The Community for Technology Leaders
RSS Icon
Subscribe
Issue No.06 - November/December (2010 vol.8)
pp: 24-31
Hassan Takabi , University of Pittsburgh
James B.D. Joshi , University of Pittsburgh
Gail-Joon Ahn , Arizona State University
ABSTRACT
The cloud computing paradigm is still evolving, but has recently gained tremendous momentum. However, security and privacy issues pose as the key roadblock to its fast adoption. In this article, the authors present security and privacy challenges that are exacerbated by the unique aspects of clouds and show how they're related to various delivery and deployment models. They discuss various approaches to address these challenges, existing solutions, and future work needed to provide a trustworthy cloud computing environment.
INDEX TERMS
security, privacy, cloud computing
CITATION
Hassan Takabi, James B.D. Joshi, Gail-Joon Ahn, "Security and Privacy Challenges in Cloud Computing Environments", IEEE Security & Privacy, vol.8, no. 6, pp. 24-31, November/December 2010, doi:10.1109/MSP.2010.186
REFERENCES
1. Cloud Security Alliance, "Security Guidance for Critical Areas of Focus in Cloud Computing V2.1," http://www.cloudsecurityalliance.orgcsaguide.pdf .
2. D. Catteddu and G. Hogben, "Cloud Computing: Benefits, Risks and Recommendations for Information Security," ENISA, 2009; www.enisa.europa.eu/act/rm/files/deliverables/ cloud-computing-risk-assessment/at_download fullReport.
3. P.J. Bruening and B.C. Treacy, "Cloud Computing: Privacy, Security Challenges," Bureau of Nat'l Affairs, 2009; www.hunton.com/files/tbl_s47Details/FileUpload265/ 2488CloudComputing_Bruening-Treacy.pdf .
4. H. Takabi, J.B.D. Joshi, and G.-J. Ahn, "SecureCloud: Towards a Comprehensive Security Framework for Cloud Computing Environments," Proc. 1st IEEE Int'l Workshop Emerging Applications for Cloud Computing (CloudApp 2010), IEEE CS Press, 2010, pp. 393–398.
5. Y. Chen, V. Paxson, and R.H. Katz, "What's New About Cloud Computing Security?" tech. report UCB/EECS-2010-5, EECS Dept., Univ. of California, Berkeley, 2010; www.eecs.berkeley.edu/Pubs/TechRpts/2010 EECS-2010-5.html.
6. E. Bertino, F. Paci, and R. Ferrini, "Privacy–Preserving Digital Identity Management for Cloud Computing," IEEE Computer Society Data Engineering Bulletin, Mar. 2009, pp. 1–4.
7. M. Ko, G.-J. Ahn, and M. Shehab, "Privacy-Enhanced User-Centric Identity Management," Proc. IEEE Int'l Conf. Communications, IEEE Press, 2009, pp. 998–1002.
8. J. Joshi et al., "Access Control Language for Multidomain Environments," IEEE Internet Computing, vol. 8, no. 6, 2004, pp. 40–50.
9. M. Blaze et al., "Dynamic Trust Management," Computer, vol. 42, no. 2, 2009, pp. 44–52.
10. Y. Zhang and J. Joshi, "Access Control and Trust Management for Emerging Multidomain Environments," Annals of Emerging Research in Information Assurance, Security and Privacy Services, S. Upadhyaya, and R.O. Rao eds., Emerald Group Publishing, 2009, pp. 421–452.
11. D. Shin, and G.-J. Ahn, "Role-Based Privilege and Trust Management," Computer Systems Science & Eng. J., vol. 20, no. 6, 2005, pp. 401–410.
12. H. Takabi and J. Joshi, "StateMiner: An Efficient Similarity-Based Approach for Optimal Mining of Role Hierarchy," Proc. 15th ACM Symp. Access Control Models and Technologies, ACM Press, 2010, pp. 55–64.
13. G.-J. Ahn, H. Hu, and J. Jin, "Security-Enhanced OSGi Service Environments," IEEE Trans. Systems, Man, and Cybernetics-Part C: Applications and Reviews, vol. 39, no. 5, 2009, pp. 562–571.
14. L. Teo and G.-J. Ahn, "Managing Heterogeneous Network Environments Using an Extensible Policy Framework," Proc. Asian ACM Symp. Information, Computer and Communications Security, ACM Press, 2007, pp. 362–364.
15. H. Takabi et al., "An Architecture for Specification and Enforcement of Temporal Access Control Constraints using OWL," Proc. 2009 ACM Workshop on Secure Web Services, ACM Press, 2009, pp. 21–28.
364 ms
(Ver 2.0)

Marketing Automation Platform Marketing Automation Tool