Cloud security: Emerging threats and current solutions

被引:71
作者
Coppolino, Luigi [1 ]
D'Antonio, Salvatore [1 ]
Mazzeo, Giovanni [1 ]
Romano, Luigi [1 ]
机构
[1] Univ Naples Parthenope DI, Dipt Ingn, Naples, Italy
来源
COMPUTERS & ELECTRICAL ENGINEERING | 2017年 / 59卷
关键词
Cloud computing security; Security techniques; Intel SGX; Homomorphic cryptography; Cloud platforms; MECHANISMS;
D O I
10.1016/j.compeleceng.2016.03.004
中图分类号
TP3 [计算技术、计算机技术];
学科分类号
0812 ;
摘要
Many organizations are stuck in the cloudify or not to cloudily limbo, mainly due to concerns related to the security of enterprise sensitive data. Removing this barrier is a key pre-condition to fully unleash the tremendous potential of cloud computing. In this paper, we provide a comprehensive analysis of the main threats that hamper cloud computing adoption on a wide scale, and a right to the point review of the solutions that are currently being provided by the major vendors. The paper also presents the (near) future directions of cloud security research, by taking a snapshot of the main research trends and most accredited approaches. The study is done on a best of breed selection of proprietary and Open Source cloud offerings. The paper is thus a useful navigation tool, that can be used by the IT personnel to gain more insight into the security risks related to the use of cloud computing, as well as to quickly weigh the pros and cons of state of the art solutions. (C) 2016 Elsevier Ltd. All rights reserved.
引用
收藏
页码:126 / 140
页数:15
相关论文
共 35 条
[1]  
Akinbi A, 2013, INT CONF INTERNET, P162, DOI 10.1109/ICIST.2013.6747532
[2]  
Al Awadhi E, 2013, IEEE GCC CONF EXHIB, P251, DOI 10.1109/IEEEGCC.2013.6705785
[3]   Multi-Tenancy in Cloud Computing [J].
AlJahdali, Hussain ;
Albatli, Abdulaziz ;
Garraghan, Peter ;
Townend, Paul ;
Lau, Lydia ;
Xu, Jie .
2014 IEEE 8TH INTERNATIONAL SYMPOSIUM ON SERVICE ORIENTED SYSTEM ENGINEERING (SOSE), 2014, :344-351
[4]  
[Anonymous], 2012, Cross-VM Side Channels and Their Use to Extract Private Keys, Computer and communications security", p, DOI DOI 10.1145/2382196.2382230
[5]  
Badis H, 2014, NETW OP MAN S NOMS 2, V1, P5
[6]   DKSM: Subverting Virtual Machine Introspection for Fun and Profit [J].
Bahram, Sina ;
Jiang, Xuxian ;
Wang, Zhi ;
Grace, Mike ;
Li, Jinku ;
Srinivasan, Deepa ;
Rhee, Junghwan ;
Xu, Dongyan .
2010 29TH IEEE INTERNATIONAL SYMPOSIUM ON RELIABLE DISTRIBUTED SYSTEMS SRDS 2010, 2010, :82-91
[7]   Shielding Applications from an Untrusted Cloud with Haven [J].
Baumann, Andrew ;
Peinado, Marcus ;
Hunt, Galen .
ACM TRANSACTIONS ON COMPUTER SYSTEMS, 2015, 33 (03)
[8]  
Booth G, 2013, 2013 8 ANN S INF ASS
[9]   Understanding DDoS Attack & Its Effect In Cloud Environment [J].
Deshmukh, Rashmi V. ;
Devadkar, Kailas K. .
PROCEEDINGS OF 4TH INTERNATIONAL CONFERENCE ON ADVANCES IN COMPUTING, COMMUNICATION AND CONTROL(ICAC3'15), 2015, 49 :202-210
[10]   Security issues in cloud environments: a survey [J].
Fernandes, Diogo A. B. ;
Soares, Liliana F. B. ;
Gomes, Joao V. ;
Freire, Mario M. ;
Inacio, Pedro R. M. .
INTERNATIONAL JOURNAL OF INFORMATION SECURITY, 2014, 13 (02) :113-170
1234