A survey on security challenges in cloud computing: issues,threats, and solutions

Cloud computing has gained huge attention over the past decades because of continuously increasing demands. There are several advantages to organizations moving toward cloud-based data storage solutions. These include simplified IT infrastructure and management, remote access from effectively anywhere in the world with a stable Internet connection and the cost efficiencies that cloud computing can bring. The associated security and privacy challenges in cloud require further exploration. Researchers from academia, industry, and standards organizations have provided potential solutions to these challenges in the previously published studies. The narrative review presented in this survey provides cloud security issues and requirements, identified threats, and known vulnerabilities. In fact, this work aims to analyze the different components of cloud computing as well as present security and privacy problems that these systems face. Moreover, this work presents new classification of recent security solutions that exist in this area. Additionally, this survey introduced various types of security threats which are threatening cloud computing services and also discussed open issues and propose future directions. This paper will focus and explore a detailed knowledge about the security challenges that are faced by cloud entities such as cloud service provider, the data owner, and cloud user.

     

The security challenges for mobile ubiquitous services

It is envisaged that in future mobile ubiquitous environments, users will be able to seamlessly, search, access and consume a rich offering of services and content from an array of Service/Content Providers, whilst they are on the move, anytime, anywhere. Unfortunately, this new computing paradigm also brings along new and unique security challenges. Novel security solutions are therefore required. But, in order for appropriate security solutions to be devised, all possible security threats must first be thoroughly analysed, and the corresponding security requirements be identified. In this paper, we examine the security issues germane to a mobile ubiquitous environment. We then suggest some possible solutions which may be employed to address these security issues. Open research issues are also highlighted.     

Embedded system security

From cars to cell phones, video equipment to MP3 players, and dishwashers to home thermostats - embedded computers increasingly permeate our lives. But security for these systems is an open question and could prove a more difficult long-term problem than security does today for desktop and enterprise computing. Security issues are nothing new for embedded systems. However, as more embedded systems are connected to the Internet, the potential damages from such vulnerabilities scale up dramatically. Internet connections expose applications to intrusions and malicious attacks. Unfortunately, security techniques developed for enterprise and desktop computing might not satisfy embedded application requirements.     

Towards the design of secure and privacy-oriented information systems in the cloud: Identifying the major concepts

One of the major research challenges for the successful deployment of cloud services is a clear understanding of security and privacy issues on a cloud environment, since cloud architecture has dissimilarities compared to traditional distributed systems. Such differences might introduce new threats and require a different treatment of security and privacy issues. It is therefore important to understand security and privacy within the context of cloud computing and identify relevant security and privacy properties and threats that will support techniques and methodologies aimed to analyze and design secure cloud based systems.     

Guest Editors' Introduction: Security & Privacy

Security and privacy concerns touch on all aspects of pervasive computing, including hardware, operating systems, networks, databases, user interfaces, and applications. The seven articles selected for this special issue draw on ideas from many of these fields and provide a flavor of the kinds of security and privacy challenges and opportunities in pervasive computing. This article is part of a special issue on security and privacy.     

IT convergence security

A recent emerging issue in information technology is the convergence of different kinds of applications. Convergence brings a user-centric environment to provide computing and communication services. In order to realize IT advantages, it requires the integration of security and data management to be suitable for pervasive computing environments. Security convergence refers to the convergence of two historically distinct security functions—physical security and information security—within enterprises; both are integral parts of any coherent risk management program. In this special issue, we have discussed current IT-Converged security issues, security policy and new security services which will lead to successful transfer smart space which is a new paradigm of future.     

