Advertisement

The Journal of Supercomputing

, Volume 63, Issue 2, pp 561–592 | Cite as

A survey on security issues and solutions at different layers of Cloud computing

  • Chirag Modi
  • Dhiren Patel
  • Bhavesh Borisaniya
  • Avi Patel
  • Muttukrishnan Rajarajan
Article

Abstract

Cloud computing offers scalable on-demand services to consumers with greater flexibility and lesser infrastructure investment. Since Cloud services are delivered using classical network protocols and formats over the Internet, implicit vulnerabilities existing in these protocols as well as threats introduced by newer architectures raise many security and privacy concerns. In this paper, we survey the factors affecting Cloud computing adoption, vulnerabilities and attacks, and identify relevant solution directives to strengthen security and privacy in the Cloud environment.

Keywords

Cloud computing Virtualization Security Privacy Vulnerabilities 

References

  1. 1.
    Abbasy MR, Shanmugam B (2011) Enabling data hiding for resource sharing in cloud computing environments based on dna sequences. In: Proceedings of the 2011 IEEE world congress on services, SERVICES’11, pp 385–390 CrossRefGoogle Scholar
  2. 2.
    Aws management console. Amazon web services. http://aws.amazon.com/console/
  3. 3.
    Bahram S, Jiang X, Wang Z, Grace M (2010) Dksm: subverting virtual machine introspection for fun and profit. In: Proceedings of the 29th IEEE international symposium on reliable distributed systems Google Scholar
  4. 4.
    Bakshi A, Dujodwala YB (2010) Securing cloud from ddos attacks using intrusion detection system in virtual machine. In: Proceedings of the 2010 second international conference on communication software and networks, ICCSN’10, pp 260–264 CrossRefGoogle Scholar
  5. 5.
    Balachandra KR, Ramakrishna VP, Rakshit A (2009) Cloud security issues. In: Proceedings of the 2009 IEEE international conference on services computing, SCC’09, pp 517–520 Google Scholar
  6. 6.
    Bethencourt J, Sahai A, Waters B (2007) Ciphertext-policy attribute-based encryption. In: Proceedings of the 28th IEEE symposium on security and privacy, pp 1–6 Google Scholar
  7. 7.
    Celesti A, Tusa F, Villari M, Puliafito A (2010) Security and cloud computing: intercloud identity management infrastructure. In: WETICE, pp 263–265 Google Scholar
  8. 8.
    Chandramouli R, Mell P (2010) State of security readiness. Crossroads 16(3):23–25 Google Scholar
  9. 9.
    Cloud computing comparison guide. Web hosting unleashed. http://www.webhostingunleashed.com/whitepaper/cloud-computing-comparison/
  10. 10.
    Comparison guide: Cloud computing. Focus research. http://www.focus.com/research/comparison-guide-cloud-computing/
  11. 11.
    Compliance home. Website (2011) http://www.compliancehome.com/
  12. 12.
    Diallo MH, Hore B, Chang EC, Mehrotra S, Venkatasubramanian N (2012) Cloudprotect: managing data privacy in cloud applications. In: IEEE CLOUD Google Scholar
  13. 13.
    Du J, Wei W, Gu X, Yu T (2009) Toward secure dataflow processing in open distributed systems. In: Proc of ACM scalable trusted computing workshop (STC) Google Scholar
  14. 14.
    Durkee D (2010) Why cloud computing will never be free. Commun ACM 53(5):62–69 CrossRefGoogle Scholar
  15. 15.
    Echeverría V, Liebrock LM, Shin D (2010) Permission management system: permission as a service in cloud computing. In: COMPSAC workshops, pp 371–375 Google Scholar
  16. 16.
    Ei Ei Mon TTN (2011) The privacy-aware access control system using attribute-and role-based access control in private cloud. In: 4th IEEE international conference on broadband network and multimedia technology (IC-BNMT), pp 447–451 Google Scholar
  17. 17.
    Ferguson T (2009) Salesforce.com outage hits thousands of businesses. http://www.ludcastle.co.uk/business_resources/Clouded~%20in%
  18. 18.
    Garnkel T, Rosenblum M (2003) A virtual machine introspection based architecture for intrusion detection. In: Proc net and distributed sys sec symp Google Scholar
  19. 19.
    Gens F (2009) New idc it cloud services survey: top benefits and challenges. http://blogs.idc.com/ie/?p=730
  20. 20.
    Halton W (2010) Security issues and solutions in cloud computing. http://wolfhalton.info/2010/06/25/security-issues-and-solutions-in-cloud-computing/
  21. 21.
    Hu L, Ying S, Jia X, Zhao K Towards an approach of semantic access control for cloud computing. In: Proceedings of the 1st international conference on cloud computing, pp 145–156 Google Scholar
  22. 22.
