 IEEE 35th Annual Computer Software and Applications Conference Workshops.

[30]  Ming Gu,et al.  De-Anonymizing Dynamic Social Networks , 2011, 2011 IEEE Global Telecommunications Conference - GLOBECOM 2011.

[31]  V. K. Agrawal,et al.  Multi-level authentication technique for accessing cloud services , 2012, 2012 International Conference on Computing, Communication and Applications.

[32]  V. Kavitha,et al.  A survey on security issues in service delivery models of cloud computing , 2011, J. Netw. Comput. Appl..

[33]  Bernd Grobauer,et al.  Understanding Cloud Computing Vulnerabilities , 2011, IEEE Security & Privacy.

[34]  Andreas Schaad,et al.  Towards secure SOAP message exchange in a SOA , 2006, SWS '06.

[35]  Roberto Di Pietro,et al.  Secure virtualization for cloud computing , 2011, J. Netw. Comput. Appl..

[36]  Cong Wang,et al.  Ensuring data storage security in Cloud Computing , 2009, 2009 17th International Workshop on Quality of Service.

[37]  A. B. M. Shawkat Ali,et al.  A survey on gaps, threat remediation challenges and some thoughts for proactive attack detection in cloud computing , 2012, Future Gener. Comput. Syst..

[38]  Zhuolin Yang,et al.  Virtualization security for cloud computing service , 2011, 2011 International Conference on Cloud and Service Computing.

[39]  Haibo Chen,et al.  PALM: Security Preserving VM Live Migration for Systems with VMM-enforced Protection , 2008, 2008 Third Asia-Pacific Trusted Infrastructure Technologies Conference.

[40]  Jörg Schwenk,et al.  Towards an Anonymous Access Control and Accountability Scheme for Cloud Computing , 2010, 2010 IEEE 3rd International Conference on Cloud Computing.

[41]  Min-Woo Park,et al.  Multi-level Intrusion Detection System and log management in Cloud Computing , 2011, 13th International Conference on Advanced Communication Technology (ICACT2011).

[42]  Vitaly Shmatikov,et al.  De-anonymizing Social Networks , 2009, 2009 30th IEEE Symposium on Security and Privacy.

[43]  Kevin Sloan Feature: Security in a virtualised world , 2009 .

[44]  Joseph Idziorek,et al.  Exploiting Cloud Utility Models for Profit and Ruin , 2011, 2011 IEEE 4th International Conference on Cloud Computing.

[45]  Randy H. Katz,et al.  Above the Clouds: A Berkeley View of Cloud Computing , 2009 .

[46]  Xiaohua Jia,et al.  Data storage auditing service in cloud computing: challenges, methods and opportunities , 2011, World Wide Web.

[47]  Nils Gruschka,et al.  A survey of attacks on web services , 2009, Computer Science - Research and Development.

[48]  Lori M. Kaufman,et al.  Data Security in the World of Cloud Computing , 2009, IEEE Security & Privacy.

[49]  Max Mühlhäuser,et al.  Towards a Trust Management System for Cloud Computing , 2011, 2011IEEE 10th International Conference on Trust, Security and Privacy in Computing and Communications.

[50]  Yoshihiro Oyama,et al.  Load-based covert channels between Xen virtual machines , 2010, SAC '10.

[51]  Nils Gruschka,et al.  Vulnerable Cloud: SOAP Message Security Validation Revisited , 2009, 2009 IEEE International Conference on Web Services.

[52]  Martin Gilje Jaatun,et al.  Beyond lightning: A survey on security challenges in cloud computing , 2013, Comput. Electr. Eng..

[53]  Mark Townsend Managing a security program in a cloud computing environment , 2009 .

[54]  Kamal Dahbur,et al.  A survey of risks, threats and vulnerabilities in cloud computing , 2011, ISWSA '11.

[55]  Mahmood Doroodchi,et al.  An investigation on integrating XML-based security into Web services , 2009, 2009 5th IEEE GCC Conference & Exhibition.

[56]  Hong Zhao,et al.  Data Security and Privacy Protection Issues in Cloud Computing , 2012, 2012 International Conference on Computer Science and Electronics Engineering.

[57]  Wasim A. Al-Hamdani,et al.  Who can you trust in the cloud?: a review of security issues within cloud computing , 2011, InfoSecCD.

[58]  Cong Wang,et al.  Toward publicly auditable secure cloud data storage services , 2010, IEEE Network.

[59]  Cynthia Dwork,et al.  Wherefore art thou r3579x?: anonymized social networks, hidden patterns, and structural steganography , 2007, WWW '07.

[60]  Jon M. Kleinberg,et al.  Wherefore art thou R3579X? , 2011, Commun. ACM.

[61]  Yong Zhao,et al.  Cloud Computing and Grid Computing 360-Degree Compared , 2008, GCE 2008.

[62]  Brian Hayes,et al.  What Is Cloud Computing? , 2019, Cloud Technologies.

