Security Threats and Challenges in Cloud Computing

Cloud Computing has emerged as a new paradigm of computing that builds on the foundations of Distributed Computing, Grid Computing, and Virtualization. Cloud computing is Internet-accessible business model with flexible resource allocation on demand, and computing on a pay-per-use as utilities. Cloud computing has grown to provide a promising business concept for computing infrastructure, where concerns are beginning to grow about how safe an environment is. Security is one of the major issues in the cloud-computing environment. In this paper we investigate some prime security attacks and possible solutions for clouds: XML Signature Wrapping attacks, Browser Security, and Vendor Lock-in.

[1]  Michael McIntosh,et al.  XML signature element wrapping attacks and countermeasures , 2005, SWS '05.

[2]  Carlos Canal,et al.  Identifying adaptation needs to avoid the vendor lock-in effect in the deployment of cloud SBAs , 2012, WAS4FI-Mashups '12.

[3]  Alexander G. Chefranov,et al.  Countering Wrapping Attack on XML Signature in SOAP Message for Cloud Computing , 2013, ArXiv.

[4]  Ian Lumb,et al.  A Taxonomy and Survey of Cloud Computing Systems , 2009, 2009 Fifth International Joint Conference on INC, IMS and IDC.

[5]  Pavan Muralidhara Security issues in cloud computing and its counter measures , 2013 .

[6]  Nils Gruschka,et al.  Vulnerable Cloud: SOAP Message Security Validation Revisited , 2009, 2009 IEEE International Conference on Web Services.

[7]  Markus Jakobsson,et al.  The Future of Authentication , 2012, IEEE Security & Privacy.

[8]  Jörg Schwenk,et al.  On Technical Security Issues in Cloud Computing , 2009, 2009 IEEE International Conference on Cloud Computing.

[9]  Muhammad Ali Babar,et al.  Migrating Service-Oriented System to Cloud Computing: An Experience Report , 2011, 2011 IEEE 4th International Conference on Cloud Computing.

[10]  Jörg Schwenk,et al.  Making XML Signatures Immune to XML Signature Wrapping Attacks , 2012, CLOSER.

[11]  Reda Bendraou,et al.  Towards a solution avoiding Vendor Lock-in to enable Migration Between Cloud Platforms , 2013, MDHPCL@MoDELS.

[12]  Juan Manuel Murillo,et al.  Decoupling Cloud Applications from the Source - A Framework for Developing Cloud Agnostic Software , 2012, CLOSER.