乐胖代购免代理版

{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2023,3,22]],"date-time":"2023-03-22T22:26:44Z","timestamp":1679524004439},"reference-count":19,"publisher":"IGI Global","issue":"2","content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2011,4,1]]},"abstract":"

Information security is a key challenge in the Cloud because the data will be virtualized across different host machines, hosted on the Web. Cloud provides a channel to the service or platform in which it operates. However, the owners of data will be worried because their data and software are not under their control. In addition, the data owner may not recognize where data is geographically located at any particular time. So there is still a question mark over how data will be more secure if the owner does not control its data and software. Indeed, due to shortage of control over the Cloud infrastructure, use of ad-hoc security tools is not sufficient to protect the data in the Cloud; this paper discusses this security. Furthermore, a vision and strategy is proposed to mitigate or avoid the security threats in the Cloud. This broad vision is based on software engineering principles to secure the Cloud applications and services. In this vision, security is built into all phases of Service Development Life Cycle (SDLC), Platform Development Life Cycle (PDLC) or Infrastructure Development Life Cycle (IDLC).<\/p>","DOI":"10.4018\/ijcac.2011040105","type":"journal-article","created":{"date-parts":[[2011,10,19]],"date-time":"2011-10-19T16:07:18Z","timestamp":1319040438000},"page":"64-70","source":"Crossref","is-referenced-by-count":76,"title":["Cloud Security Engineering"],"prefix":"10.4018","volume":"1","author":[{"ORCID":"http:\/\/orcid.org\/0000-0001-5748-4921","authenticated-orcid":true,"given":"Shadi","family":"Aljawarneh","sequence":"first","affiliation":[{"name":"Isra University, Jordan"}]}],"member":"2432","reference":[{"key":"ijcac.2011040105-0","doi-asserted-by":"crossref","unstructured":"Aljawarneh, S. (2011). A web engineering security methodology for e-learning systems. Network Security Journal, 2011(3), 12-16.","DOI":"10.1016\/S1353-4858(11)70026-5"},{"key":"ijcac.2011040105-1","unstructured":"Amazon. (2010). Amazon web services: Overview of security processes. Retrieved from awsmedia.s3.amazonaws.com\/pdf\/AWS_Security_Whitepaper.pdf"},{"key":"ijcac.2011040105-2","unstructured":"Arthur, C. (2010). Google's ChromeOS means losing control of data, warns GNU founder Richard Stallman. Retrieved from http:\/\/www.guardian.co.uk\/technology\/blog\/2010\/dec\/14\/chrome-os-richard-stallman-warning"},{"key":"ijcac.2011040105-3","unstructured":"Bono, S. C., Green, M., Stubblefield, A., Juels, A., Rubin, A. D., & Szydlo, M. (2005). Security analysis of a cryptographically-enabled RFID device. In Proceedings of the 14th Conference on USENIX Security, Berkeley, CA."},{"key":"ijcac.2011040105-4","author":"D. M.Cappelli","year":"2006","journal-title":"Insider threats in the SLDC: Lessons learned from actual incidents of fraud: Theft of sensitive information, and IT sabotage"},{"key":"ijcac.2011040105-5","doi-asserted-by":"crossref","unstructured":"C\u00e1rdenas, R. G., & Sanchez, E. (2005). Security challenges of distributed e-learning systems. In F. F. Ramos, V. A. Rosillo, & H. Unger (Eds.), Proceedings of the 5th International School and Symposium on Advanced Distributed Systems (LNCS 3563, pp. 538-544).","DOI":"10.1007\/11533962_49"},{"key":"ijcac.2011040105-6","doi-asserted-by":"crossref","unstructured":"Chow, R., Golle, P., Jakobsson, M., Shi, E., Staddon, J., Masuoka, R., et al. (2009). Controlling data in the cloud: Outsourcing