A survey on security issues and solutions at different layers of Cloud computing

Abbasy MR, Shanmugam B (2011) Enabling data hiding for resource sharing in cloud computing environments based on dna sequences. In: Proceedings of the 2011 IEEE world congress on services, SERVICES’11, pp 385–390 Aws management console. Amazon web services. http://aws.amazon.com/console/ Bahram S, Jiang X, Wang Z, Grace M (2010) Dksm: subverting virtual machine introspection for fun and profit. In: Proceedings of the 29th IEEE international symposium on reliable distributed systems Bakshi A, Dujodwala YB (2010) Securing cloud from ddos attacks using intrusion detection system in virtual machine. In: Proceedings of the 2010 second international conference on communication software and networks, ICCSN’10, pp 260–264 Balachandra KR, Ramakrishna VP, Rakshit A (2009) Cloud security issues. In: Proceedings of the 2009 IEEE international conference on services computing, SCC’09, pp 517–520 Bethencourt J, Sahai A, Waters B (2007) Ciphertext-policy attribute-based encryption. In: Proceedings of the 28th IEEE symposium on security and privacy, pp 1–6 Celesti A, Tusa F, Villari M, Puliafito A (2010) Security and cloud computing: intercloud identity management infrastructure. In: WETICE, pp 263–265 Chandramouli R, Mell P (2010) State of security readiness. Crossroads 16(3):23–25 Cloud computing comparison guide. Web hosting unleashed. http://www.webhostingunleashed.com/whitepaper/cloud-computing-comparison/ Comparison guide: Cloud computing. Focus research. http://www.focus.com/research/comparison-guide-cloud-computing/ Compliance home. Website (2011) http://www.compliancehome.com/ Diallo MH, Hore B, Chang EC, Mehrotra S, Venkatasubramanian N (2012) Cloudprotect: managing data privacy in cloud applications. In: IEEE CLOUD Du J, Wei W, Gu X, Yu T (2009) Toward secure dataflow processing in open distributed systems. In: Proc of ACM scalable trusted computing workshop (STC) Durkee D (2010) Why cloud computing will never be free. Commun ACM 53(5):62–69 Echeverría V, Liebrock LM, Shin D (2010) Permission management system: permission as a service in cloud computing. In: COMPSAC workshops, pp 371–375 Ei Ei Mon TTN (2011) The privacy-aware access control system using attribute-and role-based access control in private cloud. In: 4th IEEE international conference on broadband network and multimedia technology (IC-BNMT), pp 447–451 Ferguson T (2009) Salesforce.com outage hits thousands of businesses. http://www.ludcastle.co.uk/business_resources/Clouded~%20in% Garnkel T, Rosenblum M (2003) A virtual machine introspection based architecture for intrusion detection. In: Proc net and distributed sys sec symp Gens F (2009) New idc it cloud services survey: top benefits and challenges. http://blogs.idc.com/ie/?p=730 Halton W (2010) Security issues and solutions in cloud computing. http://wolfhalton.info/2010/06/25/security-issues-and-solutions-in-cloud-computing/ Hu L, Ying S, Jia X, Zhao K Towards an approach of semantic access control for cloud computing. In: Proceedings of the 1st international conference on cloud computing, pp 145–156 Huang X, Zhang T, Hou Y (2009) Id management among clouds. In: First international conference on future information networks, ICFIN2009, pp 237–241 Jager T, Somorovsky J (2011) How to break xml encryption. In: ACM conference on computer and communications security, pp 413–422. http://dblp.uni-trier.de/db/conf/ccs/ccs2011.html#JagerJ11 Jensen M, Schwenk JO, Gruschka N, Iacono LL (2009) On technical security issues in cloud computing. In: IEEE international conference on cloud computing, CLOUD-II 2009, pp 109–116 Khorshed MT, Ali ABMS, Wasimi SA (2011) Monitoring insiders activities in cloud computing using rule based learning. In: Proceedings of the 2011 