Multilevel classification of security concerns in cloud computing

Hussain, Syed Asad; Fatima, Mehwish; Saeed, Atif; Raza, Imran; Shahzad, Raja Khurram

doi:10.1016/j.aci.2016.03.001

Cited by 80 publications

(20 citation statements)

References 3 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…In the same manner, it is also vital cloud subscribers knows the security measures employed by their chosen CSP in combating the Confidentiality Intergrity Availability (CIA) security traits (Shah and Anandane, 2013). As the cloud subscriber/tenant usually have no physical control over cloud infrastructure in most cloud setup, contract agreements, service level agreements (SLA's) and providers documentation become vital in managing risks than in a traditional enterprise owned hosting environment (Hussain et. al., 2017).…”

Section: Literature Reviewmentioning

confidence: 99%

A Proposed New Framework for Securing Cloud Data on Multiple Infrastructures using Erasure Coding, Dispersal Technique and Encryption

Twum¹,

Hayfron-Acquah²,

Panford³

2019

IJCA

View full text Add to dashboard Cite

show abstract

Section: Literature Reviewmentioning

confidence: 99%

A Proposed New Framework for Securing Cloud Data on Multiple Infrastructures using Erasure Coding, Dispersal Technique and Encryption

Twum¹,

Hayfron-Acquah²,

Panford³

2019

IJCA

View full text Add to dashboard Cite

show abstract

“…Two policies of enforcement method providing reliable data by encompassing the chain of trust to map-reduce application. Similarly, security disputes in Software-as-a-Service (SaaS) layer are classified as two as attack on development tool and attack on the management tool [10]. Security attacks are on the development tool, on the Application Programming Interface (API) and attack on the publisher.…”

Section: Related Workmentioning

confidence: 99%

Complications in Infrastructure as a Service Layer of Cloud and its Solution

2019

IJRTE

View full text Add to dashboard Cite

Cloud computing shows a vibrant role in existing scenario and the enactment of infrastructure as a service is perilous because of its discrepancy in the area. The cloud users have increased hastily, and the accessibility of resources for the users are less. Infrastructure as a service (IaaS) mentions the particulars of infrastructure like physical computing resources such as stowage, compute, and networking services. IaaS- cloud providers underwrite these resources based on their necessity from their vast content of resources presents any where all over the universe. Observing of these resources continually is precarious. For monitoring the availability of resources and notifying to the users about the resources is one of the challenges taken in Iaas layer is Service Level Agreement (SLA) and provided with a solution. The foremost objective of the scheduling algorithms in a cloud environment is to exploit the resources proficiently while balancing the load between resources, to get the least possible execution time. Hence, rank based task scheduling algorithm is proposed to utilize the resources efficiently and perform high performance. A simulation result gives the Quality of Service (QoS) Parameters such as length (size), CPU, throughput, and bandwidth.

show abstract

“…We believe that a combination of these approaches makes it possible to redirect target VM network traffic at run-time. Even encrypted network traffic, if successfully intercepted, may be readily decrypted [20] using third-party tools such as aircrack [10]. The decrypted traffic of the target VM can be used for further analysis to predict its activity, and compromise privacy.…”

Section: B Proposed Attack Vectormentioning

confidence: 99%

A Cross-Virtual Machine Network Channel Attack via Mirroring and TAP Impersonation

Saeed

Garraghan

Craggs

et al. 2018

2018 IEEE 11th International Conference on Cloud Computing (CLOUD)

Self Cite

View full text Add to dashboard Cite

Data privacy and security is a leading concern for providers and customers of cloud computing, where Virtual Machines (VMs) can co-reside within the same underlying physical machine. Side channel attacks within multi-tenant virtualized cloud environments are an established problem, where attackers are able to monitor and exfiltrate data from co-resident VMs. Virtualization services have attempted to mitigate such attacks by preventing VM-to-VM interference on shared hardware by providing logical resource isolation between co-located VMs via an internal virtual network. However, such approaches are also insecure, with attackers capable of performing network channel attacks which bypass mitigation strategies using vectors such as ARP Spoofing, TCP/IP steganography, and DNS poisoning. In this paper we identify a new vulnerability within the internal cloud virtual network, showing that through a combination of TAP impersonation and mirroring, a malicious VM can successfully redirect and monitor network traffic of VMs co-located within the same physical machine. We demonstrate the feasibility of this attack in a prominent cloud platform-OpenStack-under various security requirements and system conditions, and propose countermeasures for mitigation. Compute Controller Controller Compute 1 Compute 2 Compute 3 Compute n … Controller Compute 1 Compute 2 Compute n

show abstract

Multilevel classification of security concerns in cloud computing

Cited by 80 publications

References 3 publications

A Proposed New Framework for Securing Cloud Data on Multiple Infrastructures using Erasure Coding, Dispersal Technique and Encryption

A Proposed New Framework for Securing Cloud Data on Multiple Infrastructures using Erasure Coding, Dispersal Technique and Encryption

Complications in Infrastructure as a Service Layer of Cloud and its Solution

A Cross-Virtual Machine Network Channel Attack via Mirroring and TAP Impersonation

Contact Info

Product

Resources

About