{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,8]],"date-time":"2026-04-08T16:35:13Z","timestamp":1775666113235,"version":"3.50.1"},"reference-count":313,"publisher":"Springer Science and Business Media LLC","issue":"2","license":[{"start":{"date-parts":[[2013,9,28]],"date-time":"2013-09-28T00:00:00Z","timestamp":1380326400000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Int. J. Inf. Secur."],"published-print":{"date-parts":[[2014,4]]},"DOI":"10.1007\/s10207-013-0208-7","type":"journal-article","created":{"date-parts":[[2013,9,27]],"date-time":"2013-09-27T05:53:34Z","timestamp":1380261214000},"page":"113-170","source":"Crossref","is-referenced-by-count":331,"title":["Security issues in cloud environments: a survey"],"prefix":"10.1007","volume":"13","author":[{"given":"Diogo A. B.","family":"Fernandes","sequence":"first","affiliation":[]},{"given":"Liliana F. B.","family":"Soares","sequence":"additional","affiliation":[]},{"given":"Jo\u00e3o V.","family":"Gomes","sequence":"additional","affiliation":[]},{"given":"M\u00e1rio M.","family":"Freire","sequence":"additional","affiliation":[]},{"given":"Pedro R. M.","family":"In\u00e1cio","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2013,9,28]]},"reference":[{"key":"208_CR1","unstructured":"57un Blog: A BIG Password Cracking Wordlist. https:\/\/57un.wordpress.com\/2013\/03\/09\/a-big-password-cracking-wordlist\/ . Accessed May 2013 (2013)"},{"key":"208_CR2","first-page":"1","volume-title":"An Overview of Issues and Recent Developments in Cloud Computing and Storage Security","author":"E Aguiar","year":"2013","unstructured":"Aguiar, E., Zhang, Y., Blanton, M.: An Overview of Issues and Recent Developments in Cloud Computing and Storage Security, pp. 1\u201331. Springer, Berlin (2013)"},{"issue":"2","key":"208_CR3","first-page":"66","volume":"1","author":"SP Ahuja","year":"2012","unstructured":"Ahuja, S.P., Komathukattil, D.: A survey of the state of cloud security. Netw. Commun. Technol. 1(2), 66\u201375 (2012). doi: 10.5539\/nct.v1n2p66","journal-title":"Netw. Commun. Technol."},{"key":"208_CR4","doi-asserted-by":"crossref","unstructured":"Aihkisalo, T., Paaso, T.: Latencies of service invocation and processing of the REST and SOAP web service interfaces. In: IEEE 8th World Congress on Services (SERVICES), pp. 100\u2013107. Honolulu, HI, USA (2012). doi: 10.1109\/SERVICES.2012.55","DOI":"10.1109\/SERVICES.2012.55"},{"key":"208_CR5","doi-asserted-by":"crossref","unstructured":"Al-Aqrabi, H., Liu, L., Xu, J., Hill, R., Antonopoulos, N., Zhan, Y.: Investigation of IT security and compliance challenges in security-as-a-service for cloud computing. In: 15th IEEE International Symposium on Object\/Component\/Service-Oriented Real-Time Distributed Computing Workshops (ISORCW), pp. 124\u2013129. Shenzhen, Guangdong, China (2012). doi: 10.1109\/ISORCW.2012.31","DOI":"10.1109\/ISORCW.2012.31"},{"key":"208_CR6","unstructured":"Alert Logic: State of Cloud Security Report: Targeted Attacks and Opportunistic Hacks. http:\/\/www.alertlogic.com\/resources\/security-intelligence-newsletter\/download-cloud-security-report-spring2013\/ (2013). Accessed Apr. 2013"},{"key":"208_CR7","unstructured":"AlFardan, N., Bernstein, D., Paterson, K., Poettering, B., Schuldt, J.: On the Security of RC4 in TLS. http:\/\/www.isg.rhul.ac.uk\/tls\/index.html (2013). Accessed Apr. 2013"},{"key":"208_CR8","unstructured":"AlienVault: OSSIM Website. https:\/\/aws.amazon.com\/marketplace\/pp\/B00BIUQRGC\/ (2013). Accessed May 2013"},{"key":"208_CR9","unstructured":"Amazon: Amazon Web Services: Overview of Security Processes. http:\/\/s3.amazonaws.com\/aws_blog\/AWS_Security_Whitepaper_2008_09.pdf (2011). White Paper. Accessed Sept. 2012"},{"key":"208_CR10","unstructured":"Amazon: Amazon Elastic Compute Cloud (Amazon EC2). https:\/\/aws.amazon.com\/ec2\/ (2012). Accessed Apr. 2013"},{"key":"208_CR11","unstructured":"Amazon: Amazon Virtual Private Cloud (Amazon VPC). http:\/\/aws.amazon.com\/vpc\/ (2012). Accessed Sept. 2012"},{"key":"208_CR12","unstructured":"Amazon Web Services Discussion Forums: Low Entropy on EC2 Instances\u2014 Problem for Anything Related to Security. https:\/\/forums.aws.amazon.com\/thread.jspa?messageID=249079 (2011). Accessed Apr. 2013"},{"issue":"1","key":"208_CR13","doi-asserted-by":"crossref","first-page":"23","DOI":"10.1109\/MSP.2013.8","volume":"11","author":"E Amoroso","year":"2013","unstructured":"Amoroso, E.: From the enterprise perimeter to a mobility-enabled secure cloud. IEEE Secur. Priv. 11(1), 23\u201331 (2013). doi: 10.1109\/MSP.2013.8","journal-title":"IEEE Secur. Priv."