computation without outsourcing control. In Proceedings of the ACM Workshop on Cloud Computing Security (pp. 85-90). New York, NY: ACM Press.","DOI":"10.1145\/1655008.1655020"},{"key":"ijcac.2011040105-7","unstructured":"CPNI. (2010). Information security briefing 01\/2010 cloud computing. Retrieved from www.cpni.gov.uk\/Documents"},{"key":"ijcac.2011040105-8","doi-asserted-by":"crossref","unstructured":"Gehling, B., & Stankard, D. (2005). eCommerce security. In Proceedings of the Information Security Curriculum Development Conference, Kennesaw, GA (pp. 32-37). New York, NY: ACM Press.","DOI":"10.1145\/1107622.1107631"},{"key":"ijcac.2011040105-9","unstructured":"Glisson, W., & Welland, R. (2005). Web development evolution: The assimilation of web engineering security. In Proceedings of the Third Latin American Web Congress (p. 49). Washington, DC: IEEE Computer Society."},{"key":"ijcac.2011040105-10","unstructured":"Google. (2011b).Google trends: private cloud, public cloud. Retrieved from http:\/\/www.google.de\/trends?q=private+cloud%2C+public+cloud"},{"key":"ijcac.2011040105-11","unstructured":"Marchany, R. (2010). Cloud computing security issues: VA Tech IT security. Retrieved from http:\/\/www.issa-centralva.org"},{"key":"ijcac.2011040105-12","first-page":"9","author":"G.Mohay","year":"2003","journal-title":"Computer and intrusion forensics"},{"key":"ijcac.2011040105-13","unstructured":"Provos, N., McNamee, D., Mavrommatis, P., Wang, K., & Modadugu, N. (2007). The ghost in the browser analysis of web-based malware. In Proceedings of the RST Conference on First Workshop on Hot Topics in Understanding Botnets, Berkeley, CA (p. 4)."},{"key":"ijcac.2011040105-14","doi-asserted-by":"publisher","DOI":"10.4018\/jcit.2006100103"},{"key":"ijcac.2011040105-15","doi-asserted-by":"crossref","unstructured":"Snodgrass, R. T., Yao, S. S., & Collberg, C. (2004). Tamper detection in audit logs. In Proceedings of the Thirtieth International Conference on Very Large Data Bases (pp. 504-515).","DOI":"10.1016\/B978-012088469-8.50046-2"},{"key":"ijcac.2011040105-16","unstructured":"Taylor, M. (2010). Enterprise architecture \u2013 architectural strategies for cloud computing: Oracle. Retrieved from http:\/\/www.techrepublic.com\/whitepapers\/oracle-white-paper-in-enterprise-architecture-architecture-strategies-for-cloud-computing\/2319999"},{"key":"ijcac.2011040105-17","unstructured":"Trusted Computing Group. (2010). Cloud computing and security \u2013a natural match. Retrieved from http:\/\/www.infosec.co.uk\/"},{"issue":"6","key":"ijcac.2011040105-18","first-page":"840","article-title":"Effective collaboration with information sharing in virtual universities.","volume":"21","author":"H.Wang","year":"2005","journal-title":"IEEE Transactions"}],"container-title":["International Journal of Cloud Applications and Computing"],"original-title":[],"language":"ng","link":[{"URL":"https:\/\/www.igi-global.com\/viewtitle.aspx?TitleId=54720","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,6,1]],"date-time":"2022-06-01T19:01:22Z","timestamp":1654110082000},"score":1,"resource":{"primary":{"URL":"https:\/\/services.igi-global.com\/resolvedoi\/resolve.aspx?doi=10.4018\/ijcac.2011040105"}},"subtitle":["Avoiding Security Threats the Right Way"],"short-title":[],"issued":{"date-parts":[[2011,4,1]]},"references-count":19,"journal-issue":{"issue":"2","published-print":{"date-parts":[[2011,4]]}},"URL":"https:\/\/doi.org\/10.4018\/ijcac.2011040105","relation":{},"ISSN":["2156-1834","2156-1826"],"issn-type":[{"value":"2156-1834","type":"print"},{"value":"2156-1826","type":"electronic"}],"subject":[],"published":{"date-parts":[[2011,4,1]]}}}