云计算中心安全问题探讨

云计算是信息技术的创新集成式的变革,它给信息技术提供了新的发展机遇,也给信息中心提供了为社会服务的新平台。同时,在原有的安全问题没有彻底解决之前,又带来了新的安全问题。重点探讨云计算中心的安全问题。     

Advanced mobile and wearable systems

The recent spectacular progress in the microelectronic, information, communication, material and sensor technologies created a big stimulus towards development of smart communicating cyber-physical systems (CPS) and Internet of Things (IoT). CPS and IoT are undergoing an explosive growth to a large degree related to advanced mobile systems like smart automotive and avionic systems, mobile robots and wearable devices. The huge and rapidly developing markets of sophisticated mobile cyber-physical systems represent great opportunities, but these opportunities come with a price of unusual system complexity, as well as, stringent and difficult to satisfy requirements of many modern applications. Specifically, smart cars and various wearable systems to a growing degree involve big instant data from multiple complex sensors or other systems, and are required to provide continuous autonomous service in a long time. In consequence, they demand a guaranteed (ultra-)high performance and/or (ultra-)low energy consumption, while requiring a high reliability, safety and security. To adequately address these demands, sophisticated embedded computing and embedded design technologies are needed. After an introduction to modern mobile systems, this paper discusses the huge heterogeneous area of these systems, and considers serious issues and challenges in their design. Subsequently, it discusses the embedded computing and design technologies needed to adequately address the issues and overcome the challenges in order to satisfy the stringent requirements of the modern mobile systems.     

Tasks of providing information security in distributed computing networks

The issue of providing information security for data and computing resources in grid networks is reviewed. Specific features of architecture of distributed computing networks based on grid platforms are analyzed. Security threats specific for grid systems are typified. The available measures ensuring security for grid systems are considered, and their drawbacks are indicated. The set of applied issues associated with ensuring grid protection from unauthorized access is defined.     

How trustworthy is trusted computing?

One of the biggest issues facing computer technology today is data security. The problem has gotten worse because users are working with sensitive information more often, while the number of threats is growing and hackers are developing new types of attacks. Because of this, many technology experts advocate development of trusted computing (TC) systems that integrate data security into their core operations, rather than implementing it via add-on applications. The paper discusses cryptographic trusted computing and trusted computing initiatives.     

A survey of security in multi-agent systems

Multi-agent systems (MAS) are a relatively new software paradigm that is being widely accepted in several application domains to address large and complex tasks. However, with the use of MAS in open, distributed and heterogeneous applications, the security issues may endanger the success of the application. The goal of this research is to identify the security issues faced by MAS and to survey the current state of the art of this field of knowledge. In order to do it, this paper examines the basic concepts of security in computing, and some characteristics of agents and multi-agent systems that introduce new threats and ways to attack. After this, some models and architectures proposed in the literature are presented and analyzed.     

嵌入式系统的安全启动机制研究与实现

针对目前移动智能平台系统面临的安全威胁,利用可信计算技术解决嵌入式系统的安全问题,是一种可行且高效的安全解决方案。在不改变现有移动设备硬件架构的前提下,提出了一种嵌入式平台系统的安全启动机制,将安全TF卡作为外置可信平台模块,构建了一条从Bootloader到上层应用程序的完整的信任链,该信任链的起点保护在安全TF卡的安全区域内,启动过程中各个组件的度量标准值由安全TF卡中的密钥签名存放。描述了该机制的实现过程,并对其安全性、效率进行了详细的分析测试。实验结果显示,该机制能够抵御针对嵌入式平台的多种攻击,有效保护嵌入式系统安全。     

Multi-dimensional analysis of embedded systems security

The primary goals of this paper are to analyze the security of embedded systems at different levels of abstraction and to propose a new procedure to assess and improve the security of embedded systems during various product life cycle phases. To achieve these goals, this paper introduces new classification of embedded systems attacks using a novel multi-dimensional representation, explores the possible threats to embedded systems, and proposes a new procedure to evaluate and improve the security of embedded systems during various product development phases.     