[63]  Shubhashis Sengupta,et al.  Cloud Computing Security--Trends and Research Directions , 2011, 2011 IEEE World Congress on Services.

[64]  Wei Xie,et al.  Security and Privacy in Cloud Computing: A Survey , 2010, 2010 Sixth International Conference on Semantics, Knowledge and Grids.

[65]  Ahmad-Reza Sadeghi,et al.  AmazonIA: when elasticity snaps back , 2011, CCS '11.

[66]  Roberto Di Pietro,et al.  Scalable and efficient provable data possession , 2008, IACR Cryptol. ePrint Arch..

[67]  Krishna P. Gummadi,et al.  Towards Trusted Cloud Computing , 2009, HotCloud.

[68]  Peng Ning,et al.  Managing security of virtual machine images in a cloud environment , 2009, CCSW '09.

[69]  David Bernstein,et al.  Intercloud Security Considerations , 2010, 2010 IEEE Second International Conference on Cloud Computing Technology and Science.

[70]  Jingfeng Xue,et al.  A Trust Model Based on Cloud Model and Bayesian Networks , 2011 .

[71]  Randy H. Katz,et al.  A view of cloud computing , 2010, CACM.

[72]  Jörg Schwenk,et al.  On Technical Security Issues in Cloud Computing , 2009, 2009 IEEE International Conference on Cloud Computing.

[73]  Akhil Behl Emerging security challenges in cloud computing: An insight to cloud security challenges and their mitigation , 2011, 2011 World Congress on Information and Communication Technologies.

[74]  Ramakrishna Gummadi,et al.  Determinating timing channels in compute clouds , 2010, CCSW '10.

[75]  Helen Nissenbaum,et al.  An Analysis of Google Logs Retention Policies , 2011, J. Priv. Confidentiality.

[76]  Dimitrios Zissis,et al.  Addressing cloud computing security issues , 2012, Future Gener. Comput. Syst..

[77]  S Ramgovind,et al.  The management of security in Cloud computing , 2010, 2010 Information Security for South Africa.

[78]  Mark John Taylor,et al.  Forensic investigation of cloud computing systems , 2011, Netw. Secur..

[79]  Fabio Pianese,et al.  Toward a Cloud Operating System , 2010, 2010 IEEE/IFIP Network Operations and Management Symposium Workshops.

[80]  Xiaohong Yuan,et al.  Cloud computing and security challenges , 2012, ACM-SE '12.

[81]  Muttukrishnan Rajarajan,et al.  A survey of intrusion detection techniques in Cloud , 2013, J. Netw. Comput. Appl..

[82]  Naidila Sadashiv,et al.  Cluster, grid and cloud computing: A detailed comparison , 2011, 2011 6th International Conference on Computer Science & Education (ICCSE).

[83]  Marcos A. Simplício,et al.  A Quantitative Analysis of Current Security Concerns and Solutions for Cloud Computing , 2011, CloudCom.

[84]  Mikhail J. Atallah,et al.  Privacy-Preserving Business Process Outsourcing , 2012, 2012 IEEE 19th International Conference on Web Services.

[85]  Huan Liu,et al.  A new form of DOS attack in a cloud and its avoidance mechanism , 2010, CCSW '10.

[86]  Martín Casado,et al.  Extending Networking into the Virtualization Layer , 2009, HotNets.

[87]  Sangjin Lee,et al.  Digital forensic investigation of cloud storage services , 2012, Digit. Investig..

[88]  Jason Hart Remote working: managing the balancing act between network access and data security , 2009 .

[89]  Saira Begum,et al.  Potential of cloud computing architecture , 2011, 2011 International Conference on Information and Communication Technologies.

[90]  John C. Grundy,et al.  An Analysis of the Cloud Computing Security Problem , 2016, APSEC 2010.

[91]  Nils Gruschka,et al.  The Impact of Flooding Attacks on Network-based Services , 2008, 2008 Third International Conference on Availability, Reliability and Security.

[92]  Osman Ghazali,et al.  A trust computing mechanism for cloud computing with multilevel thresholding , 2011, 2011 6th International Conference on Industrial and Information Systems.

[93]  Miguel Correia,et al.  Lucy in the sky without diamonds: Stealing confidential data in the cloud , 2011, 2011 IEEE/IFIP 41st International Conference on Dependable Systems and Networks Workshops (DSN-W).

[94]  Helen J. Wang,et al.  SubVirt: implementing malware with virtual machines , 2006, 2006 IEEE Symposium on Security and Privacy (S&P'06).

[95]  Eystein Mathisen,et al.  Security challenges and solutions in cloud computing , 2011, 5th IEEE International Conference on Digital Ecosystems and Technologies (IEEE DEST 2011).

[96]  Douglas Jacobson,et al.  Detecting fraudulent use of cloud resources , 2011, CCSW '11.