{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,5,2]],"date-time":"2025-05-02T04:13:00Z","timestamp":1746159180947,"version":"3.40.4"},"publisher-location":"New York, NY","reference-count":41,"publisher":"Springer New York","isbn-type":[{"type":"print","value":"9781461492771"},{"type":"electronic","value":"9781461492788"}],"license":[{"start":{"date-parts":[[2013,12,7]],"date-time":"2013-12-07T00:00:00Z","timestamp":1386374400000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2013,12,7]],"date-time":"2013-12-07T00:00:00Z","timestamp":1386374400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2014]]},"DOI":"10.1007\/978-1-4614-9278-8_10","type":"book-chapter","created":{"date-parts":[[2014,1,23]],"date-time":"2014-01-23T08:28:40Z","timestamp":1390465720000},"page":"213-238","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":4,"title":["Towards Data Confidentiality and a Vulnerability Analysis Framework for Cloud Computing"],"prefix":"10.1007","author":[{"given":"Kerim Y.","family":"Oktay","sequence":"first","affiliation":[]},{"given":"Mahadevan","family":"Gomathisankaran","sequence":"additional","affiliation":[]},{"given":"Murat","family":"Kantarcioglu","sequence":"additional","affiliation":[]},{"given":"Sharad","family":"Mehrotra","sequence":"additional","affiliation":[]},{"given":"Anoop","family":"Singhal","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2013,12,7]]},"reference":[{"key":"10_CR1","unstructured":"M.\u00a0Lev-Ram. Why Zynga loves the hybrid cloud. http:\/\/tech.fortune.cnn.com\/2012\/04\/09\/zynga-2\/?iid=HP_LN, 2012."},{"key":"10_CR2","unstructured":"L.\u00a0Mearian. EMC\u2019s Tucci sees hybrid cloud becoming de facto standard. http:\/\/www.computerworld.com\/s\/article\/9216573\/EMC_s_Tucci_sees_hybrid_cloud_becoming_de_facto_standard, 2011."},{"key":"10_CR3","doi-asserted-by":"crossref","unstructured":"K.\u00a0Zhang, X\u2013y.\u00a0Zhou, Y.\u00a0Chen, XF.\u00a0Wang, and Y.\u00a0Ruan. Sedic: privacy-aware data intensive computing on hybrid clouds. In ACM Conference on Computer and Communications Security, pages 515\u2013526, 2011.","DOI":"10.1145\/2046707.2046767"},{"key":"10_CR4","doi-asserted-by":"crossref","unstructured":"K.\u00a0Y.\u00a0Oktay, V.\u00a0Khadilkar, B.\u00a0Hore, M.\u00a0Kantarcioglu, S.\u00a0Mehrotra, and B.\u00a0Thuraisingham. Risk-Aware Workload Distribution in Hybrid Clouds. In IEEE CLOUD, pages 229\u2013236, 2012.","DOI":"10.1109\/CLOUD.2012.128"},{"key":"10_CR5","unstructured":"Hybrid Cloud. The NIST Definition of Cloud Computing. National Institute of Science and Technology, Special Publication, 800-145, 2011."},{"key":"10_CR6","doi-asserted-by":"crossref","unstructured":"M.\u00a0R.\u00a0Fouad, G.\u00a0Lebanon, and E.\u00a0Bertino. ARUBA: A Risk-Utility-Based Algorithm for Data Disclosure. In Secure Data Management, pages 32\u201349, 2008.","DOI":"10.1007\/978-3-540-85259-9_3"},{"key":"10_CR7","doi-asserted-by":"crossref","unstructured":"S.\u00a0Trabelsi, V.\u00a0Salzgeber, M.\u00a0Bezzi, and G.\u00a0Montagnon. Data disclosure risk evaluation. In CRiSIS, pages 35\u201372, 2009.","DOI":"10.1109\/CRISIS.2009.5411979"},{"key":"10_CR8","doi-asserted-by":"crossref","unstructured":"Tomasz Nykiel, Michalis Potamias, Chaitanya Mishra, George Kollios, and Nick Koudas. 2010. MRShare: sharing across multiple queries in MapReduce. Proc. VLDB Endow. 