Taxonomy for Identification of Security Issues in Cloud Computing Environments

ABSTRACT The emergence of Cloud Computing and consequential changes to infrastructure and work practices leaves little doubt that most computing platforms will be impacted by increased security concerns. Therefore, within the context of a security framework, issues surrounding the exploitation of hard or soft network elements in a Cloud architecture need to be acknowledged. To be applicable to any Cloud architecture, such a framework needs to play a role within the operational context of Cloud Computing. The framework is presented as a taxonomy of security threats specific to Cloud Computing environments.

[1]  Chris Baber,et al.  Wearable computers for the fire service and police force: technological and human factors , 1999, Digest of Papers. Third International Symposium on Wearable Computers.

[2]  Ali Mili,et al.  A cybersecurity model in cloud computing environments , 2013, J. King Saud Univ. Comput. Inf. Sci..

[3]  Sonja Kueppers,et al.  Getting our act together: human and technological factors in establishing an on-line knowledge base , 1999, SIGUCCS.

[4]  Mehdi Mohamadi,et al.  Effective factors on the success or failure of the online payment systems, focusing on human factors , 2013, 7th International Conference on e-Commerce in Developing Countries:with focus on e-Security.

[5]  Mário M. Freire,et al.  Security issues in cloud environments: a survey , 2014, International Journal of Information Security.

[6]  Paul Rodrigues,et al.  State-of-the-art cloud computing security taxonomies: a classification of security challenges in the present cloud computing environment , 2012, ICACCI '12.

[7]  Alan T. Litchfield,et al.  A Distributed Security Model for Cloud Computing , 2016, AMCIS.

[8]  Paulo Simões,et al.  Cloud computing: Concepts, technologies and challenges. , 2012 .

[9]  Wasim A. Al-Hamdani,et al.  Who can you trust in the cloud?: a review of security issues within cloud computing , 2011, InfoSecCD.

[10]  Guido Rößling,et al.  Social engineering: a serious underestimated problem , 2009, ITiCSE '09.

[11]  Paul T. Jaeger,et al.  Cloud Computing and Information Policy: Computing in a Policy Cloud? , 2008 .

[12]  Ajey Singh,et al.  Evaluating a cryptographic Overview of Attacks on Cloud Computing , 2012 .

[13]  Te-Shun Chou,et al.  SECURITY THREATS ON CLOUD COMPUTING VULNERABILITIES , 2013 .

[14]  Jinjun Chen,et al.  A historical probability based noise generation strategy for privacy protection in cloud computing , 2012, J. Comput. Syst. Sci..

[15]  Seyyed MohsenHashemi,et al.  Taxonomy of the Security Aspects of Cloud Computing Systems - A Survey , 2012 .

[16]  Ahmed Patel,et al.  An intrusion detection and prevention system in cloud computing: A systematic review , 2013, J. Netw. Comput. Appl..

[17]  Alan T. Litchfield,et al.  A Systematic Review of Cloud Computing, Big Data and Databases on the Cloud , 2014, AMCIS.

[18]  Walter Brenner,et al.  A Taxonomy of Industrial Service Systems Enabled by Digital Product Innovation , 2016, 2016 49th Hawaii International Conference on System Sciences (HICSS).

[19]  Mohammed El Ghazi,et al.  Cloud computing: Security challenges , 2012, 2012 Colloquium in Information Science and Technology.

[20]  Chun-I Fan,et al.  Controllable Privacy Preserving Search Based on Symmetric Predicate Encryption in Cloud Storage , 2011, 2011 International Conference on Cyber-Enabled Distributed Computing and Knowledge Discovery.

[21]  Mukaddim Pathan,et al.  Security, Privacy and Trust in Cloud Systems , 2013 .

[22]  Marcos A. Simplício,et al.  A Quantitative Analysis of Current Security Concerns and Solutions for Cloud Computing , 2011, CloudCom.

[23]  Gang Xiong,et al.  A research on the vulnerability in popular P2P protocols , 2013, 2013 8th International Conference on Communications and Networking in China (CHINACOM).

[24]  Edgar R. Weippl,et al.  Social engineering attacks on the knowledge worker , 2013, SIN.

[25]  Sanjay Kumar Madria,et al.  Offline Risk Assessment of Cloud Service Providers , 2015, IEEE Cloud Computing.

[26]  G. Kulkarni,et al.  A security aspects in cloud computing , 2012, 2012 IEEE International Conference on Computer Science and Automation Engineering.

[27]  Omar Khadeer Hussain,et al.  Service level agreement (SLA) assurance for cloud services: a survey from a transactional risk perspective , 2012, MoMM '12.

[28]  John C. S. Lui,et al.  Security adoption and influence of cyber-insurance markets in heterogeneous networks , 2014, Perform. Evaluation.

[29]  Rajkumar Buyya,et al.  Towards autonomic detection of SLA violations in Cloud infrastructures , 2012, Future Gener. Comput. Syst..

[30]  Jinjun Chen,et al.  An Association Probability Based Noise Generation Strategy for Privacy Protection in Cloud Computing , 2012, ICSOC.

[31]  Fred Cheng Security Attack Safe Mobile and Cloud-based One-time Password Tokens Using Rubbing Encryption Algorithm , 2011, Mob. Networks Appl..

[32]  Rajkumar Buyya,et al.  Article in Press Future Generation Computer Systems ( ) – Future Generation Computer Systems Cloud Computing and Emerging It Platforms: Vision, Hype, and Reality for Delivering Computing as the 5th Utility , 2022 .

[33]  A. Behl,et al.  An analysis of cloud computing security issues , 2012, 2012 World Congress on Information and Communication Technologies.

