Skip to main content
SpringerLink
Log in

A survey on security issues and solutions at different layers of Cloud computing

  • Published:
The Journal of Supercomputing Aims and scope Submit manuscript

Abstract

Cloud computing offers scalable on-demand services to consumers with greater flexibility and lesser infrastructure investment. Since Cloud services are delivered using classical network protocols and formats over the Internet, implicit vulnerabilities existing in these protocols as well as threats introduced by newer architectures raise many security and privacy concerns. In this paper, we survey the factors affecting Cloud computing adoption, vulnerabilities and attacks, and identify relevant solution directives to strengthen security and privacy in the Cloud environment.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9

Similar content being viewed by others

References

  1. Abbasy MR, Shanmugam B (2011) Enabling data hiding for resource sharing in cloud computing environments based on dna sequences. In: Proceedings of the 2011 IEEE world congress on services, SERVICES’11, pp 385–390

    Chapter  Google Scholar 

  2. Aws management console. Amazon web services. http://aws.amazon.com/console/

  3. Bahram S, Jiang X, Wang Z, Grace M (2010) Dksm: subverting virtual machine introspection for fun and profit. In: Proceedings of the 29th IEEE international symposium on reliable distributed systems

    Google Scholar 

  4. Bakshi A, Dujodwala YB (2010) Securing cloud from ddos attacks using intrusion detection system in virtual machine. In: Proceedings of the 2010 second international conference on communication software and networks, ICCSN’10, pp 260–264

    Chapter  Google Scholar 

  5. Balachandra KR, Ramakrishna VP, Rakshit A (2009) Cloud security issues. In: Proceedings of the 2009 IEEE international conference on services computing, SCC’09, pp 517–520

    Google Scholar 

  6. Bethencourt J, Sahai A, Waters B (2007) Ciphertext-policy attribute-based encryption. In: Proceedings of the 28th IEEE symposium on security and privacy, pp 1–6

    Google Scholar 

  7. Celesti A, Tusa F, Villari M, Puliafito A (2010) Security and cloud computing: intercloud identity management infrastructure. In: WETICE, pp 263–265

    Google Scholar 

  8. Chandramouli R, Mell P (2010) State of security readiness. Crossroads 16(3):23–25

    Google Scholar 

  9. Cloud computing comparison guide. Web hosting unleashed. http://www.webhostingunleashed.com/whitepaper/cloud-computing-comparison/

  10. Comparison guide: Cloud computing. Focus research. http://www.focus.com/research/comparison-guide-cloud-computing/

  11. Compliance home. Website (2011) http://www.compliancehome.com/

  12. Diallo MH, Hore B, Chang EC, Mehrotra S, Venkatasubramanian N (2012) Cloudprotect: managing data privacy in cloud applications. In: IEEE CLOUD

    Google Scholar 

  13. Du J, Wei W, Gu X, Yu T (2009) Toward secure dataflow processing in open distributed systems. In: Proc of ACM scalable trusted computing workshop (STC)

    Google Scholar 

  14. Durkee D (2010) Why cloud computing will never be free. Commun ACM 53(5):62–69

    Article  Google Scholar 

  15. Echeverría V, Liebrock LM, Shin D (2010) Permission management system: permission as a service in cloud computing. In: COMPSAC workshops, pp 371–375

    Google Scholar 

  16. Ei Ei Mon TTN (2011) The privacy-aware access control system using attribute-and role-based access control in private cloud. In: 4th IEEE international conference on broadband network and multimedia technology (IC-BNMT), pp 447–451

    Google Scholar 

  17. Ferguson T (2009) Salesforce.com outage hits thousands of businesses. http://www.ludcastle.co.uk/business_resources/Clouded~%20in%

  18. Garnkel T, Rosenblum M (2003) A virtual machine introspection based architecture for intrusion detection. In: Proc net and distributed sys sec symp

    Google Scholar 

  19. Gens F (2009) New idc it cloud services survey: top benefits and challenges. http://blogs.idc.com/ie/?p=730

  20. Halton W (2010) Security issues and solutions in cloud computing. http://wolfhalton.info/2010/06/25/security-issues-and-solutions-in-cloud-computing/

  21. Hu L, Ying S, Jia X, Zhao K Towards an approach of semantic access control for cloud computing. In: Proceedings of the 1st international conference on cloud computing, pp 145–156

  22. Huang X, Zhang T, Hou Y (2009) Id management among clouds. In: First international conference on future information networks, ICFIN2009, pp 237–241

    Google Scholar 

  23. Jager T, Somorovsky J (2011) How to break xml encryption. In: ACM conference on computer and communications security, pp 413–422. http://dblp.uni-trier.de/db/conf/ccs/ccs2011.html#JagerJ11

    Google Scholar 

  24. Jensen M, Schwenk JO, Gruschka N, Iacono LL (2009) On technical security issues in cloud computing. In: IEEE international conference on cloud computing, CLOUD-II 2009, pp 109–116