3, 1\u20132 (September 2010), 494\u2013505.","DOI":"10.14778\/1920841.1920906"},{"key":"10_CR9","doi-asserted-by":"crossref","unstructured":"Jeffrey Dean and Sanjay Ghemawat. 2008. MapReduce: simplified data processing on large clusters. Commun. ACM 51, 1 (January 2008), 107\u2013113.","DOI":"10.1145\/1327452.1327492"},{"key":"10_CR10","unstructured":"Apache Hadoop. http:\/\/hadoop.apache.org\/."},{"key":"10_CR11","doi-asserted-by":"crossref","unstructured":"H.\u00a0Hacig\u00fcm\u00fc\u015f, B.\u00a0R.\u00a0Iyer, C.\u00a0Li, and S.\u00a0Mehrotra. Executing SQL over encrypted data in the database-service-provider model. In SIGMOD, pages 216\u2013227, 2002.","DOI":"10.1145\/564691.564717"},{"key":"10_CR12","doi-asserted-by":"crossref","unstructured":"Kehuan Zhang, Xiaoyong Zhou, Yangyi Chen, XiaoFeng Wang, and Yaoping Ruan. 2011. Sedic: privacy-aware data intensive computing on hybrid clouds. In Proceedings of the 18th ACM conference on Computer and communications security (CCS \u201911). ACM, New York, NY, USA, 515\u2013526.","DOI":"10.1145\/2046707.2046767"},{"key":"10_CR13","doi-asserted-by":"crossref","unstructured":"Bijit Hore, Sharad Mehrotra, Hakan Hacig\u00fcm\u00fc\u00e7, Managing and querying encrypted data, Handbook of Database Security, Editors: Michael Gertz and Sushil Jajodia, Pages 163\u2013190, Publisher, Springer US 2008\/1\/1","DOI":"10.1007\/978-0-387-48533-1_7"},{"key":"10_CR14","volume-title":"Search over Encrypted Data","author":"Ali Bagherzandi","year":"2011","unstructured":"Ali Bagherzandi, Bijit Hore, Sharad Mehrotra, Search over Encrypted Data, In Encyclopedia of Cryptography and Security, Springer 2011"},{"key":"10_CR15","volume-title":"Sharad Mehrotra","author":"Hakan Hacigumus","year":"2011","unstructured":"Hakan Hacigumus, Bijit Hore, Sharad Mehrotra, Privacy of Outsourced Data In Encyclopedia of Cryptography and Security, Springer 2011"},{"key":"10_CR16","volume-title":"Bala Iyer","author":"Hakan Hacigumus","year":"2002","unstructured":"Hakan Hacigumus, Bala Iyer, Sharad Mehrotra, Providing Database as a Service, IEEE International Conference in Data Engineering, 2002"},{"key":"10_CR17","unstructured":"T. Erasmus. The heavy metal that poisoned the droid. Tech. rep. MWR Info Security, 2012. URL: http:\/\/labs.mwrinfosecurity.com\/tools\/2012\/03\/16\/mercury\/documentation\/white-paper\/."},{"key":"10_CR18","doi-asserted-by":"crossref","unstructured":"Aaron Steele. Ontological Vulnerability Assessment. In: Web Information Systems Engineering WISE 2008 Workshops. Ed. by Sven Hartmann, Xiaofang Zhou, and Markus Kirchberg. Vol. 5176. Lecture Notes in Computer Science. Springer Berlin Heidelberg, 2008, pp.\u00a024\u201335. ISBN: 978-3-540-85199-8. URL: http:\/\/dx.doi.org\/10.1007\/978-3-540-85200-15.","DOI":"10.1007\/978-3-540-85200-1_5"},{"key":"10_CR19","first-page":"67","volume":"2012","author":"Srujan Kotikela, Krishna Kavi, and Mahadevan Gomathisankaran. Vulnerability Assessment in Cloud Computing. In: The 2012 International Conference on Security Management (SAM 2012). Ed. by Kevin Daimi and Hamid R Arabnia. WORLDCOMP","year":"2012","unstructured":"Srujan Kotikela, Krishna Kavi, and Mahadevan Gomathisankaran. Vulnerability Assessment in Cloud Computing. In: The 2012 International Conference on Security Management (SAM 2012). Ed. by Kevin Daimi and Hamid R Arabnia. WORLDCOMP 2012. July 16\u201319, 2012, Las Vegas, Nevada, USA: CSREA Press, 2012, pp.