Skip to main content
SpringerLink
Log in

Security analysis model, system architecture and relational model of enterprise cloud services

  • Research Article
  • Published:
International Journal of Automation and Computing Aims and scope Submit manuscript

Abstract

Cloud computing is one of the fastest growing and popular computer technologies, and there are more and more enterprise services based on the cloud computing. In order to save costs, more and more enterprises and their employees have hired the enterprise cloud services, and put much important information in the cloud gradually. Cloud service systems have become the main targets of malicious attacks. However, the cloud computing technologies are still not perfect, and the management and maintenance of enterprise cloud services are more complex compared to traditional network services of cloud computing. So, enterprise cloud services are more likely to encounter some security problems, and the influenced scale of these security problems is broad. But there are few researches on the security of enterprise cloud services. In this paper, we analyze the software as a service (SaaS) enterprise cloud services and introduce the research status of security problems in cloud computing environment. Combining with the analysis of the characteristics and application architecture of SaaS enterprise cloud services, we propose the security problems analysis model, the analysis system architecture and the relational model. Our researches can support further research of the automatic generation of solutions and guide the deployment of security policies of SaaS enterprise cloud services.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  1. K. Chen, W. M. Zheng. Cloud computing: System instances and current research. Journal of Software, vol. 20, no. 5, pp. 1337–1348, 2009. (in Chinese)

    Article  Google Scholar 

  2. L. A. Barroso, J. Dean, U. Hölzle. Web search for a planet: The google cluster architecture. IEEE Micro, vol. 23, no. 2, pp. 22–28, 2003.

    Article  Google Scholar 

  3. J. Dean, S. Ghemawat. MapReduce: A flexible data processing tool. Communications of the ACM, vol. 53, no. 1, pp. 72–77, 2010.

    Article  Google Scholar 

  4. S. Yi, A. Andrzejak, D. Kondo. Monetary cost-aware checkpointing and migration on amazon cloud spot instances. IEEE Transactions on Services Computing, vol. 5, no. 4, pp. 512–524, 2012.

    Article  Google Scholar 

  5. S. Di, D. Kondo, F. Cappello. Characterizing and modeling cloud applications/jobs on a Google data center. The Journal of Supercomputing, vol. 69, no. 1, pp. 139–160, 2014.

    Article  Google Scholar 

  6. F. Chong, G. Carraro. Architecture strategies for catching the long tail, [Online], Available: https://msdn.microsoft.com/en-us/library/aa479069.aspx, April, 2006.

    Google Scholar 

  7. [Online], Available: http://msdn.microsoft.com/zh-cn/architecture/aa479069.aspx, 2006.

  8. Cloud Security Alliance. Security guidance for critical areas of focus in cloud computing (v2.1), [Online], Available: http://www.freebookcentre.net/networkingbooks-download/Security-Guidance-for-Critical-Areas-of-Focus-in-Cloud-Computing.html, 2009.

  9. H. L. Lin, Y. B. Han. Performance management for multitenant Web applications. Chinese Journal of Computers, vol. 33, no. 10, pp. 1881–1895, 2010. (in Chinese)

    Article  Google Scholar 

  10. I. M. Abbadi, A. B. Ruan. Towards trustworthy resource scheduling in clouds. IEEE Transactions on Information Forensics and Security, vol. 8, no. 6, pp. 973–984, 2013.

    Article  Google Scholar 

  11. Q. Liang, Y. Z. Wang, Y. H. Zhang. Resource virtualization model using hybrid-graph representation and converging algorithm for cloud computing. International Journal of Automation and Computing, vol. 10, no. 6, pp. 597–606, 2013.

    Article  Google Scholar 

  12. C. Ro. Modeling and analysis of memory virtualization in cloud computing. Cluster Computing, vol. 18, no. 1, pp. 177–185, 2015.

    Article  Google Scholar 

  13. P. Barham, B. Dragovic, K. Fraser, S. Hand, T. Harris, A. Ho, R. Neugebauer, I. Pratt, A. Warfield. Xen and the art of virtualization. In Proceedings of the 19th ACM Symposium on Operating Systems Principles, ACM, Lake George, USA, pp. 164–177, 2003.

    Google Scholar 

  14. J. H. Che, Y. M. Duan, T. Zhang, J. Fan. Study on the security models and strategies of cloud computing. In Proceedings of International Conference on Power Electronics and Engineering Application, Shenzhen, China, pp. 586–593, 2011.

