Privacy, Security and Trust Issues Arising from Cloud Computing
30 Nov 2010-pp 693-702
TL;DR: This paper assesses how security, trust and privacy issues occur in the context of cloud computing and discusses ways in which they may be addressed.
Abstract: Cloud computing is an emerging paradigm for large scale infrastructures. It has the advantage of reducing cost by sharing computing and storage resources, combined with an on-demand provisioning mechanism relying on a pay-per-use business model. These new features have a direct impact on the budgeting of IT budgeting but also affect traditional security, trust and privacy mechanisms. Many of these mechanisms are no longer adequate, but need to be rethought to fit this new paradigm. In this paper we assess how security, trust and privacy issues occur in the context of cloud computing and discuss ways in which they may be addressed.
Citations
More filters
01 Jan 2011
TL;DR: Key issues and challenges in achieving a trusted cloud through the use of detective controls are discussed, and the Trust Cloud framework is presented, which addresses accountability in cloud computing via technical and policy-based approaches.
425 citations
Cites background from "Privacy, Security and Trust Issues ..."
...Further analysis of definitions of trust in cloud computing is found in [4]....
[...]
04 Jul 2011
TL;DR: The Trust Cloud framework as mentioned in this paper addresses accountability in cloud computing via technical and policy-based approaches and discusses key issues and challenges in achieving a trusted cloud through the use of detective controls.
Abstract: The key barrier to widespread uptake of cloud computing is the lack of trust in clouds by potential customers. While preventive controls for security and privacy are actively researched, there is still little focus on detective controls related to cloud accountability and audit ability. The complexity resulting from large-scale virtualization and data distribution carried out in current clouds has revealed an urgent research agenda for cloud accountability, as has the shift in focus of customer concerns from servers to data. This paper discusses key issues and challenges in achieving a trusted cloud through the use of detective controls, and presents the Trust Cloud framework, which addresses accountability in cloud computing via technical and policy-based approaches.
393 citations
TL;DR: This survey presents a comprehensive overview of the security issues for different factors affecting cloud computing, and encompasses the requirements for better security management and suggests 3-tier security architecture.
340 citations
03 Dec 2012
TL;DR: This paper puts forth the taxonomy of VANET based cloud computing, and is, to the best of the knowledge, the first effort to define VANet Cloud architecture.
Abstract: Despite the surge in Vehicular Ad Hoc NETwork (VANET) research, future high-end vehicles are expected to under-utilize the on-board computation, communication, and storage resources. Olariu et al. envisioned the next paradigm shift from conventional VANET to Vehicular Cloud Computing (VCC) by merging VANET with cloud computing. But to date, in the literature, there is no solid architecture for cloud computing from VANET standpoint. In this paper, we put forth the taxonomy of VANET based cloud computing. It is, to the best of our knowledge, the first effort to define VANET Cloud architecture. Additionally we divide VANET clouds into three architectural frameworks named Vehicular Clouds (VC), Vehicles using Clouds (VuC), and Hybrid Vehicular Clouds (HVC). We also outline the unique security and privacy issues and research challenges in VANET clouds.
259 citations
TL;DR: This study is to review different security techniques and challenges from both software and hardware aspects for protecting data in the cloud and aims at enhancing the data security and privacy protection for the trustworthy cloud environment.
Abstract: Data security has consistently been a major issue in information technology. In the cloud computing environment, it becomes particularly serious because the data is located in different places even in all the globe. Data security and privacy protection are the two main factors of user’s concerns about the cloud technology. Though many techniques on the topics in cloud computing have been investigated in both academics and industries, data security and privacy protection are becoming more important for the future development of cloud computing technology in government, industry, and business. Data security and privacy protection issues are relevant to both hardware and software in the cloud architecture. This study is to review different security techniques and challenges from both software and hardware aspects for protecting data in the cloud and aims at enhancing the data security and privacy protection for the trustworthy cloud environment. In this paper, we make a comparative research analysis of the existing research work regarding the data security and privacy protection techniques used in the cloud computing.
209 citations
References
More filters
TL;DR: In this article, the authors adopt a multidisciplinary view of trust within and between firms, in an effort to synthesize and give insight into a fundamental construct of organizational science, while recognizing that the differing meanings scholars bring to the study of trust also can add value.
Abstract: Our task is to adopt a multidisciplinary view
of trust within and between firms, in an effort to
synthesize and give insight into a fundamental
construct of organizational science. We seek to
identify the shared understandings of trust
across disciplines, while recognizing that the
divergent meanings scholars bring to the study
of trust also can add value.
