Security analysis of public cloud computing

Cloud computing is in its infancy and continues to evolve. As this evolution proceeds, there are a number of privacy and security concerns emerging from the cloud computing model that need to be addressed before broad acceptance occurs. This paper is an initial literature survey of cloud computing security, which promises to be a challenging research area. Although cloud computing security research inherits previous research from its elemental technologies, this paper will limit its focus on surveying cloud computing targeted research. By performing a systematic analysis of the security aspects of the cloud model, this work seeks to succinctly clarify why security continues to be a significant impediment for cloud adoption.

[1]  Craig Gentry,et al.  Fully homomorphic encryption using ideal lattices , 2009, STOC '09.

[2]  John Zic,et al.  TrustStore: Making Amazon S3 Trustworthy with Services Composition , 2010, 2010 10th IEEE/ACM International Conference on Cluster, Cloud and Grid Computing.

[3]  Krishna P. Gummadi,et al.  Towards Trusted Cloud Computing , 2009, HotCloud.

[4]  Michael Price The Paradox of Security in Virtual Environments , 2008, Computer.

[5]  Trent Jaeger,et al.  Seeding clouds with trust anchors , 2010, CCSW '10.

[6]  Lori M. Kaufman,et al.  Data Security in the World of Cloud Computing , 2009, IEEE Security & Privacy.

[7]  Dongwan Shin,et al.  Permission Management System: Permission as a Service in Cloud Computing , 2010, 2010 IEEE 34th Annual Computer Software and Applications Conference Workshops.

[8]  R. Shaikh,et al.  Virtualization: a key feature of cloud computing , 2010, ICWET.

[9]  Helen J. Wang,et al.  SubVirt: implementing malware with virtual machines , 2006, 2006 IEEE Symposium on Security and Privacy (S&P'06).

[10]  Huan Liu,et al.  A new form of DOS attack in a cloud and its avoidance mechanism , 2010, CCSW '10.

[11]  Tal Garfinkel,et al.  A Virtual Machine Introspection Based Architecture for Intrusion Detection , 2003, NDSS.

[12]  Lori M. Kaufman,et al.  Can a Trusted Environment Provide Security? , 2010, IEEE Security & Privacy.

[13]  Markus Jakobsson,et al.  Controlling data in the cloud: outsourcing computation without outsourcing control , 2009, CCSW '09.

[14]  Matt Bishop,et al.  Virtual Machine Introspection: Observation or Interference? , 2008, IEEE Security & Privacy.

[15]  Radek Vingralek,et al.  How to build a trusted database system on untrusted storage , 2000, OSDI.

[16]  Wei-Shinn Ku,et al.  Analysis of Integrity Vulnerabilities and a Non-repudiation Protocol for Cloud Data Storage Platforms , 2010, 2010 39th International Conference on Parallel Processing Workshops.

[17]  Zhidong Shen,et al.  The security of cloud computing system enabled by trusted computing technology , 2010, 2010 2nd International Conference on Signal Processing Systems.

[18]  Cong Wang,et al.  Enabling Public Auditability and Data Dynamics for Storage Security in Cloud Computing , 2011, IEEE Transactions on Parallel and Distributed Systems.

[19]  Jörg Schwenk,et al.  On Technical Security Issues in Cloud Computing , 2009, 2009 IEEE International Conference on Cloud Computing.

[20]  Nils Gruschka,et al.  Attack Surfaces: A Taxonomy for Attacks on Cloud Services , 2010, 2010 IEEE 3rd International Conference on Cloud Computing.

[21]  Lori M. Kaufman,et al.  Can Public-Cloud Security Meet Its Unique Challenges? , 2010, IEEE Security & Privacy.

[22]  Idit Keidar,et al.  Venus: verification for untrusted cloud storage , 2010, CCSW '10.

[23]  Samuel T. King,et al.  ReVirt: enabling intrusion analysis through virtual-machine logging and replay , 2002, OPSR.

[24]  Xiaoping Wu,et al.  Cloud Computing System Based on Trusted Computing Platform , 2010, 2010 International Conference on Intelligent Computation Technology and Automation.

[25]  Donn B. Parker,et al.  Fighting computer crime - a new framework for protecting information , 1998 .

[26]  Meina Song,et al.  Notice of Retraction A Governance Model for Cloud Computing , 2010, MASS 2010.

[27]  Balachandra Reddy Kandukuri,et al.  Cloud Security Issues , 2009, 2009 IEEE International Conference on Services Computing.

[28]  Gunnar Peterson,et al.  Don't Trust. And Verify: A Security Architecture Stack for the Cloud , 2010, IEEE Security & Privacy.

[29]  Ayman I. Kayssi,et al.  Privacy as a Service: Privacy-Aware Data Storage and Processing in Cloud Computing Architectures , 2009, 2009 Eighth IEEE International Conference on Dependable, Autonomic and Secure Computing.

[30]  Aad P. A. van Moorsel,et al.  Dependability in the cloud: Challenges and opportunities , 2009, 2009 IEEE/IFIP International Conference on Dependable Systems & Networks.

[31]  Hovav Shacham,et al.  Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds , 2009, CCS.