17,525 research outputs found
Survey on Security Issues in Cloud Computing and Associated Mitigation Techniques
Cloud Computing holds the potential to eliminate the requirements for setting
up of high-cost computing infrastructure for IT-based solutions and services
that the industry uses. It promises to provide a flexible IT architecture,
accessible through internet for lightweight portable devices. This would allow
multi-fold increase in the capacity or capabilities of the existing and new
software. In a cloud computing environment, the entire data reside over a set
of networked resources, enabling the data to be accessed through virtual
machines. Since these data-centers may lie in any corner of the world beyond
the reach and control of users, there are multifarious security and privacy
challenges that need to be understood and taken care of. Also, one can never
deny the possibility of a server breakdown that has been witnessed, rather
quite often in the recent times. There are various issues that need to be dealt
with respect to security and privacy in a cloud computing scenario. This
extensive survey paper aims to elaborate and analyze the numerous unresolved
issues threatening the cloud computing adoption and diffusion affecting the
various stake-holders linked to it.Comment: 20 pages, 2 Figures, 1 Table. arXiv admin note: substantial text
overlap with arXiv:1109.538
Determining Training Needs for Cloud Infrastructure Investigations using I-STRIDE
As more businesses and users adopt cloud computing services, security
vulnerabilities will be increasingly found and exploited. There are many
technological and political challenges where investigation of potentially
criminal incidents in the cloud are concerned. Security experts, however, must
still be able to acquire and analyze data in a methodical, rigorous and
forensically sound manner. This work applies the STRIDE asset-based risk
assessment method to cloud computing infrastructure for the purpose of
identifying and assessing an organization's ability to respond to and
investigate breaches in cloud computing environments. An extension to the
STRIDE risk assessment model is proposed to help organizations quickly respond
to incidents while ensuring acquisition and integrity of the largest amount of
digital evidence possible. Further, the proposed model allows organizations to
assess the needs and capacity of their incident responders before an incident
occurs.Comment: 13 pages, 3 figures, 3 tables, 5th International Conference on
Digital Forensics and Cyber Crime; Digital Forensics and Cyber Crime, pp.
223-236, 201
- …