This Article 
   
 Share 
   
 Bibliographic References 
   
 Add to: 
 
Digg
Furl
Spurl
Blink
Simpy
Google
Del.icio.us
Y!MyWeb
 
 Search 
   
The Final Frontier: Confidentiality and Privacy in the Cloud
Sept. 2011 (vol. 44 no. 9)
pp. 44-50
Francisco Rocha, University of Lisbon, Carnegie Mellon University
Salvador Abreu, University of Évora, Portugal
Miguel Correia, Technical University of Lisbon, Portugal
The boundary between the trusted inside and the untrusted outside blurs when a company adopts cloud computing. The organization's applications and data are no longer onsite, fundamentally changing the definition of a malicious insider.

1. Cloud Security Alliance, Top Threats to Cloud Computing, vol. 1, Mar. 2010; https://cloudsecurityalliance.org/topthreats csathreats.v1.0.pdf.
2. E. Grosse et al., "Cloud Computing Roundtable," IEEE Security & Privacy, Nov./Dec. 2010, pp. 17-23.
3. D.G. Murray, G. Milos, and S. Hand, "Improving Xen Security through Disaggregation," Proc. 4th ACM SIGPLAN/SIGOPS Int'l Conf. Virtual Execution Environments (VEE 08), ACM Press, 2008, pp. 151-160.
4. J.M. McCune et al., "TrustVisor: Efficient TCB Reduction and Attestation," Proc. IEEE Symp. Security and Privacy (SSP 10), IEEE CS Press, 2010, pp. 143-158.
5. N. Santos, K.P. Gummadi, and R. Rodrigues, "Towards Trusted Cloud Computing," Proc. 1st Workshop Hot Topics in Cloud Computing (HotCloud 09), Usenix, 2009; www.usenix.org/event/hotcloud09/tech/full_papers santos.pdf.
6. A. Bessani et al., "DepSky: Dependable and Secure Storage in a Cloud-of-Clouds," Proc. European Conf. Computer Systems (EuroSys 11), ACM Press, 2011, pp. 31-46.
7. P. Mell and T. Grance, The NIST Definition of Cloud Computing, Recommendation of the Nat'l Inst. Standards and Technology, 2009; http://csrc.nist.gov/publications/drafts/ 800-145Draft-SP-800-145_cloud-definition.pdf .
8. M. Rosenblum and T. Garfinkel, "Virtual Machine Monitors: Current Technology and Future Trends," Computer, May 2005, pp. 39-47.
9. M. Hanley et al., "An Analysis of Technical Observations in Insider Theft of Intellectual Property Cases," tech. report CMU/SEI-2011-TN-006, Software Eng. Inst., Carnegie Mellon Univ., 2011.
10. F. Rocha and M. Correia, "Lucy in the Sky without Diamonds: Stealing Confidential Data in the Cloud," Proc. 41st Int'l Conf. Dependable Systems and Networks Workshops (DSN 11), IEEE CS Press, 2011, pp. 129-134.
11. Trusted Computing Group, TPM Main Specification, v1.2, rev. 103, 2007; www.trustedcomputinggroup.org/resourcestpm_main_specification .
12. T. Ristenpart et al., "Hey, You, Get Off of My Cloud: Exploring Information Leakage in Third-Party Compute Clouds," Proc. 16th ACM Conf. Computer and Comm. Security (CCS 09), ACM Press, 2009, pp. 199-212.

Index Terms:
Cloud computing, Privacy, Trusted computing, TrustVisor
Citation:
Francisco Rocha, Salvador Abreu, Miguel Correia, "The Final Frontier: Confidentiality and Privacy in the Cloud," Computer, vol. 44, no. 9, pp. 44-50, Sept. 2011, doi:10.1109/MC.2011.223
Usage of this product signifies your acceptance of the Terms of Use.