AN ANALYSIS OF CLOUD COMPUTING MULTITENANCY SECURITY CHALLENGES.
- Arab Academy for Science and Technology and Maritime TransportCairo, Egypt.
- Abstract
- Keywords
- References
- Cite This Article as
- Corresponding Author
Cloud computing is becoming the trend of information technology computational model and the cloud security is becoming a major issue in adopting the cloud for large customers [28]. Such concerns are driven by the multitenancy situation where more than one tenant are utilizing the same physical computer hardware and sharing the same software and data [1]. This has associated risks where confidentiality and/or integrity can be violated [28]. Therefore in order to propose effective security solutions and strategies a good knowledge of the current cloud implementations and practices must be acquired [28]. Such knowledge is needed in order to recognize attack vectors and attack surfaces [28]. This paper explores the specific risks in cloud computing due to multitenancy and the measures that can be taken to mitigate those risks. Before that a clear understanding of multitenancy and its benefits are demonstrated.
- J. Brown,V. Anderson,Q. Tan. "Multitenancy ? Security Risks and Countermeasures".2012 15th International Conference on Network-Based Information Systems. Melbourne, VIC, Australia, 26-28 Sept. 2012.
- Wood, M. Anderson, "Understanding the complexity surrounding multitenancy in cloud computing", 2011 Eighth IEEE International Conference on e-Business Engineering, Vol. 1, no. , 119-124, 2011.
- Feng, B. Bai, et al, "Shrew Attack in Cloud Data Center Networks", 2011 Seventh International Conference on Mobile Ad-hoc and Sensor Networks, Vol. 11, no. , 441-445, 2011.
- Tsai, Q. Shao, "Role-Based Access-Control Using Reference Ontology in Clouds", 2011 Tenth International Symposium on Autonomous Decentralized Systems, Vol. 11, no. ,121-128, 2011.
- Abdulrahman, M. Sarfraz, et al, "A Distributed Access Control Architecture for Cloud Computing," IEEE SOF T Ware, Vol. 12, no., 36-44, 2012.
- Momm, W. Theilmann, "A Combined Workload Planning Approach for Multi-Tenant Business Applications", 2011 35th IEEE Annual Computer Software and Applications Conference Workshops, Vol. 11, no. 255-260, 2011.
- Hay, K. Nance, et al, "Are Your Papers in Order? Developing and Enforcing Multi-Tenancy and Migration Policies in the Cloud", 2012 45th Hawaii International Conference on System Sciences, Vol. 12, no. , 5473-5479, 2012.
- Li, L. Zhou, et al, "A TRUSTED COMPUTING ENVIROMENT MODEL IN CLOUD ARCHITECTURE", Proceedings of the Ninth International Conference on Machine Learning and Cybernetics, Qingdao, Vol. 9, no. , 2843-2848, 2010.
- Tim Mather, SubraKumaraswamy, ShahedLatif, Cloud Security and Privacy, O'Reilly Press, 2009.
- John Rhoton, Cloud Computing Explained Second Edition, Recursive Publishing, 2011.
- Subashini, and V. Kavitha, " A Survey on security issues in service delivery models of cloud computing," Journal of Network and Computer Applications (2011).
- DimitriosZissis, and DimitriosLekkas, "Addressing cloud computing security issues," Future Generation Computer Systems (2011).
- TanzimKhorshed, A.B.M. Shawkat Ali, and Saleh A. Wasimi, "A Survey on gaps, threat remediation challenges and some thoughts for proactive attack detection in cloud computing," Future Generation Computer Systems (2012).
- Wayne A. Jansen, " Cloud hooks: security and privacy issues in cloud computing," Proceedings of the 44th Hawaii International Conference on System Sciences (2011).
- David Teneyuca, "Internet cloud security: the illusion of inclusion," SciVerseScienceDirect (2011).
- AfkhamAzeez, SrinathPerera, DimuthuGamage, Ruwan Linton, PrabathSiriwardana, DimuthuLeelaratne, SanjivaWeerawarana and Paul Fremantle, "Multi-Tenant SOA middleware for cloud computing," IEEE 2rd International Conference on Cloud Computing (2010).
- Verizon RISK Team, "Data breach investigations report (DBIR)," (2012).
- Prasad Saripalli, and Ben Walters, "QUIRC: a quantitave impact and risk assessment framework for cloud security," IEEE 2nd International Conference on Cloud Computing (2010).
- Gens, "IT cloud services user survey, pt.2: top benefits & challenges," Oct. 2008. (http://blogs.idc.com/ie/?p=210).
- Hagai Bar-El, "Introduction to side channel attacks,".
- Pearson and A. Benameur, "Privacy, Security and Trust Issues Arising from Cloud Computing," 2010 IEEE Second International Conference on Cloud Computing Technology and Science, vol. 8, no. 6, pp. 692-702, Nov. 2010.
- Ruoyu Wu, Gail-JoonAhn, Hongxin Hu, and MukeshSinghal, "Information flow control in cloud computing," (9-12 Oct. 2010).
- I. Davida, D. L. Wells, and J. B. Kam, "Security and Privacy," IEEE Concurrency, vol. 8, no. 2, pp. 24-21, 2000.
- Augusto Ciuffoletti, "Monitoring a virtual network infrastructure," (October 2010).
- Chen and J. Yoon, "IT Auditing to Assure a Secure Cloud Computing," 2010 6th World Congress on Services, pp. 252-259, Jul. 2010.
- Bleikertz, M. Schunter, C. W. Probst, and K. Eriksson, "Security Audits of Multi-tier Virtual Infrastructures in Public Infrastructure Clouds Categories and Subject Descriptors," pp. 92-102.
- Chakraborty, S. Ramireddy, T. S. Raghu, and H.R. Rao, "Assurance Practices of Cloud Computing," pp. 29-27, 2010.
- Aljahdali, A. Albatli, P. Garraghan, P. Townend, L. Lau, J. Xu."Multi-Tenancy in Cloud Computing,".In proceedings of the 8th IEEE International Symposium on Service-Oriented System Engineering, Oxford, UK. 7-11 April 2014.
[Amira Hosni. (2017); AN ANALYSIS OF CLOUD COMPUTING MULTITENANCY SECURITY CHALLENGES. Int. J. of Adv. Res. 5 (Sep). 850-855] (ISSN 2320-5407). www.journalijar.com
Arab Academy for Science and Technology and Maritime Transport Cairo, Egypt