},{"key":"208_CR14","unstructured":"Anstee, D.: Q1 Key Findings from ATLAS. http:\/\/www.arbornetworks.com\/corporate\/blog\/4855-q1-key-findings-from-atlas (2013). Accessed Apr. 2013"},{"key":"208_CR15","unstructured":"Apache: CloudStack Website. https:\/\/cloudstack.apache.org\/ (2013). Accessed May 2013"},{"key":"208_CR16","unstructured":"Apprenda: Apprenda Website. http:\/\/apprenda.com (2013). Accessed Apr. 2013"},{"issue":"4","key":"208_CR17","doi-asserted-by":"crossref","first-page":"50","DOI":"10.1145\/1721654.1721672","volume":"53","author":"M Armbrust","year":"2010","unstructured":"Armbrust, M., Fox, A., Griffith, R., Joseph, A.D., Katz, R., Konwinski, A., Lee, G., Patterson, D., Rabkin, A., Stoica, I., Zaharia, M.: A view of cloud computing. Commun. ACM 53(4), 50\u201358 (2010). doi: 10.1145\/1721654.1721672","journal-title":"Commun. ACM"},{"key":"208_CR18","unstructured":"Armbrust, M., Fox, A., Griffith, R., Joseph, A.D., Katz, R.H., Konwinski, A., Lee, G., Patterson, D.A., Rabkin, A., Zaharia, M.: Above the Clouds: A Berkeley View of Cloud Computing. Technical Report UCB\/EECS-2009-28. Electrical Engineering and Computer Sciences University of California (2009)"},{"key":"208_CR19","doi-asserted-by":"crossref","unstructured":"Ateniese, G., Di Pietro, R., Mancini, L.V., Tsudik, G.: Scalable and efficient provable data possession. In: Proceedings of the 4th International Conference on Security and Privacy in Communication Networks, pp. 9:1\u20139:10. ACM, New York, NY, USA (2008)","DOI":"10.1145\/1460877.1460889"},{"key":"208_CR20","doi-asserted-by":"crossref","unstructured":"Aviram, A., Hu, S., Ford, B., Gummadi, R.: Determinating timing channels in compute clouds. In: Proceedings of the ACM Workshop on Cloud computing, Security, pp. 103\u2013108 (2010). doi: 10.1145\/1866835.1866854","DOI":"10.1145\/1866835.1866854"},{"issue":"2","key":"208_CR21","doi-asserted-by":"crossref","first-page":"38","DOI":"10.1145\/2007183.2007189","volume":"45","author":"F Azmandian","year":"2011","unstructured":"Azmandian, F., Moffie, M., Alshawabkeh, M., Dy, J., Aslam, J., Kaeli, D.: Virtual machine monitor-based lightweight intrusion detection. SIGOPS Oper. Syst. Rev. 45(2), 38\u201353 (2011). doi: 10.1145\/2007183.2007189","journal-title":"SIGOPS Oper. Syst. Rev."},{"issue":"4","key":"208_CR22","doi-asserted-by":"crossref","first-page":"583","DOI":"10.1145\/1075382.1075383","volume":"27","author":"G Back","year":"2005","unstructured":"Back, G., Hsieh, W.C.: The KaffeOS Java runtime system. ACM Trans. Program. Lang. Syst. 27(4), 583\u2013630 (2005). doi: 10.1145\/1075382.1075383","journal-title":"ACM Trans. Program. Lang. Syst."},{"key":"208_CR23","doi-asserted-by":"crossref","unstructured":"Backstrom, L., Dwork, C., Kleinberg, J.: Wherefore art thou R3579X?: anonymized social networks, hidden patterns, and structural steganography. In: Proceedings of the 16th International Conference on World Wide Web, pp. 181\u2013190. ACM, New York, NY, USA (2007). doi: 10.1145\/1242572.1242598","DOI":"10.1145\/1242572.1242598"},{"key":"208_CR24","doi-asserted-by":"crossref","unstructured":"Bahram, S., Jiang, X., Wang, Z., Grace, M., Li, J., Srinivasan, D., Rhee, J., Xu, D.: DKSM: subverting virtual machine introspection for fun and profit. In: 29th IEEE Symposium on Reliable Distributed Systems, pp. 82\u201391. IEEE Computer Society, Washington, DC, USA (2010). doi: 10.1109\/SRDS.2010.39","DOI":"10.1109\/SRDS.2010.39"},{"issue":"3","key":"208_CR25","doi-asserted-by":"crossref","first-page":"36","DOI":"10.1109\/MC.2011.67","volume":"44","author":"P Banerjee","year":"2011","unstructured":"Banerjee, P., Friedrich, R., Bash, C., Goldsack, P., Huberman, B., Manley, J., Patel, C., Ranganathan, P., Veitch, A.: Everything as a service: powering the new information economy. Computer 44(3), 36\u201343 (2011). doi: 10.1109\/MC.2011.67","journal-title":"Computer"},{"issue":"4","key":"208_CR26","doi-asserted-by":"crossref","first-page":"86","DOI":"10.1145\/1899928.1899939","volume":"44","author":"D Basak","year":"2010","unstructured":"Basak, D., Toshniwal, R., Maskalik, S., Sequeira, A.: Virtualizing networking and security in the cloud. SIGOPS Oper. Syst. Rev. 44(4), 86\u201394 (2010). doi: 10.1145\/1899928.1899939","journal-title":"SIGOPS Oper. Syst. Rev."