A survey on security issues and solutions at different layers of Cloud computing
read more
Citations
I and i
Network Slicing and Softwarization: A Survey on Principles, Enabling Technologies, and Solutions
Security in cloud computing
A survey on cloud computing security
Cloud security issues and challenges
References
I and i
The NIST Definition of Cloud Computing
Ciphertext-Policy Attribute-Based Encryption
Review: A survey on security issues in service delivery models of cloud computing
A Virtual Machine Introspection Based Architecture for Intrusion Detection.
Related Papers (5)
Frequently Asked Questions (19)
Q2. What have the authors stated for future works in "A survey on security issues and solutions at different layers of cloud computing" ?
It opens up space for future researchto extend existing techniques and to investigate new techniques for security and privacy to mobile Cloud and ad-hoc Cloud.
Q3. What are the factors that are crippling the usage of Cloud services?
Factors crippling usage of Cloud services are live migration of data over the Internet, entrusting a provider for data security and privacy, vulnerabilities at browser’s API, vulnerabilities in network, export regulations for encryption etc.
Q4. What is the way to prevent a man-in-the-middle attack?
Proper SSL configuration and data communication test between authorized parties can be useful to reduce the risk of man-in-the-middle attack.
Q5. What are some of the solutions to address this issue?
Implementation of SLA for patching, strong authentication and access control to administrative tasks are some of the solutions to address this issue.
Q6. What are the three types of virtualization used?
There are mainly three types of virtualization are used: OS level virtualization, application based virtualization, and Hpervisor based virtualization.
Q7. What is the main problem with data at rest in the cloud?
The main problemwith data-at-rest in thecloud is loss of control, if a non-authorized user accesses the data in a shared environment.
Q8. What are some examples of browser based attacks?
Examples of browser based attacks (HTML based services) are- SSL certificate spoofing, attacks on browser caches and phishing attacks on mail clients [20].
Q9. What is the way to verify the integrity of shared data?
In this approach, third party auditor is used, that uses ring signatures to build homomorphic authenticators to verify the integrity of the shared data for a static group of users without retrieving the entire data.
Q10. What is the way to control access to Cloud resources?
For controlling access to Cloud resources, standards like eXtensible Access Control Markup Language (XACML) expressing access policies can be used.
Q11. What are the main reasons why Cloud providers rely on SLAs?
Cloud providers like Amazon, Google, Salesforce etc. rely on detailed SLAs to guarantee security and other parameters for customers.
Q12. What is the main problem of data at rest?
Even after using techniques to prevent unauthorized access, data at rest can be compromised through exploitation of application vulnerabilities.
Q13. What are the common types of attacks in the Internet protocol?
Vulnerabilities in Internet protocols may prove to be an implicit way of attacking Cloud system, that include common types of attacks like man-in-the-middle attack, IP spoofing, ARP spoofing, DNS poisoning, RIP attacks and flooding.
Q14. What can be done to mitigate the risks associated with the loss of control over the infrastructure?
As servers, storage and applications are provided by off-site external service providers, organizations need to evaluate the risks associated with the loss of control over the infrastructure.
Q15. What are some examples of threats that could affect the Cloud?
Examples of such threats are lack of authentication, authorization and audit control, weak encryption algorithms, weak keys, risk of association, unreliable datacenter, and lack of disaster recovery.
Q16. How many users were affected by the outage?
On 28 th March 2011, thousands of users registered at Intuit company (which offers financial and tax preparation software and related services) were experienced an outage for 2 to 5 days during change in network configuration and scheduled maintenance.
Q17. What are the security concerns with newer guest OSs?
As the number of Guest operating systems (OSs) running on a hypervisor increase, the security concerns with that newer guest OSs also increase.
Q18. What can be done to prevent unauthorized access to the data?
To address such issues, data should be transmitted via secured channel, fine-grained authentication and authorization techniques can be used for preventing data from unauthorized access.
Q19. What are the risks associated with sharing the same physical infrastructure between a set of multiple users?
There are risks associated with sharing the same physical infrastructure between a set of multiple users, even one being malicious can cause threats to the others using the same infrastructure.