Evaluating single sign-on security failure in cloud services

Cusack, Brian; Ghazizadeh, Eghbal

doi:10.1016/j.bushor.2016.08.002

Cited by 10 publications

(14 citation statements)

References 14 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…As the service is provided with the help of the internet there is no need of installing and running the applications on individual systems. The main security threats [3] [7] in this layer are risks in data accessing and web applications services and the solutions to overcome these issues is service level agreement [4], web application scanners between the attributes and classify the same into sub attributes groups are also a notable work by Dromey et al [6].…”

Section: Software As a Servicementioning

confidence: 99%

“…It can build a virtual data center in the cloud which means a collection of cloud resources specifically designed for business needs. Some of the services provided by Iaas are Amazon Web Service (AWS) [7] [12], Microsoft Azure, Cisco Metapod etc. The major security threats that occur in Iaas is in virtualization [3].…”

Section: Infrastructure As a Servicementioning

confidence: 99%

“…Another security threat in virtualization is allocation and deallocation of resources i.e. if the VM [7] operation data is written to the memory and is not cleared before reallocation of memory to next VM, then there is a chance of the data getting exposed to the next VM, but this should not have happened [11] [14]. The solutions for these issues are proper authentication and dynamic security provisioning [4].…”

Section: Infrastructure As a Servicementioning

confidence: 99%

“…LugiCappoliano, Salvatore, GuienniMazero who discuss the problems occurred in Denial of Services and Data Breaches. [7] [12]…”

Section: Literature Surveymentioning

confidence: 99%

“…Public cloud means the data in this type of cloud can be accessed byall the users of the cloud whereas private cloud means the data that can be used by the limited number of the users [11] [12] [14]. The data in the private cloud can be accessed only by the users who are provided the access by the cloud service provider(CSP) [7] [12] [14]. The CSP provides the key to access the private data in the cloud to the users who are eligible to access that data [7] [12].…”

Section: Security Threats Analysis On Cloud Service Layer A) Data Tramentioning

confidence: 99%

See 4 more Smart Citations

Multilevel classification of security threats in cloud computing

Srinivasu¹,

Priyanka²,

Prudhvi³

et al. 2017

IJET

View full text Add to dashboard Cite

Cloud Security was provided for the services such as storage, network, applications and software through internet. The Security was given at each layer (Saas, Paas, and Iaas), in each layer, there are some security threats which became the major problem in cloud computing. In Saas, the security issues are mainly present in Web Application services and this issue can be overcome by web application scanners and service level agreement(SLA). In Paas, the major problem is Data Transmission. During transmission of data, some data may be lost or modified. The PaaS environment accomplishes proficiency to some extent through duplication of information. The duplication of information makes high accessibility of information for engineers and clients. However, data is never fully deleted instead the pointers to the data are deleted. In order to overcome this problem the techniques that used are encryption [12], data backup. In Iaas the security threat that occurs in is virtualization and the techniques that are used to overcome the threats are Dynamic Security Provisioning(DSC), operational security procedure, for which Cloud Software is available in the market, for e.g. Eucalyptus, Nimbus 6.

show abstract

Section: Software As a Servicementioning

confidence: 99%

Section: Infrastructure As a Servicementioning

confidence: 99%

Section: Infrastructure As a Servicementioning

confidence: 99%

“…LugiCappoliano, Salvatore, GuienniMazero who discuss the problems occurred in Denial of Services and Data Breaches. [7] [12]…”

Section: Literature Surveymentioning

confidence: 99%

Section: Security Threats Analysis On Cloud Service Layer A) Data Tramentioning

confidence: 99%

See 3 more Smart Citations

Multilevel classification of security threats in cloud computing

Srinivasu¹,

Priyanka²,

Prudhvi³

et al. 2017

IJET

View full text Add to dashboard Cite

show abstract

Recent trends in applying TPM to cloud computing

Hosseinzadeh

Sequeiros

Inácio

et al. 2019

Security and Privacy

View full text Add to dashboard Cite

Trusted platform modules (TPM) have become important safe‐guards against variety of software‐based attacks. By providing a limited set of cryptographic services through a well‐defined interface, separated from the software itself, TPM can serve as a root of trust and as a building block for higher‐level security measures. This article surveys the literature for applications of TPM in the cloud‐computing environment, with publication dates comprised between 2013 and 2018. It identifies the current trends and objectives of this technology in the cloud, and the type of threats that it mitigates. Toward the end, the main research gaps are pinpointed and discussed. Since integrity measurement is one of the main usages of TPM, special attention is paid to the assessment of run time phases and software layers it is applied to.

show abstract

Cybersecurity: Risk management framework and investment cost analysis

Lee

2021

Business Horizons

View full text Add to dashboard Cite

Evaluating single sign-on security failure in cloud services

Abstract: The

Cited by 10 publications

References 14 publications

Multilevel classification of security threats in cloud computing

Multilevel classification of security threats in cloud computing

Recent trends in applying TPM to cloud computing

Cybersecurity: Risk management framework and investment cost analysis

Contact Info

Product

Resources

About