Abstract
Cloud computing is a new service delivery paradigm that aims to provide standardized services with self-service, pay-per-use, and seemingly unlimited scalability. This paradigm can be implemented on multiple service levels (infrastructures, run-time platform, or actual Software as a Service). They are are expected to be an important component in the future Internet.
This article introduces upcoming security challenges for cloud services such as multi-tenancy, transparency and establishing trust into correct operation, and security interoperability. For each of these challenges, we introduce existing concepts to mitigate these risks and survey related research in these areas.
Keywords
- Cloud Computing
- Cloud Service
- Intrusion Detection
- Cloud Provider
- Cloud Service Provider
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
Download conference paper PDF
References
Babcock, C.: Management Strategies for the Cloud Revolution. McGraw-Hill, New York (2010)
Basak, D., Toshniwal, R., Maskalik, S., Sequeira, A.: Virtualizing networking and security in the cloud. SIGOPS Oper. Syst. Rev. 44, 86–94 (2010), doi:10.1145/1899928.1899939
Brassil, J.: Physical layer network isolation in multi-tenant clouds. In: Proceedings of the 2010 IEEE 30th International Conference on Distributed Computing Systems Workshops, Washington, DC, USA. ICDCSW ’10, pp. 77–81. IEEE Computer Society Press, Los Alamitos (2010), doi:10.1109/ICDCSW.2010.39
Cabuk, S., Dalton, C.I., Eriksson, K., Kuhlmann, D., Ramasamy, H.V., Ramunno, G., Sadeghi, A.-R., Schunter, M., Stüble, C.: Towards automated security policy enforcement in multi-tenant virtual data centers. J. Comput. Secur. 18, 89–121 (2010)
Chien, E.: W32.Stuxnet dossier. retrieved 2010-13-03, (Sep 2010), From http://www.symantec.com/connect/blogs/w32stuxnet-dossier
Chow, R., Golle, P., Jakobsson, M., Shi, E., Staddon, J., Masuoka, R., Molina, J.: Controlling data in the cloud: outsourcing computation without outsourcing control. In: ACM Workshop on Cloud Computing Security (CCSW’09), pp. 85–90. ACM Press, New York (2009)
Cloud Security Alliance (CSA): Top threats to cloud computing, version 1.0. (March 2010), http://www.cloudsecurityalliance.org/topthreats/csathreats.v1.0.pdf
Computer and Communication Industry Association (CCIA): Cloud computing (2009), http://www.ccianet.org/CCIA/files/ccLibraryFiles/Filename/000000000151/Cloud_Computing.pdf
Gentry, C.: Fully homomorphic encryption using ideal lattices. In: Proceedings of the 41st annual ACM symposium on Theory of computing, Bethesda, MD, USA. STOC ’09, pp. 169–178. ACM Press, New York (2009), doi:10.1145/1536414.1536440
Grobauer, B., Schreck, T.: Towards incident handling in the cloud: challenges and approaches. In: Proceedings of the 2010 ACM workshop on Cloud computing security workshop, Chicago, Illinois, USA. CCSW ’10, pp. 77–86. ACM Press, New York (2010), doi:10.1145/1866835.1866850
Guerraoui, R., Yabandeh, M.: Independent faults in the cloud. In: Proceedings of the 4th International Workshop on Large Scale Distributed Systems and Middleware, Zürich, Switzerland. LADIS ’10, pp. 12–17. ACM Press, New York (2010), doi:10.1145/1859184.1859188
International Organization for Standardization (ISO): ISO27001: Information security management system (ISMS) standard (Oct 2005), http://www.27000.org/iso-27001.htm
Kaliski, Jr., B.S., Pauley, W.: Toward risk assessment as a service in cloud environments. In: Proceedings of the 2nd USENIX conference on Hot topics in cloud computing. pp. 13–13. HotCloud’10, USENIX Association, Berkeley, CA, USA (2010), http://portal.acm.org/citation.cfm?id=1863103.1863116
