Abstract
Over the past two decades, the scenario in the computing world has evolved from client-server to distributed systems and then to central virtualization called as cloud computing. Computing world is moving towards Cloud Computing and it remains as buzzword of the current era. Earlier, users had complete control over their processes and data stored in personal computer where as in cloud, cloud vendor provides services and data storage in remote location over which the client has no control or information. As application and data processing takes place in public domain outside the designated firewall, several security concerns and issues arise. The main objective of the paper is to provide an overall security perspective in cloud Computing and highlight the security concerns and other issues. The paper also highlights few technical security issues in cloud computing.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
McCarthy, J.: Recursive functions of symbolic expressions and their computation by machine. Communications of the ACM 3(4), 184–195 (1960)
Sharon Eisner Gillett., Mitchell Kapor.,: The Self-governing Internet, Coordination by Design. In: Coordination and Administration of the Internet Workshop at Kennedy School of Government, Harvard University (1996)
Amazon mechanical Turk, Artificial Intelligence, https://www.mturk.com/mturk/welcome
Khalid, A.: Cloud Computing, Applying Issues in Small. In: International Conference on Signal Acquisition and Processing (2010)
Knorr, E., Gruman, G.: What cloud computing really means (2008), http://www.infoworld.com/auhor-bios/galengruman
Gartner.: Gartner Say’s Cloud Computing Will Be as Influential As E-business. Gartner.com (2010) ; Gruman, G.: What cloud computing really means. InfoWorld (2009) (retrieved)
A Platform Computing Whitepaper: Enterprise Cloud Computing-Transforming IT, Platform Computing, p. 6 (2010)
Global Netoptex Incorporated: Demystifying the cloud. Important opportunities, crucial choices, 4–14 (2009), http://www.gni.com
Swamp Computing (Cloud Computing).: Web Security Journal (2009), http://security.sys-con.com/node/1231725
Sampling of issues we are addressing: Cloud Security Alliance, http://www.cloudsecurityalliance.org/issues.html#ediscovery
Casassa-Mont, M., Pearson, S., Bramhall, P.: Towards Accountable Management of Identity and Privacy- Sticky Policies and Enforceable Tracing Services. In: Casassa-Mont, M., Pearson, S., Bramhall, P. (eds.) Proc. DEXA, pp. 372–382. IEEE Computer Society, Los Alamitos (2003)
PCI Security Standard, https://www.pcisecuritystandards.org/index.shtml
Payment Card Industry Security, http://en.wikipedia.org/wiki/Payment_Card_Industry_Data_Security_Standard
Brodkin J., Gartner: Seven cloud-computing security risks. Infoworld (2009)
http://www.infoworld.com/d/security-central/gartner-seven-cloudcomputing-security-risks-853
Dlamini, M.T., Eloff, M.M., Eloff, J.H.P.: Internet of People, Things and Services, The Convergence of Security. Trust and Privacy (2009)
Kormann, M., Rubin, A.: Risks of the passport single sign on protocol. Computer Networks 33(1-6), 51–58 (2000)
Slemko, M.: Microsoft passport to trouble (2001), http://alive.znep.com/~marcs/passport/
Grob, T.: Security analysis of the SAML single sign on browser/artefact profile. In: Proc. 19th Annual Computer Security Applications Conference (2003)
Gajek, S., Schwenk, J., Steiner, M., Xuan, C.: Risks of the cardSpace protocol. In: Samarati, P., Yung, M., Martinelli, F., Ardagna, C.A. (eds.) ISC 2009. LNCS, vol. 5735, pp. 278–293. Springer, Heidelberg (2009)
Chen, X., Gajek, S., Schwenk, J.: On the Insecurity of Microsoft’s Identity Metasystem CardSpace, Horst Görtz Institute for IT-Security, Tech. Rep. 3 (2008)
Bruegger, B.P., Hühnlein, D., Schwenk, J.: TLS Federation A secure and Relying-Party-friendly approach for Federated Identity Management. In: Proceedings of BIOSIG: Biometrics and Electronic Signatures. LNI, vol. 137, pp. 93–104 (2008)
Scavo, T.: SAML V2.0 Holder-of-Key Assertion Profile, Working Draft 09, http://www.oasis-open.org/apps/org/workgroup/security/download.php/30782/sstc-saml2-holder-of-key-draft-09.pdf
Gajek, S., Jager, T., Manulis, M., Schwenk, J.: A browser-based kerberos authentication scheme. In: Jajodia, S., Lopez, J. (eds.) ESORICS 2008. LNCS, vol. 5283, pp. 115–129. Springer, Heidelberg (2008)
Schwenk, J., Liao, L., Gajek, S.: Stronger Bindings for SAML Assertions and SAML Artifacts. In: Proceedings of the 5th ACM CCS Workshop on Secure Web Services (SWS 2008). ACM Press, New York (2008)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Babu, L.D.D., Krishna, P.V., Zayan, A.M., Panda, V. (2011). An Analysis of Security Related Issues in Cloud Computing. In: Aluru, S., et al. Contemporary Computing. IC3 2011. Communications in Computer and Information Science, vol 168. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-22606-9_21
Download citation
DOI: https://doi.org/10.1007/978-3-642-22606-9_21
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-22605-2
Online ISBN: 978-3-642-22606-9
eBook Packages: Computer ScienceComputer Science (R0)