面向普适计算环境的嵌入式系统研究

服务提供与用户界面自适应问题是普适计算中的重要研究课题。嵌入式系统提供的服务对普适计算的服务起到了重要的支持作用;普适计算任务要获取用户的服务也需要自适应的用户界面来显示服务项目,嵌入式系统的自适应界面是合适的选择。但是,传统的嵌入式系统服务软件不能很好地实现上述目标。针对传统嵌入式系统服务模型的不足,首先总结了面向普适计算的嵌入式系统硬件结构,并将这种结构命名为计算元。随后提出了一种新的嵌入式系统服务提供模型,统一了用户上下文交互的标准信息格式。最后研究了该服务模型的实现。     

移动Agent系统中的安全问题和技术研究综述

移动Agent是分布式计算领域中一种新的计算模式。由于其在异步性、自治性以及移动性等方面的优势,移动Agent技术应用范围日益广泛,而随之而来的系统安全性问题也日益突出。拳文对移动Agent系统中的主要安全威胁做了细致的分析;在此基础上,从主机和Agent两技术方面以及社会角度总结了目前主要存在的安全保障措施;描述并比较了几种具代表性的移动Agent系统及各自的安全实现机制。     

Pervasive computing at scale: Transforming the state of the art

The remarkable recent progress in computing power, sensors and embedded devices, smart phones, wireless communications and networking technologies, combined with emerging data mining techniques, cloud computing and social networking paradigms has enabled us to create pervasive computing systems and services with diverse applications and global accessibility. In this paper, we assess the current state of the art of pervasive computing at scale (PeCS) and look ahead to future directions the field can pursue together with challenges it will need to overcome.     

面向普适计算的自适应模糊访问控制方法

普适环境中的上下文信息是普适访问控制的关键因素,对主体的授权和对主体使用权限过程的控制具有决定性影响。系统安全强度和安全策略应随上下文的变化而动态改变。传统访问控制模型均未考虑上下文对安全强度和安全策略的动态影响,不适合普适计算环境。提出了普适环境下安全强度和安全策略随上下文动态变化的思想,基于区间值模糊集合理论建立了上下文信息相关的产生式规则,设计了一种简单高效的区间值模糊访问控制方法,以提高普适计算系统中安全强度和安全策略的自适应性,更符合普适环境。     

Modeling security as a dependability attribute: a refinement-based approach

As distributed, networked computing systems become the dominant computing platform in a growing range of applications, they increase opportunities for security violations by opening hitherto unknown vulnerabilities. Also, as systems take on more critical functions, they increase the stakes of security by acting as custodians of assets that have great economic or social value. Finally, as perpetrators grow increasingly sophisticated, they increase the threats on system security. Combined, these premises place system security at the forefront of engineering concerns. In this paper, we introduce and discuss a refinement-based model for one dimension of system security, namely survivability.     

面向普适计算的区间值模糊访问控制(英文)

访问控制是普适计算安全的一项关键技术。然而,由于普适计算的分布式、模糊和动态特征,传统的访问控制理论和方法不完全适合普适计算环境下的安全需求。提出普适计算环境下基于区间值模糊集合理论的访问控制新图式,来有效刻画普适计算环境下访问控制的模糊性和不确定性,建立模糊受控系统安全新概念,对模糊受控系统的安全特性进行分析,为普适计算建立模糊访问控制的理论和方法基础。应用实例分析表明,提出的面向普适计算的模糊访问控制是有效的。     

Extensive Study of Cloud Computing Technologies,Threats and Solutions Prospective

Infrastructure as a Service (IaaS) provides logical separation between data, network, applications and machines from the physical constrains of real machines. IaaS is one of the basis of cloud virtualization. Recently, security issues are also gradually emerging with virtualization of cloud computing. Different security aspects of cloud virtualization will be explored in this research paper, security recognizing potential threats or attacks that exploit these vulnerabilities, and what security measures are used to alleviate such threats. In addition, a discussion of general security requirements and the existing security schemes is also provided. As shown in this paper, different components of virtualization environment are targets to various attacks that in turn leads to security issues compromising the whole cloud infrastructure. In this paper an overview of various cloud security aspects is also provided. Different attack scenarios of virtualization environments and security solutions to cater these attacks have been discussed in the paper. We then proceed to discuss API security concerns, data security, hijacking of user account and other security concerns. The aforementioned discussions can be used in the future to propose assessment criteria, which could be useful in analyzing the efficiency of security solutions of virtualization environment in the face of various virtual environment attacks.