[34]  Baldev Singh An Analysis of Cloud Computing Security Issues , 2016 .

[35]  Guiran Chang,et al.  Modeling and evaluation of trust in cloud computing environments , 2011, 2011 3rd International Conference on Advanced Computer Control.

[36]  Kangchan Lee Security Threats in Cloud Computing Environments 1 , 2012 .

[37]  Kasia Muldner,et al.  Human, organizational, and technological factors of IT security , 2008, CHI Extended Abstracts.

[38]  Muttukrishnan Rajarajan,et al.  A survey of intrusion detection techniques in Cloud , 2013, J. Netw. Comput. Appl..

[39]  Ma Liangli,et al.  Virtualization Maturity Reference Model for Green Software , 2012, 2012 International Conference on Control Engineering and Communication Technology.

[40]  Sadie Creese,et al.  Insider Attacks in Cloud Computing , 2012, 2012 IEEE 11th International Conference on Trust, Security and Privacy in Computing and Communications.

[41]  Jean-Paul Van Belle,et al.  Management Issues with Cloud Computing , 2013, ICCC.

[42]  Bernd Grobauer,et al.  Understanding Cloud Computing Vulnerabilities , 2011, IEEE Security & Privacy.

[43]  Christian Fischer Pedersen,et al.  Data quality oriented taxonomy of ambient assisted living systems , 2015 .

[44]  Wentao Liu,et al.  Research on cloud computing security problem and strategy , 2012, 2012 2nd International Conference on Consumer Electronics, Communications and Networks (CECNet).

[45]  Jie Xu,et al.  A novel intrusion severity analysis approach for Clouds , 2013, Future Gener. Comput. Syst..

[46]  Khaled M. Khan,et al.  Establishing Trust in Cloud Computing , 2010, IT Professional.

[47]  Ruby B. Lee,et al.  Characterizing hypervisor vulnerabilities in cloud computing servers , 2013, Cloud Computing '13.

[48]  Samee Ullah Khan,et al.  Future Generation Computer Systems ( ) – Future Generation Computer Systems towards Secure Mobile Cloud Computing: a Survey , 2022 .

[49]  Jan Muntermann,et al.  A method for taxonomy development and its application in information systems , 2013, Eur. J. Inf. Syst..

[50]  Tim Thornburgh Social engineering: the "Dark Art" , 2004, InfoSecCD '04.

[51]  Dimitrios Zissis,et al.  Addressing cloud computing security issues , 2012, Future Gener. Comput. Syst..

[52]  S. Solanke Vikas,et al.  Mobile cloud computing: Security threats , 2014, 2014 International Conference on Electronics and Communication Systems (ICECS).

[53]  J. Wenny Rahayu,et al.  Mobile cloud computing: A survey , 2013, Future Gener. Comput. Syst..

[54]  Markus Jakobsson,et al.  Authentication in the clouds: a framework and its application to mobile users , 2010, CCSW '10.

[55]  Weidong Liu,et al.  Security Issues and Solutions in Cloud Computing , 2012, 2012 32nd International Conference on Distributed Computing Systems Workshops.

[56]  Liangli Ma,et al.  Virtualization Maturity Reference Model for Green Software , 2012 .

[57]  Issa M. Khalil,et al.  Security Concerns in Cloud Computing , 2013, 2013 10th International Conference on Information Technology: New Generations.

[58]  Kamal Dahbur,et al.  A survey of risks, threats and vulnerabilities in cloud computing , 2011, ISWSA '11.

[59]  Sajjad Haider,et al.  Security threats in cloud computing , 2011, 2011 International Conference for Internet Technology and Secured Transactions.

[60]  Xiangjian He,et al.  Improving cloud network security using the Tree-Rule firewall , 2014, Future Gener. Comput. Syst..

[61]  Emiliano Casalicchio,et al.  Mechanisms for SLA provisioning in cloud-based service providers , 2013, Comput. Networks.

[62]  Martin Gilje Jaatun,et al.  Beyond lightning: A survey on security challenges in cloud computing , 2013, Comput. Electr. Eng..

[63]  Karim Baina,et al.  Cloud computing security: Fine-grained analysis and security approaches , 2013, 2013 National Security Days (JNS3).

[64]  Kangchan Lee Security Threats in Cloud Computing Environments , 2012 .

[65]  Sanjay Kumar Madria,et al.  Off-Line Risk Assessment of Cloud Service Provider , 2014, 2014 IEEE World Congress on Services.

[66]  Luis Miguel Vaquero Gonzalez,et al.  Locking the sky: a survey on IaaS cloud security , 2010, Computing.

[67]  Mário M. Freire,et al.  Cloud Security: State of the Art , 2014 .

[68]  Nadia A. Aleisa Semen characteristics of fertile and subfertile men in a fertility clinic and correlation with age , 2013 .

[69]  Rajashri Khanai,et al.  Addressing mobile Cloud Computing security issues: A survey , 2015, 2015 International Conference on Communications and Signal Processing (ICCSP).

[70]  John J. Rehr,et al.  A high performance scientific cloud computing environment for materials simulations , 2012, Comput. Phys. Commun..

[71]  Sherali Zeadally,et al.  Trust management of services in cloud environments: Obstacles and solutions , 2013, CSUR.

[72]  Theodore Tryfonas,et al.  Migrating To The Cloud: Lessons And Limitations Of 'Traditional' IS Success Models , 2013, CSER.

[73]  Ali Sunyaev,et al.  Taxonomy of Health IT and Medication Adherence , 2015 .

[74]  Valentina Casola,et al.  The CloudGrid approach: Security analysis and performance evaluation , 2013, Future Gener. Comput. Syst..