},{"key":"208_CR27","doi-asserted-by":"crossref","unstructured":"Begum, S., Khan, M.: Potential of cloud computing architecture. In: International Conference on Information and Communication Technologies, pp. 1\u20135. IEEE (2011). doi: 10.1109\/ICICT.2011.5983572","DOI":"10.1109\/ICICT.2011.5983572"},{"key":"208_CR28","doi-asserted-by":"crossref","unstructured":"Behl, A.: Emerging security challenges in cloud computing: an insight to cloud security challenges and their mitigation. In: World Congress on Information and Communication Technologies, pp. 217\u2013222. IEEE (2011). doi: 10.1109\/WICT.2011.6141247","DOI":"10.1109\/WICT.2011.6141247"},{"key":"208_CR29","doi-asserted-by":"crossref","unstructured":"Behl, A., Behl, K.: Security paradigms for cloud computing. In: 4th International Conference on Computational Intelligence, Communication Systems and Networks, pp. 200\u2013205. IEEE (2012). doi: 10.1109\/CICSyN.2012.45","DOI":"10.1109\/CICSyN.2012.45"},{"issue":"4","key":"208_CR30","doi-asserted-by":"crossref","first-page":"54","DOI":"10.1109\/MIC.2012.62","volume":"16","author":"F Belqasmi","year":"2012","unstructured":"Belqasmi, F., Singh, J., Glitho, R.: SOAP-based vs. RESTful web services: a case study for multimedia. IEEE Internet Comput. 16(4), 54\u201363 (2012). doi: 10.1109\/MIC.2012.62","journal-title":"IEEE Internet Comput."},{"key":"208_CR31","doi-asserted-by":"crossref","unstructured":"Bentounsi, M., Benbernou, S., Atallah, M.: Privacy-preserving business process outsourcing. In: IEEE 19th International Conference on Web Services, pp. 662\u2013663. IEEE (2012). doi: 10.1109\/ICWS.2012.34","DOI":"10.1109\/ICWS.2012.34"},{"key":"208_CR32","doi-asserted-by":"crossref","unstructured":"Bernstein, D., Vij, D.: Intercloud security considerations. In: IEEE 2nd International Conference on Cloud Computing Technology and Science, pp. 537\u2013544. IEEE Computer Society, Washington, DC, USA (2010)","DOI":"10.1109\/CloudCom.2010.82"},{"key":"208_CR33","doi-asserted-by":"crossref","unstructured":"Bin Mat Nor, F., Jalil, K., Manan, J.L.: An enhanced remote authentication scheme to mitigate man-in-the-browser attacks. In: International Conference on Cyber Security, Cyber Warfare and Digital Forensic (CyberSec), pp. 271\u2013276. Kuala Lumpur, Malaysia (2012). doi: 10.1109\/CyberSec.2012.6246086","DOI":"10.1109\/CyberSec.2012.6246086"},{"key":"208_CR34","unstructured":"Boampong, P.A., Wahsheh, L.A.: Different facets of security in the cloud. In: Proceedings of the 15th Communications and Networking Simulation Symposium, pp. 5:1\u20135:7. Society for Computer Simulation International, San Diego, CA, USA (2012)"},{"key":"208_CR35","doi-asserted-by":"crossref","unstructured":"Bowers, K.D., Juels, A., Oprea, A.: HAIL: a high-availability and integrity layer for cloud storage. In: Proceedings of the 16th ACM Conference on Computer and Communications Security, pp. 187\u2013198. ACM, New York, NY, USA (2009). doi: 10.1145\/1653662.1653686","DOI":"10.1145\/1653662.1653686"},{"key":"208_CR36","unstructured":"Box: Box Website. https:\/\/www.box.com\/ (2013). Accessed Apr. 2013"},{"issue":"5","key":"208_CR37","doi-asserted-by":"crossref","first-page":"16","DOI":"10.1016\/S1353-4858(10)70058-1","volume":"2010","author":"D Bradbury","year":"2010","unstructured":"Bradbury, D.: Shadows in the cloud: Chinese involvement in advanced persistent threats. Netw. Secur. 2010(5), 16\u201319 (2010). doi: 10.1016\/S1353-4858(10)70058-1","journal-title":"Netw. Secur."},{"key":"208_CR38","unstructured":"Brito, H.: Pentagon Creating \u201cRules of Engagement\u201d for Responding to Advanced Attackers. Mandiant M-Unition (2013)"},{"key":"208_CR39","doi-asserted-by":"crossref","unstructured":"Bugiel, S., N\u00fcrnberger, S., P\u00f6ppelmann, T., Sadeghi, A.R., Schneider, T.: AmazonIA: when elasticity snaps back. In: Proceedings of the 18th ACM Conference on Computer and Communications Security, pp. 389\u2013400. ACM, New York, NY, USA (2011). doi: 10.1145\/2046707.2046753","DOI":"10.1145\/2046707.2046753"},{"key":"208_CR40","unstructured":"Carri\u00e7o, P.: Low entropy on VMs $$\\ldots $$ \u2026 http:\/\/blog.pedrocarrico.net\/post\/17026199379\/low-entropy-on-vms (2012). Accessed May 2013"},{"key":"208_CR41","unstructured":"Carroll, M., Kotz\u00e9, P., Van der Merwe, A. (2011). Secure virtualization\u2014benefits, risks and controls. In: Leymann, F., Ivanov, I., van Sinderen, M., Shishkov, B. (eds.) CLOSER, pp. 15\u201323. SciTePress"},{"key":"208_CR42","unstructured":"Casale, A.: The Dangers of Recycling in the Cloud. TheMakegood (2013)"},{"key":"208_CR43","doi-asserted-by":"crossref","unstructured":"Chen, C.C., Yuan, L., Greenberg, A., Chuah, C.N., Mohapatra, P.: Routing-as-a-Service (RaaS): a framework for tenant-directed route control in data center. In: Proceedings of the 30th IEEE International Conference on Computer