메뉴 건너뛰기




Volumn 4, Issue 1, 2015, Pages

Security transparency: the next frontier for security research in the cloud

Author keywords

Cloud Services; Mutual audits; Security and protection; Security transparency; Trusted cloud services

Indexed keywords

CLOUD COMPUTING; DISTRIBUTED DATABASE SYSTEMS; MOBILE SECURITY; TRANSPARENCY; UBIQUITOUS COMPUTING; WEB SERVICES;

EID: 85006218746     PISSN: None     EISSN: 2192113X     Source Type: Journal    
DOI: 10.1186/s13677-015-0037-5     Document Type: Article
Times cited : (40)

References (75)
  • 1
    • 85012229582 scopus 로고    scopus 로고
    • Security in the cloud
    • ACM digital library, New York
    • Anthes G (2010) Security in the cloud. Communication of the ACM 53(11):16–18, ACM digital library, New York
    • (2010) Communication of the ACM , vol.53 , Issue.11 , pp. 16-18
    • Anthes, G.1
  • 2
    • 85006206390 scopus 로고    scopus 로고
    • Cloud computing. Accessed 11th February
    • Schneier B (2009) Cloud computing. Accessed 11th February, 2014 from http://www.schneier.com/blog/archives/2009/06/cloud_computing.html
    • (2009) 2014 from
    • Schneier, B.1
  • 4
    • 84857373304 scopus 로고    scopus 로고
    • Commentary: Cloud computing – A security problem or solution? Information Security Technical Report, 16 (3–4), pp. 89–96
    • Dorey P.G., Leite A. (2011) Commentary: Cloud computing – A security problem or solution? Information Security Technical Report, 16 (3–4), pp. 89–96, Elsevier
    • (2011) Elsevier
    • Dorey, P.G.1    Leite, A.2
  • 5
    • 84902324713 scopus 로고    scopus 로고
    • Cloud Computing Adoption Factors and Processes for Enterprises - A Systematic Literature Review
    • Springer, Berlin
    • El-Gazzar RF (2013) Cloud Computing Adoption Factors and Processes for Enterprises - A Systematic Literature Review. In: Proceedings of CLOSER. Springer, Berlin, pp 78–87
    • (2013) Proceedings of CLOSER , pp. 78-87
    • El-Gazzar, R.F.1
  • 6
    • 78649322624 scopus 로고    scopus 로고
    • A survey on security issues in service delivery models of cloud computing
    • Elsevier
    • Subashini S, Kavitha V (2011) A survey on security issues in service delivery models of cloud computing. J Netw Comput Appl 34(1):1–11, Elsevier
    • (2011) J Netw Comput Appl , vol.34 , Issue.1
    • Subashini, S.1    Kavitha, V.2
  • 7
    • 78650558794 scopus 로고    scopus 로고
    • Secure virtualization for cloud computing
    • Elsevier
    • Lombardi F, Di Pietro R (2011) Secure virtualization for cloud computing. J Netw Comput Appl 34(4):1113–22, Elsevier
    • (2011) J Netw Comput Appl , vol.34 , Issue.4 , pp. 1113-1122
    • Lombardi, F.1    Di Pietro, R.2
  • 9
    • 79751493181 scopus 로고    scopus 로고
    • Locking the sky: a survey on IaaS cloud security
    • Springer, Vienna
    • Vaquero LM, Rodero-Merino L, Morán D (2011) Locking the sky: a survey on IaaS cloud security. Computing 91(1):93–118, Springer, Vienna
    • (2011) Computing , vol.91 , Issue.1 , pp. 93-118
    • Vaquero, L.M.1    Rodero-Merino, L.2    Morán, D.3
  • 10
    • 85006232565 scopus 로고    scopus 로고
    • What’s New About Cloud Computing Security? Report EECS Department, University of California, Berkeley. Accessed September 13
    • Chen Y, Paxson V, Katz RH (2010). What’s New About Cloud Computing Security? Report EECS Department, University of California, Berkeley. Accessed September 13, 2012 from http://www.eecs.berkeley.edu/Pubs/TechRpts/2010/EECS-2010-5.html
    • (2010) 2012 from
    • Chen, Y.1    Paxson, V.2    Katz, R.H.3
  • 13
    • 79952483316 scopus 로고    scopus 로고
    • User Experience and Security in the Cloud -- An Empirical Study in the Finnish Cloud Consortium
    • IEEExplore, Indianapolis
    • Oza NV, Karppinen K, Savola R (2010) User Experience and Security in the Cloud -- An Empirical Study in the Finnish Cloud Consortium. In: Proceeding of CloudCom. IEEExplore, Indianapolis, pp 621–628
