The Community for Technology Leaders
RSS Icon
Subscribe
Issue No.01 - January/February (2010 vol.8)
pp: 77-80
Trent Jaeger , The Pennsylvania State University
Joshua Schiffman , The Pennsylvania State University
ABSTRACT
Cloud computing presents an opportunity to offload computing to third party resources, but this business model isn't without security risks. Customers must determine if running their computing on a base system managed by a third party is better than running on their own systems. They must be convinced that running in the same data center as their competitors or adversaries is safe, and they are still responsible for complex security configuration. Despite these concerns, cloud vendors can also leverage the cloud architecture to improve security by building verifiable base systems, designing integrity-protected cloud services, and limiting security configuration complexity. Thus, while the cloud architecture provides security challenges, there are also opportunities to ease the security configuration burden on customers.
INDEX TERMS
cloud computing, access control, network security
CITATION
Trent Jaeger, Joshua Schiffman, "Outlook: Cloudy with a Chance of Security Challenges and Improvements", IEEE Security & Privacy, vol.8, no. 1, pp. 77-80, January/February 2010, doi:10.1109/MSP.2010.45
REFERENCES
1. R. Ta-Min, L. Litty, and D. Lie, "Splitting Interfaces: Making Trust Between Applications and Operating Systems Configurable," Proc. 7th Symp. Operating Systems Design and Implementation (OSDI 06), Usenix Assoc., 2006, pp. 279–292.
2. X. Chen et al., "Overshadow: A Virtualization-Based Approach to Retrofitting Protection in Commodity Operating Systems," Proc. 13th Int'l Conf. Architectural Support for Programming Languages and Operating Systems (ASPLOS XIII), ACM Press, 2008, pp. 2–13.
3. T. Ristenpart et al., "Hey, You, Get Off of My Cloud: Exploring Information Leakage in Third-Party Compute Clouds," Proc. 16th ACM Conf. Computer and Communications Security, ACM Press, 2009, pp. 199–212.
4. G. Klein et al., "seL4: Formal Verification of an OS Kernel," Proc. ACM SIGOPS 22nd Symp. Operating Systems Principles (SOSP 09), ACM Press, 2009, pp. 207–220.
5. D.D. Clark and D.R. Wilson, "A Comparison of Commercial and Military Computer Security Policies," Proc. IEEE Symp. Security and Privacy, IEEE Press, 1987, pp. 184–194.
657 ms
(Ver 2.0)

Marketing Automation Platform Marketing Automation Tool