Communications (INFOCOM), pp. 1386\u20131394 (2011) doi: 10.1109\/INFCOM.2011.5934924","DOI":"10.1109\/INFCOM.2011.5934924"},{"key":"208_CR44","doi-asserted-by":"crossref","unstructured":"Chen, D., Zhao, H.: Data security and privacy protection issues in cloud computing. In: International Conference on Computer Science and Electronics Engineering, vol. 1, pp. 647\u2013651. IEEE (2012). doi: 10.1109\/ICCSEE.2012.193","DOI":"10.1109\/ICCSEE.2012.193"},{"key":"208_CR45","doi-asserted-by":"crossref","unstructured":"Chen, T.H., lien Yeh, H., Shih, W.K.: An advanced ECC dynamic ID-based remote mutual authentication scheme for cloud computing. In: 5th FTRA International Conference on Multimedia and Ubiquitous Engineering (MUE), pp. 155\u2013159. Crete, Greece (2011). doi: 10.1109\/MUE.2011.69","DOI":"10.1109\/MUE.2011.69"},{"key":"208_CR46","doi-asserted-by":"crossref","unstructured":"Chen, X., Andersen, J., Mao, Z., Bailey, M., Nazario, J.: Towards an understanding of anti-virtualization and anti-debugging behavior in modern malware. In: IEEE International Conference on Dependable Systems and Networks (DNS) With FCTS and DCC, pp. 177\u2013186. Anchorage, AK, USA (2008). doi: 10.1109\/DSN.2008.4630086","DOI":"10.1109\/DSN.2008.4630086"},{"key":"208_CR47","unstructured":"Chen, Y., Paxson, V., Katz, R.H.: What\u2019s New About Cloud Computing Security? Technical Report UCB\/EECS-2010-5. EECS Department, University of California, Berkeley (2010). http:\/\/www.eecs.berkeley.edu\/Pubs\/TechRpts\/2010\/EECS-2010-5.html"},{"issue":"4","key":"208_CR48","doi-asserted-by":"crossref","first-page":"1097","DOI":"10.1016\/j.jnca.2010.06.004","volume":"34","author":"A Chonka","year":"2011","unstructured":"Chonka, A., Xiang, Y., Zhou, W., Bonti, A.: Cloud security defence to protect cloud computing against HTTP-DoS and XML-DoS attacks. J. Netw. Comput. Appli. 34(4), 1097\u20131107 (2011). doi: 10.1016\/j.jnca.2010.06.004","journal-title":"J. Netw. Comput. Appli."},{"key":"208_CR49","doi-asserted-by":"crossref","unstructured":"Choudhary, V.: Software as a service: implications for investment in software development. In: 40th Annual Hawaii International Conference on System Sciences, p. 209a. IEEE Computer Society, Washington, DC, USA (2007). doi: 10.1109\/HICSS.2007.493","DOI":"10.1109\/HICSS.2007.493"},{"key":"208_CR50","doi-asserted-by":"crossref","unstructured":"Chow, R., Golle, P., Jakobsson, M., Shi, E., Staddon, J., Masuoka, R., Molina, J.: Controlling data in the cloud: outsourcing computation without outsourcing control. In: Proceedings of the ACM Workshop on Cloud Computing Security, pp. 85\u201390. ACM, New York, NY, USA (2009). doi: 10.1145\/1655008.1655020","DOI":"10.1145\/1655008.1655020"},{"key":"208_CR51","doi-asserted-by":"crossref","unstructured":"Christodorescu, M., Sailer, R., Schales, D.L., Sgandurra, D., Zamboni, D.: Cloud security is not (just) virtualization security: a short paper. In: Proceedings of the ACM Workshop on Cloud Computing Security (CCSW), pp. 97\u2013102. ACM, Chicago, IL, USA (2009). doi: 10.1145\/1655008.1655022","DOI":"10.1145\/1655008.1655022"},{"key":"208_CR52","doi-asserted-by":"crossref","unstructured":"Chung, H., Park, J., Lee, S., Kang, C.: Digital forensic investigation of cloud storage services. Digit. Investig. (2012). doi: 10.1016\/j.diin.2012.05.015 . Available online on 23 Jun. 2012","DOI":"10.1016\/j.diin.2012.05.015"},{"key":"208_CR53","unstructured":"Cisco: Cisco Data Center Infrastructure 2.5 Design Guide. http:\/\/www.cisco.com\/univercd\/cc\/td\/doc\/solution\/dcidg21.pdf (2007). Accessed Oct. 2012"},{"key":"208_CR54","unstructured":"Cisco: Data Center Power and Cooling. http:\/\/www.cisco.com\/en\/US\/solutions\/collateral\/ns340\/ns517\/ns224\/ns944\/white_paper_c11-680202.pdf (2011). White Paper. Accessed Sept. 2012"},{"key":"208_CR55","unstructured":"Cisco: Cisco Global Cloud Index: Forecast and Methodology, 2011\u20132016. http:\/\/www.cisco.com\/en\/US\/solutions\/collateral\/ns341\/ns525\/ns537\/ns705\/ns1175\/Cloud_Index_White_Paper.pdf (2012). White Paper. Accessed Apr. 2013"},{"key":"208_CR56","unstructured":"Cisco: 2013 Cisco Annual Security Report. http:\/\/www.cisco.com\/en\/US\/prod\/vpndevc\/annual_security_report.html (2013). Accessed Apr. 2013"},{"key":"208_CR57","unstructured":"Cisco: Cisco Cloud Services Router 1000V Series. http:\/\/www.cisco.com\/en\/US\/products\/ps12559\/index.html (2013). Accessed Jul. 2013"},{"key":"208_CR58","unstructured":"Citrix: Citrix Website. https:\/\/www.citrix.com\/products.html?ntref=hp_nav_us (2013). Accessed Jun. 