Addressing cloud computing security issues

Stanoevska-Slabeva, 2010 National Institute of Standards and Technology, The NIST Definition of Cloud Computing, Information Technology Laboratory, 2009. E. Naone, Technology overview, conjuring clouds, MIT Technology Review, July–August, 2009. Merrill Lynch, The cloud wars: $100+ billion at stake, Merrill Lynch, 2008. D. Harris, Why ‘grid’ doesn’t sell, 2008. Reese, 2009 Rajkumar, 2009, Cloud computing and emerging IT platforms: vision, hype, and reality for delivering computing as the 5th utility, Future Generation Computer Systems Artz, 2007, A survey of trust in computer science and the semantic web, Journal of Web Semantics: Science, Services and Agents on the World Wide Web, 10.1016/j.websem.2007.03.002 DoD Computer Security Center, Trusted computer system evaluation criteria, DoD 5200.28-STD, 1985. Nagarajan, 2010, Dynamic trust enhanced security model for trusted platform based, Future Generation Computer Systems International Telecommunication Union, X-509 ∣ ISO/IEC 9594-8, The directory: Public-key and attribute certificate frameworks, ITU, X-Series, 2001. Lekkas, 2003, Establishing and managing trust within the public key infrastructure, Computer Communications, 26, 10.1016/S0140-3664(03)00077-X Giddens, 1991 Tserpes, 2010, Service selection decision support in the Internet of services, vol. 6296, 16 Sherman, 1992, Distributed systems security, Computers & Security, 11, 10.1016/0167-4048(92)90216-E Lekkas, 2002, Quality assured trusted third parties for deploying secure Internet-based healthcare applications, International Journal of Medical Informatics, 10.1016/S1386-5056(02)00006-0 National Institute of Standards and Technology. Guide for mapping types of information and information systems to security categories, NIST 800-60, 2008. Gartner. Assessing the security risks of cloud computing, Gartner, 2008. Cloud Security Alliance. Top threats to cloud computing, Cloud Security Alliance, 2010. Sherman, 1992, Distributed systems security, Computers & Security, 11, 10.1016/0167-4048(92)90216-E Polemi, 1998, Trusted third party services for health care in Europe, Future Generation Computer Systems, 14, 51, 10.1016/S0167-739X(98)00008-9 S. Castell, Code of practice and management guidelines for trusted third party services, INFOSEC Project Report S2101/02, 1993. Commission of the European Community. Green paper on the security of information systems, ver. 4.2.1, 1994. VeriSign. Directories and public—key infrastructure (PKI), Directories and Public—Key Infrastructure, PKI. Alshamsi, 2004, A technical comparison of IPSec and SSL, Cryptology Cloud Identity Summit, Secure the cloud now, Cloud identity summit, Retrieved on 10/11/2010 from: http://www.cloudidentitysummit.com/. Internet 2, Shibboleth [Online] 2007, Retrieved on 10/11/2010 from: http://shibboleth.internet2.edu/. Internet 2, FAQ on SAML and Shibboleth relationship, Shibboleth, Internet 2, 2010. Retrieved on 10/11/2010 from: http://shibboleth.internet2.edu/Shibboleth-SAML-FAQ.html. UK Federation Information Centre, UK federation information centre, 2007. Pfleeger, 2002 B. Lang, I. Foster, F. Siebenlist, R. Ananthakrishnan, T. Freeman, Attribute based access control for grid computing, 2008. Joshi, 2001, Security models for web-based applications, Communications of the ACM, 44, 10.1145/359205.359224