    Google Scholar 

  15. A. Patel, M. Taghavi, K. Bakhtiyari, J. C. Júnior. An intrusion detection and prevention system in cloud computing: A systematic review. Journal of Network and Computer Applications, vol. 36, no. 1, pp. 25–41, 2013.

    Article  Google Scholar 

  16. K. Lee. Security threats in cloud computing environments. International Journal of Security and its Applications, vol. 6, no. 4, pp. 25–32, 2012.

    Google Scholar 

  17. C. Tan, K. Liu, L. Sun. A design of evaluation method for SaaS in cloud computing. Journal of Industrial Engineering and Management, vol. 6, no. 1, pp. 50–72, 2013.

    Article  Google Scholar 

  18. M. Cusumano. Cloud computing and SaaS as new computing platforms. Communications of the ACM, vol. 53, no. 4, pp. 27–29, 2010.

    Article  Google Scholar 

  19. D. Zissis, D Lekkas. Addressing cloud computing security issues. Future Generation Computer Systems, vol. 28, no. 3, pp. 583–592, 2010.

    Article  Google Scholar 

  20. S. Subashini, V. Kavitha. A survey on security problems in service delivery models of cloud computing. Journal of Network and Computer Applications, vol. 34, no. 1, pp. 1–11, 2010.

    Article  Google Scholar 

  21. S. Mansfield-Devine. Danger in the clouds. Network Security, vol. 2008, no. 12, pp. 9–11, 2008.

    Article  Google Scholar 

  22. P. G. Dorey, A. Leite. Commentary: Cloud computing-A security problem or solution. Information Security Technical Report, vo. 16, no. 3–4, pp. 89–96, 2011.

    Article  Google Scholar 

  23. N. H. Yu, Z. Hao, J. J. Xu, W. M. Zhang, C. Zhang. Review of cloud computing security. Acta Electronica Sinica, vol. 41, no. 2, pp. 371–381, 2013. (in Chinese)

    Google Scholar 

  24. J. Y. Wu, Q. L. Shen, J. L. Zhang, Z. H. Shen, L. D. Ping. Cloud computing: Cloud security to trusted cloud. Journal of Computer Research and Development, vol. 48, no. S1, pp. 229–233, 2011. (in Chinese)

    Google Scholar 

  25. A. Küpçü. Official arbitration with secure cloud storage application. The Computer Journal, vol. 58, no. 4, pp. 831–852, 2015.

    Article  Google Scholar 

  26. Z. Huang, J. B. Chen, Y. S Lin, P. F. You, Y. X. Peng. Minimizing data redundancy for high reliable cloud storage systems. Computer Networks, vol. 81, pp. 164–177, 2015.

    Article  Google Scholar 

  27. W. J. Fan, S. L. Yang, P. Harry, J. Pei. A multi-dimensional trust-aware cloud service selection mechanism based on evidential reasoning approach. International Journal of Automation and Computing, vol. 12, no. 2, pp. 208–219, 2015.

    Article  Google Scholar 

  28. J. L. Rice, V. V. Phoha, P. Robinson. Using mussel-inspired self-organization and account proxies to obfuscate workload ownership and placement in clouds. IEEE Transactions on Information Forensics and Security, vol. 8, no. 6, pp. 963–972, 2013.

    Article  Google Scholar 

  29. A. Chonka, Y. Xiang, W. L. Zhou, A. Bonti. Cloud security defence to protect cloud computing against HTTP-DoS and XML-DoS attacks. Journal of Network and Computer Applications, vol. 34, no. 4, pp. 1097–1107, 2011.

    Article  Google Scholar 

  30. D. Pompili, A. Hajisami, H. Viswanathan. Dynamic provisioning and allocation in Cloud Radio Access Networks (C-RANs). Ad Hoc Networks, vol. 30, pp. 128–143, 2015.

    Article  Google Scholar 

  31. X. X. Yao, H. Liu, H. S. Ning, L. T. Yang, Y. Xiang. Anonymous credential-based access control scheme for clouds. IEEE Cloud Computing, vol. 2, no. 4, pp. 34–43, 2015.

    Article  Google Scholar 

  32. Z. G. Wan, J. E. Liu, R. H. Deng. HASBE: A hierarchical attribute-based solution for flexible and scalable access control in cloud computing. IEEE Transactions on Information Forensics and Security, vol. 7, no. 2, pp. 743–754, 2012.

    Article  Google Scholar 

  33. M. Li, S. C. Yu, Y. Zheng, K. Ren, W. J. Lou. Scalable and secure sharing of personal health records in cloud computing using attribute-based encryption. IEEE Transactions on Parallel and Distributed Systems, vol. 24, no. 1, pp. 131–143, 2013.

