Security and Privacy in Cloud Computing

2013 ◽  
pp. 164-184 ◽  
Author(s):  
Hassan Takabi ◽  
James B.D. Joshi ◽  
Gail-Joon Ahn
Keyword(s):  
Cloud Computing ◽  
Security And Privacy ◽  
Computing Environment ◽  
Security Framework ◽  
Cloud Computing Environment ◽  
Computing Paradigm ◽  
Computing Environments ◽  
Significant Cost Reduction ◽  
Future Work ◽  
Privacy Issues

Cloud computing paradigm has recently gained tremendous momentum. It has been found very promising for significant cost reduction and the increased operating efficiencies in computing. However, security and privacy issues pose as the key roadblock to its rapid adoption. In this chapter, the authors present the security and privacy challenges in Cloud computing environments and discuss how they are related to various delivery and deployment models, and are exacerbated by the unique aspects of Clouds. The authors also propose a comprehensive security framework for Cloud computing environments and discuss various approaches to address the challenges, existing solutions and future work needed to provide a trustworthy Cloud computing environment.

scholarly journals CSPCR: Cloud Security, Privacy and Compliance Readiness - A Trustworthy Framework

2018 ◽  
Vol 8 (5) ◽  
pp. 3756
Author(s):  
Sugandh Bhatia ◽  
Jyoteesh Malhotra
Keyword(s):  
Cloud Computing ◽  
Service Level Agreement ◽  
Service Level ◽  
Security And Privacy ◽  
Computing Environment ◽  
Cloud Computing Environment ◽  
Computing Paradigm ◽  
Computing Services ◽  
Critical Issues ◽  
Cloud Computing Services

The privacy, handling, management and security of information in a cloud environment are complex and tedious tasks to achieve. With minimum investment and reduced cost of operations an organization can avail and apply the benefits of cloud computing into its business. This computing paradigm is based upon a pay as per your usage model. Moreover, security, privacy, compliance, risk management and service level agreement are critical issues in cloud computing environment. In fact, there is dire need of a model which can tackle and handle all the security and privacy issues. Therefore, we suggest a CSPCR model for evaluating the preparation of an organization to handle or to counter the threats, hazards in cloud computing environment. CSPCR discusses rules and regulations which are considered as pre-requisites in migrating or shifting to cloud computing services.

Policy Management in Cloud

2013 ◽  
pp. 814-834
Author(s):  
Hassan Takabi ◽  
James B.D. Joshi
Keyword(s):  
Cloud Computing ◽  
Access Control ◽  
Control Point ◽  
Cloud Service ◽  
Cloud Provider ◽  
Policy Management ◽  
Computing Paradigm ◽  
Access Control Policies ◽  
Computing Environments ◽  
Significant Cost Reduction

Cloud computing paradigm is still an evolving paradigm but has recently gained tremendous momentum due to its potential for significant cost reduction and increased operating efficiencies in computing. However, its unique aspects exacerbate security and privacy challenges that pose as the key roadblock to its fast adoption. Cloud computing has already become very popular, and practitioners need to provide security mechanisms to ensure its secure adoption. In this chapter, the authors discuss access control systems and policy management in cloud computing environments. The cloud computing environments may not allow use of a single access control system, single policy language, or single management tool for the various cloud services that it offers. Currently, users must use diverse access control solutions available for each cloud service provider to secure data. Access control policies may be composed in incompatible ways because of diverse policy languages that are maintained separately at every cloud provider. Heterogeneity and distribution of these policies pose problems in managing access policy rules for a cloud environment. In this chapter, the authors discuss challenges of policy management and introduce a cloud based policy management framework that is designed to give users a unified control point for managing access policies to control access to their resources no matter where they are stored.

