Taxonomy of Cloud Security

Sanchika Gupta, Padam Kumar
2013 International Journal of Computer Science Engineering and Applications  
Cloud computing is envisioned as the next generation architecture for IT Enterprises, and has proliferated itself due to the advantages it provides.Cloud computing provides solutions for carrying out efficient, scalable and low cost computing. The pay per usage concept of Cloud computing increases the resource utilisation of a vendor's computing power and resources; at the same time,it results in reduced hardware costs forits users. It also provides access mobility, easier maintenance,
more » ... tyand operability in terms of its management and usage. Because of the facilities and solutions it provides to the industry for the next generation computing, it is vulnerable to a variety of known and unknown attacks from attackers.Hence, securinga Cloud environment is a critical problem that needs urgent attention.This articlefocuses on a taxonomy of possible attacks on a Cloud environment and a taxonomy of the defence .The attack taxonomy describes existing threats on Cloud security, and the defence taxonomy gives a classification of the various counter measures that can be taken to protect the Cloud environment from such attacks. The aim of this article is to provideresearchers, academicians and industry with a better understanding of existing attacks and defence mechanisms on Cloud security.This is to provide a clearvision of the challenges that should be worked onto ensure next generation security forCloud computing. CL-1: VT-2: FP-8: Insecure SSL trust: There are some serious flaws found in the SSL protocol used for secure communication on the internet. The attack, if it occurs on Cloud, will allow the attackers to compromise the secure traffic between the websites and browsers of various Cloud users. These attacks enable sophisticated Cloud users and insiders to steal passwords, hijack online banking sessions etc.
doi:10.5121/ijcsea.2013.3505 fatcat:laoqx3yeazah7blsprybzc3ofi