TY - GEN
T1 - Addressing Security Challenges in Cloud Computing - A Pattern-Based Approach
AU - Anand, Priya
AU - Ryoo, Jungwoo
AU - Kim, Hyoungshick
N1 - Funding Information:
ACKNOWLEDGMENT This material is based upon work supported by the National Science Foundation under Grant No. (1514568). This work was also supported in part by the National Research Foundation of Korea (No. 2014R1A1A1003707), the ITRC (IITP-2015-H8501-15-1008), and the NIPA (NIPA-2014- H0301-14-1010). Any opinions, findings, and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of the aforementioned agencies.
Publisher Copyright:
© 2015 IEEE.
PY - 2017/1/10
Y1 - 2017/1/10
N2 - Cloud computing has emerged as a fast-growing paradigm for storing/sharing data and delivering services over the Internet. It provides its users with a way to deal with information or data without investing in any new technology or resources of their own. Although cloud computing environment is viewed as a promising Internet-based computing platform, the security challenges it poses are also equally striking. Despite the rapid advancement of cloud computing technologies, security issues in cloud environments have to be addressed to a greater extent. Cloud security is one of the major issues that hinder the adoption of cloud computing and slow down its acceptance in many sectors. In this paper, we provide an overview of cloud computing, in-depth literature review on cloud security and privacy issues, and its research challenges. We also propose security patterns as a viable solution to cloud security and explain them with a simple template. The research goal of this paper is to provide a better understanding of cloud security and highlight the security concerns that should be addressed to realize the maximum benefits of cloud computing. Security patterns allow cloud developers to use security measures without being security experts. Also, a cloud environment can be reengineered by using security patterns to add missing security features. In this paper, we provide a pattern-based cloud security framework as a good practical approach to ensure security features in cloud environments.
AB - Cloud computing has emerged as a fast-growing paradigm for storing/sharing data and delivering services over the Internet. It provides its users with a way to deal with information or data without investing in any new technology or resources of their own. Although cloud computing environment is viewed as a promising Internet-based computing platform, the security challenges it poses are also equally striking. Despite the rapid advancement of cloud computing technologies, security issues in cloud environments have to be addressed to a greater extent. Cloud security is one of the major issues that hinder the adoption of cloud computing and slow down its acceptance in many sectors. In this paper, we provide an overview of cloud computing, in-depth literature review on cloud security and privacy issues, and its research challenges. We also propose security patterns as a viable solution to cloud security and explain them with a simple template. The research goal of this paper is to provide a better understanding of cloud security and highlight the security concerns that should be addressed to realize the maximum benefits of cloud computing. Security patterns allow cloud developers to use security measures without being security experts. Also, a cloud environment can be reengineered by using security patterns to add missing security features. In this paper, we provide a pattern-based cloud security framework as a good practical approach to ensure security features in cloud environments.
UR - http://www.scopus.com/inward/record.url?scp=85013664318&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85013664318&partnerID=8YFLogxK
U2 - 10.1109/ICSSA.2015.013
DO - 10.1109/ICSSA.2015.013
M3 - Conference contribution
AN - SCOPUS:85013664318
T3 - Proceedings - 2015 1st International Conference on Software Security and Assurance, ICSSA 2015
SP - 13
EP - 18
BT - Proceedings - 2015 1st International Conference on Software Security and Assurance, ICSSA 2015
A2 - Ryoo, Jungwoo
A2 - Kim, Hyoungshick
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 1st International Conference on Software Security and Assurance, ICSSA 2015
Y2 - 27 July 2015
ER -