Cloud Computing and Information Security

  • Naresh Kumar Sehgal
  • Pramod Chandra P. Bhatt


Computer security issues exacerbate with growth of Internet as more people and computers join the Web, opening new ways to compromise an ever-increasing amount of information and potential for damages. However, an even bigger challenge to information security has been created with the implementation of Cloud Computing. This chapter gives a description of information security issues and solutions. Some information security challenges that are specific to Cloud Computing are described. Security solutions must make a trade-off between the amount of security and the level of performance cost. The key thesis of this chapter is that security solutions applied to Cloud Computing must span multiple levels and across functions. A few key challenges related to Cloud Computing and virtualization are presented. Our goal is to spur further discussion on the evolving usage models for Cloud Computing and the increasing security cover these will need to address both the real and perceived issues, thus spurring new research in this area.


  1. 1.
    Christodorescu M, Sailer R, Schales DL, Sgandurra D, Zamboni D (2009) Cloud security is not (just) virtualization security: a short chapter. In Proceedings of the 2009 ACM workshop on cloud computing security, Chicago, Illinois, USA, pp 97–102Google Scholar
  2. 2.
    Ray E, Schultz E (2009) Virtualization security. In: Proceedings of the 5th annual workshop on cyber security and information intelligence research: cyber security and information intelligence challenges and strategies, Oak Ridge, Tennessee, pp 1–5Google Scholar
  3. 3.
    Naor M, Rothblum GN (2009) The complexity of online memory checking. J ACM 56:1–46MathSciNetCrossRefzbMATHGoogle Scholar
  4. 4.
    Cachin C, Keidar I, Shraer A (2009) Trusting the cloud. SIGACT News 40:81–86CrossRefGoogle Scholar
  5. 5.
    Jain AK, Lin H, Pankanti S, Bolle R (1997) An identity-authentication system using fingerprints. In Proceedings of the IEEE, pp 1365–1388Google Scholar
  6. 6.
    AWS Security Best Practices, August 2016.
  7. 7.
    Juels A, Kaliski BS Jr (2007) PORS: proofs of retrievability for large files. In: Proceedings of the 14th ACM conference on computer and communications security, Alexandria, Virginia, USA, pp 584–597Google Scholar
  8. 8.
    Clair LS, Johansen L, Butler K, Enck W, Pirretti M, Traynor P, McDaniel P, Jaeger T (2007) Password exhaustion: predicting the end of password usefulness. Network and Security Research Center, Department of Computer Science and Engineering, Pennsylvania State University, University Park, PA, USA. Technical Report NAS-TR-0030-2006Google Scholar
  9. 9.
    Gupta P, Ravi S, Raghunathan A, Jha NK (2005) Efficient fingerprint-based user authentication for embedded systems. In Proceedings of the 42nd annual design automation conference, Anaheim, California, USA, pp 244–247Google Scholar
  10. 10.
    Khan MK (2010) Fingerprint biometric based self-authentication and deniable authentication schemes for the electronic world. IETE Tech Rev 26:191–195CrossRefGoogle Scholar
  11. 11.
    Shaver C, Acken JM (2010) Effects of equipment variation on speaker recognition error rates. In: Presented at the IEEE international conference on acoustics speech and signal processing, Dallas, TexasGoogle Scholar
  12. 12.
    Jayanna HS, Prasanna SRM (2009) Analysis, feature extraction, modeling and testing techniques for speaker recognition. IETE Tech Rev 26:181–190CrossRefzbMATHGoogle Scholar
  13. 13.
    Bun FS (2009) Introduction to cloud computing. Presented at the Grid AsiaGoogle Scholar
  14. 14.
    Acken JM, Nelson LE (2008) Statistical basics for testing and security of digital systems for identity authentication. In: Presented at the 6th international conference on computing, communications and control technologies: CCCT2008, FloridaGoogle Scholar
  15. 15.
    Rivest RL, Shamir A, Adleman L (1978) A method for obtaining digital signatures and public-key cryptosystems. ACM Commun 21:120–126MathSciNetCrossRefzbMATHGoogle Scholar
  16. 16.
    Saripalli P, Walters B (2010) QUIRC: a quantitative impact and risk assessment framework for cloud security. In: Cloud computing (CLOUD), 2010 IEEE 3rd international conference on, pp 280–288Google Scholar
  17. 17.
    Ristenpart T, Tromer E, Shacham H, Savage S, Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds. In: Proceedings of the 16th ACM conference on computer and communications security, Chicago, Illinois, USA, pp 199–212Google Scholar
  18. 18.
    Osvik D, Shamir A, Tromer E (2006) Cache attacks and countermeasures: the case of AES. In: Pointcheval D (ed) Topics in cryptology—CT-RSA 2006. vol 3860, Springer Berlin/Heidelberg, pp 1–20Google Scholar
  19. 19.
  20. 20.
  21. 21.

Copyright information

© Springer International Publishing AG, part of Springer Nature 2018

Authors and Affiliations

  • Naresh Kumar Sehgal
    • 1
  • Pramod Chandra P. Bhatt
    • 2
  1. 1.Santa ClaraUSA
  2. 2.BangaloreIndia

Personalised recommendations