Addressing cloud computing security issues

Dimitrios Zissis, Dimitrios Lekkas
2012 Future generations computer systems  
The recent emergence of cloud computing has drastically altered everyone's perception of infrastructure architectures, software delivery and development models. Projecting as an evolutionary step, following the transition from mainframe computers to client/server deployment models, cloud computing encompasses elements from grid computing, utility computing and autonomic computing, into an innovative deployment architecture. This rapid transition towards the clouds, has fuelled concerns on a
more » ... ical issue for the success of information systems, communication and information security. From a security perspective, a number of unchartered risks and challenges have been introduced from this relocation to the clouds, deteriorating much of the effectiveness of traditional protection mechanisms. As a result the aim of this paper is twofold; firstly to evaluate cloud security by identifying unique security requirements and secondly to attempt to present a viable solution that eliminates these potential threats. This paper proposes introducing a Trusted Third Party, tasked with assuring specific security characteristics within a cloud environment. The proposed solution calls upon cryptography, specifically Public Key Infrastructure operating in concert with SSO and LDAP, to ensure the authentication, integrity and confidentiality of involved data and communications. The solution, presents a horizontal level of service, available to all implicated entities, that realizes a security mesh, within which essential trust is maintained. (D. Zissis), Dlek@aegean.gr (D. Lekkas). environment and clarify issues from a security perspective. The notion of trust and security is investigated and specific security requirements are documented. This paper proposes a security solution, which leverages clients from the security burden, by trusting a Third Party. The Third Party is tasked with assuring specific security characteristics within a distributed information system, while realizing a trust mesh between involved entities, forming federations of clouds. The research methodology adopted towards achieving this goal, is based on software engineering and information systems design approaches. The basic steps for designing the system architecture include the collection of requirements and the analysis of abstract functional specifications. Grid and cloud computing Grid Computing emerged in the early 1990s, as high performance computers were inter-connected via fast data communication links, with the aim of supporting complex calculations and data-intensive scientific applications. Grid computing is defined as "a hardware and software infrastructure that provides dependable consistent, pervasive, and inexpensive access to high-end computational capabilities". Cloud Computing has resulted from the convergence of Grid Computing, Utility Computing and SaaS, and essentially represents the increasing trend towards the external deployment of IT resources, such as computational power, storage or business applications, and obtaining them as services [1] . Cloud 0167-739X/$ -see front matter
doi:10.1016/j.future.2010.12.006 fatcat:j7wh6nux25ha7hlpuknlw443xi