\u00a067\u201373.","journal-title":"Las Vegas, Nevada, USA: CSREA Press"},{"key":"10_CR20","unstructured":"National Vulnerability Database. NIST. 2012. URL: http:\/\/nvd.nist.gov\/."},{"key":"10_CR21","unstructured":"Metasploit Auxiliary Module and Exploit Database (DB). Metasploit."},{"key":"10_CR22","volume-title":"An Ontology-based Approach to Model Common Vulnerabilities and Exposures in Information Security","author":"M. Guo","year":"2009","unstructured":"M. Guo and J.A. Wang. An Ontology-based Approach to Model Common Vulnerabilities and Exposures in Information Security. In: ASEE Southest Section Conference. 2009."},{"key":"10_CR23","doi-asserted-by":"crossref","unstructured":"Ju An Wang and Minzhe Guo. OVM: an ontology for vulnerability management. In: Proceedings of the 5th Annual Workshop on Cyber Security and Information Intelligence Research: Cyber Security and Information Intelligence Challenges and Strategies. CSIIRW 09. Oak Ridge, Tennessee: ACM, 2009, 34:1\u201334:4. ISBN: 978-1-60558-518-5. URL: http:\/\/doi.acm.org\/10.1145\/1558607.1558646.","DOI":"10.1145\/1558607.1558646"},{"key":"10_CR24","first-page":"386","volume":"2008","author":"R. Paul, I.L. Yen, F. Bastani, J. Dong, W.T. Tsai, K. Kavi, A. Ghafoor, and J. Srivastava. An Ontology-Based Integrated Assessment Framework for High-Assurance Systems. In: Semantic Computing","year":"2008","unstructured":"R. Paul, I.L. Yen, F. Bastani, J. Dong, W.T. Tsai, K. Kavi, A. Ghafoor, and J. Srivastava. An Ontology-Based Integrated Assessment Framework for High-Assurance Systems. In: Semantic Computing, 2008 IEEE International Conference on. IEEE. 2008, pp.\u00a0386\u2013393.","journal-title":"IEEE."},{"key":"10_CR25","doi-asserted-by":"crossref","unstructured":"Ju An Wang, Minzhe Guo, Hao Wang, Min Xia, and Linfeng Zhou. Ontology-based security assessment for software products. In: Proceedings of the 5th Annual Workshop on Cyber Security and Information Intelligence Research: Cyber Security and Information Intelligence Challenges and Strategies. CSIIRW 09. Oak Ridge, Tennessee: ACM, 2009, 15:1\u201315:4. ISBN: 978-1-60558-518-5. URL: http:\/\/doi.acm.org\/10.1145\/1558607.1558625.","DOI":"10.1145\/1558607.1558625"},{"key":"10_CR26","doi-asserted-by":"crossref","unstructured":"Anoop Singhal and Duminda Wijesekera. Ontologies for modeling enterprise level security metrics. In: Proceedings of the Sixth Annual Workshop on Cyber Security and Information Intelligence Research. CSIIRW 10. Oak Ridge, Tennessee: ACM, 2010, 58:1\u201358:3. ISBN: 978-1-4503-0017-9. URL: http:\/\/doi.acm.org\/10.1145\/1852666.1852731http:\/\/doi.acm.org\/10.1145\/1852666.1852731.","DOI":"10.1145\/1852666.1852731"},{"key":"10_CR27","doi-asserted-by":"crossref","unstructured":"Xusheng Xiao, Amit Paradkar, Suresh Thummalapenta, and Tao Xie. Automated extraction of security policies from natural-language software documents. In: Proceedings of the ACM SIGSOFT 20th International Symposium on the Foundations of Software Engineering. FSE 12. Cary, North Carolina: ACM, 2012, 12:1\u201312:11. ISBN: 978-1-4503-1614-9. URL: http:\/\/doi.acm.org\/10.1145\/2393596.2393608.","DOI":"10.1145\/2393596.2393608"},{"key":"10_CR28","unstructured":"Nora Yahia, Sahar A. Mokhtar, and AbdelWahab Ahmed. Automatic Generation of OWL Ontology from XML Data Source. In: CoRR abs\/1206.0570 (2012)."