2013"},{"key":"208_CR59","unstructured":"CloudBees: CloudBees Website. http:\/\/www.cloudbees.com\/ (2013). Accessed Apr. 2013"},{"key":"208_CR60","unstructured":"Corbat\u00f3, F.J., Vyssotsky, V.A.: Introduction and overview of the Multics system. In: Proceedings of the Fall Joint Computer Conference, pp. 185\u2013196. ACM, New York, NY, USA (1965)"},{"key":"208_CR61","unstructured":"Coronado, C.: Blackhole Exploit Kit Leverages Margaret Thatcher\u2019s Death. Trend Micro (2013)"},{"key":"208_CR62","unstructured":"CSA: Top Threats to Cloud Computing. https:\/\/cloudsecurityalliance.org\/topthreats\/csathreats.v1.0.pdf (2010). Accessed Sept. 2012"},{"key":"208_CR63","unstructured":"CSA: Security Guidance for Critical Areas of Focus in Cloud Computing v3.0. https:\/\/cloudsecurityalliance.org\/guidance\/csaguide.v3.0.pdf (2011). Accessed Sept. 2012"},{"key":"208_CR64","unstructured":"CSA: The Notorious Nine Cloud Computing Top Threats in 2013. https:\/\/downloads.cloudsecurityalliance.org\/initiatives\/top_threats\/The_Notorious_Nine_Cloud_Computing_Top_Threats_in_2013.pdf (2013). Accessed Jul. 2013"},{"key":"208_CR65","unstructured":"Cuckoo Website: Cuckoo. http:\/\/www.cuckoosandbox.org\/ (2013). Accessed Apr. 2013"},{"issue":"1","key":"208_CR66","doi-asserted-by":"crossref","first-page":"29","DOI":"10.4018\/jaci.2012010103","volume":"4","author":"K Curran","year":"2012","unstructured":"Curran, K., Dougan, T.: Man in the browser attacks. Int. J. Ambient Comput. Intell. 4(1), 29\u201339 (2012). doi: 10.4018\/jaci.2012010103","journal-title":"Int. J. Ambient Comput. Intell."},{"issue":"4a","key":"208_CR67","doi-asserted-by":"crossref","first-page":"60","DOI":"10.1145\/2442776.2442785","volume":"47","author":"G Czajkowski","year":"2012","unstructured":"Czajkowski, G., Dayn\u00e0s, L.: Multitasking without compromise: a virtual machine evolution. ACM SIGPLAN Not. 47(4a), 60\u201373 (2012). doi: 10.1145\/2442776.2442785","journal-title":"ACM SIGPLAN Not."},{"issue":"1","key":"208_CR68","doi-asserted-by":"crossref","first-page":"1:1","DOI":"10.1145\/2220352.2220353","volume":"12","author":"I Dacosta","year":"2012","unstructured":"Dacosta, I., Chakradeo, S., Ahamad, M., Traynor, P.: One-time cookies: preventing session hijacking attacks with stateless authentication tokens. ACM Trans. Internet Technol. 12(1), 1:1\u20131:24 (2012). doi: 10.1145\/2220352.2220353","journal-title":"ACM Trans. Internet Technol."},{"key":"208_CR69","doi-asserted-by":"crossref","unstructured":"Dahbur, K., Mohammad, B., Tarakji, A.B.: A survey of risks, threats and vulnerabilities in cloud computing. In: Proceedings of the International Conference on Intelligent Semantic Web-Services and Applications, pp. 12:1\u201312:6. ACM, New York, NY, USA (2011)","DOI":"10.1145\/1980822.1980834"},{"key":"208_CR70","unstructured":"Darrow, B., Higginbothamm, S.: What We\u2019ll See in 2013 in Cloud Computing. GigaOM (2012)"},{"key":"208_CR71","unstructured":"de Borja, F.: Nebula One Seeks To Reinvent Cloud Computing. CloudTimes (2013)"},{"key":"208_CR72","doi-asserted-by":"crossref","unstructured":"Dhage, S.N., Meshram, B.B., Rawat, R., Padawe, S., Paingaokar, M., Misra, A.: Intrusion detection system in cloud computing environment. In: Proceedings of the International Conference & Workshop on Emerging Trends in Technology, pp. 235\u2013239. ACM, New York, NY, USA (2011). doi: 10.1145\/1980022.1980076","DOI":"10.1145\/1980022.1980076"},{"key":"208_CR73","doi-asserted-by":"crossref","unstructured":"Dinesha, H., Agrawal, V.: Multi-level authentication technique for accessing cloud services. In: International Conference on Computing, Communication and Applications, pp. 1\u20134. IEEE (2012). doi: 10.1109\/ICCCA.2012.6179130","DOI":"10.1109\/ICCCA.2012.6179130"},{"key":"208_CR74","doi-asserted-by":"crossref","unstructured":"Ding, X., Zhang, L., Wan, Z., Gu, M.: De-anonymizing dynamic social networks. In: IEEE Global Telecommunications Conference, pp. 1\u20136. IEEE (2011). doi: 10.1109\/GLOCOM.2011.6133607","DOI":"10.1109\/GLOCOM.2011.6133607"},{"key":"208_CR75","unstructured":"Doel, K.: Scary Logins: Worst Passwords of 2012 and How to Fix Them. SplashData (2012)"},{"key":"208_CR76","unstructured":"Dong, T.: Android. Dropdialer. https:\/\/www.symantec.com\/security_response\/writeup.jsp?docid=2012-070909--0726-99 (2012). Accessed Apr. 2013"},{"key":"208_CR77","doi-asserted-by":"crossref","unstructured":"Doroodchi, M., Iranmehr, A., Pouriyeh, S.: An investigation on integrating XML-based security into Web services. In: 5th IEEE GCC Conference Exhibition, pp. 1\u20135. IEEE (2009)","DOI":"10.1109\/IEEEGCC.2009.5734300"},{"key":"208_CR78","unstructured":"Ducklin, P.: HElib. SOPHOS Nakedsecurity (2013)"},{"key":"208_CR79","doi-asserted-by":"crossref","unstructured":"Duncan, A., Creese, S., Goldsmith, M.: Insider attacks in cloud computing. In: IEEE 11th International Conference on Trust, Security and Privacy in Computing and Communications, pp. 857\u2013862. IEEE Computer Society, Washington, DC, USA (2012). doi: 10.1109\/TrustCom.2012.188","DOI":"10.1109\/TrustCom.2012.188"},{"key":"208_CR80","doi-asserted-by":"crossref","unstructured":"Dykstra, J., Sherman, A.T.: Acquiring forensic evidence from infrastructure-as-a-service cloud computing: exploring and evaluating tools, trust, and techniques. Digit. Investig. 9, Supplement(0), S90\u2013S98 (2012). doi: 10.1016\/j.diin.2012.05.001","DOI":"10.1016\/j.diin.2012.05.001"},{"key":"208_CR81","unstructured":"Electronic Frontier Foundation: HTTPS Everywhere Website. https:\/\/www.eff.org\/https-everywhere (2013). Accessed Apr. 2013"},{"key":"208_CR82","unstructured":"ENISA: Cloud Computing: Benefits, Risks and Recommendations for Infomarion Security. http:\/\/www.enisa.europa.eu\/activities\/risk-management\/files\/deliverables\/cloud-computing-risk-assessment (2009). Accessed Sept. 2012"},{"key":"208_CR83","doi-asserted-by":"crossref","unstructured":"Firdhous, M., Ghazali, O., Hassan, S.: A trust computing mechanism for cloud computing with multilevel thresholding. In: 6th IEEE International Conference on Industrial and Information Systems, pp. 457\u2013461. IEEE (2011). doi: 10.1109\/ICIINFS.2011.6038113","DOI":"10.1109\/ICIINFS.2011.6038113"},{"key":"208_CR84","unstructured":"FireEye: FireEye Advanced Threat Report\u20142H 2012. http:\/\/www2.fireeye.com\/rs\/fireye\/images\/fireeye-advanced-threat-report-2h2012.pdf (2013). Accessed Apr. 2013"},{"key":"208_CR85","doi-asserted-by":"crossref","unstructured":"Foster, I., Zhao, Y., Raicu, I., Lu, S.: Cloud computing and grid computing 360-degree compared. In: Grid Computing Environments Workshop, pp. 1\u201310. IEEE (2008). doi: 10.1109\/GCE.2008.4738445","DOI":"10.1109\/GCE.2008.4738445"},{"key":"208_CR86","unstructured":"Garfinkel, T., Rosenblum, M.: When virtual is harder than real: security challenges in virtual machine based computing environments. In: Proceedings of the 10th Conference on Hot Topics in Operating Systems, vol. 10, pp. 20\u201320. USENIX Association, Berkeley, CA, USA (2005)"},{"key":"208_CR87","unstructured":"Gartner: Assessing the Security Risks of Cloud Computing. http:\/\/cloud.ctrls.in\/files\/assessing-the-security-risks.pdf (2008). White Paper. Accessed Sept. 2012"},{"key":"208_CR88","unstructured":"Gens, F.: IT Cloud Services User Survey, pt.2: Top Benefits & Challenges. IDC (2008)"},{"key":"208_CR89","unstructured":"Gens, F.: New IDC IT Cloud Services Survey: Top Benefits and Challenges. IDC (2009)"},{"key":"208_CR90","doi-asserted-by":"crossref","unstructured":"Gentry, C.: Fully homomorphic encryption using ideal lattices. In: Proceedings of the 41st Annual ACM Symposium on Theory of Computing (STOC), STOC \u201909, pp. 169\u2013178. ACM, Bethesda, MD, USA (2009). doi: 10.1145\/1536414.1536440","DOI":"10.1145\/1536414.1536440"},{"key":"208_CR91","doi-asserted-by":"crossref","unstructured":"Geoffray, N., Thomas, G., Muller, G., Parrend, P., Frenot, S., Folliot, B.: I-JVM: a Java virtual machine for component isolation in OSGi. In: IEEE\/IFIP Int. Conf. on Dependable Systems Networks (DSN), pp. 544\u2013553. Estoril, Lisbon, Portugal (2009). doi: 10.1109\/DSN.2009.5270296","DOI":"10.1109\/DSN.2009.5270296"},{"key":"208_CR92","doi-asserted-by":"crossref","unstructured":"Gomathisankaran, M., Tyagi, A., Namuduri, K.: HORNS: a homomorphic encryption scheme for cloud computing using Residue number system. In: 45th Annual Conference on Information Sciences and Systems (CISS), pp. 1\u20135. Baltimore, MD, USA (2011). doi: 10.1109\/CISS.2011.5766176","DOI":"10.1109\/CISS.2011.5766176"},{"key":"208_CR93","doi-asserted-by":"crossref","unstructured":"Gong, C., Liu, J., Zhang, Q., Chen, H., Gong, Z.: The characteristics of cloud computing. In: 39th International Conference on Parallel Processing Workshop, pp. 275\u2013279. IEEE Computer Society, Washington, DC, USA (2010). doi: 10.1109\/ICPPW.2010.45","DOI":"10.1109\/ICPPW.2010.45"},{"key":"208_CR94","unstructured":"Gonzalez, N., Miers, C., Redigolo, F., Carvalho, T., Simplicio, M., Naslund, M., Pourzandi, M.: A quantitative analysis of current security concerns and solutions for cloud computing. In: IEEE 3rd International Conference on Cloud Computing Technology and Science, pp. 231\u2013238. IEEE Computer Society, Washington, DC, USA (2011)."