This Article 
 Bibliographic References 
 Add to: 
The Final Frontier: Confidentiality and Privacy in the Cloud
Sept. 2011 (vol. 44 no. 9)
pp. 44-50
Francisco Rocha, University of Lisbon, Carnegie Mellon University
Salvador Abreu, University of Évora, Portugal
Miguel Correia, Technical University of Lisbon, Portugal
The boundary between the trusted inside and the untrusted outside blurs when a company adopts cloud computing. The organization's applications and data are no longer onsite, fundamentally changing the definition of a malicious insider.

1. Cloud Security Alliance, Top Threats to Cloud Computing, vol. 1, Mar. 2010; csathreats.v1.0.pdf.
2. E. Grosse et al., "Cloud Computing Roundtable," IEEE Security & Privacy, Nov./Dec. 2010, pp. 17-23.
3. D.G. Murray, G. Milos, and S. Hand, "Improving Xen Security through Disaggregation," Proc. 4th ACM SIGPLAN/SIGOPS Int'l Conf. Virtual Execution Environments (VEE 08), ACM Press, 2008, pp. 151-160.
4. J.M. McCune et al., "TrustVisor: Efficient TCB Reduction and Attestation," Proc. IEEE Symp. Security and Privacy (SSP 10), IEEE CS Press, 2010, pp. 143-158.
5. N. Santos, K.P. Gummadi, and R. Rodrigues, "Towards Trusted Cloud Computing," Proc. 1st Workshop Hot Topics in Cloud Computing (HotCloud 09), Usenix, 2009; santos.pdf.
6. A. Bessani et al., "DepSky: Dependable and Secure Storage in a Cloud-of-Clouds," Proc. European Conf. Computer Systems (EuroSys 11), ACM Press, 2011, pp. 31-46.
7. P. Mell and T. Grance, The NIST Definition of Cloud Computing, Recommendation of the Nat'l Inst. Standards and Technology, 2009; 800-145Draft-SP-800-145_cloud-definition.pdf .
8. M. Rosenblum and T. Garfinkel, "Virtual Machine Monitors: Current Technology and Future Trends," Computer, May 2005, pp. 39-47.
9. M. Hanley et al., "An Analysis of Technical Observations in Insider Theft of Intellectual Property Cases," tech. report CMU/SEI-2011-TN-006, Software Eng. Inst., Carnegie Mellon Univ., 2011.
10. F. Rocha and M. Correia, "Lucy in the Sky without Diamonds: Stealing Confidential Data in the Cloud," Proc. 41st Int'l Conf. Dependable Systems and Networks Workshops (DSN 11), IEEE CS Press, 2011, pp. 129-134.
11. Trusted Computing Group, TPM Main Specification, v1.2, rev. 103, 2007; .
12. T. Ristenpart et al., "Hey, You, Get Off of My Cloud: Exploring Information Leakage in Third-Party Compute Clouds," Proc. 16th ACM Conf. Computer and Comm. Security (CCS 09), ACM Press, 2009, pp. 199-212.

Index Terms:
Cloud computing, Privacy, Trusted computing, TrustVisor
Francisco Rocha, Salvador Abreu, Miguel Correia, "The Final Frontier: Confidentiality and Privacy in the Cloud," Computer, vol. 44, no. 9, pp. 44-50, Sept. 2011, doi:10.1109/MC.2011.223
Usage of this product signifies your acceptance of the Terms of Use.