یک بررسی در مورد چالش های امنیتی محاسبات ابری
Abstract
I- Introduction
II- Cloud Properties and Models
III- Cloud Security Issues/Requirements
IV- Proposed Solutions or Methodologies
V- Least Explored Areas of Cloud Security
References
Abstract
Cloud Computing and its' related security issues as well as countermeasures are one of the highly debated topics in today's research field. Though, various surveys regarding Cloud security are already prevalent, there remains a certain gap between the proper mapping of these issues to their corresponding solutions. Some surveys present the Virtualization issues and solutions while other deal with the access control mechanisms, but what lacks is a common framework that would at the same time generalize the concept of cloud security as well as intricately analyze its' specific requirements. Moreover, countermeasures that are provided in a survey must clearly depict the issue that it is handling. Keeping all these factors in mind this survey paper has been designed so as to cover the necessary areas with a proper interconnection between them and lastly discuss a set of open problems in this domain.
INTRODUCTION
Cloud reflects the concept of a distributed system comprising of a group of virtual machines that can be dynamically provisioned to meet the varying resource requirements of a customer [1] and the entire base of this Cloud-Customer relationship is governed by the SLA (Service Level Agreement). The National Institute of Standards and Technology (NIST) defines Cloud as a model that enables convenient on-demand network access to a shared pool of configurable computing resource e.g. network, storage, hardware, applications, etc. that can be rapidly allocated, scaled as well as released with minimum management effort or service provider intervention[2]. Cloud relieves the user of the overhead of physical installation and maintenance of her system, which automatically reduces the overall cost and enhances the system efficiency. Embracement of Cloud based services results in introduction of an abstraction layer between the physical storage or servers and the user whose data or services are being processed in the Cloud. The present scenario is such that the Cloud consumer who can be the data or service owner has to rely completely on the Cloud Service Provider (CSP) for the privacy and security of her information.