    • (2010) Proceeding of CloudCom , pp. 621-628
    • Oza, N.V.1    Karppinen, K.2    Savola, R.3
  • 15
    • 84857359528 scopus 로고    scopus 로고
    • Internet cloud security: the illusion of inclusion
    • Elsevier
    • Teneyuca D (2011) Internet cloud security: the illusion of inclusion. Info Security Technical Report 16(3–4):102–7, Elsevier
    • (2011) Info Security Technical Report , vol.16 , Issue.3-4 , pp. 102-107
    • Teneyuca, D.1
  • 16
    • 85006211871 scopus 로고    scopus 로고
    • Top Threats to Cloud Computing
    • Cloud Security Alliance (2010) Top Threats to Cloud Computing. Accessed 21 March 2014 from https://cloudsecurityalliance.org/topthreats/csathreats.v1.0.pdf
    • (2010) Accessed 21 March 2014 from
    • Alliance, C.S.1
  • 17
    • 84937458588 scopus 로고    scopus 로고
    • Ouedraogo M, Islam S (2015) Towards the Integration of Security Transparency in the Modelling and Design of Cloud Based Systems, In proceedings of CAiSE Workshops 2015: 495-506, Lecture Notes in Business Information Processing Springer International Publishing Switzerland.
    • Ouedraogo M, Islam S (2015) Towards the Integration of Security Transparency in the Modelling and Design of Cloud Based Systems, In proceedings of CAiSE Workshops 2015: 495-506, Lecture Notes in Business Information Processing Springer International Publishing Switzerland.
  • 20
    • 85006204181 scopus 로고    scopus 로고
    • rd October
    • rd October, 2014 from http://www.cloudsecurityalliance.org/guidance/csaguide.v2.1.pdf
    • (2011) 2014 from
    • Alliance, C.S.1
  • 21
    • 85006229746 scopus 로고    scopus 로고
    • rd March
    • rd March, 2014 from http://www.cloudsecurityalliance.org/guidance/csaguide.v3.0.pdf
    • (2009) 2014 from
    • Alliance, C.S.1
  • 23
    • 85006224896 scopus 로고    scopus 로고
    • Cloud computing outages: Amazon customers the latest to suffer downtime
    • Brodkin J. (2009) Cloud computing outages: Amazon customers the latest to suffer downtime. Accessed 12th March 2014 from: http://www.networkworld.com/community/node/48961
    • (2009) Accessed 12th March 2014 from:
    • Brodkin, J.1
  • 24
    • 85006204966 scopus 로고    scopus 로고
    • The Notorious Nine Cloud Computing Top Threats in 2013
    • Cloud Security Alliance. (2013) The Notorious Nine Cloud Computing Top Threats in 2013. Accessed 20 October 2014 from https://cloudsecurityalliance.org/download/the-notorious-nine-cloud-computing-top-threats-in-2013/
    • (2013) Accessed 20 October 2014 from
    • Alliance, C.S.1
  • 25
    • 85006224901 scopus 로고    scopus 로고
    • Cybercriminals move to the cloud, Accessed 12th December
    • Mills E. (2012) Cybercriminals move to the cloud, Accessed 12th December, 2013 from: http://news.cnet.com/8301-1009_3-57464177-83/cybercrime-moves-to-the-cloud/
    • (2012) 2013 from:
    • Mills, E.1
  • 26
    • 85006221059 scopus 로고    scopus 로고
    • Dissecting Operation High Roller
    • McAfee and Guardian Analytics. (2012) Dissecting Operation High Roller. Accessed 10 February 2014 from: http://www.mcafee.com/mx/resources/reports/rp-operation-high-roller.pdf
    • (2012) Accessed 10 February 2014 from:
  • 27
    • 84866131522 scopus 로고    scopus 로고
    • State-of-the-art cloud computing security taxonomies: a classification of security challenges in the present cloud computing environment
    • ACM digital library, New York
    • Srinivasan MK, Sarukesi K, Rodrigues P, Manoj SM, Revathy P (2012) State-of-the-art cloud computing security taxonomies: a classification of security challenges in the present cloud computing environment. In: Proceeding of ICACCI. ACM digital library, New York, pp 470–476
    • (2012) Proceeding of ICACCI , pp. 470-476
    • Srinivasan, M.K.1    Sarukesi, K.2    Rodrigues, P.3    Manoj, S.M.4    Revathy, P.5
  • 28
    • 84873879352 scopus 로고    scopus 로고
