Skip to main content
SpringerLink
Log in

Reference deployment models for eliminating user concerns on cloud security

  • Published:
The Journal of Supercomputing Aims and scope Submit manuscript

Abstract

Cloud computing has become a hot topic both in research and in industry, and when making decisions on deploying/adopting cloud computing related solutions, security has always been a major concern. This article summarizes security related issues in cloud computing and proposes five service deployment models to address these issues. The proposed models provide different security related features to address different requirements and scenarios and can serve as reference models for deployment.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  1. Amazon Elastic Compute Cloud (EC2) (2009) http://www.amazon.com/ec2/

  2. Amazon Simple Storage Service (2009) http://aws.amazon.com/s3

  3. Anonymous (2005) Bank outsources security to the cloud. Commun News 42(12)

  4. Anonymous (2006) Bank trusts security to ‘the cloud’. Commun News 43(9)

  5. Apache Hadoop (2009) http://hadoop.apache.org/

  6. Armbrust M., Fox A, Griffith R, Joseph AD, Katz RH, Konwinski A, Lee G, Patterson DA, Rabkin A, Stoica I, Zaharia M (2009) Above the clouds: a Berkeley view of cloud computing. Technical Report UCB/EECS-2009-28, EECS Department, University of California, Berkeley

    Google Scholar 

  7. Beco S, Maraschini A, Pacini F (2009) Cloud computing and RESERVOIR project. Nuovo Cimento Soc Ital Fis C Colloq Phys 32(2). doi:10.1393/ncc/i2009-10388-5

  8. Bellebia D, Douin J-M (2006) Applying patterns to build a lightweight middleware for embedded systems. In: PLoP ’06: proceedings of the 2006 conference on pattern languages of programs. ACM Press, New York, pp 1–13

    Chapter  Google Scholar 

  9. Blakley B, Heath C (2004) Security design patterns. The Open Group Security Forum

  10. CARMEN (2009) http://www.carmen.org.uk/

  11. Chen D, Huang X, Ren X (2009) Access control of cloud service based on ucon. In: The first international conference on cloud computing, 2009, pp 559–564

  12. Cloud CIE Computing Expert Committee (2010) Cloud computing white paper. Technical report, Chinese Institute of Electronics

  13. Condor DAGman (2009) http://www.cs.wisc.edu/condor/dagman/

  14. Creese S, Hopkins P, Pearson S, Shen Y (2009) Data protection-aware design for cloud services. In: The first international conference on cloud computing, 2009, pp 119–130

  15. Dean J, Ghemawat S (2008) MapReduce: simplified data processing on large clusters. Commun ACM 51(1):107–113

    Article  Google Scholar 

  16. Eucalyptus (2009) http://eucalyptus.cs.ucsb.edu/

  17. Fernandez EB, Wu J, Larrondo-Petrie MM, Shao Y (2009) On building secure SCADA systems using security patterns. In: CSIIRW ’09: proceedings of the 5th annual workshop on cyber security and information intelligence research. ACM Press, New York, pp 1–4

    Chapter  Google Scholar 

  18. Ghemawat S, Gobioff H, Leung S-T (2003) The Google File System. SIGOPS Oper Syst Rev 37(5): 29–43

    Article  Google Scholar 

  19. Google App Engine (2009) http://appengine.google.com

  20. Heyman T, Yskout K, Scandariato R, Joosen W (2007) An analysis of the security patterns landscape. In: SESS ’07: proceedings of the third international workshop on software engineering for secure systems. IEEE Computer Society, Washington, p 3

    Google Scholar 

  21. Hu L, Ying S, Jia X, Zhao K (2009) Towards an approach of semantic access control for cloud computing. In: The first international conference on cloud computing, 2009, pp 145–156

  22. Hughes KJ (2002) Domain based security: enabling security at the level of applications and business processes. http://www.qinetiq.com

  23. Isard M, Budiu M, Yu Y, Birrell A, Fetterly D (2007) Dryad: distributed data-parallel programs from sequential building blocks. In: EuroSys ’07: proceedings of the 2nd ACM SIGOPS/EuroSys European conference on computer systems. ACM Press, New York, pp 59–72

    Google Scholar 

  24. Kaufman LM (2009) Data security in the world of cloud computing. IEEE Secur Priv 7(4): 61–64

    Article  Google Scholar 

  25. Keahey K, Tsugawa M, Matsunaga A (2009) Sky computing. IEEE Internet Comput 13(5): 43–51

    Article  Google Scholar 

  26. Kodituwakku SR, Bertok P, Zhao L (2001) Aplrac: a pattern language for designing and implementing role-based access control. In: EuroPLoP’01, 2001

  27. Kupa (2009) http://meta.cesnet.cz/cms/opencms/en/docs/clouds/

  28. Li H, Dai Y, Tian L, Yang H (2009) Identity-based authentication for cloud computing. In: The first international conference on cloud computing, 2009, pp 157–166

