Virtualization Security Risks and Solutions of Cloud Computing via Divide-Conquer Strategy

Luo, Xiangyang; Yang, Lin; Ma, Lina; Chu, Shanming; Hao, Dingjun

doi:10.1109/mines.2011.54

Cited by 14 publications

(10 citation statements)

References 9 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Numerous researchers have proposed risk assessment methods in the cloud computing environment. Some of these studies focused on specific security problems, such as insider attacks, virtualization threats [], data transmission with cloud computing service‐level agreement , anti‐virus in the cloud service , denial of service attacks in cloud , and identity management . In addition, frameworks, which are used to assess security risks in cloud computing environments as a whole process, have also been proposed.…”

Section: Security Risk Assessment In Cloud Computingmentioning

confidence: 99%

Security risk assessment framework for cloud computing environments

Albakri

Shanmugam

Samy

et al. 2014

Security Comm Networks

View full text Add to dashboard Cite

Cloud computing has become today's most common technology buzzword. Despite the promises of cloud computing to decrease computing implementation costs and deliver computing as a service, which allows clients to pay only for what they need and use, cloud computing also raises many security concerns. Most popular risk assessment standards, such as ISO27005, NIST SP800‐30, and AS/NZS 4360, assume that an organization's assets are fully managed by the organization itself and that all security management processes are imposed by the organization. These assumptions, however, do not apply to cloud computing environments. Hence, this paper proposes a security risk assessment framework that can enable cloud service providers to assess security risks in the cloud computing environment and allow cloud clients to contribute in risk assessment. The proposed framework provides a more realistic and accurate risk assessment outcome by considering the cloud clients' evaluation of security risk factors and avoiding the complexity that can result from the involvement of clients in whole risk assessment process. Copyright © 2014 John Wiley & Sons, Ltd.

show abstract

Section: Security Risk Assessment In Cloud Computingmentioning

confidence: 99%

Security risk assessment framework for cloud computing environments

Albakri

Shanmugam

Samy

et al. 2014

Security Comm Networks

View full text Add to dashboard Cite

show abstract

“…In fact, literature abounds of works on the sanitization of carriers or the normalization of network traffic (see, e.g., references [5] and [3] and the references therein) but not any prior work investigates how a covert channel or a steganographic threat could be detect or prevented by means of virtualization. A variety of works address the security of virtualized architectures, but they mainly focus on the following classes of hazards [14]: access control of resources, DoS and DDoS attacks, virtualization to build the network infrastructure, and security management of virtualized assets. Even if the security risks caused by mobility, migration and hopping of virtual machines are well understood [15], steganographic threats are solely discussed without considering the overall architecture or the peculiarities of large-scale virtualized network scenario.…”

Section: Related Workmentioning

confidence: 99%

Programmable Data Gathering for Detecting Stegomalware

Carrega¹,

Caviglione

Repetto

et al. 2020

2020 6th IEEE Conference on Network Softwarization (NetSoft)

View full text Add to dashboard Cite

The "arm race" against malware developers requires to collect a wide variety of performance measurements, for instance to face threats leveraging information hiding and steganography. Unfortunately, this process could be timeconsuming, lack of scalability and cause performance degradations within computing and network nodes. In this paper we propose to take advantage of the joint activities of two H2020 Projects, namely ASTRID and SIMARGL. To prove the benefits of the cooperation between the solutions developed by the two aforementioned projects, this paper reports a preliminary performance evaluation on the use of the extended Berkeley Packet Filter to gather data for detecting stegomalware.

show abstract

“…Virtualization is a fundamental technology used by cloud vendors to achieve multi-tenant architecture, where it divides the computing resources of cloud server into multiple execution environments [31].…”

Section: Cloud Infrastructurementioning

confidence: 99%

Cloud Computing Security Challenges in Higher Educational Institutions - A Survey

Al-Shqeerat¹,

Al-Shrouf²,

Hassan³

et al. 2017

IJCA

View full text Add to dashboard Cite

Cloud computing brings for higher educational institution a wide range of benefits with new capabilities to incorporate in the educational process. However, the cloud services are vulnerable to a variety of security challenges.One of the key challenges that educational institutions face in adopting cloud computing technologies is a provisioning of a secure cloud infrastructure.In this paper, the authors discover some cloud benefits in the education sector and discuss limitations of main cloud services as well as highlight security challenges that institutions face when utilizing cloud technologies.The survey was conducted in variety educational institutions to study the views of stakeholders on the cloud security vulnerabilities and approaches used to overcome.Finally, this paper provides baseline recommendations to avoid security risks efficiently when adopting cloud computing in institutions of higher education.

show abstract

Virtualization Security Risks and Solutions of Cloud Computing via Divide-Conquer Strategy

Cited by 14 publications

References 9 publications

Security risk assessment framework for cloud computing environments

Security risk assessment framework for cloud computing environments

Programmable Data Gathering for Detecting Stegomalware

Cloud Computing Security Challenges in Higher Educational Institutions - A Survey

Contact Info

Product

Resources

About