Abstract
Cloud computing is an emerging technological paradigm, which provides computing resources as utility. Like other day-to-day utilities, cloud computing follows pay-as-you-use model, where users are charged according to the usage without regard to where the services are hosted or how they are delivered. Today, majority of companies follow an IT infrastructure-driven business model. With the growing demand, rise in customer base and market place competitions, companies prefer focusing on respective business policies and services they offer, rather than IT management overheads. Therefore, there is a high probability that the future of present day business model may shift to clouds where non-IT companies no longer have to procure, manage, and maintain IT resources. They will host applications and data to the servers, which are deployed by cloud providers, possibly in geographically dispersed locations. However, security is a major challenge before outsourcing any IT needs of business. As cloud provides a multi-tenant virtual computing environment, where competitive businesses may co-exist, hosting of sensitive information for mission-critical applications is of utmost concern. This chapter reviews the recent works reported specifically in the area of data and application security relevant to cloud computing. Some works which use biologically inspired phenomenon to manage security and load balancing in cloud environment, have also been studied. The aim of this chapter is to provide an insight into the present state-of-the-art cloud security problems, proposed solutions, and identify future research directions as well as scopes in various security issues.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Mell, P., Grance, T.: The NIST Definition of Cloud Computing. Technical Report v15, US National Institute of Standards and Technology ITL Technical Report (2009) http://www.csrc.nist.gov
Krutz, R.L., Vines, R.D.: Cloud Security : A Comprehensive Guide to Secure Cloud Computing. Wiley, Indianapolis (2010) ISBN : 978-81-265-2809-7
Ramgovind, S., Eloff, M.M., Smith, E., Chakerian, S.: The Management of Security in Cloud Computing. In: Proceedings of the Information Security for South Asia (ISSA), IEEE Computer Society, pp. 1–7 (2010)
Xu, J.S., Huang, R.C., Huang, W.M., Yang, G.: Secure Document Service for Cloud Computing. In: CloudCom 2009. vol. 5931 of LNCS, pp. 541–546. Springer, Heidelberg (2009)
Zhou, W., Marczak, W.R., Tao, T., Zhang, Z., Sherr, M., Loo, B.T., Lee, I.: Towards secure cloud data management. Technical report, Department of Computer and Information Science, University of Pensylvania (2010) http://repository.upenn.edu/cis_reports/919
Wang, Q., Wang, C., Li, J., Ren, K., Lou., W.: Enabling public verifiability and data dynamics for storage security in cloud computing. In: European Symposium on Research in Computer Security. vol. 5789 of ESORICS ’09., LNCS, pp. 355–370, Springer (2009)
Du, J., Wei, W., Gu, X., Yu, T.: Towards secure dataflow processing in open distributed systems. In: Proceedings of the 2009 ACM workshop on Scalable trusted computing (STC ’09), pp. 67–72, Chicago, USA (2009)
Sun, Z., Shen, J.: A high performance peer to cloud and peer model augmented with hierarchical secure communications. J. Syst. Softw. 86(7), 1790–1796 (2012)
Bowers, K.D., Juels, A., Oprea, A.: HAIL: A high-availability and integrity layer for cloud storage. In: Proceedings of the 16th ACM conference on Computer and communications security. CCS ’09, pp. 187–198, New York, USA, ACM (2009)
Juels, A., Kaliski, B.: Pors: Proofs of retrievability for large files. In: ACM Conference on Computer and Communication Security. CCS ’07, ACM Press (2007)
Shacham, H., Waters, B.: Compact proofs of retrievability. In: Proceedings of the ASIACRYPT 2008. vol. 5350 of ASIACRYPT 2008, LNCS, pp. 90–107, Springer (2008)
Shraer, A., Cachin, C., Cidon, A., Keidar, I., Michalevsky, Y., Shaket, D.: Venus: Verification for untrusted cloud storage. In: Proceedings of the 2010 ACM Cloud Computing Security Workshop (CCSW ’10), pp. 19–29, Chicago, USA (2010)
Chen, B., Curtmola, R., Ateniese, G., Burns, R.: Remote data checking for network coding-based distributed storage systems. In: Proceedings of the 2010 ACM Cloud Computing Security Workshop (CCSW ’10), pp. 31–42, Chicago, USA (2010)
Du, J., Wei, W., Gu, X., Yu, T.: RunTest: assuring integrity of dataflow processing in cloud computing infrastructures. In: Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security (ASIACCS ’10), pp. 293–304, Beijing, China (2010)
Kamara, S., Lauter, K.: Cryptographic cloud storage. In: Workshop on Real-Life Cryptographic Protocols and Standardization. RLCPS 2010, LNCS, Springer (2010)
Ateniese, G., Burns, R., Curtmola, R., Herring, J., Kissner, L., Peterson, Z., Song., D.: Provable data possession at untrusted stores. In: ACM Conference on Computer and Communication Security. CCS ’07, ACM Press (2007)
