Analysis of security components in cloud storage systems

One of the necessary steps to ensure the security of cloud storage systems is to adequately protect the infrastructure itself - the hardware and software that implements the storage services. The goal of this paper is to analyze the security components that should be used to provide a basic level of protection to storage systems, examining the actual technologies that are used to construct them. As a result, we can identify gaps in the provisioning of security services, highlighting any areas that need of further research.

[1]  Arif Merchant,et al.  A modular, analytical throughput model for modern disk arrays , 2001, MASCOTS 2001, Proceedings Ninth International Symposium on Modeling, Analysis and Simulation of Computer and Telecommunication Systems.

[2]  Siani Pearson,et al.  Privacy, Security and Trust in Cloud Computing , 2013 .

[3]  Christos Faloutsos,et al.  Storage device performance prediction with CART models , 2004, The IEEE Computer Society's 12th Annual International Symposium on Modeling, Analysis, and Simulation of Computer and Telecommunications Systems, 2004. (MASCOTS 2004). Proceedings..

[4]  Sataporn Amornsawadwatana,et al.  A review of techniques for risk management in projects , 2007 .

[5]  Remzi H. Arpaci-Dusseau,et al.  Storage-Aware Caching: Revisiting Caching for Heterogeneous Storage Systems , 2002, FAST.

[6]  Antonio F. Gómez-Skarmeta,et al.  Semantic-aware multi-tenancy authorization system for cloud architectures , 2014, Future Gener. Comput. Syst..

[7]  Eric Anderson,et al.  Quickly finding near-optimal storage designs , 2005, TOCS.

[8]  Bruno Crispo,et al.  Enforcing Multi-user Access Policies to Encrypted Cloud Databases , 2011, 2011 IEEE International Symposium on Policies for Distributed Systems and Networks.

[9]  Helen J. Wang,et al.  Enabling Security in Cloud Storage SLAs with CloudProof , 2011, USENIX ATC.

[10]  Yang Xiang,et al.  Introducing Federated WebDAV Access to Cloud Storage Providers , 2011, CLOUD 2011.

[11]  Jie Wu,et al.  Achieving fine‐grained access control for secure data sharing on cloud servers , 2011, Concurr. Comput. Pract. Exp..

[12]  Elliot K. Kolodner,et al.  Scalable Computing: Practice and Experience , 2011 .

[13]  Gregory R. Ganger,et al.  The DiskSim Simulation Environment Version 4.0 Reference Manual (CMU-PDL-08-101) , 1998 .

[14]  Massimiliano Rak,et al.  Intrusion Tolerance in Cloud Applications: The mOSAIC Approach , 2012, 2012 Sixth International Conference on Complex, Intelligent, and Software Intensive Systems.

[15]  Jörg Schwenk,et al.  All your clouds are belong to us: security analysis of cloud management interfaces , 2011, CCSW '11.

[16]  David W. Chadwick,et al.  Security APIs for My Private Cloud - Granting access to anyone, from anywhere at any time , 2011, 2011 IEEE Third International Conference on Cloud Computing Technology and Science.

[17]  Arif Merchant,et al.  Minerva: An automated resource provisioning tool for large-scale storage systems , 2001, TOCS.

[18]  Arif Merchant,et al.  Issues and challenges in the performance analysis of real disk arrays , 2004, IEEE Transactions on Parallel and Distributed Systems.

[19]  Jan H. P. Eloff,et al.  Security and human computer interfaces , 2003, Comput. Secur..

[20]  John Zic,et al.  TrustStore: Making Amazon S3 Trustworthy with Services Composition , 2010, 2010 10th IEEE/ACM International Conference on Cluster, Cloud and Grid Computing.

[21]  Konstantinos Markantonakis,et al.  Considerations for mobile authentication in the Cloud , 2011, Inf. Secur. Tech. Rep..

[22]  Gail-Joon Ahn,et al.  Security and Privacy Challenges in Cloud Computing Environments , 2010, IEEE Security & Privacy.

[23]  Stefanos Gritzalis,et al.  Identity Management Challenges for Intercloud Applications , 2011, IWSEC 2011.

[24]  Adam Wierman,et al.  Open Versus Closed: A Cautionary Tale , 2006, NSDI.

[25]  Gregory R. Ganger,et al.  Modeling the relative fitness of storage , 2007, SIGMETRICS '07.

[26]  Sushil Jajodia,et al.  Enforcing Subscription-Based Authorization Policies in Cloud Scenarios , 2012, DBSec.