    Huang X, Zhang T, Hou Y (2009) Id management among clouds. In: First international conference on future information networks, ICFIN2009, pp 237–241 Google Scholar
  23. 23.
    Jager T, Somorovsky J (2011) How to break xml encryption. In: ACM conference on computer and communications security, pp 413–422. http://dblp.uni-trier.de/db/conf/ccs/ccs2011.html#JagerJ11 Google Scholar
  24. 24.
    Jensen M, Schwenk JO, Gruschka N, Iacono LL (2009) On technical security issues in cloud computing. In: IEEE international conference on cloud computing, CLOUD-II 2009, pp 109–116 Google Scholar
  25. 25.
    Khorshed MT, Ali ABMS, Wasimi SA (2011) Monitoring insiders activities in cloud computing using rule based learning. In: Proceedings of the 2011 IEEE 10th international conference on trust, security and privacy in computing and communications, TRUSTCOM’11, pp 757–764 Google Scholar
  26. 26.
    King S, Chen P, Wang YM (2006) Subvirt: implementing malware with virtual machines. In: 2006 IEEE symposium on security and privacy, pp 314–327 Google Scholar
  27. 27.
    Kirby G, Deale A, Macdonald A, Fernandes A (2010) An approach to ad hoc cloud computing. http://arxiv.org/abs/1002.4738v1
  28. 28.
    Leu FY, Lin JC, Li MC, Yang CT, Shih PC (2005) Integrating grid with intrusion detection. In: Proceedings of the 19th international conference on advanced information networking and applications, AINA’05, vol 1, pp 304–309 Google Scholar
  29. 29.
    Lin D, Squicciarini A (2010) Data protection models for service provisioning in the cloud. In: Proceeding of the ACM symposium on access control models and technologies, SACMAT’10 Google Scholar
  30. 30.
    Lo CC, Huang C, Ku J (2010) A cooperative intrusion detection system framework for cloud computing networks. In: Proceedings of the 2010 39th international conference on parallel processing workshops, ICPPW’10, pp 280–284 CrossRefGoogle Scholar
  31. 31.
    Lombardi F, Pietro RD (2010) Transparent security for cloud. In: Proceedings of the 2010 ACM symposium on applied computing, pp 414–415 CrossRefGoogle Scholar
  32. 32.
    Mazzariello C, Bifulco R, Canonoco R (2010) Integrating a network ids into an open source cloud computing. In: Sixth international conference on information assurance and security (IAS), pp 265–270 Google Scholar
  33. 33.
    Mell P, Grance T (2011) The nist definition of cloud computing (draft). http://csrc.nist.gov/publications/drafts/800–145/Draft-SP-800-145_cloud-definition.pdf
  34. 34.
    Metz C (2009) Ddos attack rains down on Amazon cloud. http://www.theregister.co.uk/2009/10/05/amazon_bitbucket_outage/
  35. 35.
    Metz C (2011) Amazon outage spans clouds ‘insulated’ from each other. http://www.theregister.co.uk/2011/04/21/amazon_web_services_outages_spans_zones/ from each other
  36. 36.
    Modi C, Patel D, Borisaniya B, Patel H, Patel A, Rajarajan M (2012) A survey of intrusion detection techniques in cloud. J Netw Comput Appl. doi: 10.1016/j.jnca.2012.05.003 Google Scholar
  37. 37.
    Morizumi T, Suzuki K, Kinoshita H (2009) Transparent security for cloud system for search, access restriction, and agents in the clouds. In: Proceedings of the 2009 ninth annual international symposium on applications and the Internet, pp 201–204 CrossRefGoogle Scholar
  38. 38.
    Mowbray M, Pearson S (2009) A client-based privacy manager for cloud computing. In: Proceedings of the fourth international ICST conference on communication system softWAre and middleware, COMSWARE’09, pp 1–8 CrossRefGoogle Scholar
  39. 39.
    Naruchitparames J, Günes MH (2011) Enhancing data privacy and integrity in the cloud. In: HPCS, pp 427–434 Google Scholar
  40. 40.
  41. 41.
    Pauli D (2011) Amazon’s ec2, eucalyptus vulnerability discovered. http://www.crn.com.au/News/278387,amazons-ec2-eucalyptus-vulnerability-discovered.aspx
  42. 42.
  43. 43.
    Ranchal R, Bhargava B, Othmane LB, Lilien L, Kim A, Kang M, Linderman M (2010) Protection of identity information in cloud computing without trusted third party. In: Proceedings of the 2010 29th IEEE symposium on reliable distributed systems, SRDS’10, pp 368–372 CrossRefGoogle Scholar
  44. 44.
    Raykova M, Zhao H, Bellovin SM (2012) Privacy enhanced access control for outsourced data sharing. In: Financial cryptography and data security Google Scholar
  45. 45.
    Rimal BP, Choi E, Lumb I (2009) A taxonomy and survey of cloud computing systems. In: NCM’09: proceedings of the 2009 fifth international joint conference on INC, IMS and IDC, pp 44–51 CrossRefGoogle Scholar
  46. 46.
    Rutkowska J (2006) Subverting vistatm kernel for fun and profit. In: BlackHat conference Google Scholar