  29. Microsoft Live Mesh (2009) http://www.mesh.com/

  30. Maruyama N. Yoshioka K, Washizaki H (2008) A survey on security patterns. Prog Inform (5):35–47. doi:10.2201/NiiPi.2008.5.5

  31. Nimbus (2009) http://workspace.globus.org/

  32. Nurmi D, Wolski R, Grzegorczyk C, Obertelli G, Soman S, Youseff L, Zagorodnov D (2008) The eucalyptus open-source cloud-computing system. In: Proceedings of cloud computing and its applications, October 2008

  33. Nyre ÅA, Jaatun MG (2009) Privacy in a semantic cloud: what’s trust got to do with it? In: The first international conference on cloud computing, 2009, pp 107–118

  34. Pearson S, Shen Y, Mowbray M (2009) A privacy manager for cloud computing. In: The first international conference on cloud computing, 2009, pp 90–106

  35. Plobl K, Nowey T, Mletzko C (2006) Towards a security architecture for vehicular ad hoc networks. In: ARES ’06: proceedings of the first international conference on availability, reliability and security. IEEE Computer Society, Washington, pp 374–381

    Google Scholar 

  36. Qinetiq (2005) Domain based security—User guide No 2: introduction to infosec architecture models, November. http://www.qinetiq.com

  37. Salesforce (2009) http://www.salesforce.com/

  38. Schumacher M, Fernandez-Buglioni E, Hybertson D, Buschmann F, Sommerlad P (2006) Security patterns. Wiley, New York

    Google Scholar 

  39. Schumacher M, Fernandez E, Hybertson D, Buschmann F (2005) Security patterns: integrating security and systems engineering. Wiley, New York

    Google Scholar 

  40. Singh A, Srivatsa M, Liu L (2009) Search-as-a-service: outsourced search over outsourced storage. ACM Trans Web 3(4). doi:10.1145/1594173.1594175

  41. Uemura T, Dohi T, Kaio N (2009) Availability analysis of a scalable intrusion tolerant architecture with two detection modes. In: The first international conference on cloud computing, 2009, pp 178–189

  42. Wispy (2009) A cloud computing testbed, http://www.rcac.purdue.edu/teragrid/resources/#wispy

  43. Yan L, Rong C, Zhao G (2009) Strengthen cloud computing security with federal identity management using hierarchical identity-based cryptography. In: The first international conference on cloud computing, 2009, pp 167–177

  44. Yoder J, Barcalow J (1997) Architectural patterns for enabling application security. In: PLoP, 1997

  45. Youssef SM, Baith Mohamed A, Mikhail MA (2009) An enhanced security architecture for wireless sensor network. In: DNCOCO’09: proceedings of the 8th WSEAS international conference on data networks, communications, computers, Stevens Point, Wisconsin, USA, 2009. World Scientific and Engineering Academy and Society (WSEAS), pp 216–224

  46. Yu Y, Isard M, Fetterly D, Budiu M, Erlingsson Ú, Gunda PK, Currey J (2008) DryadLINQ: a system for general-purpose distributed data-parallel computing using a high-level language. In: Proceedings of the 8th symposium on operating systems design and implementation (OSDI ’08), San Diego, CA, December 2008

  47. Zhao G, Liu J, Tang Y, Sun W, Zhang F, Ye XP, Tang N (2009) Cloud computing: a statistics aspect of users. In: Jaatun MG, Zhao G, Rong C (eds) The first international conference on cloud computing. Lecture notes in computer science, vol 5931. Springer, Berlin, pp 347–358

    Google Scholar 

  48. Zhao G, Rong C, Jaatun MG, Sandnes FE (2010) Deployment models: towards eliminating security concerns from cloud computing. In: The first international workshop on cloud computing interoperability and services, June 2010

Download references

Author information

Authors and Affiliations

  1. School of Computer Science, South China Normal University, Guangzhou, China

    Gansen Zhao

  2. Faculty of Science and Technology, University of Stavanger, Stavanger, Norway

    Chunming Rong

  3. Department of Software Engineering, Safety and Security, SINTEF ICT, Trondheim, Norway

    Martin Gilje Jaatun

  4. Faculty of Engineering, Oslo University College, Oslo, Norway

    Frode Eika Sandnes

Authors
  1. Gansen Zhao
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Chunming Rong
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Martin Gilje Jaatun
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Frode Eika Sandnes
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Gansen Zhao.

Rights and permissions

Reprints and permissions

About this article

Cite this article

Zhao, G., Rong, C., Jaatun, M.G. et al. Reference deployment models for eliminating user concerns on cloud security. J Supercomput 61, 337–352 (2012). https://doi.org/10.1007/s11227-010-0460-9

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11227-010-0460-9

Keywords

Search

Navigation