Ateniese, G., Pietro, R.D., Mancini, L.V., Tsudik, G.: Scalable and efficient provable data possession. In: Proceedings of the 4th international conference on Security and Privacy in Communication Netowrks. SecureComm ’08, pp. 1–10, ACM Press (2008)
Erway, C., Kupcu, A., Papamanthou, C., Tamassia, R.: Dynamic provable data possession. In: ACM conference on Computer and communications security. CCS ’09, pp. 213–222, ACM Press (2009)
Popa, R.A., Lorch, J.R., Molnar, D., Wang, H.J., Zhuang, L.: Enabling security in cloud storage SLAs with cloudProof. In: Proceedings of the 2011 USENIX conference on USENIX annual technical conference. USENIXATC’11, pp. 31–31, Berkeley, USA, USENIX Association (2011)
Huang, K.Y., Luo, G.H., Yuan, S.M.: SSTreasury+: A secure and elastic cloud data encryption system. In: Proceedings of the Sixth International Conference on Genetic and Evolutionary Computing (ICGEC), pp. 518–521 (2012)
Wang, S., Agrawal, D., Abbadi, A.E.: HengHa: data harvesting detection on hidden databases. In: Proceedings of the 2010 ACM Cloud Computing Security Workshop (CCSW ’10), pp. 59–64, Chicago, USA (2010)
Faatz, D., Pizette, L.: Information security in the clouds. Technical Report Case: 10–3208, System Engineering at Mitre (2010) http://www.mitre.org/work/tech_papers/2010/10_3208/
Liu, H.: A new form of DoS attack in a cloud and its avoidance mechanism. In: Proceedings of the 2010 ACM Cloud Computing Security Workshop (CCSW ’10), pp. 65–75, Chicago, USA (2010)
Kupsch, J., Miller, B.P., Heymann, E., Cesar, E.: First principles vulnerability assessment. In: Proceedings of the ACM Cloud Computing Security Workshop (CCSW ’10), Chicago, USA (2010) http://www.cs.wisc.edu/mist/papers/ccsw12sp-kupsch.pdf
Jensen, M., Schwenk, J., Gruschka, N., Iacono, L.L.: On technical security issues in cloud computing. In: Proceedings of the 2009 IEEE International Conference on Cloud, Computing. pp. 109–116 (2009)
Maggi, F., Zanero, S.: Rethinking security in a cloudy world. Technical Report 2010–11, Dipartimento di Elettronica e Informazione, Politecnico di Milano, Italy (2010) http://home.dei.polimi.it/fmaggi/downloads/publications/2010/
Zargar, S.T., Takabi, H., Joshi, J.B.: Dcdidp: A distributed, collaborative, and data-driven intrusion detection and prevention framework for cloud computing environments. In: CollaborateCom 2011, pp. 332–341, IEEE (2012)
Akbarabadi, A., Zamani, M., Farahmandian, S., Zadeh, J.M., Mirhosseini, S.M.: An overview on methods to detect port scanning attacks in cloud computing. Environment 1, 22–25 (2013)
Berger, S., Caceres, R., Pendarakis, D., Sailer, R., Valdez, E., Perez, R., Schildhauer, W., Srinivasan, D.: TVDc: Managing security in the trusted virtual datacenter. ACM SIGOPS Oper. Syst. Rev. 42(1), 40–47 (2008). doi:10.1145/1341312.1341321
Berger, S., Caceres, R., Goldman, K., Pendarakis, D., Perez, R., Rao, J.R., Rom, E., Sailer, R., Schildhauer, W., Srinivasan, D., Tal, S., Valdez, E.: Security for the Cloud Infrastructure: Trusted Virtual Data Center Implementation. IBM Journal of Research and Development 53(4) (2009) 6:1–6:12.
Hao, F., Kodialam, M., Lakshman, T., Puttaswamy, K.: Protecting cloud data using dynamic inline fingerprint checks. In: INFOCOM, pp. 2877–2885, 2013 Proceedings IEEE. (2013)
Bohli, J.M., Gruschka, N., Jensen, M., Iacono, L., Marnau, N.: Security and privacy-enhancing multicloud architectures. IEEE Trans. Dependable Secure Comput. 10(4), 212–224 (2013)
Csorba, M.J., Meling, H., Heegaard, P.E.: Ant system for service deployment in private and public clouds. In: Proceedings of the 2nd workshop on Bio-inspired algorithms for distributed systems, pp. 19–28, ACM (2010)
Shen, G., Zhang, Y.Q.: A shadow price guided genetic algorithm for energy aware task scheduling on cloud computers. In: Advances in Swarm Intelligence, pp. 522–529, Springer (2011)
Randles, M., Lamb, D., Taleb-Bendiab, A.: A comparative study into distributed load balancing algorithms for cloud computing. In: Advanced Information Networking and Applications Workshops (WAINA), 2010 IEEE 24th International Conference on, IEEE, pp.551–556 (2010)
Vaquero, L.M., Rodero-Merino, L., Moran, D.: Locking the sky: A survey on IaaS cloud security. Computing 91(1), 93–118 (2011). doi:10.1007/s00607-010-0140-x
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer-Verlag Berlin Heidelberg
About this chapter
Cite this chapter
Barnwal, R.P., Ghosh, N., Ghosh, S.K. (2014). Data and Application Security in Cloud. In: Hassanien, A., Kim, TH., Kacprzyk, J., Awad, A. (eds) Bio-inspiring Cyber Security and Cloud Services: Trends and Innovations. Intelligent Systems Reference Library, vol 70. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-662-43616-5_18
Download citation
DOI: https://doi.org/10.1007/978-3-662-43616-5_18
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-662-43615-8
Online ISBN: 978-3-662-43616-5
eBook Packages: EngineeringEngineering (R0)