    Google Scholar 

  25. Khorshed MT, Ali ABMS, Wasimi SA (2011) Monitoring insiders activities in cloud computing using rule based learning. In: Proceedings of the 2011 IEEE 10th international conference on trust, security and privacy in computing and communications, TRUSTCOM’11, pp 757–764

    Google Scholar 

  26. King S, Chen P, Wang YM (2006) Subvirt: implementing malware with virtual machines. In: 2006 IEEE symposium on security and privacy, pp 314–327

    Google Scholar 

  27. Kirby G, Deale A, Macdonald A, Fernandes A (2010) An approach to ad hoc cloud computing. http://arxiv.org/abs/1002.4738v1

  28. Leu FY, Lin JC, Li MC, Yang CT, Shih PC (2005) Integrating grid with intrusion detection. In: Proceedings of the 19th international conference on advanced information networking and applications, AINA’05, vol 1, pp 304–309

    Google Scholar 

  29. Lin D, Squicciarini A (2010) Data protection models for service provisioning in the cloud. In: Proceeding of the ACM symposium on access control models and technologies, SACMAT’10

    Google Scholar 

  30. Lo CC, Huang C, Ku J (2010) A cooperative intrusion detection system framework for cloud computing networks. In: Proceedings of the 2010 39th international conference on parallel processing workshops, ICPPW’10, pp 280–284

    Chapter  Google Scholar 

  31. Lombardi F, Pietro RD (2010) Transparent security for cloud. In: Proceedings of the 2010 ACM symposium on applied computing, pp 414–415

    Chapter  Google Scholar 

  32. Mazzariello C, Bifulco R, Canonoco R (2010) Integrating a network ids into an open source cloud computing. In: Sixth international conference on information assurance and security (IAS), pp 265–270

    Google Scholar 

  33. Mell P, Grance T (2011) The nist definition of cloud computing (draft). http://csrc.nist.gov/publications/drafts/800–145/Draft-SP-800-145_cloud-definition.pdf

  34. Metz C (2009) Ddos attack rains down on Amazon cloud. http://www.theregister.co.uk/2009/10/05/amazon_bitbucket_outage/

  35. Metz C (2011) Amazon outage spans clouds ‘insulated’ from each other. http://www.theregister.co.uk/2011/04/21/amazon_web_services_outages_spans_zones/ from each other

  36. Modi C, Patel D, Borisaniya B, Patel H, Patel A, Rajarajan M (2012) A survey of intrusion detection techniques in cloud. J Netw Comput Appl. doi:10.1016/j.jnca.2012.05.003

    Google Scholar 

  37. Morizumi T, Suzuki K, Kinoshita H (2009) Transparent security for cloud system for search, access restriction, and agents in the clouds. In: Proceedings of the 2009 ninth annual international symposium on applications and the Internet, pp 201–204

    Chapter  Google Scholar 

  38. Mowbray M, Pearson S (2009) A client-based privacy manager for cloud computing. In: Proceedings of the fourth international ICST conference on communication system softWAre and middleware, COMSWARE’09, pp 1–8

    Chapter  Google Scholar 

  39. Naruchitparames J, Günes MH (2011) Enhancing data privacy and integrity in the cloud. In: HPCS, pp 427–434

    Google Scholar 

  40. National vulnerability database version 2.2. NIST. http://web.nvd.nist.gov/view/vuln/search-results?query=virtual&search%_type=all&cves=on

  41. Pauli D (2011) Amazon’s ec2, eucalyptus vulnerability discovered. http://www.crn.com.au/News/278387,amazons-ec2-eucalyptus-vulnerability-discovered.aspx

  42. Ponemon (2011) Security of cloud computing providers study. http://www.ca.com/~/media/Files/IndustryResearch/security-of-cloud-computing-providers-final-april-2011.pdf

  43. Ranchal R, Bhargava B, Othmane LB, Lilien L, Kim A, Kang M, Linderman M (2010) Protection of identity information in cloud computing without trusted third party. In: Proceedings of the 2010 29th IEEE symposium on reliable distributed systems, SRDS’10, pp 368–372

    Chapter  Google Scholar 

  44. Raykova M, Zhao H, Bellovin SM (2012) Privacy enhanced access control for outsourced data sharing. In: Financial cryptography and data security

    Google Scholar 

  45. Rimal BP, Choi E, Lumb I (2009) A taxonomy and survey of cloud computing systems. In: NCM’09: proceedings of the 2009 fifth international joint conference on INC, IMS and IDC, pp 44–51

    Chapter  Google Scholar 

  46. Rutkowska J (2006) Subverting vistatm kernel for fun and profit. In: BlackHat conference

    Google Scholar 

  47. Rutkowska J (2007) Security challenges in virtualized environments. http://bluepillproject.org

  48. Salmon J (2008) Clouded in uncertainty—the legal pitfalls of cloud computing. http://www.ludcastle.co.uk/business_resources/Clouded~%20in%

  49. Sandar SV, Shenai S (2012) Economic denial of sustainability (edos) in cloud services using http and xml based ddos attacks. Int J Comput Appl 41(20):11–16

