An analysis of security issues for cloud computing

被引：312

作者：

Hashizume, Keiko ^{[1
]}

Rosado, David G. ^{[2
]}

Fernandez-Medina, Eduardo ^{[2
]}

Fernandez, Eduardo B. ^{[1
]}

机构：

[1] Florida Atlantic Univ, Dept Comp Sci & Engn, Boca Raton, FL 33431 USA

[2] Univ Castilla La Mancha, Dept Informat Syst & Technol GSyA Res Grp, Ciudad Real, Spain

来源：

JOURNAL OF INTERNET SERVICES AND APPLICATIONS | 2013年 / 4卷 / 01期

关键词：

Cloud computing; Security; SPI model; Vulnerabilities; Threats; Countermeasures;

D O I：

10.1186/1869-0238-4-5

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

Cloud Computing is a flexible, cost-effective, and proven delivery platform for providing business or consumer IT services over the Internet. However, cloud Computing presents an added level of risk because essential services are often outsourced to a third party, which makes it harder to maintain data security and privacy, support data and service availability, and demonstrate compliance. Cloud Computing leverages many technologies (SOA, virtualization, Web 2.0); it also inherits their security issues, which we discuss here, identifying the main vulnerabilities in this kind of systems and the most important threats found in the literature related to Cloud Computing and its environment as well as to identify and relate vulnerabilities and threats with possible solutions.

引用

页码：1 / 13

页数：13

共 77 条

[1] Security for the cloud infrastructure: Trusted virtual data center implementation [J].

Berger, S. ;

Caceres, R. ;

Goldman, K. ;

Pendarakis, D. ;

Perez, R. ;

Rao, J. R. ;

Rom, E. ;

Sailer, R. ;

Schildhauer, W. ;

Srinivasan, D. ;

Tal, S. ;

Valdez, E. .

IBM JOURNAL OF RESEARCH AND DEVELOPMENT, 2009, 53 (04)

[2]

Berger Stefan, 2008, Operating Systems Review, V42, P40, DOI 10.1145/1341312.1341321

[3]

Bezemer C., 2010, JOINT P ERCIM EVOL I, P88, DOI [10.1145/1862372.1862393, DOI 10.1145/1862372.1862393]

[4]

Bisong A., 2011, INT J NETWORK SECURI, V3, P30, DOI DOI 10.5121/IJNSA.2011.3103

[5] Lessons from applying the systematic literature review process within the software engineering domain [J].

Brereton, Pearl ;

Kitchenham, Barbara A. ;

Budgen, David ;

Turner, Mark ;

Khalil, Mohamed .

JOURNAL OF SYSTEMS AND SOFTWARE, 2007, 80 (04) :571-583

[6] Cloud Computing Security [J].

Carlin, Sean ;

Curran, Kevin .

INTERNATIONAL JOURNAL OF AMBIENT COMPUTING AND INTELLIGENCE, 2011, 3 (01) :14-19

[7]

Chandramouli R., 2010, CROSSROADS, V16, P23, DOI DOI 10.1145/1734160.1734168

[8]

Charters S., 2007, GUIDELINES PERFORMIN

[9]

Chong F, 2006, MULTITENANT DATA ARC

[10]

Cloud Security Alliance, 2011, SEC GUID CRIT AR FOC, V3.1

← 1 2 3 4 5 6 7 8 →