    Article  Google Scholar 

  34. S. H. Hung, C. S. Shih, J. P. Shieh, C. P. Lee, Y. H. Huang. Executing mobile applications on the cloud: Framework and problems. Computers and Mathematics with Applications, vol. 63, no. 2, pp. 573–587, 2012.

    Article  Google Scholar 

  35. K. Salah, J. M. Alcaraz Calero, S. Zeadally, S. Al-Mulla, M. Alzaabi. Using cloud computing to implement a security overlay network. IEEE Security & Privacy, vol. 11, no. 1, pp. 44–53, 2013.

    Google Scholar 

  36. J. Arshad, P. Townend, J. Xu. A novel intrusion severity analysis approach for Clouds. Future Generation Computer Systems, vol. 29, no. 1, pp. 416–428, 2013.

    Article  Google Scholar 

  37. D. G. Feng, M. Zhang, Y. Zhang, Z. Xu. Study on cloud computing security. Journal of Software, vol. 22, no. 1, pp. 71–83, 2011. (in Chinese)

    Article  Google Scholar 

  38. Y. Tang, P. P. C. Lee, J. C. S. Lui, R. Perlman. Secure overlay cloud storage with access control and assured deletion. IEEE Transactions on Dependable and Secure Computing, vol. 9, no. 6, pp. 903–916, 2012.

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. College of Computer Science and Technology, Jilin University, Changchun, 130012, China

    Dang-Dang Niu, Lei Liu, Xin Zhang, Shuai Lü & Zhuang Li

  2. Data Center Consolidation (Beijing), Industrial and Commercial Bank of China, Beijing, 100096, China

    Xin Zhang

  3. College of Mathematics, Jilin University, Changchun, 130012, China

    Shuai Lü

  4. Key Laboratory of Symbolic Computation and Knowledge Engineering, Jilin University, Changchun, 130012, China

    Shuai Lü

Authors
  1. Dang-Dang Niu
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Lei Liu
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Xin Zhang
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Shuai Lü
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Zhuang Li
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Shuai Lü.

Additional information

This work was supported by National Natural Science Foundation of China (Nos. 61300049, 61502197 and 61503044), the Specialized Research Fund for the Doctoral Program of Higher Education of China (No. 20120061120059), the China Postdoctoral Science Foundation (No. 2011M500612), the Key Program for Science and Technology Development of Jilin Province of China (No. 20130206052GX), and the Natural Science Research Foundation of Jilin Province of China (Nos. 20140520069JH, 20150101054JC and 20150520058JH).

Recommended by Associate Editor Hongji Yang

Dang-Dang Niu received the M. Sc. degree in computer software and theory from College of Computer Science and Technology, Jilin University, China in 2012. He is currently a Ph. D. degree candidate in College of Computer Science and Technology, Jilin University, China.

His research interests include cloud computing and automated reasoning.

ORCID iD: 0000-0003-1576-1657

Lei Liu received the M. Sc. degree in computer software and theory from College of Computer Science and Technology, Jilin University, China in 1985. He is currently a professor and the Ph. D. supervisor in College of Computer Science and Technology, Jilin University, China. He has published about 180 refereed journal and conference papers. He is a member of CCF.

His research interests include cloud computing and software formalization.

Xin Zhang received the M. Sc. degree in computer software and theory from College of Computer Science and Technology, Jilin University, China in 2011. She is currently a staff in Data Center Consolidation (Beijing), Industrial and Commercial Bank of China.

Her research interests include cloud computing and automated reasoning.

Shuai Lü received the M. Sc. and Ph.D. degrees in computer software and theory from College of Computer Science and Technology, Jilin University, China in 2007 and 2010, respectively. He is currently an associate professor in College of Computer Science and Technology, Jilin University, China. He has published 64 refereed journal and conference papers. He is a senior member of CCF.

His research interests include automated reasoning and cloud computing.

ORCID iD: 0000-0002-8081-4498

Zhuang Li received the M. Sc. degree in software engineering from College of Software, Jilin University, China in 2012. He is currently a Ph. D. degree candidate in College of Computer Science and Technology, Jilin University, China.

His research interests include cloud computing and automated reasoning.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Niu, DD., Liu, L., Zhang, X. et al. Security analysis model, system architecture and relational model of enterprise cloud services. Int. J. Autom. Comput. 13, 574–584 (2016). https://doi.org/10.1007/s11633-016-1014-2

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11633-016-1014-2

Keywords

Search

Navigation