8,886 citations
"Privacy, Security and Trust Issues ..." refers background in this paper
...Evidence from a contemporary, cross-disciplinary collection of scholarly writing suggests that a widely held definition of trust is as follows [20]: “Trust is a psychological state comprising the intention to accept vulnerability based upon positive expectations of the intentions or behaviour of another”....
[...]
31 May 2009
TL;DR: This work proposes a fully homomorphic encryption scheme that allows one to evaluate circuits over encrypted data without being able to decrypt, and describes a public key encryption scheme using ideal lattices that is almost bootstrappable.
Abstract: We propose a fully homomorphic encryption scheme -- i.e., a scheme that allows one to evaluate circuits over encrypted data without being able to decrypt. Our solution comes in three steps. First, we provide a general result -- that, to construct an encryption scheme that permits evaluation of arbitrary circuits, it suffices to construct an encryption scheme that can evaluate (slightly augmented versions of) its own decryption circuit; we call a scheme that can evaluate its (augmented) decryption circuit bootstrappable.Next, we describe a public key encryption scheme using ideal lattices that is almost bootstrappable.Lattice-based cryptosystems typically have decryption algorithms with low circuit complexity, often dominated by an inner product computation that is in NC1. Also, ideal lattices provide both additive and multiplicative homomorphisms (modulo a public-key ideal in a polynomial ring that is represented as a lattice), as needed to evaluate general circuits.Unfortunately, our initial scheme is not quite bootstrappable -- i.e., the depth that the scheme can correctly evaluate can be logarithmic in the lattice dimension, just like the depth of the decryption circuit, but the latter is greater than the former. In the final step, we show how to modify the scheme to reduce the depth of the decryption circuit, and thereby obtain a bootstrappable encryption scheme, without reducing the depth that the scheme can evaluate. Abstractly, we accomplish this by enabling the encrypter to start the decryption process, leaving less work for the decrypter, much like the server leaves less work for the decrypter in a server-aided cryptosystem.
5,770 citations
"Privacy, Security and Trust Issues ..." refers methods in this paper
...It is possible to do this however in a non-efficient way, notably via Yao’s protocol for secure two-party computation [32] and Gentry’s fully homomorphic encryption scheme [33]....
[...]
27 Oct 1986
TL;DR: A new tool for controlling the knowledge transfer process in cryptographic protocol design is introduced and it is applied to solve a general class of problems which include most of the two-party cryptographic problems in the literature.
Abstract: In this paper we introduce a new tool for controlling the knowledge transfer process in cryptographic protocol design. It is applied to solve a general class of problems which include most of the two-party cryptographic problems in the literature. Specifically, we show how two parties A and B can interactively generate a random integer N = p?q such that its secret, i.e., the prime factors (p, q), is hidden from either party individually but is recoverable jointly if desired. This can be utilized to give a protocol for two parties with private values i and j to compute any polynomially computable functions f(i,j) and g(i,j) with minimal knowledge transfer and a strong fairness property. As a special case, A and B can exchange a pair of secrets sA, sB, e.g. the factorization of an integer and a Hamiltonian circuit in a graph, in such a way that sA becomes computable by B when and only when sB becomes computable by A. All these results are proved assuming only that the problem of factoring large intergers is computationally intractable.
3,463 citations
09 Nov 2009
TL;DR: It is shown that it is possible to map the internal cloud infrastructure, identify where a particular target VM is likely to reside, and then instantiate new VMs until one is placed co-resident with the target, and how such placement can then be used to mount cross-VM side-channel attacks to extract information from a target VM on the same machine.
Abstract: Third-party cloud computing represents the promise of outsourcing as applied to computation. Services, such as Microsoft's Azure and Amazon's EC2, allow users to instantiate virtual machines (VMs) on demand and thus purchase precisely the capacity they require when they require it. In turn, the use of virtualization allows third-party cloud providers to maximize the utilization of their sunk capital costs by multiplexing many customer VMs across a shared physical infrastructure. However, in this paper, we show that this approach can also introduce new vulnerabilities. Using the Amazon EC2 service as a case study, we show that it is possible to map the internal cloud infrastructure, identify where a particular target VM is likely to reside, and then instantiate new VMs until one is placed co-resident with the target. We explore how such placement can then be used to mount cross-VM side-channel attacks to extract information from a target VM on the same machine.
2,230 citations
10 Dec 2009
TL;DR: The presentation “Cloud Computing: Benefits, risks and recommendations for information security” will cover some the most relevant information security implications of cloud computing from the technical, policy and legal perspective.
Abstract: The presentation “Cloud Computing: Benefits, risks and recommendations for information security” will cover some the most relevant information security implications of cloud computing from the technical, policy and legal perspective.
796 citations