跳至主要内容

Cloud Security: Services, Risks, and a Case Study on Amazon Cloud Services

Read full paper at:
http://www.scirp.org/journal/PaperInformation.aspx?PaperID=52580#.VJuJpcCAM4

Recent advances have witnessed the success and popularity of cloud computing, which represents a new business model and computing paradigm. The feature of on-demand provisioning of computational, storage, and bandwidth resources has driven modern businesses into cloud services. The cloud is considered cutting edge technology and it is solely relied on by many large technology, business, and media companies such as Netflix or Salesforce.com. However, in addition to the benefit at hand, security issues have been a long-term concern for cloud computing and are the main barriers of the widespread use of cloud computing. In this paper, we briefly describe some basic security concerns that are of particular interest to cloud technology. We investigate some of the basic cloud concepts and discuss cloud security issues. Amazon Web Services is used as a case study for discussing common cloud terminology. Data security, as well as some cloud specific attacks is introduced. The current state and the future progression of cloud computing is discussed.
Cite this paper
Mosca, P. , Zhang, Y. , Xiao, Z. and Wang, Y. (2014) Cloud Security: Services, Risks, and a Case Study on Amazon Cloud Services. Int'l J. of Communications, Network and System Sciences, 7, 529-535. doi: 10.4236/ijcns.2014.712053.
 

[1] Xiao, Z. and Xiao, Y. (2013) Security and Privacy in Cloud Computing. IEEE Communications Surveys & Tutorials, 15, 843-859.
[2] Cloud Security Alliance (2010) Top Threat to Cloud Computing.
https://cloudsecurityalliance.org/topthreats/csathreats.v1.0.pdf
[3] Amazon: Amazon Glacier. http://aws.amazon.com/glacier/
[4] Quarks Lab (2013) iMessage Privacy. http://blog.quarkslab.com/imessage-privacy.html
[5] Mutch, J. (2010) How to Steal Data from the Cloud.
http://www.cloudbook.net/resources/stories/how-to-steal-data-from-the-cloud
[6] Yorozu, Y., Hirano, M., Oka, K. and Tagawa, Y. (1982) Electron Spectroscopy Studies on Magneto-Optical Media and Plastic Substrate Interface. IEEE Translation Journal on Magnetics in Japan, 2, 740-741.
[7] Amazon: Service Level Agreement. http://aws.amazon.com/ec2-sla/
[8] Kirchgaessner, S. (2013) Cloud Storage Carries Potent Security Risk.
http://www.ft.com/cms/s/0/4729ed7c-3722-11e3-9603-00144feab7de.html
[9] Lemos, R. (2012) Insecure API Implementations Threaten Cloud.
http://www.darkreading.com/cloud/insecure-api-implementations-threaten-cl/232900809
[10] Lemos, R. (2013) Vulnerable APIs Continue to Pose Threat to Cloud.
http://www.darkreading.com/services/vulnerable-apis-continue-to-pose-threat/240146453
[11] Porticor Cloud Security (2013) Did Snowden Compromise the Future of Cloud Security?
http://www.porticor.com/2013/07/cloud-security-snowden/
[12] Amazon: Amazon Web Services. http://aws.amazon.com
[13] SilverSky (2013) The Future of Cloud Computing and the Latest Security Threats.
https://www.silversky.com/blog/the-future-of-cloud-computing-and-the-latest-security-threats
[14] Columbia University (2012) Fog Computing: Mitigating Insider Data Theft Attacks in the Cloud.
http://www.cs.columbia.edu/~angelos/Papers/2012/Fog_Computing_Position_Paper_WRIT_2012.pdf
[15] Amazon: Amazon Machine Image (AMI).
http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/AMIs.html
[16] Amazon: Amazon EBS. http://aws.amazon.com/ebs/
[17] Amazon: Amazon EBS Product Details. http://aws.amazon.com/ebs/details/#snapshots
[18] Amazon: Amazon EC2 Instance Store.
http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/InstanceStorage.html
[19] MailChimp (2014) About API Keys. http://kb.mailchimp.com/accounts/management/about-api-keys
[20] Janssen, C. Full-Disk Encryption (FDE).
http://www.techopedia.com/definition/13623/full-disk-encryption-fde
[21] Cover, R. (2010) Security Assertion Markup Language (SAML). http://xml.coverpages.org/saml.html
[22] United Sates Department of Veterans Affairs (2014) Keyed-Hash Message Authentication Code (HMAC). http://www.va.gov/trm/StandardPage.asp?tid=5296
[23] Goodin, D. (2009) Zeus Bot Found Using Amazon’s EC2 as C&C Server.
http://www.theregister.co.uk/2009/12/09/amazon_ec2_bot_control_channel/
[24] Nahorney, B. and Nicolas, F. (2010) Trojan.Zbot.
http://www.symantec.com/security_response/writeup.jsp?docid=2010-011016-3514-99
[25] Acunetix: Cross Site Scripting Attack. https://www.acunetix.com/websitesecurity/cross-site-scripting/
[26] Amazon: Multi-Factor Authentication. http://aws.amazon.com/iam/details/mfa/
[27] The Guardian: The NSA Files. http://www.theguardian.com/world/the-nsa-files
[28] SilverSky (2013) About Us. https://www.silversky.com/about-useww141225lx

评论

此博客中的热门博文

Electron Spin and Proton Spin in the Hydrogen and Hydrogen-Like Atomic Systems

Read full paper at: http://www.scirp.org/journal/PaperInformation.aspx?PaperID=52202#.VIj7tMnQrzE Author(s) Stanisław Olszewski * Affiliation(s) Institute of Physical Chemistry, Polish Academy of Sciences, Warsaw, Poland . ABSTRACT The mechanical angular momentum and magnetic moment of the electron and proton spin have been calculated semiclassically with the aid of the uncertainty principle for energy and time. The spin effects of both kinds of the elementary particles can be expressed in terms of similar formulae. The quantization of the spin motion has been done on the basis of the old quantum theory. It gives a quantum number n = 1/2 as the index of the spin state acceptable for both the electron and proton ...

A Study on the Seismic Isolation Systems of Bridges with Lead Rubber Bearings

Read full paper at: http://www.scirp.org/journal/PaperInformation.aspx?PaperID=52566#.VJt06cCAM4 Author(s)   Woo-Suk Kim , Dong-Joon Ahn , Jong-Kook Lee Affiliation(s) School of Architecture, Kumoh National Institute of Technology, Gumi, Republic of Korea . ABSTRACT This study consists of the development and presentation of example of seismic isolation system analysis and design for a continuous, 3-span, cast-in-place concrete box girder bridge. It is expected that example is developed for all Lead-Rubber Bearing (LRB) seismic isolation system on piers and abutments which placed in between super-structure and sub-structure. Design forces, displacements, and drifts are given distinctive consideration in...

Effects of Karate Training on Basic Motor Abilities of Primary School Children

“You never attack first in karate” might be the best conclusion of karate, which is a martial art practiced typically without weapons. It’s reported that karate has a long history for several hundred years, but the modern karate was spread to the whole Japan from Okinawa in the early part of 20th century. Now it has become one of the most widely practiced martial art forms in the world. Usually, it’s divided into Kihon, Kata and Kumite. As for the beginners, Kihon is more suitable for them because it involves basic techniques. Due to karate consists of dynamic offensive and defensive techniques using all parts of the body to their maximum advantage, the best understanding of true karate practice is the perfection of oneself through the perfection of the art. It not only develops coordination, quickens reflexes, and builds stamina, but also develops composure, a clearer thought process, deeper insight into one’s mental capabilities, and more self-confidence. So many researchers stu...