Mobile Cloud Computing and Its Security and Privacy Challenges

2015 ◽  
pp. 1561-1584
Author(s):  
Hassan Takabi ◽  
Saman Taghavi Zargar ◽  
James B. D. Joshi
Keyword(s):  
Cloud Computing ◽  
Mobile Cloud Computing ◽  
Security And Privacy ◽  
Mobile Cloud ◽  
Computing Environment ◽  
Mobile Terminals ◽  
Privacy And Security ◽  
Cloud Computing Environment ◽  
Timely Fashion ◽  
Cloud Servers

Mobile cloud computing has grown out of two hot technology trends, mobility and cloud. The emergence of cloud computing and its extension into the mobile domain creates the potential for a global, interconnected mobile cloud computing environment that will allow the entire mobile ecosystem to enrich their services across multiple networks. We can utilize significant optimization and increased operating power offered by cloud computing to enable seamless and transparent use of cloud resources to extend the capability of resource constrained mobile devices. However, in order to realize mobile cloud computing, we need to develop mechanisms to achieve interoperability among heterogeneous and distributed devices. We need solutions to discover best available resources in the cloud servers based on the user demands and approaches to deliver desired resources and services efficiently and in a timely fashion to the mobile terminals. Furthermore, while mobile cloud computing has tremendous potential to enable the mobile terminals to have access to powerful and reliable computing resources anywhere and anytime, we must consider several issues including privacy and security, and reliability in realizing mobile cloud computing. In this chapter, the authors first explore the architectural components required to realize a mobile cloud computing infrastructure. They then discuss mobile cloud computing features with their unique privacy and security implications. They present unique issues of mobile cloud computing that exacerbate privacy and security challenges. They also discuss various approaches to address these challenges and explore the future work needed to provide a trustworthy mobile cloud computing environment.

Implementing Risk Management Processes Into a Cloud Computing Environment

2018 ◽  
pp. 951-963 ◽  
Author(s):  
Samer Alhawari ◽  
Mufleh Amin AL Jarrah ◽  
Wa'el Hadi
Keyword(s):  
Cloud Computing ◽  
Risk Management ◽  
Critical Role ◽  
Risk Identification ◽  
Information And Communications Technology ◽  
Innovative Technology ◽  
Computing Environment ◽  
Cloud Computing Environment ◽  
Computing Paradigm ◽  
Management Processes

With the significant advances in Information and Communications Technology (ICT) over the last half a century, the Cloud computing paradigm is one of the most discussed topics in the field of ICT today. Additionally, Cloud computing has a critical role in today's business world. Without risk management processes embedded into innovative technology that supports Cloud computing, businesses are setting themselves up for a fall. Hence, in this paper, the authors propose a conceptual model of implementing risk management processes into a Cloud computing environment. It highlights the different processes of risk management (risk identification, risk analysis, risk planning, risk execution, and risk monitoring) and how their existence can affect the Cloud environment to ensure proper protection of data and information in order to ensure Cloud networks and connections are secure.

Mobile Cloud Computing and Its Security and Privacy Challenges

2014 ◽  
pp. 384-407
Author(s):  
Hassan Takabi ◽  
Saman Taghavi Zargar ◽  
James B. D. Joshi
Keyword(s):  
Cloud Computing ◽  
Mobile Cloud Computing ◽  
Security And Privacy ◽  
Mobile Cloud ◽  
Computing Environment ◽  
Mobile Terminals ◽  
Privacy And Security ◽  
Cloud Computing Environment ◽  
Timely Fashion ◽  
Cloud Servers

Mobile cloud computing has grown out of two hot technology trends, mobility and cloud. The emergence of cloud computing and its extension into the mobile domain creates the potential for a global, interconnected mobile cloud computing environment that will allow the entire mobile ecosystem to enrich their services across multiple networks. We can utilize significant optimization and increased operating power offered by cloud computing to enable seamless and transparent use of cloud resources to extend the capability of resource constrained mobile devices. However, in order to realize mobile cloud computing, we need to develop mechanisms to achieve interoperability among heterogeneous and distributed devices. We need solutions to discover best available resources in the cloud servers based on the user demands and approaches to deliver desired resources and services efficiently and in a timely fashion to the mobile terminals. Furthermore, while mobile cloud computing has tremendous potential to enable the mobile terminals to have access to powerful and reliable computing resources anywhere and anytime, we must consider several issues including privacy and security, and reliability in realizing mobile cloud computing. In this chapter, the authors first explore the architectural components required to realize a mobile cloud computing infrastructure. They then discuss mobile cloud computing features with their unique privacy and security implications. They present unique issues of mobile cloud computing that exacerbate privacy and security challenges. They also discuss various approaches to address these challenges and explore the future work needed to provide a trustworthy mobile cloud computing environment.

Sign in / Sign up

Export Citation Format

Share Document