Abstract
Cloud computing is a new computing model which uses virtualization technology, distributed computing, parallel computing and other existing technologies to achieve cloud service virtualization and economies of scale, whilst increasingly overwhelming cloud security issues has brought great challenges and concerns to the cloud services providers and cloud users, especially trust and privacy issues with regard to cloud computing and cloud shared storage associated security issues. In the paper, we expound the basic concepts of cloud computing, deployment models, service models and key features, analyze and outline the currently highlighted cloud security issues, report the status quo of cloud computing security, investigate the prevalent and typical cloud computing security problem key solving techniques, and thus render a comprehensive cloud computing security technical reference model, which is composed of associated cloud security solving techniques that result from inevitably multi-faceted cloud security issues. The model is expected to alleviate prominent cloud security issues. This paper generalizes cloud security technology research directions and further development space of cloud security technology and standardization.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Mana, A., Munoz, A., Gonzlez, J.: Dynamic security monitoring for virtualized environments in cloud computing. In: International Workshop on Securing Services on the Cloud, pp. 1–6. IEEE Press (2011)
Dinesh, C.: Secured data consistency and storage way in untrusted cloud using server management algorithm. Technical report 1111.2412, ArXiv e-prints (2011)
Liu, C., Zhang, X., Chen, J., Yang, C.: An authenticated key exchange scheme for efficient security-aware scheduling of scientific applications in cloud computing. In: Ninth International Conference on Dependable, Autonomic and Secure Computing, pp. 372–379. IEEE Press (2011)
Feng, D., Zhang, M., Zhang, Y., Xu, Z.: Cloud computing security research. J. Softw. 22, 71–82 (2011)
Doelitzscher, F., Reich, C., Knahl, M., Passfall, A., Clarke, N.: An agent based business aware incident detection system for cloud environments. J. Cloud Comput. 1(1), 1–19 (2012)
Vidhisha, G., Surekha, C., Rayudu, S.S., Seshadri, U.: Preserving privacy for secure and outsourcing for linear programming in cloud computing. Technical report 1211.1457, ArXiv e-prints (2012)
Zhao, G., Rong, C., Jaatun, M.G., Sandnes, F.E.: Deployment models-towards eliminating security concerns from cloud computing. In: International Conference on High Performance Computing and Simulation, pp. 189–195. IEEE Press (2010)
Dinesha, H.A., Agrawal, D.V.: Multi-dimensional password generation technique for accessing cloud services. Int. J. Cloud Comput.: Serv. Archit. 2(3), 31–39 (2012)
Alsafi, H.M., Abduallah, W.M., Pathan, A.S.K.: IDPS: an integrated intrusion handling model for cloud computing environment. Int. J. Comput. Inf. Technol. 4(1), 1–16 (2012)
Wu, H., Ding, Y., Winer, C., Yao, L.: Network security for virtual machine in cloud computing. In: International Conference on Computer Sciences and Convergence Information Technology, pp. 18–21. IEEE Press (2010)
Xu, H., Guo, S., Chen, K.: Building confidential and efficient query services in the cloud with rasp data perturbation. In: IEEE Transactions on Knowledge and Data Engineering (2013)
Gul, I., Islam, M.H.: Cloud computing security auditing. In: The 2nd International Conference on Next Generation Information Technology, pp. 143–148. IEEE Press (2011)
Yang, J., Chen, Z.: Cloud computing research and security issues. In: International Conference on Computational Intelligence and Software Engineering, pp. 1–3. IEEE Press, 2010
Hwang, K., Dongarra, J.J., Fox, G.C.: Distributed and cloud computing. Elsevier/Morgan Kaufmann, Amsterdam, London (2012)
Venkataramana, K., Padmavathamma, M.: A threshold secure data sharing scheme for federated clouds. Technical report 1209.2614, ArXiv e-prints (2012)
Wazed Nafi, K., Shekha Kar, T., Anisul Hoque, S., Hashem, M.M.A.: A newer user authentication, file encryption and distributed server based cloud computing security architecture. Technical report 1303.0598, ArXiv e-prints (2013)
AlZain, M.A., Soh, B., Pardede, E.: MCDB: using multi-clouds to ensure security in cloud computing. In: International Conference on Dependable, Autonomic and Secure Computing, pp. 784–791. IEEE Press (2011)
Gonzalez, N., Miers, C., Redígolo, F., Simplício, M., Carvalho, T., Näslund, M., Pourzandi, M.: A quantitative analysis of current security concerns and solutions for cloud computing. In: Third International Conference on Cloud Computing Technology and Science, pp. 231–238. IEEE Press (2011)