  47. 47.
    Rutkowska J (2007) Security challenges in virtualized environments. http://bluepillproject.org
  48. 48.
    Salmon J (2008) Clouded in uncertainty—the legal pitfalls of cloud computing. http://www.ludcastle.co.uk/business_resources/Clouded~%20in%
  49. 49.
    Sandar SV, Shenai S (2012) Economic denial of sustainability (edos) in cloud services using http and xml based ddos attacks. Int J Comput Appl 41(20):11–16 Google Scholar
  50. 50.
    Sanka S, Hota C, Rajarajan M (2010) Secure data access in cloud computing. In: IEEE 4th international conference on Internet multimedia services architecture and application (IMSAA), pp 1–6 Google Scholar
  51. 51.
    Security guidance for critical areas of focus in cloud computing V3.0. Cloud Security Alliance (2011) http://cloudsecurityalliance.org/guidance/csaguide.v3.0.pdf
  52. 52.
  53. 53.
    Slamanig D (2012) Dynamic accumulator based discretionary access control for outsourced storage with unlinkable access, pp 215–222 Google Scholar
  54. 54.
    Software as a service-Wikipedia. Wikipedia. http://en.wikipedia.org/wiki/Software_as_a_service
  55. 55.
    Somorovsky J, Heiderich M, Jensen M, Schwenk J, Gruschka N, Iacono LL (2011) All your clouds are belong to us—security analysis of cloud management interfaces. In: ACM workshop on Cloud computing security Google Scholar
  56. 56.
    Sourya (2011) Should you be concerned? A list of recent cloud computing failures—intuit goes down. http://www.cloudtweaks.com/2011/06/should-you-be-concerned-a-list-of-recent-cloud-computing-failures
  57. 57.
    Sripanidkulchai K, Sahu S, Ruan Y, Shaikh A, Dorai C (2010) Are clouds ready for large distributed applications. SIGOPS Oper Syst Rev 44(2):18–23 CrossRefGoogle Scholar
  58. 58.
    Stolfo SJ, Salem MB, Keromytis AD (2012) Fog computing: mitigating insider data theft attacks in the cloud. In: 2012 IEEE symposium on security and privacy workshops. IEEE Press, New York, pp 125–128 CrossRefGoogle Scholar
  59. 59.
    Subashini S, Kavitha V (2011) A survey on security issues in service delivery models of cloud computing. J Netw Comput Appl 34:1–11 CrossRefGoogle Scholar
  60. 60.
    Tian X, Wang X, Zhou A (2009) Dsp reencryption: a flexible mechanism for access control enforcement management in daas. In: Proc CLOUD’09, SACMAT’10, pp 25–32 Google Scholar
  61. 61.
    Top 7 threats to cloud computing. HELP NET SECURITY. http://www.net-security.org/secworld.php?id=8943
  62. 62.
    Volokyta A (2012) Secure virtualization in cloud computing. In: 2012 international conference on modern problems of radio engineering telecommunications and computer science (TCSET), p 395 Google Scholar
  63. 63.
    Vulnerability in windows server 2008 hyper-v could allow denial of service (977894). Microsoft security bulletin MS10-010—Important (2010) http://www.microsoft.com/technet/security/bulletin/ms11–047.mspx
  64. 64.
    Wang W, Li Z, Owens R, Bhargava B (2007) Secure and efficient access to outsourced data. In: ACM cloud computing security workshop (CCSW), pp 63–69 Google Scholar
  65. 65.
    Wang Q, Wang K, Ren W (2009) Low: ensuring data storage security in cloud computing. In: Proc of IWQoS 2009 Google Scholar
  66. 66.
    Wang YJ, Zhao SJ, Le J (2009) Providing privacy preserving in cloud computing. In: International conference on test and measurement, vol 2, pp 213–216 Google Scholar
  67. 67.
    Wang B, Li B, Li H (2012) Oruta: Privacy-preserving public auditing for shared data in the cloud. In: IEEE CLOUD Google Scholar
  68. 68.
    Wei J, Zhang X, Ammons G, Bala V, Ning P (2009) Managing security of virtual machine images in a cloud environment. In: Proceedings of the 2009 ACM workshop on cloud computing security, CCSW’09, pp 91–96 CrossRefGoogle Scholar
  69. 69.
  70. 70.
  71. 71.
    Yan L, Rong C, Zhao G (2009) Strengthen cloud computing security with federal identity management using hierarchical identity-based cryptography. In: Proceedings of the 1st international conference on cloud computing, CloudCom’09, pp 167–177 Google Scholar
  72. 72.
    Zunnurhain K, Vrbsky S (2010) Security attacks and solutions in clouds. In: Proceedings of the 1st international conference on cloud computing, pp 145–156 Google Scholar

Copyright information

© Springer Science+Business Media New York 2012

Authors and Affiliations

  • Chirag Modi
    • 1
  • Dhiren Patel
    • 1
  • Bhavesh Borisaniya
    • 1
  • Avi Patel
    • 2
  • Muttukrishnan Rajarajan
    • 2
  1. 1.NIT SuratSuratIndia
  2. 2.Information Security GroupCity University LondonLondonUK

Personalised recommendations