Security of Cloud Computing

Cloud computing has been envisioned as the next generation architecture of IT Enterprises. It offers great potential to improve productivity and reduce costs. In contrast to traditional solutions, where the IT services are under proper physical, logical and personnel controls, cloud computing moves the application software and databases to large data centers, where the management of the data and services may not be fully trustworthy. This unique attribute, however, poses many new security challenges which have not been well understood yet. In this paper we investigate some prime security attacks on clouds: Wrapping attacks, MalwareInjection attacks and Flooding attacks, and the accountability needed due to these attacks. The focus of this paper is to identify and describe these prime attacks with the goal of providing theoretical solutions for individual problems and to integrate these solutions.

[1]  P. A. Crouch,et al.  Lattice Attacks on RSA-Encrypted IP and TCP , 2001, IMACC.

[2]  Mladen A. Vouk,et al.  Cloud Computing – Issues, Research and Implementations , 2008, CIT 2008.

[3]  Jacob R. Lorch,et al.  TrInc: Small Trusted Hardware for Large Distributed Systems , 2009, NSDI.

[4]  Krishna P. Gummadi,et al.  Towards Trusted Cloud Computing , 2009, HotCloud.

[5]  David Lie,et al.  Manitou: a layer-below approach to fighting malware , 2006, ASID '06.

[6]  Mohamed Hamdi,et al.  Chaotic Progressive Access Control for JPEG2000 Images Repositories , 2008, IEEE GLOBECOM 2008 - 2008 IEEE Global Telecommunications Conference.

[7]  Andreas Haeberlen,et al.  A case for the accountable cloud , 2010, OPSR.

[8]  Peng Ning,et al.  Managing security of virtual machine images in a cloud environment , 2009, CCSW '09.

[9]  Randy H. Katz,et al.  A view of cloud computing , 2010, CACM.

[10]  William J. Bolosky,et al.  Mach: A New Kernel Foundation for UNIX Development , 1986, USENIX Summer.

[11]  Ann Cavoukian,et al.  Privacy in the clouds , 2008 .

[12]  Nils Gruschka,et al.  Vulnerable Cloud: SOAP Message Security Validation Revisited , 2009, 2009 IEEE International Conference on Web Services.

[13]  Katinka Wolter,et al.  Resilience Assessment and Evaluation of Computing Systems , 2012 .

[14]  Kamesh Namuduri,et al.  HORNS: A homomorphic encryption scheme for Cloud Computing using Residue Number System , 2011, 2011 45th Annual Conference on Information Sciences and Systems.

[15]  Benny Pinkas,et al.  Side Channels in Cloud Services: Deduplication in Cloud Storage , 2010, IEEE Security & Privacy.

[16]  Hovav Shacham,et al.  Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds , 2009, CCS.

[17]  Daniele Sgandurra,et al.  Cloud Security Is Not (Just) Virtualization Security , 2009 .

[18]  Wenke Lee,et al.  Lares: An Architecture for Secure Active Monitoring Using Virtualization , 2008, 2008 IEEE Symposium on Security and Privacy (sp 2008).

[19]  Aviel D. Rubin,et al.  Risks of the Passport single signon protocol , 2000, Comput. Networks.

[20]  Hovav Shacham,et al.  Careful with Composition: Limitations of the Indifferentiability Framework , 2011, EUROCRYPT.

[21]  Jörg Schwenk,et al.  Risks of the CardSpace Protocol , 2009, ISC.

[22]  Matthew Smith,et al.  Secret program execution in the cloud applying homomorphic encryption , 2011, 5th IEEE International Conference on Digital Ecosystems and Technologies (IEEE DEST 2011).

[23]  Hiroaki Hazeyama,et al.  Enabling secure multitenancy in cloud computing: Challenges and approaches , 2012, 2012 2nd Baltic Congress on Future Internet Communications.

[24]  Jörg Schwenk,et al.  On Technical Security Issues in Cloud Computing , 2009, 2009 IEEE International Conference on Cloud Computing.

[25]  Sebastian Gajek,et al.  On the Insecurity of Microsoft's Identity Metasystem , 2008 .

[26]  Cong Wang,et al.  Ensuring data storage security in Cloud Computing , 2009, 2009 17th International Workshop on Quality of Service.

[27]  Thomas Ristenpart,et al.  When Good Randomness Goes Bad: Virtual Machine Reset Vulnerabilities and Hedging Deployed Cryptography , 2010, NDSS.

[28]  V. Kavitha,et al.  A survey on security issues in service delivery models of cloud computing , 2011, J. Netw. Comput. Appl..

[29]  Andreas Schaad,et al.  Towards secure SOAP message exchange in a SOA , 2006, SWS '06.

[30]  Tal Garfinkel,et al.  A Virtual Machine Introspection Based Architecture for Intrusion Detection , 2003, NDSS.