Marko, K.: Cloudsourcing - the cloud sparks a new generation of consultants & service brokers (2010), http://www.processor.com/editorial/article.asp?article=articles%2Fp3203%2F39p03%2F39p03.asp
Oclassen, G.: Why not cloudsourcing for enterprise app user adoption/training? (2009), http://velocitymg.com/explorations/why-not-cloudsourcing-for-enterprise-app-user-adoptiontraining/
Organization for Economic Co-Operation and Development (OECD): Guidelines on the protection of privacy and transborder flows of personal data. From http://www.oecd.org/document/18/0,2340,en_2649_34255_1815186_1_1_1_1,00.html (last modified January 5 1999), the OECD Privacy Principles
Penn, J.: Security and the cloud : Looking at the opportunity beyond the obstacle. Forrester Research (October 2010)
Rajan, S.S.: Cloudsourcing vs outsourcing (2010), http://cloudcomputing.sys-con.com/node/1611752
Ristenpart, T., Tromer, E., Shacham, H., Savage, S.: Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds. In: Proceedings of the 16th ACM conference on Computer and communications security, Chicago, Illinois, USA. CCS ’09, pp. 199–212. ACM Press, New York (2009), doi:10.1145/1653662.1653687
Sadeghi, A.-R., Schneider, T., Winandy, M.: Token-Based Cloud Computing Secure Outsourcing of Data and Arbitrary Computations with Lower Latency. In: Acquisti, A., Smith, S., Sadeghi, A.-R. (eds.) Proceedings of the 3rd international conference on Trust and trustworthy computing, Berlin, Germany, June 21-23, 2010. LNCS, vol. 6101, pp. 417–429. Springer, Heidelberg (2010)
Santos, N., Gummadi, K.P., Rodrigues, R.: Towards trusted cloud computing. In: Proceedings of the 2009 conference on Hot topics in cloud computing. pp. 3–3. HotCloud’09, USENIX Association, Berkeley, CA, USA (2009), http://portal.acm.org/citation.cfm?id=1855533.1855536
Sotto, L.J., Treacy, B.C., McLellan, M.L.: Privacy and data security risks in cloud computing. Electronic Commerce & Law Report 15, 186 (2010)
Van Dijk, M., Juels, A.: On the Impossibility of Cryptography Alone for Privacy-Preserving Cloud Computing. IACR ePrint 305 (2010)
Vukolić, M.: The byzantine empire in the intercloud. SIGACT News 41, 105–111 (2010), doi:10.1145/1855118.1855137
Waidner, M.: Cloud computing and security. Lecture Univ. Stuttgart (November 2009)
Weichert, T.: Cloud Computing und Datenschutz (2009), http://www.datenschutzzentrum.de/cloud-computing/
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Open Access This chapter is licensed under the terms of the Creative Commons Attribution-NonCommercial 2.5 International License (http://creativecommons.org/licenses/by-nc/2.5/), which permits any noncommercial use, sharing, adaptation, distribution and reproduction in any medium or format, as long as you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons license and indicate if changes were made.
The images or other third party material in this chapter are included in the chapter’s Creative Commons license, unless indicated otherwise in a credit line to the material. If material is not included in the chapter's Creative Commons license and your intended use is not permitted by statutory regulation or exceeds the permitted use, you will need to obtain permission directly from the copyright holder.
Copyright information
© 2011 The Author(s)
About this paper
Cite this paper
Glott, R., Husmann, E., Sadeghi, AR., Schunter, M. (2011). Trustworthy Clouds Underpinning the Future Internet. In: , et al. The Future Internet. FIA 2011. Lecture Notes in Computer Science, vol 6656. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-20898-0_15
Download citation
DOI: https://doi.org/10.1007/978-3-642-20898-0_15
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-20897-3
Online ISBN: 978-3-642-20898-0
eBook Packages: Computer ScienceComputer Science (R0)