},{"key":"208_CR95","unstructured":"Goodin, D.: Why Passwords have Never been Weaker\u2014and Crackers have Never been Stronger. Ars Technica (2012)"},{"key":"208_CR96","unstructured":"Goodrich, R.: What Is Doxing? TechNewsDaily (2013)"},{"key":"208_CR97","unstructured":"Google: Google App Engine. https:\/\/developers.google.com\/appengine\/ (2013). Accessed Apr. 2013"},{"issue":"1","key":"208_CR98","doi-asserted-by":"crossref","first-page":"86","DOI":"10.1109\/MSP.2013.20","volume":"11","author":"M Green","year":"2013","unstructured":"Green, M.: The threat in the cloud. IEEE Secur. Priv. 11(1), 86\u201389 (2013). doi: 10.1109\/MSP.2013.20","journal-title":"IEEE Secur. Priv."},{"key":"208_CR99","doi-asserted-by":"crossref","unstructured":"Grispos, G., Glisson, W.B., Storer, T.: Using smartphones as a proxy for forensic evidence contained in cloud storage services. In: 46th Hawaii International Conference on System Sciences (HICSS), pp. 4910\u20134919. Maui, HI, USA (2013). doi: 10.1109\/HICSS.2013.592","DOI":"10.1109\/HICSS.2013.592"},{"issue":"2","key":"208_CR100","doi-asserted-by":"crossref","first-page":"50","DOI":"10.1109\/MSP.2010.115","volume":"9","author":"B Grobauer","year":"2011","unstructured":"Grobauer, B., Walloschek, T., Stocker, E.: Understanding cloud computing vulnerabilities. IEEE Secur. Priv. 9(2), 50\u201357 (2011). doi: 10.1109\/MSP.2010.115","journal-title":"IEEE Secur. Priv."},{"issue":"1","key":"208_CR101","doi-asserted-by":"crossref","first-page":"15","DOI":"10.1109\/MSP.2012.162","volume":"11","author":"E Grosse","year":"2013","unstructured":"Grosse, E., Upadhyay, M.: Authentication at scale. IEEE Secur. Priv. 11(1), 15\u201322 (2013). doi: 10.1109\/MSP.2012.162","journal-title":"IEEE Secur. Priv."},{"key":"208_CR102","doi-asserted-by":"crossref","unstructured":"Gruschka, N., Iacono, L.: Vulnerable cloud: SOAP message security validation revisited. In: IEEE International Conference on Web Services, pp. 625\u2013631. IEEE Computer Society, Washington, DC, USA (2009). doi: 10.1109\/ICWS.2009.70","DOI":"10.1109\/ICWS.2009.70"},{"key":"208_CR103","unstructured":"Gul, I., Rehman, A., Islam, M.: Cloud computing security auditing. In: The 2nd International Conference on Next Generation Information Technology, pp. 143\u2013148. IEEE (2011)"},{"key":"208_CR104","doi-asserted-by":"crossref","unstructured":"Habib, S., Ries, S., Muhlhauser, M.: Towards a trust management system for cloud computing. In: IEEE 10th International Conference on Trust, Security and Privacy in Computing and Communications, pp. 933\u2013939. IEEE Computer Society, Washington, DC, USA (2011). doi: 10.1109\/TrustCom.2011.129","DOI":"10.1109\/TrustCom.2011.129"},{"key":"208_CR105","unstructured":"Hale, C.: bcrypt. http:\/\/codahale.com\/how-to-safely-store-a-password\/ (2010). Accessed May 2013"},{"key":"208_CR106","unstructured":"Hamada, J.: Japanese One-Click Fraud Campaign Comes to Google Play. Symantec Blog (2013)"},{"issue":"11","key":"208_CR107","doi-asserted-by":"crossref","first-page":"14","DOI":"10.1016\/S1361-3723(09)70141-1","volume":"2009","author":"J Hart","year":"2009","unstructured":"Hart, J.: Remote working: managing the balancing act between network access and data security. Comput. Fraud Secur. 2009(11), 14\u201317 (2009). doi: 10.1016\/S1361-3723(09)70141-1","journal-title":"Comput. Fraud Secur."},{"issue":"7","key":"208_CR108","doi-asserted-by":"crossref","first-page":"9","DOI":"10.1145\/1364782.1364786","volume":"51","author":"B Hayes","year":"2008","unstructured":"Hayes, B.: Cloud computing. Commun. ACM 51(7), 9\u201311 (2008). doi: 10.1145\/1364782.1364786","journal-title":"Commun. ACM"},{"issue":"1","key":"208_CR109","doi-asserted-by":"crossref","first-page":"50","DOI":"10.1145\/2398356.2398374","volume":"56","author":"P Helland","year":"2013","unstructured":"Helland, P.: Condos and clouds. Commun. ACM 56(1), 50\u201359 (2013). doi: 10.1145\/2398356.2398374","journal-title":"Commun. ACM"},{"key":"208_CR110","doi-asserted-by":"crossref","unstructured":"Heninger, N., Durumeric, Z., Wustrow, E., Halderman, J.A.: Minding your Ps and Qs: detection of widespread weak keys in network devices. In: Proceedings of the 21st USENIX Security Symposium, pp. 205\u2013220. USENIX, Bellevue, WA, USA (2012). doi: 10.1109\/ICCIAutom.2011.6183990","DOI":"10.1109\/ICCIAutom.2011.6183990"},{"key":"208_CR111","unstructured":"Hodges, J., Jackson, C., Barth, A.: HTTP Strict Transport Security (HSTS). RFC 6797 (Proposed