Skip to main content
SpringerLink
Log in

An Analysis of Security Related Issues in Cloud Computing

  • Conference paper
Book cover Contemporary Computing (IC3 2011)

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 168))

Included in the following conference series:

Abstract

Over the past two decades, the scenario in the computing world has evolved from client-server to distributed systems and then to central virtualization called as cloud computing. Computing world is moving towards Cloud Computing and it remains as buzzword of the current era. Earlier, users had complete control over their processes and data stored in personal computer where as in cloud, cloud vendor provides services and data storage in remote location over which the client has no control or information. As application and data processing takes place in public domain outside the designated firewall, several security concerns and issues arise. The main objective of the paper is to provide an overall security perspective in cloud Computing and highlight the security concerns and other issues. The paper also highlights few technical security issues in cloud computing.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. McCarthy, J.: Recursive functions of symbolic expressions and their computation by machine. Communications of the ACM 3(4), 184–195 (1960)

    Article  MATH  Google Scholar 

  2. Sharon Eisner Gillett., Mitchell Kapor.,: The Self-governing Internet, Coordination by Design. In: Coordination and Administration of the Internet Workshop at Kennedy School of Government, Harvard University (1996)

    Google Scholar 

  3. Amazon mechanical Turk, Artificial Intelligence, https://www.mturk.com/mturk/welcome

  4. Khalid, A.: Cloud Computing, Applying Issues in Small. In: International Conference on Signal Acquisition and Processing (2010)

    Google Scholar 

  5. Knorr, E., Gruman, G.: What cloud computing really means (2008), http://www.infoworld.com/auhor-bios/galengruman

  6. Gartner.: Gartner Say’s Cloud Computing Will Be as Influential As E-business. Gartner.com (2010) ; Gruman, G.: What cloud computing really means. InfoWorld (2009) (retrieved)

    Google Scholar 

  7. A Platform Computing Whitepaper: Enterprise Cloud Computing-Transforming IT, Platform Computing, p. 6 (2010)

    Google Scholar 

  8. Global Netoptex Incorporated: Demystifying the cloud. Important opportunities, crucial choices, 4–14 (2009), http://www.gni.com

  9. Swamp Computing (Cloud Computing).: Web Security Journal (2009), http://security.sys-con.com/node/1231725

  10. Sampling of issues we are addressing: Cloud Security Alliance, http://www.cloudsecurityalliance.org/issues.html#ediscovery

  11. Casassa-Mont, M., Pearson, S., Bramhall, P.: Towards Accountable Management of Identity and Privacy- Sticky Policies and Enforceable Tracing Services. In: Casassa-Mont, M., Pearson, S., Bramhall, P. (eds.) Proc. DEXA, pp. 372–382. IEEE Computer Society, Los Alamitos (2003)

    Google Scholar 

  12. PCI Security Standard, https://www.pcisecuritystandards.org/index.shtml

  13. Payment Card Industry Security, http://en.wikipedia.org/wiki/Payment_Card_Industry_Data_Security_Standard

  14. Brodkin J., Gartner: Seven cloud-computing security risks. Infoworld (2009)

    Google Scholar 

  15. http://www.infoworld.com/d/security-central/gartner-seven-cloudcomputing-security-risks-853

  16. Dlamini, M.T., Eloff, M.M., Eloff, J.H.P.: Internet of People, Things and Services, The Convergence of Security. Trust and Privacy (2009)

    Google Scholar 

  17. Kormann, M., Rubin, A.: Risks of the passport single sign on protocol. Computer Networks 33(1-6), 51–58 (2000)

    Article  Google Scholar 

  18. Slemko, M.: Microsoft passport to trouble (2001), http://alive.znep.com/~marcs/passport/

  19. Grob, T.: Security analysis of the SAML single sign on browser/artefact profile. In: Proc. 19th Annual Computer Security Applications Conference (2003)

    Google Scholar 

  20. Gajek, S., Schwenk, J., Steiner, M., Xuan, C.: Risks of the cardSpace protocol. In: Samarati, P., Yung, M., Martinelli, F., Ardagna, C.A. (eds.) ISC 2009. LNCS, vol. 5735, pp. 278–293. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  21. Chen, X., Gajek, S., Schwenk, J.: On the Insecurity of Microsoft’s Identity Metasystem CardSpace, Horst Görtz Institute for IT-Security, Tech. Rep. 3 (2008)

    Google Scholar 

  22. Bruegger, B.P., Hühnlein, D., Schwenk, J.: TLS Federation A secure and Relying-Party-friendly approach for Federated Identity Management. In: Proceedings of BIOSIG: Biometrics and Electronic Signatures. LNI, vol. 137, pp. 93–104 (2008)

    Google Scholar 

  23. Scavo, T.: SAML V2.0 Holder-of-Key Assertion Profile, Working Draft 09, http://www.oasis-open.org/apps/org/workgroup/security/download.php/30782/sstc-saml2-holder-of-key-draft-09.pdf

  24. Gajek, S., Jager, T., Manulis, M., Schwenk, J.: A browser-based kerberos authentication scheme. In: Jajodia, S., Lopez, J. (eds.) ESORICS 2008. LNCS, vol. 5283, pp. 115–129. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  25. Schwenk, J., Liao, L., Gajek, S.: Stronger Bindings for SAML Assertions and SAML Artifacts. In: Proceedings of the 5th ACM CCS Workshop on Secure Web Services (SWS 2008). ACM Press, New York (2008)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. School of Information Technology and Engineering, VIT University, Vellore, 632 014, Tamil Nadu, India

    L. D. Dhinesh Babu, A. Mohammed Zayan & Vijayant Panda

  2. School of Computing Science Engineering, VIT University, Vellore, 632 014, Tamil Nadu, India

    P. Venkata Krishna

Authors
  1. L. D. Dhinesh Babu
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. P. Venkata Krishna
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. A. Mohammed Zayan
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Vijayant Panda
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Iowa State University and IIT Bombay, India, 329 Durham, Ames, IA 5001, Iowa, USA

    Srinivas Aluru

  2. Indian Statistical Institute, 203 B.T. Road, 700 108, Kolkata, West Bengal, India

    Sanghamitra Bandyopadhyay

  3. The Ohio State University, 3190 Graves Hall, 333 W 10th Ave, 43210, Columbus, OH, USA

    Umit V. Catalyurek

  4. Department of Computing Science, Chalmers University, Rännvagen 6B, 412 96, Göteborg, Sweden

    Devdatt P. Dubhashi

  5. Dept. of Electrical and Computer Engineering, Iowa State University, 329 Durham, IA 50011, Ames, USA

    Phillip H. Jones

  6. TASSL, Dept. of Electrical & Computer Engineering, Rutgers, The State University of New Jersey, Brett Road, NJ 08854-8058, Piscataway, USA

    Manish Parashar

  7. School of Computer Engineering, Nanyang Technological University, N4-02a-32 Nanyang Ave, 639798, Singapore

    Bertil Schmidt

Rights and permissions

Reprints and permissions

Copyright information

© 2011 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Babu, L.D.D., Krishna, P.V., Zayan, A.M., Panda, V. (2011). An Analysis of Security Related Issues in Cloud Computing. In: Aluru, S., et al. Contemporary Computing. IC3 2011. Communications in Computer and Information Science, vol 168. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-22606-9_21

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-22606-9_21

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-22605-2

  • Online ISBN: 978-3-642-22606-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation