A Survey on the Security Issues in Cloud Computing

  IJPTT-book-cover
 
International Journal of P2P Network Trends and Technology (IJPTT)
© 2014 by IJPTT Journal
Volume - 4 Issue - 4 
Year of Publication : 2014
Authors : B.Vani , R.Cynthia Monica Priya

Citation

B.Vani , R.Cynthia Monica Priya."A Survey on the Security Issues in Cloud Computing". International Journal of P2P Network Trends and Technology (IJPTT), V4(4):17-21 Jul - Aug 2014, ISSN:2249-2615, www.ijpttjournal.org, Published by Seventh Sense Research Group.

Abstract

Cloud computing is a recent paradigm that deals with hosting and delivering services over the internet. Its knack to reduce both the software and hardware costs makes it more familiar. Virtualization provides the end users a variety of services from the hardware to the application level. The pay per use is the most distinguished feature. The facility to scale the computing infrastructure up and down is another remarkable feature. Location transparency, resource pooling, ubiquitous network access are the other important characteristics of cloud computing. Anything that grows popular suffers from certain weakness. This paper makes a survey on the various security issues such as confidentiality, integrity and availability. The various threats that may take over and the available defense strategies for each issue have been surveyed.

References

[1] Mell, P.,&Grance, T., “ The NIST Definition of Cloud Computing” , NIST Information Technology Laboratory, http://www.nist.gov/itl/cloud/upload/cloud-def-v15.pdf, ,pp 1-2, 2011.
[2] Ross A. Lumley, “Cyber Security and Privacy in Cloud Computing: Multidisciplinary Research Problems in Business”, pp 1-10, 2010.
[3] Minqi Zhou et al., “Security and Privacy in Cloud Computing: A Survey”, Proc. of Sixth International Conference on Semantics, Publications, First Printing, pp 149-150, 2008.
[4] Gruschka, M. Jensen, “Attack Surfaces: A Taxonomy for Attacks on Cloud Services,” Cloud Computing, IEEE 3rd International Conference on Cloud Computing, pp. 276-279, 2010.
[5] S. Subashini and V. Kavitha, “A survey on security issues in service delivery models of cloud computing,” J. Network and Computer Applications, vol. 34, pp. 1-11, Jan. 2011.
[6] B. Grobauer, T. Walloschek, and E. Stocker, “Understanding cloud computing vulnerabilities,” IEEE, vol. 9, issue no. 2, pp. 50-57, 2011.
[7] Rachna Arora, Anshu Parashar ,“Secure User Data in Cloud Computing Using Encryption Algorithms,”Vol. 3, Issue 4, pp. 1922-1926, Jul.-Aug. 2013.
[8] Chimere Barron, Huiming Yu and Justin Zhan, “Cloud Computing Security Case Studies and Research”, Proceedings of the World Congress on Engineering 2013 Vol II, WCE 2013, July 3 - 5, 2013.
[9] Santosh Kumar and R. H. Goudar, “Cloud Computing – Research Issues, Challenges, Architecture, Platforms and Applications: A Survey” International Journal of Future Computer and Communication, Vol. 1, No. 4, pp. 356-360, Dec. 2012.
[10] S.Sabarish, G.Basha, A.Padmashree, Secured Cloud Environment With A New Approach, International Journal of Internet Computing ISSN No: 2231 – 6965, VOL- 1, Issue 4, pp. 68-71, 2012.
[11] Shilpashree Srinivasamurthy, David Q. Liu, “Survey on Cloud ComputingSecurity”,http://salsahpc.indiana.edu/CloudCom2010/Poster/cloudcom2010_submission_67.pdf.
[12] M.Malathi, “Cloud Computing Issues-A Survey”, International Journal of Advanced Computer Research (ISSN (print): 2249-7277 ISSN (online): 2277-7970) Volume 2, Number 2, pp. 113-118, June 2012.
[13] T. Ristenpart, E. Tromer, H. Shacham, and S. Savage, “Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds,” Proc. 16th ACM conference on Computer and communications security, pp. 199-212, 2009.
[14] A. Aviram, S. Hu, B. Ford, and R. Gummadi, “Determinating timing channels in compute clouds,” In Proc.ACM workshop on Cloud computing security workshop, pp. 103-108, 2010.
[15] B. D. Payne, M. Carbone, and W. Lee, “Secure and Flexible Monitoring of Virtual Machines,” In Proc. ACSAC’07, http://www.acsac.org/2007/papers/138.pdf, 2007.
[16] N. Santos, K.P. Gummadi, and R. Rodrigues, “Towards trusted cloud computing,” Proc. Conference on Hot topics in cloud computing, 2009.
[17] M. Descher, P. Masser, T. Feilhauer, A. Tjoa, and D. Huemer, “Retaining Data Control to the Client in Infrastructure Clouds,” pp. 9-16, 2009.
[18] G. Ateniese, R. Burns, R. Curtmola, J. Herring, L. Kissner, Z. Peterson, and D. Song, “Provable data possession at untrusted stores,” In ACM CCS, pp. 598-609, 2007.
[19] C. Wang, K. Ren, J. Wang, “Secure and Practical Outsourcing of Linear Programming in Cloud Computing,” 2011.
[20] D. L. G. Filho and P. S. L. M. Baretto, “Demon-strating data possession and uncheatable data transfer,” http://eprint.iacr.org/2006/150.
[21] Y. Deswarte, J.-J. Quisquater, and A. Saidane, “Remote integrity checking,” Proc. Conference on Integrity and Internal Control in Information Systems (IICIS’03), Nov. 2003.
[22] Erway, A. K¨ upc¸¨u, C. Papamanthou, and R. Tamassia, “Dynamic provable data possession,” Proc. 16th ACM conference on Computer and communications security, pp. 213-222, 2009.
[23] K.D. Bowers, A. Juels, and A. Oprea, “HAIL: A high-availability and integrity layer for cloud storage,” Proc. 16th ACM conference on Computer and communications security, pp. 187-198, 2009.
[24] C. Wang, Q. Wang, K. Ren, and W. Lou, “Privacy-preserving public auditing for data storage security in cloud computing,” Mar. 2010.
[25] Z. Xiao and Y. Xiao, “Accountable MapReduce in Cloud Computing,” Proc. The IEEE International Workshop on Security in Computers, Networking and Communications (SCNC 2011), 2011.
[26] A. Haeberlen, P. Kuznetsov, and P. Druschel, “Peer Review: Practical accountability for distributed systems,” In Proc. ACM Symposium on Operating Systems Principles (SOSP), Volume 41 Issue 6, pp. 175-188, , Dec. 2007
[27] F. Monrose, P. Wycko, and A. D. Rubin, “Distributed execution with remote audit,” pp. 103-113, 1999.
[28] M. Jensen, J. Schwenk, N. Gruschka, and L.L. Iacono, “On technical security issues in cloud computing,” IEEE International Conference on Cloud Computing, CLOUD’09, pp. 109-116, 2009.
[29] J. Idziorek and M. Tannian, “Exploiting cloud utility models for profit and ruin,” IEEE International Conference on Cloud Computing (CLOUD), pp. 33-40, 2011.

Keywords
availability, cloud computing, confidentiality, integrity, security.