Analysis of the major issues in Cloud Computing Environments
DOI:
https://doi.org/10.51611/iars.irj.v5i2.2015.50Keywords:
Cloud Computing, Security Threats, Cloud ServiceAbstract
Cloud computing is a model for enabling service user’s ubiquitous, convenient and on-demand network access to a shared pool of configurable computing resources. Cloud computing is a promising technology to facilitate development of large-scale, on-demand, flexible computing infrastructures. But without security embedded into innovative technology that supports cloud computing, businesses are setting themselves up for a fall. The trend of frequently adopting this technology by the organizations automatically introduced new risk on top of existing risk. Obviously putting everything into a single box i.e. into the cloud will only make it easier for hacker. This paper presents an overview and the study of the cloud computing. Also include the several security and challenging issues, emerging application and the future trends of cloud computing.
Downloads
Download data is not yet available.
References
Recommendation ITU-T X.1500, "Overview of cybersecurity".
Recommendation ITU-T E.409, "Incident organization and security incident handling: Guidelines for telecommunication organizations".
FG Deliverable (Introduction to the cloud ecosystem: definitions, taxonomies, use cases, high level requirements and capabilities).
Introduction to Global Inter-Cloud Technology Forum (GICTF) and its Roadmaps (Cloud-i-0026).
OASIS Identity in the Cloud Technical Committee, http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=id-cloud.
Architecture for Managing Clouds White Paper (DSP-IS0102), http://www.dmtf.org/sites/default/files/standards/documents/DSP-IS0102_1.0.0.pdf.
Special Publication 800-53, Recommended Security Controls for Federal Information Systems, (2006) December.
Special Publication 800-125, “Guide to Security for Full Virtualization Technologiesâ€.
Draft Special Publication 800-144, “Guidelines on Security and Privacy in Public Cloud Computingâ€, http://csrc.nist.gov/publications/drafts/800-144/Draft-SP-800-144_cloud-computing.pdf.
Draft Special Publication 800-145, “Definition of Cloud Computingâ€, http://csrc.nist.gov/publications/drafts/800-145/Draft-SP-800-145_cloud-definition.pdf, (2011) January.
Draft Special Publication 800-146, “Cloud Computing Synopsis and Recommendationâ€, http://csrc.nist.gov/publications/drafts/800-146/Draft-NIST-SP800-146.pdf, (2011) January.
Proposed Security Assessment & Authorization for U.S. Government Cloud Computing, http://www.cio.gov/pages.cfm/page/Federal-Risk-and-Authorization-Management-Program-FedRAMP.
Security Guidance for Critical Areas of Focus in Cloud Computing V2.1, https://cloudsecurityalliance.org/guidance/csaguide.v2.1.pdf, (2009) December.
Security Guidance for Critical Areas of Focus in Cloud Computing V2.1, https://cloudsecurityalliance.org/research/security-guidance/, (2011) November.
Top Threats to Cloud Computing V1.0, https://cloudsecurityalliance.org/topthreats/csathreats.v1.0.pdf.
SaaS, PaaS, and IaaS: a Security Checklist for Cloud Models, http://www.csoonline.com/article/print/660065.
The Open Web Application Security Project, “10 Risks with Cloud IT Foundation Tierâ€, https://www.owasp.org/index.php/Cloud-10_Risks_with_Cloud_IT_Foundation_Tier, (2009).
Cloud Computing and Security, A Natural Match, http://www.trustedcomputinggroup.org/files/ resource_files/1F4DEE3D-1A4B-B294-D0AD0742BA449E07/Cloud%20Computing%20and%20Security% 20Whitepaper_July29.2010.pdf, (2010).
P. A. Karger, “Multi-Level Security Requirements for Hypervisorsâ€, ISBN: 0-7695-2461-3, 21st Annual Computer Security Applications Conference, (2005) December 5-9, pp. – 275.
RSA Office of the CTO, “A Proposed Security Architecture for Next-Generation Data Centerâ€, (2010) January 29.
T. Ormandy, “An Empirical Study into the Security Exposure to Hosts of Hostile Virtualized Environmentsâ€, Whitepaper, (2008).
T. Garfinkel, M. Rosenblum, “A Virtual Machine Introspection Based Architecture for Intrusion Detectionâ€, In Proc. Network and Distributed Systems Security Symposium, (2003), pp. 191-206.
O. Gerstel and G. Sasaki, “Quality of Protection (QoP): A Quantitative Unifying Paradigm to Protection Service Gradesâ€, Proceedings of SPIE , vol. 4599 (1), SPIE – (2001) August 9.
O. Gerstel and G. Sasaki, “A General Framework for Service Availability for Bandwidth-Efficient
Connection-Oriented Networksâ€, IEEE/ACM Transactions on Networking, vol. 18, Issue 3, (2010) June, pp. 985-995.
W. Li and L. Ping, “Trust Model to Enhance Security and Interoperability of Cloud Environmentâ€, Cloud Computing, Proceedings on First International Conference, CloudCom 2009, Beijing, China, December 1-4, 2009, Lecture Notes in Computer Science, vol. 5931, (2009), pp. 69-79.
