Cloud Service Security & application vulnerability
作者: Acklyn Murray , Geremew Begna , Ebelechukwu Nwafor , Jeremy Blackstone , Wayne Patterson
DOI: 10.1109/SECON.2015.7132979
关键词: Access control 、 Information security management 、 Cloud testing 、 Enterprise architecture 、 Computer security 、 Cloud computing security 、 Cloud computing 、 Software as a service 、 Computer science 、 Security service
摘要: Cloud computing is one of today's most appealing technology areas due to its cost-efficiency and flexibility. However, despite significant interests, deploying cloud in an enterprise infrastructure offers security concerns. Successful implementation requires proper planning understanding emerging risks, threats, vulnerabilities, possible countermeasures. This paper discusses concerns the three models namely “Software as a Service” (SaaS), Platform (PaaS) “Infrastructure (IaaS). It also Cloud-based Security Tools currently available today. Under U.S. Federal Requirements for Security. The demonstrated Information Management Act (FISMA) Risk Authorization Program (FedRAMP). Data Encryption, Homomorphic Encryption Access Control (Identity Management). Finally, this talks about applications focusing on select applications. looks at some known vulnerability issues associated with future
sci-hub.se 参考文章(6)
Emily Walsh, Ilseung Cho, Using Evernote as an Electronic Lab Notebook in a Translational Science Laboratory Journal of Laboratory Automation. ,vol. 18, pp. 229- 234 ,(2013) , 10.1177/2211068212471834
S. Subashini, V. Kavitha, Review: A survey on security issues in service delivery models of cloud computing Journal of Network and Computer Applications. ,vol. 34, pp. 1- 11 ,(2011) , 10.1016/J.JNCA.2010.07.006
Thomas Ristenpart, Eran Tromer, Hovav Shacham, Stefan Savage, Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds computer and communications security. pp. 199- 212 ,(2009) , 10.1145/1653662.1653687
Idilio Drago, Marco Mellia, Maurizio M. Munafo, Anna Sperotto, Ramin Sadre, Aiko Pras, Inside dropbox: understanding personal cloud storage services internet measurement conference. pp. 481- 494 ,(2012) , 10.1145/2398776.2398827
Anthony Bisong, Syed, M. Rahman, An Overview of the Security Concerns in Enterprise Cloud Computing arXiv: Cryptography and Security. ,(2011) , 10.5121/IJNSA.2011.3103
Peter Mell, Tim Grance, The NIST Definition of Cloud Computing Special Publication (NIST SP) - 800-145. ,vol. 23, pp. 50- 50 ,(2011) , 10.6028/NIST.SP.800-145