    • Securing the cloud- cloud computer security techniques and tactics
    • Winkler V. (2011) Securing the cloud- cloud computer security techniques and tactics. Syngress
    • (2011) Syngress
    • Winkler, V.1
  • 32
    • 83255176185 scopus 로고    scopus 로고
    • Towards an architecture for monitoring private clouds
    • IEEE
    • De Chaves SA, Uriarte RB, Westphall CB (2011) Towards an architecture for monitoring private clouds. IEEE Commun Mag 49(12):130–7, IEEE
    • (2011) IEEE Commun Mag , vol.49 , Issue.12 , pp. 130-137
    • De Chaves, S.A.1    Uriarte, R.B.2    Westphall, C.B.3
  • 35
    • 84899752948 scopus 로고    scopus 로고
    • Security as a Service Using an SLA-based Approach via SPECS. In:Proceedings of IEEE 5th International Conference on Cloud Computing Technology and Science (CloudCom), pp, 1 – 6
    • Rak M, Luna J, Petcu D, Casola V, Suri N, Villano U. (2013) Security as a Service Using an SLA-based Approach via SPECS. In:Proceedings of IEEE 5th International Conference on Cloud Computing Technology and Science (CloudCom), pp, 1 – 6, IEEE
    • (2013) IEEE
    • Rak, M.1    Luna, J.2    Petcu, D.3    Casola, V.4    Suri, N.5    Villano, U.6
  • 41
    • 84925854020 scopus 로고    scopus 로고
    • Optimal negotiation of SLA in federated cloud using multiobjective genetic algorithms
    • IEEExplore, New York
    • Maity S, Chaudhuri A (2014) Optimal negotiation of SLA in federated cloud using multiobjective genetic algorithms. In: Proceedings of CLOUDNET 2014. IEEExplore, New York, pp 269–271
    • (2014) Proceedings of CLOUDNET 2014 , pp. 269-271
    • Maity, S.1    Chaudhuri, A.2
  • 43
    • 84928617949 scopus 로고    scopus 로고
    • A taxonomy for SLA-based monitoring of cloud security
    • Petcu D (2014) A taxonomy for SLA-based monitoring of cloud security. COMPSAC 2014:640–1
    • (2014) COMPSAC , vol.2014 , pp. 640-641
    • Petcu, D.1
  • 45
    • 84873696561 scopus 로고    scopus 로고
    • Cloud services certification
    • ACM digital Library, New York
    • Sunyaev A, Schneider S (2013) Cloud services certification. Communication of the ACM 56(2):33–36, ACM digital Library, New York
    • (2013) Communication of the ACM , vol.56 , Issue.2 , pp. 33-36
    • Sunyaev, A.1    Schneider, S.2
  • 47
    • 85006205022 scopus 로고    scopus 로고
    • TÜV Rheinland’s. (2014) certification for cloud providers, Accessed on 20th October 2014 from: //
    • TÜV Rheinland’s. (2014) certification for cloud providers, Accessed on 20th October 2014 from: //www.tuv.com/en/corporate/business_customers/information_scuriy_cw/strategic_information_security/cloud_security_certification/cloud_security_certification.html
  • 49
    • 85006183974 scopus 로고    scopus 로고
    • Statement on Auditing Standards (SAS) n°70. Accessed October 20, 2013
    • AICPA. (2012) Statement on Auditing Standards (SAS) n°70. Accessed October 20, 2013. from http://sas70.com/sas70_overview.html
    • (2012) from
  • 52
    • 84883065229 scopus 로고    scopus 로고
    • Searching over encrypted data in cloud systems, in: Proceedings of SACMAT 2013, pp.87-88
    • Kerschbaum F.(2013) Searching over encrypted data in cloud systems, in: Proceedings of SACMAT 2013, pp.87-88, ACM ditigal library
    • (2013) ACM ditigal library
    • Kerschbaum, F.1
  • 53
    • 84863498079 scopus 로고    scopus 로고
    • Efficient audit service outsourcing for data integrity in clouds
    • Elsevier
    • Zhu Y, Hu H, Ahn GJ, Yau SS (2012) Efficient audit service outsourcing for data integrity in clouds. J Syst Softw 85(5):108–1095, Elsevier
    • (2012) J Syst Softw , vol.85 , Issue.5 , pp. 108-1095
    • Zhu, Y.1    Hu, H.2    Ahn, G.J.3    Yau, S.S.4
  • 55
    • 84862629748 scopus 로고    scopus 로고
    • On-the-fly multiparty computation on the cloud via multikey fully homomorphic encryption
    • ACM, New York
    • López-Alt A, Tromer E, Vaikuntanathan V (2012) On-the-fly multiparty computation on the cloud via multikey fully homomorphic encryption. In: Proceedings of STOC 2012. ACM, New York, pp 1219–1234