National Institute of Standards & Technology (NIST). http://csrc.nist.gov/groups/SNS/cloudCcomputing/cloud-def-v15.doc
Aswani, P.N., Shekar, K.C.: Fuzzy keyword search over encrypted data using symbol-based Trie-traverse search scheme in cloud computing. Technical report 1211.3682, ArXiv e-prints (2012)
Goyal, P.: Application of a distributed security method to End-2-End services security in independent heterogeneous cloud computing environments. In: Services, pp. 379–384. IEEE Press (2011)
Kumar, P., Sehgal, V., Shah, K., Shukla, S.S.P., Chauhan, D.S.: A novel approach for security in cloud computing using Hidden Markov model and clustering. In: World Congress on Information and Communication Technologies, pp. 810–815. IEEEPress (2011)
Srivastava, P., Singh, S., Pinto, A.A., Verma, S., Chaurasiya, V.K., Gupta, R.: An architecture based on proactive model for security in cloud computing. In: Recent Trends in Information Technology, pp. 661–666. IEEE Press, Chennai (2011)
Syam Kumar, P., Subramanian, R., Thamizh Selvam, D.: Ensuring data storage security in cloud computing using Sobol sequence. In: International Conference on Parallel Distributed and Grid Computing, pp. 217–222. IEEE Press (2010)
Accorsi, R., Lowis, D.I.L., Sato, Y.: Automated certification for compliant cloud-based business processes. Bus. Inf. Syst. Eng. 3(3), 145–154 (2011)
Schwarzkopf, R., Schmidt, M., Strack, C., Martin, S., Freisleben, B.: Increasing virtual machine security in cloud environments. J. Cloud Comput. 1(1), 1–12 (2012)
de Chaves, S.A., Westphall, C.B., Lamin, F.R.: SLA perspective in security management for cloud computing. In: International Conference on Networking and Services, pp. 212–217. IEEE Press (2010)
Luo, S., Lin, Z., Chen, X., Yang, Z., Chen, J.: Virtualization security for cloud computing service. In: International Conference on Cloud and Service Computing, pp. 174–179. IEEE Press (2011)
Pal, S., Khatua, S., Chaki, N., Sanyal, S.: A new trusted and collaborative agent based approach for ensuring cloud security. Technical report 1108.4100, ArXiv e-prints (2011)
Pearson, S., Benameur, A.: Privacy, security and trust issues arising from cloud computing. In: Second International Conference on Cloud Computing Technology and Science, pp. 693–702. IEEE Press (2010)
Ramgovind, S., Eloff, M.M., Smith, E.: The management of security in cloud computing. In: Information Security for South Africa, pp. 1–7. IEEE Press (2010)
Tsai, T.H., Chen, Y.C., Huang, H.C., Huang, P.M., Chou, K.S.: A practical chinese wall security model in cloud computing. In: Asia-Pacific Network Operations and Management Symposium, pp. 1–4. IEEE Press (2011)
Jung, T., Li, X.Y., Wan, Z., Wan, M.: AnonyControl: control cloud data anonymously with multi-authority attribute-based encryption. Technical report 1206.2657, ArXiv e-prints (2012)
Bhraguram, T.M., Sumesh, M.S.: Cyber security information exchange based on data asset de-coupling factor in cloud computing. In: Recent Advances in Intelligent Computational Systems, pp. 89–95. IEEE Press (2011)
Dinh, T.T.A., Wenqiang, W., Datta, A.: City on the sky: extending xacml for flexible, secure data sharing on the cloud. J. Grid Comput. 10(1), 151–172 (2012)
Mazurczyk, W., Szczypiorski, K.: Is cloud computing steganography-proof? In: International Conference on Multimedia Information Networking and Security, pp. 441–442. IEEE Press (2011)
Wang, W.Q., Anh, D.T.T., Lim, H.B., Datta, A.: Cloud and the city: facilitating flexible access control over data-streams. In: Jonker, W., Petković, M. (eds.) SDM 2012. LNCS, vol. 7482, pp. 58–74. Springer, Heidelberg (2012)
Sun, X., Chang, G., Li, F.: A trust management model to enhance security of cloud computing environments. In: Second International Conference on Networking and Distributed Computing, pp. 244–248. IEEE Press (2011)
Acknowledgements
This work is supported by the Natural Science Foundation of Yunnan Province, China, under Grant No. 2010ZC095, and the Natural Science Foundation of Education Department of Yunnan Province, China, under Grant No. 2012Z064.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer International Publishing Switzerland
About this paper
Cite this paper
Yang, Y., Zhao, C., Gao, T. (2015). Cloud Computing: Security Issues Overview and Solving Techniques Investigation. In: Al-Saidi, A., Fleischer, R., Maamar, Z., Rana, O. (eds) Intelligent Cloud Computing. ICC 2014. Lecture Notes in Computer Science(), vol 8993. Springer, Cham. https://doi.org/10.1007/978-3-319-19848-4_10
Download citation
DOI: https://doi.org/10.1007/978-3-319-19848-4_10
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-19847-7
Online ISBN: 978-3-319-19848-4
eBook Packages: Computer ScienceComputer Science (R0)