IEEE 10th international conference on trust, security and privacy in computing and communications, TRUSTCOM’11, pp 757–764 King S, Chen P, Wang YM (2006) Subvirt: implementing malware with virtual machines. In: 2006 IEEE symposium on security and privacy, pp 314–327 Kirby G, Deale A, Macdonald A, Fernandes A (2010) An approach to ad hoc cloud computing. http://arxiv.org/abs/1002.4738v1 Leu FY, Lin JC, Li MC, Yang CT, Shih PC (2005) Integrating grid with intrusion detection. In: Proceedings of the 19th international conference on advanced information networking and applications, AINA’05, vol 1, pp 304–309 Lin D, Squicciarini A (2010) Data protection models for service provisioning in the cloud. In: Proceeding of the ACM symposium on access control models and technologies, SACMAT’10 Lo CC, Huang C, Ku J (2010) A cooperative intrusion detection system framework for cloud computing networks. In: Proceedings of the 2010 39th international conference on parallel processing workshops, ICPPW’10, pp 280–284 Lombardi F, Pietro RD (2010) Transparent security for cloud. In: Proceedings of the 2010 ACM symposium on applied computing, pp 414–415 Mazzariello C, Bifulco R, Canonoco R (2010) Integrating a network ids into an open source cloud computing. In: Sixth international conference on information assurance and security (IAS), pp 265–270 Mell P, Grance T (2011) The nist definition of cloud computing (draft). http://csrc.nist.gov/publications/drafts/800–145/Draft-SP-800-145_cloud-definition.pdf Metz C (2009) Ddos attack rains down on Amazon cloud. http://www.theregister.co.uk/2009/10/05/amazon_bitbucket_outage/ Metz C (2011) Amazon outage spans clouds ‘insulated’ from each other. http://www.theregister.co.uk/2011/04/21/amazon_web_services_outages_spans_zones/ from each other Modi C, Patel D, Borisaniya B, Patel H, Patel A, Rajarajan M (2012) A survey of intrusion detection techniques in cloud. J Netw Comput Appl. doi:10.1016/j.jnca.2012.05.003 Morizumi T, Suzuki K, Kinoshita H (2009) Transparent security for cloud system for search, access restriction, and agents in the clouds. In: Proceedings of the 2009 ninth annual international symposium on applications and the Internet, pp 201–204 Mowbray M, Pearson S (2009) A client-based privacy manager for cloud computing. In: Proceedings of the fourth international ICST conference on communication system softWAre and middleware, COMSWARE’09, pp 1–8 Naruchitparames J, Günes MH (2011) Enhancing data privacy and integrity in the cloud. In: HPCS, pp 427–434 National vulnerability database version 2.2. NIST. http://web.nvd.nist.gov/view/vuln/search-results?query=virtual&search%_type=all&cves=on Pauli D (2011) Amazon’s ec2, eucalyptus vulnerability discovered. http://www.crn.com.au/News/278387,amazons-ec2-eucalyptus-vulnerability-discovered.aspx Ponemon (2011) Security of cloud computing providers study. http://www.ca.com/~/media/Files/IndustryResearch/security-of-cloud-computing-providers-final-april-2011.pdf Ranchal R, Bhargava B, Othmane LB, Lilien L, Kim A, Kang M, Linderman M (2010) Protection of identity information in cloud computing without trusted third party. In: Proceedings of the 2010 29th IEEE symposium on reliable distributed systems, SRDS’10, pp 368–372 Raykova M, Zhao H, Bellovin SM (2012) Privacy enhanced access control for outsourced data sharing. In: Financial cryptography and data security Rimal BP, Choi E, Lumb I (2009) A taxonomy and survey of cloud computing systems. In: NCM’09: proceedings of the 2009 fifth international joint conference on INC, IMS and IDC, pp 44–51 Rutkowska J (2006) Subverting vistatm kernel for fun and profit. In: BlackHat conference Rutkowska J (2007) Security challenges in virtualized environments. http://bluepillproject.org Salmon J (2008) Clouded in uncertainty—the