},{"key":"10_CR29","volume-title":"Automatic ontology generation: State of the art","author":"I. Bedini","year":"2007","unstructured":"I. Bedini and B. Nguyen. Automatic ontology generation: State of the art. In: PRiSM Laboratory Technical Report. University of Versailles (2007)."},{"key":"10_CR30","volume-title":"Classes of vulnerabilities and attacks","author":"P. Meunier","year":"2008","unstructured":"P. Meunier. Classes of vulnerabilities and attacks. In: Wiley Handbook of Science and Technology for Homeland Security (2008)."},{"key":"10_CR31","unstructured":"Timothy Vidas, Daniel Votipka, and Nicolas Christin. All your droid are belong to us: a survey of current android attacks. In: Proceedings of the 5th USENIX conference on Offensive technologies. WOOT11. San Francisco, CA: USENIX Association, 2011, pp.\u00a010\u201310. URL: http:\/\/dl.acm.org\/citation.cfm?id=2028052.2028062http:\/\/dl.acm.org\/citation.cfm?id=2028052.2028062."},{"key":"10_CR32","doi-asserted-by":"crossref","DOI":"10.6028\/NIST.IR.7788","volume-title":"Security Risk Analysis of Enterprise Networks Using Probabilistic Attack Graphs","author":"A. Singhal","year":"2011","unstructured":"A. Singhal and X. Ou. Security Risk Analysis of Enterprise Networks Using Probabilistic Attack Graphs. In: NIST InterAgency Report (2011)."},{"key":"10_CR33","volume-title":"Tools for generating and analyzing attack graphs","author":"O. Sheyner","year":"2004","unstructured":"O. Sheyner and J. Wing. Tools for generating and analyzing attack graphs. In: Formal methods for components and objects. Springer. 2004, pp.\u00a0344\u2013371."},{"key":"10_CR34","unstructured":"T. Heberlein, M. Bishop, E. Ceesay, M. Danforth, CG Senthilkumar, and T. Stallard. A Taxonomy for Comparing Attack-Graph Approaches. Tech. rep. Submitted to ARDA. Net Squared, Inc., 2004. URL: http:\/\/www.netsq.com\/Documents\/AttackGraphPaper.pdf."},{"key":"10_CR35","unstructured":"Security Content Automation Protocol. NIST. 2012. URL: http:\/\/scap.nist.gov\/."},{"key":"10_CR36","unstructured":"Common Vulnerabilities and Exposures. MITRE. 2012. URL: http:\/\/cve.mitre.org\/."},{"key":"10_CR37","unstructured":"Common Weakness Enumeration. MITRE. 2012. URL: http:\/\/cwe.mitre.org\/."},{"key":"10_CR38","unstructured":"Common Platform Enumeration. MITRE. 2012. URL: http:\/\/cpe.mitre.org\/."},{"key":"10_CR39","unstructured":"Common Vulnerability Scoring System. FIRST. 2012. URL: http:\/\/www.first.org\/cvss."},{"key":"10_CR40","unstructured":"SPARQL Query Language for RDF. W3C. 2012. URL: http:\/\/www.w3.org\/TR\/rdf-sparql-query\/."},{"key":"10_CR41","volume-title":"Feng Li","author":"Wu Sai","year":"2011","unstructured":"Sai Wu, Feng Li, Sharad Mehrotra, Beng Chin Ooi, Query Optimization for massively parallel data processing, SoCC 2011"}],"container-title":["Secure Cloud Computing"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-1-4614-9278-8_10","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,5,1]],"date-time":"2025-05-01T16:50:59Z","timestamp":1746118259000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-1-4614-9278-8_10"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2013,12,7]]},"ISBN":["9781461492771","9781461492788"],"references-count":41,"URL":"https:\/\/doi.org\/10.1007\/978-1-4614-9278-8_10","relation":{},"subject":[],"published":{"date-parts":[[2013,12,7]]},"assertion":[{"value":"7 December 2013","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}}]}}