A multi-dimension taxonomy of insider threats in cloud computing

Security is considered a significant deficiency in cloud computing, and insider threats problem exacerbate security concerns in the cloud. In addition to that, cloud computing is very complex by itself, because it encompasses numerous technologies and concepts. Apparently, overcoming these challenges requires substantial efforts from information security researchers to develop powerful mitigation solutions for this emerging problem. This entails developing a taxonomy of insider threats in cloud environments encompassing all potential abnormal activities in the cloud, and can be useful for conducting security assessment. This paper describes the first phase of an ongoing research to develop a framework for mitigating insider threats in cloud computing environments. Primarily, it presents a multidimensional taxonomy of insider threats in cloud computing, and demonstrates its viability. The taxonomy provides a fundamental understanding for this complicated problem by identifying five dimensions, it also supports security engineers in identifying hidden paths, thus determining proper countermeasures, and presents a guidance covers all bounders of insiders threats issue in clouds, hence it facilitates researchers’ endeavours in tackling this problem. For instance, according to the hierarchical taxonomy, clearly many significant issues exist in public cloud, while conventional insider mitigation solutions can be used in private clouds. Finally, the taxonomy assists in identifying future research directions in this emerging area

Emerging Trends in Safety Issues in Cloud - The Potentials of Threat Model

For tomorrow�s computing, Cloud computing has designed the unrealistic and infrastructural basis. The complete computing infrastructure is quickly affecting cloud based architecture. Via Internet, the resources and services of cloud computing are offered and also these services and resources are offered from data centers located globally. By providing resources that are virtual through the internet, cloud computing controls its consumers. With a continuous matter for Open Systems and internet, Security has always concerned. It really suffers whenever we are discussing about security on cloud. The lack of safety is the only hindrance in general implementation of cloud computing. The flexibility and benefits, if security is not robust and consistent, that cloud computing has to offer, will have slight rationality. There are many security problems that are enclosed in cloud computing such as security of data, and investigation of the utilization by the cloud computing merchants. For the consumers and service providers, the prosperous in cloud computing includes lots of security challenges. The objective of this paper is to recognize the most insecure threats of security in cloud computing which will further enables both end users and retailers to know about the key security threats that are linked with cloud computing. It also includes finding of advantages and problems in cloud computing with respect to availability of data, its cost and security of data

What is Hidden Within the Cloud?

Over the past few years cloud computing has become one of the most significant technological trends. The aim of this paper is to discuss the main characteristics of cloud computing, identify the challenges concerning the security and control of information within the cloud and finally to examine how secure information can be in it. Section one gives an overview of the technology by presenting its key aspects and architecture. The security issues about its adoption are explored briefly in section two followed by possible ways to prevent these threats on section three. Finally, in section four the research focuses on the future of cloud computing and closes with an evaluation of how secure the cloud is on section five

Various Challenges and Security Threats in Cloud Computing

Cloud computing is an assimilation and on demand delivery of various information technology resources and services. The process is built to initiate real-time actions and responses for the enormous multi-dimensional data generated by websites, devices, applications and other sources. The cloud computing provides cost saving, flexibility, mobility to the clients along with disaster recovery and loss prevention providing sustainability and competitive edge without letting them to shell out for the requisite infrastructure, installation and manpower to achieve and maintain such hi-tech infrastructure. Maximizing the quality and quantity of service and resources besides limiting the infrastructural cost are important necessities for this technology. Cloud computing has transformed the way many organizations use and share data and applications over Internet by efficient distribution and utilization of their resources and services. With so much data going into the cloud, particularly into public cloud services, these resources have become susceptible to various security threats and challenges. In this paper we have discussed some of the critical security concerns that prevent the adoptability of cloud computing

A Taxonomy of Virtualization Security Issues in Cloud Computing Environments

Objectives: To identify the main challenges and security issues of virtualization in cloud computing environments. It reviews the alleviation techniques for improving the security of cloud virtualization systems. Methods/ Statistical Analysis: Virtualization is a fundamental technology for cloud computing, and for this reason, any cloud vulnerabilities and threats affect virtualization. In this study, the systematic literature review is performed to find out the vulnerabilities and risks of virtualization in cloud computing and to identify threats, and attacks result from those vulnerabilities. Furthermore, we discover and analyze the effective mitigation techniques that are used to protect, secure, and manage virtualization environments. Findings: Thirty vulnerabilities are identified, explained, and classified into six proposed classes. Furthermore, fifteen main virtualization threats and attacks ar defined according to exploited vulnerabilities in a cloud environment. Application/Improvements: A set of common mitigation solutions are recognized and discovered to alleviate the virtualization security risks. These reviewed techniques are analyzed and evaluated according to five specified security criteria

A Generalized Threat Taxonomy for Cloud Computing

This paper presents a genre-based, generalized threat taxonomy for cloud computing. Cloud computing provides numerous possibilities and challenges but the nature of cloud computing exposes the resources of a cloud architecture to a wide range of threats. Presently, many potential threats, represented as security concerns, are known in a general sense but they are not classified specifically in relation to cloud services delivery. Therefore security concerns need identification and assessment and presented in a consistent and hierarchical form. We posit that to approach the issue in this way allows for more effective enforcement and therefore better resilience in a cloud architecture. We further posit that failure to effectively identify threats will lead to lower levels of trust, effectiveness and performance. The generalized threat taxonomy provides researchers with a framework through which risk factors and threats may be identified; and related against an overall picture of threat patterns

Security Challenges and Policies in Cloud Computing for Services

Cloud computing is becoming most emerging trend in IT industry. With its potential growth and lucrative services cloud computing has acquired mass market in the industry large enterprises running their business on the cloud. A greater acceptance of public cloud by various businesses has given it a wide popularity, strengthening of public cloud security is big milestone. The article talks about cloud computing and its service models and deployment models. Different threats have been discovered in recent years. Database security in public cloud raised some critical issues for cloud service provider.Further, various security issues and policies related to cloud computing also discussed. Findings emphasis that rapid adaptation to the clouds have increased concerns on a critical issue for successive growth of communication technology and information security. From a cloud security perspective, a number of unexplored risks and challenges are faced by cloud because of migration, causing degradation of the effectiveness of traditional protection mechanisms