18Sep 2017

AN ANALYSIS OF CLOUD COMPUTING MULTITENANCY SECURITY CHALLENGES.

  • Arab Academy for Science and Technology and Maritime TransportCairo, Egypt.
Crossref Cited-by Linking logo
  • Abstract
  • Keywords
  • References
  • Cite This Article as
  • Corresponding Author

Cloud computing is becoming the trend of information technology computational model and the cloud security is becoming a major issue in adopting the cloud for large customers [28]. Such concerns are driven by the multitenancy situation where more than one tenant are utilizing the same physical computer hardware and sharing the same software and data [1]. This has associated risks where confidentiality and/or integrity can be violated [28]. Therefore in order to propose effective security solutions and strategies a good knowledge of the current cloud implementations and practices must be acquired [28]. Such knowledge is needed in order to recognize attack vectors and attack surfaces [28]. This paper explores the specific risks in cloud computing due to multitenancy and the measures that can be taken to mitigate those risks. Before that a clear understanding of multitenancy and its benefits are demonstrated.

  1. J. Brown,V. Anderson,Q. Tan. "Multitenancy ? Security Risks and Countermeasures".2012 15th International Conference on Network-Based Information Systems. Melbourne, VIC, Australia, 26-28 Sept. 2012.
  2. Wood, M. Anderson, "Understanding the complexity surrounding multitenancy in cloud computing", 2011 Eighth IEEE International Conference on e-Business Engineering, Vol. 1, no. , 119-124, 2011.
  3. Feng, B. Bai, et al, "Shrew Attack in Cloud Data Center Networks", 2011 Seventh International Conference on Mobile Ad-hoc and Sensor Networks, Vol. 11, no. , 441-445, 2011.
  4. Tsai, Q. Shao, "Role-Based Access-Control Using Reference Ontology in Clouds", 2011 Tenth International Symposium on Autonomous Decentralized Systems, Vol. 11, no. ,121-128, 2011.
  5. Abdulrahman, M. Sarfraz, et al, "A Distributed Access Control Architecture for Cloud Computing," IEEE SOF T Ware, Vol. 12, no., 36-44, 2012.
  6. Momm, W. Theilmann, "A Combined Workload Planning Approach for Multi-Tenant Business Applications", 2011 35th IEEE Annual Computer Software and Applications Conference Workshops, Vol. 11, no. 255-260, 2011.
  7. Hay, K. Nance, et al, "Are Your Papers in Order? Developing and Enforcing Multi-Tenancy and Migration Policies in the Cloud", 2012 45th Hawaii International Conference on System Sciences, Vol. 12, no. , 5473-5479, 2012.
  8. Li, L. Zhou, et al, "A TRUSTED COMPUTING ENVIROMENT MODEL IN CLOUD ARCHITECTURE", Proceedings of the Ninth International Conference on Machine Learning and Cybernetics, Qingdao, Vol. 9, no. , 2843-2848, 2010.
  9. Tim Mather, SubraKumaraswamy, ShahedLatif, Cloud Security and Privacy, O'Reilly Press, 2009.
  10. John Rhoton, Cloud Computing Explained Second Edition, Recursive Publishing, 2011.
  11. Subashini, and V. Kavitha, " A Survey on security issues in service delivery models of cloud computing," Journal of Network and Computer Applications (2011).
  12. DimitriosZissis, and DimitriosLekkas, "Addressing cloud computing security issues," Future Generation Computer Systems (2011).
  13. TanzimKhorshed, A.B.M. Shawkat Ali, and Saleh A. Wasimi, "A Survey on gaps, threat remediation challenges and some thoughts for proactive attack detection in cloud computing," Future Generation Computer Systems (2012).
  14. Wayne A. Jansen, " Cloud hooks: security and privacy issues in cloud computing," Proceedings of the 44th Hawaii International Conference on System Sciences (2011).
  15. David Teneyuca, "Internet cloud security: the illusion of inclusion," SciVerseScienceDirect (2011).
  16. AfkhamAzeez, SrinathPerera, DimuthuGamage, Ruwan Linton, PrabathSiriwardana, DimuthuLeelaratne, SanjivaWeerawarana and Paul Fremantle, "Multi-Tenant SOA middleware for cloud computing," IEEE 2rd International Conference on Cloud Computing (2010).
  17. Verizon RISK Team, "Data breach investigations report (DBIR)," (2012).
  18. Prasad Saripalli, and Ben Walters, "QUIRC: a quantitave impact and risk assessment framework for cloud security," IEEE 2nd International Conference on Cloud Computing (2010).
  19. Gens, "IT cloud services user survey, pt.2: top benefits & challenges," Oct. 2008. (http://blogs.idc.com/ie/?p=210).
  20. Hagai Bar-El, "Introduction to side channel attacks,".
  21. Pearson and A. Benameur, "Privacy, Security and Trust Issues Arising from Cloud Computing," 2010 IEEE Second International Conference on Cloud Computing Technology and Science, vol. 8, no. 6, pp. 692-702, Nov. 2010.
  22. Ruoyu Wu, Gail-JoonAhn, Hongxin Hu, and MukeshSinghal, "Information flow control in cloud computing," (9-12 Oct. 2010).
  23. I. Davida, D. L. Wells, and J. B. Kam, "Security and Privacy," IEEE Concurrency, vol. 8, no. 2, pp. 24-21, 2000.
  24. Augusto Ciuffoletti, "Monitoring a virtual network infrastructure," (October 2010).
  25. Chen and J. Yoon, "IT Auditing to Assure a Secure Cloud Computing," 2010 6th World Congress on Services, pp. 252-259, Jul. 2010.
  26. Bleikertz, M. Schunter, C. W. Probst, and K. Eriksson, "Security Audits of Multi-tier Virtual Infrastructures in Public Infrastructure Clouds Categories and Subject Descriptors," pp. 92-102.
  27. Chakraborty, S. Ramireddy, T. S. Raghu, and H.R. Rao, "Assurance Practices of Cloud Computing," pp. 29-27, 2010.
  28. Aljahdali, A. Albatli, P. Garraghan, P. Townend, L. Lau, J. Xu."Multi-Tenancy in Cloud Computing,".In proceedings of the 8th IEEE International Symposium on Service-Oriented System Engineering, Oxford, UK. 7-11 April 2014.

[Amira Hosni. (2017); AN ANALYSIS OF CLOUD COMPUTING MULTITENANCY SECURITY CHALLENGES. Int. J. of Adv. Res. 5 (Sep). 850-855] (ISSN 2320-5407). www.journalijar.com

Amira Hosni
Arab Academy for Science and Technology and Maritime Transport Cairo, Egypt

DOI:

Article DOI: 10.21474/IJAR01/5398      
DOI URL: http://dx.doi.org/10.21474/IJAR01/5398

Download Full Paper

Download PDF No. of Downloads: 18 | No. of Views: 101