D. Xu, Y. Li, M. Chiang and A. R. Calderbank, “Elastic Service Availability: Utility Framework and Optimal Provisioningâ€, IEEE Journal on Selected Areas in Communications, vol. 26, no. 6, (2008) August.
Recommendation ITU-T E.409, "Incident organization and security incident handling: Guidelines for telecommunication organizations".
FG Deliverable (Introduction to the cloud ecosystem: definitions, taxonomies, use cases, high level requirements and capabilities).
Introduction to Global Inter-Cloud Technology Forum (GICTF) and its Roadmaps (Cloud-i-0026).
OASIS Identity in the Cloud Technical Committee, http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=id-cloud.
Architecture for Managing Clouds White Paper (DSP-IS0102), http://www.dmtf.org/sites/default/files/standards/documents/DSP-IS0102_1.0.0.pdf.
Special Publication 800-53, Recommended Security Controls for Federal Information Systems, (2006) December.
Special Publication 800-125, “Guide to Security for Full Virtualization Technologiesâ€.
Draft Special Publication 800-144, “Guidelines on Security and Privacy in Public Cloud Computingâ€, http://csrc.nist.gov/publications/drafts/800-144/Draft-SP-800-144_cloud-computing.pdf.
Draft Special Publication 800-145, “Definition of Cloud Computingâ€, http://csrc.nist.gov/publications/drafts/800-145/Draft-SP-800-145_cloud-definition.pdf, (2011) January.
Draft Special Publication 800-146, “Cloud Computing Synopsis and Recommendationâ€, http://csrc.nist.gov/publications/drafts/800-146/Draft-NIST-SP800-146.pdf, (2011) January.
Proposed Security Assessment & Authorization for U.S. Government Cloud Computing, http://www.cio.gov/pages.cfm/page/Federal-Risk-and-Authorization-Management-Program-FedRAMP.
Security Guidance for Critical Areas of Focus in Cloud Computing V2.1, https://cloudsecurityalliance.org/guidance/csaguide.v2.1.pdf, (2009) December.
Security Guidance for Critical Areas of Focus in Cloud Computing V2.1, https://cloudsecurityalliance.org/research/security-guidance/, (2011) November.
Top Threats to Cloud Computing V1.0, https://cloudsecurityalliance.org/topthreats/csathreats.v1.0.pdf.
SaaS, PaaS, and IaaS: a Security Checklist for Cloud Models, http://www.csoonline.com/article/print/660065.
The Open Web Application Security Project, “10 Risks with Cloud IT Foundation Tierâ€, https://www.owasp.org/index.php/Cloud-10_Risks_with_Cloud_IT_Foundation_Tier, (2009).
Cloud Computing and Security, A Natural Match, http://www.trustedcomputinggroup.org/files/ resource_files/1F4DEE3D-1A4B-B294-D0AD0742BA449E07/Cloud%20Computing%20and%20Security% 20Whitepaper_July29.2010.pdf, (2010).
P. A. Karger, “Multi-Level Security Requirements for Hypervisorsâ€, ISBN: 0-7695-2461-3, 21st Annual Computer Security Applications Conference, (2005) December 5-9, pp. – 275.
RSA Office of the CTO, “A Proposed Security Architecture for Next-Generation Data Centerâ€, (2010) January 29.
T. Ormandy, “An Empirical Study into the Security Exposure to Hosts of Hostile Virtualized Environmentsâ€, Whitepaper, (2008).
T. Garfinkel, M. Rosenblum, “A Virtual Machine Introspection Based Architecture for Intrusion Detectionâ€, In Proc. Network and Distributed Systems Security Symposium, (2003), pp. 191-206.
O. Gerstel and G. Sasaki, “Quality of Protection (QoP): A Quantitative Unifying Paradigm to Protection Service Gradesâ€, Proceedings of SPIE , vol. 4599 (1), SPIE – (2001) August 9.
O. Gerstel and G. Sasaki, “A General Framework for Service Availability for Bandwidth-Efficient
Connection-Oriented Networksâ€, IEEE/ACM Transactions on Networking, vol. 18, Issue 3, (2010) June, pp. 985-995.
W. Li and L. Ping, “Trust Model to Enhance Security and Interoperability of Cloud Environmentâ€, Cloud Computing, Proceedings on First International Conference, CloudCom 2009, Beijing, China, December 1-4, 2009, Lecture Notes in Computer Science, vol. 5931, (2009), pp. 69-79.
D. Xu, Y. Li, M. Chiang and A. R. Calderbank, “Elastic Service Availability: Utility Framework and Optimal Provisioningâ€, IEEE Journal on Selected Areas in Communications, vol. 26, no. 6, (2008) August.
Downloads
Published
2015-08-29
Issue
Section
Peer Reviewed Research Manuscript
License
Copyright (c) 2015 S. Selvam, S. Thabasu Kannan
This work is licensed under a Creative Commons Attribution 4.0 International License.
Author(s) hold complete right on the content of this article. Copyright to the content are governed as per Copyright Policy of the Journal.
How to Cite
Selvam, S. and Kannan, S.T. (2015) “Analysis of the major issues in Cloud Computing Environments”, IARS’ International Research Journal, 5(2). doi:10.51611/iars.irj.v5i2.2015.50.