    Google Scholar 

  50. Sanka S, Hota C, Rajarajan M (2010) Secure data access in cloud computing. In: IEEE 4th international conference on Internet multimedia services architecture and application (IMSAA), pp 1–6

    Google Scholar 

  51. Security guidance for critical areas of focus in cloud computing V3.0. Cloud Security Alliance (2011) http://cloudsecurityalliance.org/guidance/csaguide.v3.0.pdf

  52. Security threats. Microsoft. http://technet.microsoft.com/en-us/library/cc723507.aspx

  53. Slamanig D (2012) Dynamic accumulator based discretionary access control for outsourced storage with unlinkable access, pp 215–222

  54. Software as a service-Wikipedia. Wikipedia. http://en.wikipedia.org/wiki/Software_as_a_service

  55. Somorovsky J, Heiderich M, Jensen M, Schwenk J, Gruschka N, Iacono LL (2011) All your clouds are belong to us—security analysis of cloud management interfaces. In: ACM workshop on Cloud computing security

    Google Scholar 

  56. Sourya (2011) Should you be concerned? A list of recent cloud computing failures—intuit goes down. http://www.cloudtweaks.com/2011/06/should-you-be-concerned-a-list-of-recent-cloud-computing-failures

  57. Sripanidkulchai K, Sahu S, Ruan Y, Shaikh A, Dorai C (2010) Are clouds ready for large distributed applications. SIGOPS Oper Syst Rev 44(2):18–23

    Article  Google Scholar 

  58. Stolfo SJ, Salem MB, Keromytis AD (2012) Fog computing: mitigating insider data theft attacks in the cloud. In: 2012 IEEE symposium on security and privacy workshops. IEEE Press, New York, pp 125–128

    Chapter  Google Scholar 

  59. Subashini S, Kavitha V (2011) A survey on security issues in service delivery models of cloud computing. J Netw Comput Appl 34:1–11

    Article  Google Scholar 

  60. Tian X, Wang X, Zhou A (2009) Dsp reencryption: a flexible mechanism for access control enforcement management in daas. In: Proc CLOUD’09, SACMAT’10, pp 25–32

    Google Scholar 

  61. Top 7 threats to cloud computing. HELP NET SECURITY. http://www.net-security.org/secworld.php?id=8943

  62. Volokyta A (2012) Secure virtualization in cloud computing. In: 2012 international conference on modern problems of radio engineering telecommunications and computer science (TCSET), p 395

    Google Scholar 

  63. Vulnerability in windows server 2008 hyper-v could allow denial of service (977894). Microsoft security bulletin MS10-010—Important (2010) http://www.microsoft.com/technet/security/bulletin/ms11–047.mspx

  64. Wang W, Li Z, Owens R, Bhargava B (2007) Secure and efficient access to outsourced data. In: ACM cloud computing security workshop (CCSW), pp 63–69

    Google Scholar 

  65. Wang Q, Wang K, Ren W (2009) Low: ensuring data storage security in cloud computing. In: Proc of IWQoS 2009

    Google Scholar 

  66. Wang YJ, Zhao SJ, Le J (2009) Providing privacy preserving in cloud computing. In: International conference on test and measurement, vol 2, pp 213–216

    Google Scholar 

  67. Wang B, Li B, Li H (2012) Oruta: Privacy-preserving public auditing for shared data in the cloud. In: IEEE CLOUD

    Google Scholar 

  68. Wei J, Zhang X, Ammons G, Bala V, Ning P (2009) Managing security of virtual machine images in a cloud environment. In: Proceedings of the 2009 ACM workshop on cloud computing security, CCSW’09, pp 91–96

    Chapter  Google Scholar 

  69. What cloud computing really means. InfoWorld. http://www.infoworld.com/d/cloud-computing/what-cloud-computing-really-means-031?page=0,0

  70. Xarp 2.2.2. filecluster. http://www.filecluster.com/Network-Tools/Network-Monitoring/Download-XArp.html

  71. Yan L, Rong C, Zhao G (2009) Strengthen cloud computing security with federal identity management using hierarchical identity-based cryptography. In: Proceedings of the 1st international conference on cloud computing, CloudCom’09, pp 167–177

    Google Scholar 

  72. Zunnurhain K, Vrbsky S (2010) Security attacks and solutions in clouds. In: Proceedings of the 1st international conference on cloud computing, pp 145–156

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. NIT Surat, Surat, India

    Chirag Modi, Dhiren Patel & Bhavesh Borisaniya

  2. Information Security Group, City University London, London, UK

    Avi Patel & Muttukrishnan Rajarajan

Authors
  1. Chirag Modi
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Dhiren Patel
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Bhavesh Borisaniya
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Avi Patel
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Muttukrishnan Rajarajan
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Chirag Modi.

Rights and permissions

Reprints and permissions

About this article

Cite this article

Modi, C., Patel, D., Borisaniya, B. et al. A survey on security issues and solutions at different layers of Cloud computing. J Supercomput 63, 561–592 (2013). https://doi.org/10.1007/s11227-012-0831-5

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11227-012-0831-5

Keywords

Search

Navigation