Understanding Cloud Computing Vulnerabilities

Author

Grobauer, Bernd ; Walloschek, Tobias ; Stöcker, Elmar

Volume

9

Issue

2

fYear

2011

Firstpage

50

Lastpage

57

Abstract

The current discourse about cloud computing security issues makes a well-founded assessment of cloud computing\´s security impact difficult for two primary reasons. First, as is true for many discussions about risk, basic vocabulary such as "risk," "threat," and "vulnerability" are often used as if they were interchangeable, without regard to their respective definitions. Second, not every issue that\´s raised is really specific to cloud computing. We can achieve an accurate understanding of the security issue "delta" that cloud computing really adds by analyzing how cloud computing influences each risk factor. One important factor concerns vulnerabilities: cloud computing makes certain well-understood vulnerabilities more significant and adds new vulnerabilities. Here, the authors define four indicators of cloud-specific vulnerabilities, introduce a security-specific cloud reference architecture, and provide examples of cloud-specific vulnerabilities for each architectural component.

Keywords

cloud computing; risk analysis; security of data; cloud computing security; cloud computing vulnerabilities; cloud specific vulnerabilities; risk factor; security specific cloud reference architecture; Cloud computing; Computer security; Data privacy; Frequency; ISO standards; Information services; Internet; Taxonomy; Vocabulary; Web sites; Risk management; cloud computing; computer systems organization; emerging technologies; network security; security; software engineering;

fLanguage

English

Journal_Title

Security & Privacy, IEEE

Publisher

ieee

ISSN

1540-7993

Type

jour

DOI

10.1109/MSP.2010.115

Filename

5487489