legal pitfalls of cloud computing. http://www.ludcastle.co.uk/business_resources/Clouded~%20in% Sandar SV, Shenai S (2012) Economic denial of sustainability (edos) in cloud services using http and xml based ddos attacks. Int J Comput Appl 41(20):11–16 Sanka S, Hota C, Rajarajan M (2010) Secure data access in cloud computing. In: IEEE 4th international conference on Internet multimedia services architecture and application (IMSAA), pp 1–6 Security guidance for critical areas of focus in cloud computing V3.0. Cloud Security Alliance (2011) http://cloudsecurityalliance.org/guidance/csaguide.v3.0.pdf Security threats. Microsoft. http://technet.microsoft.com/en-us/library/cc723507.aspx Slamanig D (2012) Dynamic accumulator based discretionary access control for outsourced storage with unlinkable access, pp 215–222 Software as a service-Wikipedia. Wikipedia. http://en.wikipedia.org/wiki/Software_as_a_service Somorovsky J, Heiderich M, Jensen M, Schwenk J, Gruschka N, Iacono LL (2011) All your clouds are belong to us—security analysis of cloud management interfaces. In: ACM workshop on Cloud computing security Sourya (2011) Should you be concerned? A list of recent cloud computing failures—intuit goes down. http://www.cloudtweaks.com/2011/06/should-you-be-concerned-a-list-of-recent-cloud-computing-failures Sripanidkulchai K, Sahu S, Ruan Y, Shaikh A, Dorai C (2010) Are clouds ready for large distributed applications. SIGOPS Oper Syst Rev 44(2):18–23 Stolfo SJ, Salem MB, Keromytis AD (2012) Fog computing: mitigating insider data theft attacks in the cloud. In: 2012 IEEE symposium on security and privacy workshops. IEEE Press, New York, pp 125–128 Subashini S, Kavitha V (2011) A survey on security issues in service delivery models of cloud computing. J Netw Comput Appl 34:1–11 Tian X, Wang X, Zhou A (2009) Dsp reencryption: a flexible mechanism for access control enforcement management in daas. In: Proc CLOUD’09, SACMAT’10, pp 25–32 Top 7 threats to cloud computing. HELP NET SECURITY. http://www.net-security.org/secworld.php?id=8943 Volokyta A (2012) Secure virtualization in cloud computing. In: 2012 international conference on modern problems of radio engineering telecommunications and computer science (TCSET), p 395 Vulnerability in windows server 2008 hyper-v could allow denial of service (977894). Microsoft security bulletin MS10-010—Important (2010) http://www.microsoft.com/technet/security/bulletin/ms11–047.mspx Wang W, Li Z, Owens R, Bhargava B (2007) Secure and efficient access to outsourced data. In: ACM cloud computing security workshop (CCSW), pp 63–69 Wang Q, Wang K, Ren W (2009) Low: ensuring data storage security in cloud computing. In: Proc of IWQoS 2009 Wang YJ, Zhao SJ, Le J (2009) Providing privacy preserving in cloud computing. In: International conference on test and measurement, vol 2, pp 213–216 Wang B, Li B, Li H (2012) Oruta: Privacy-preserving public auditing for shared data in the cloud. In: IEEE CLOUD Wei J, Zhang X, Ammons G, Bala V, Ning P (2009) Managing security of virtual machine images in a cloud environment. In: Proceedings of the 2009 ACM workshop on cloud computing security, CCSW’09, pp 91–96 What cloud computing really means. InfoWorld. http://www.infoworld.com/d/cloud-computing/what-cloud-computing-really-means-031?page=0,0 Xarp 2.2.2. filecluster. http://www.filecluster.com/Network-Tools/Network-Monitoring/Download-XArp.html Yan L, Rong C, Zhao G (2009) Strengthen cloud computing security with federal identity management using hierarchical identity-based cryptography. In: Proceedings of the 1st international conference on cloud computing, CloudCom’09, pp 167–177 Zunnurhain K, Vrbsky S (2010) Security attacks and solutions in clouds. In: Proceedings of the 1st international conference on cloud computing, pp 145–156