    • (2012) Proceedings of STOC 2012 , pp. 1219-1234
    • López-Alt, A.1    Tromer, E.2    Vaikuntanathan, V.3
  • 56
    • 79951785506 scopus 로고    scopus 로고
    • Cryptographic cloud storage
    • Workshop on Real-Life Cryptographic, Protocols and Standardization, Springer, Heidelberg
    • Kamara S, Lauter K (2010) Cryptographic cloud storage. In: Proceedings of Financial Cryptography. Workshop on Real-Life Cryptographic, Protocols and Standardization, Springer, Heidelberg
    • (2010) Proceedings of Financial Cryptography
    • Kamara, S.1    Lauter, K.2
  • 60
    • 84886742288 scopus 로고    scopus 로고
    • Cloud Audits and Privacy Risks. In: Proceedings of OTM conferences, LNCS V8185, pp 403–4013
    • Rübsamen T., Reich C. (2013) Cloud Audits and Privacy Risks. In: Proceedings of OTM conferences, LNCS V8185, pp 403–4013, Springer
    • (2013) Springer
    • Rübsamen, T.1    Reich, C.2
  • 63
    • 84872680749 scopus 로고    scopus 로고
    • Taxonomy of quality metrics for assessing assurance of security correctness’
    • Springer, US
    • Ouedraogo M, Savola R, Mouratidis H, Preston D, Kadraoui D, Dubois E (2013) Taxonomy of quality metrics for assessing assurance of security correctness’. Softw Qual J 21(1):67–97, Springer, US
    • (2013) Softw Qual J , vol.21 , Issue.1 , pp. 67-97
    • Ouedraogo, M.1    Savola, R.2    Mouratidis, H.3    Preston, D.4    Kadraoui, D.5    Dubois, E.6
  • 65
    • 84885175490 scopus 로고    scopus 로고
    • Selecting a cloud service provider in the age of cybercrime, Computers & Security, vol.38, pp.3-13 Special issue on Cybercrime in the Digital Economy
    • Ouedraogo M, Mouratidis M. (2013) Selecting a cloud service provider in the age of cybercrime, Computers & Security, vol.38, pp.3-13 Special issue on Cybercrime in the Digital Economy, Elsevier
    • (2013) Elsevier
    • Ouedraogo, M.1    Mouratidis, M.2
  • 66
    • 78650059753 scopus 로고    scopus 로고
    • Cloud provider transparency: an empirical evaluation
    • IEEExplore, New York
    • Pauley W (2010) Cloud provider transparency: an empirical evaluation. IEEE Security & Privacy 8(6):32–3, IEEExplore, New York
    • (2010) IEEE Security & Privacy , vol.8 , Issue.6 , pp. 32-33
    • Pauley, W.1
  • 67
    • 85006208320 scopus 로고    scopus 로고
    • Event Processing in Action. Manning Publications Company 2010, ISBN 978-1-935182-21-4, pp
    • Etzion O., Niblett P. (2010) Event Processing in Action. Manning Publications Company 2010, ISBN 978-1-935182-21-4, pp. I-XXIV, 1–360
    • (2010) I-XXIV
    • Etzion, O.1    Niblett, P.2
  • 69
    • 84856946836 scopus 로고    scopus 로고
    • Real-time complex event recognition and reasoning-a logic programming approach
    • Anicic D, Rudolph S, Fodor P, Stojanovic N (2012) Real-time complex event recognition and reasoning-a logic programming approach. Appl Artif Intell 26(1–2):6–57
    • (2012) Appl Artif Intell , vol.26 , Issue.1-2 , pp. 6-57
    • Anicic, D.1    Rudolph, S.2    Fodor, P.3    Stojanovic, N.4
  • 70
    • 84861348392 scopus 로고    scopus 로고
    • Complex event processing with T-REX
    • Cugola G, Margara A (2012) Complex event processing with T-REX. J Syst Softw 85(8):1709–28
    • (2012) J Syst Softw , vol.85 , Issue.8 , pp. 1709-1728
    • Cugola, G.1    Margara, A.2
  • 74
    • 36549031203 scopus 로고    scopus 로고
    • JADE: A software framework for developing multi-agent applications. lessons learned
    • Bellifemine F, Caire G, Poggi A, Rimassa G (2008) JADE: A software framework for developing multi-agent applications. lessons learned. Information & Software Technology 50(1–2):10–21
    • (2008) Information & Software Technology , vol.50 , Issue.1-2 , pp. 10-21
    • Bellifemine, F.1    Caire, G.2    Poggi, A.3    Rimassa, G.4


* 이 정보는 Elsevier사의 SCOPUS DB에서 KISTI가 분석하여 추출한 것입니다.