Standard) (2012). https:\/\/www.ietf.org\/rfc\/rfc6797.txt"},{"key":"208_CR112","doi-asserted-by":"crossref","unstructured":"Honan, M.: How Apple and Amazon Security Flaws Led to My Epic Hacking. Wired (2012)","DOI":"10.7312\/star16075-030"},{"key":"208_CR113","unstructured":"HP: HP 2012 Cyber Risk Report. http:\/\/www.hpenterprisesecurity.com\/collateral\/whitepaper\/HP2012CyberRiskReport_0213.pdf (2013). Accessed Apr. 2013"},{"key":"208_CR114","unstructured":"HP: HP ArcSight. http:\/\/www8.hp.com\/us\/en\/software-solutions\/software.html?compURI=1340477 (2013). Accessed Apr. 2013"},{"key":"208_CR115","unstructured":"Hua, J., Sakurai, K.: Barrier: a lightweight hypervisor for protecting kernel integrity via memory isolation. In: Proceedings of the 27th Annual ACM Symposium on Applied Computing (SAC), pp. 1470\u20131477. ACM, Trento, Italy (2012). doi: 10.1145\/2231936.2232011"},{"key":"208_CR116","unstructured":"Hunt, T.: 5 Ways to Implement HTTPS in an Insufficient Manner (and leak sensitive data). http:\/\/www.troyhunt.com\/2013\/04\/5-ways-to-implement-https-in.html (2013). Accessed Apr. 2013"},{"key":"208_CR117","doi-asserted-by":"crossref","unstructured":"Idziorek, J., Tannian, M.: Exploiting cloud utility models for profit and ruin. In: IEEE International Conference on Cloud Computing, pp. 33\u201340. IEEE Computer Society, Washington, DC, USA (2011)","DOI":"10.1109\/CLOUD.2011.45"},{"key":"208_CR118","doi-asserted-by":"crossref","unstructured":"Idziorek, J., Tannian, M., Jacobson, D.: Detecting fraudulent use of cloud resources. In: Proceedings of the 3rd ACM Workshop on Cloud Computing Security, pp. 61\u201372. ACM, New York, NY, USA (2011). doi: 10.1145\/2046660.2046676","DOI":"10.1145\/2046660.2046676"},{"key":"208_CR119","unstructured":"Infosecurity: Recycled phones retain their previous owners\u2019 data. Infosecurity Magazine (2013)"},{"key":"208_CR120","unstructured":"Intel: Intel Digital Random Number Generator (DRNG): Software Implementation Guide. http:\/\/software.intel.com\/sites\/default\/files\/m\/d\/4\/1\/d\/8\/441_Intel_R_DRNG_Software_Implementation_Guide_final_Aug7.pdf (2012). Accessed May 2013"},{"key":"208_CR121","unstructured":"Jackson, C.: 8 Cloud Security Concepts You Should Know. Network World (2010)"},{"key":"208_CR122","doi-asserted-by":"crossref","unstructured":"Jackson, C., Barth, A.: ForceHTTPS: protecting high-security web sites from network attacks. In: Proceedings of the 17th International Conference on World Wide Web (WWW), pp. 525\u2013534. ACM, Beijing, China (2008). doi: 10.1145\/1367497.1367569","DOI":"10.1145\/1367497.1367569"},{"key":"208_CR123","doi-asserted-by":"crossref","unstructured":"Jasti, A., Shah, P., Nagaraj, R., Pendse, R.: Security in multi-tenancy cloud. In: IEEE International Carnahan Conference on Security Technology, pp. 35\u201341. IEEE (2010). doi: 10.1109\/CCST.2010.5678682","DOI":"10.1109\/CCST.2010.5678682"},{"key":"208_CR124","unstructured":"Jenkins, Q.: Spamhaus: DDoS Update\u2014March 2013. Spamhaus (2013)"},{"key":"208_CR125","doi-asserted-by":"crossref","first-page":"185","DOI":"10.1007\/s00450-009-0092-6","volume":"24","author":"M Jensen","year":"2009","unstructured":"Jensen, M., Gruschka, N., Herkenh\u00f6ner, R.: A survey of attacks on web services. Comput. Sci. Res. Dev. 24, 185\u2013197 (2009). doi: 10.1007\/s00450-009-0092-6","journal-title":"Comput. Sci. Res. Dev."},{"key":"208_CR126","doi-asserted-by":"crossref","unstructured":"Jensen, M., Gruschka, N., Luttenberger, N.: The impact of flooding attacks on network-based services. In: 3rd International Conference on Availability, Reliability and Security, pp. 509\u2013513. IEEE Computer Society, Washington, DC, USA (2008)","DOI":"10.1109\/ARES.2008.16"},{"key":"208_CR127","doi-asserted-by":"crossref","unstructured":"Jensen, M., Meyer, C.: Expressiveness considerations of XML signatures. In: IEEE 35th Annual Computer Software and Applications Conf. Workshop, pp. 392\u2013397. IEEE Computer Society, Washington, DC, USA (2011)","DOI":"10.1109\/COMPSACW.2011.72"},{"key":"208_CR128","doi-asserted-by":"crossref","unstructured":"Jensen, M., Sch\u00e4ge, S., Schwenk, J.: Towards an anonymous access control and accountability scheme for cloud computing. In: IEEE 3rd International Conference on Cloud Computing, pp. 540\u2013541. IEEE Computer Society, Washington, DC, USA (2010). doi: 10.1109\/CLOUD.2010.61","DOI":"10.1109\/CLOUD.2010.61"},{"key":"208_CR129","doi-asserted-by":"crossref","unstructured":"Jensen, M., Schwenk, J.: The accountability problem of flooding attacks in service-oriented architectures. In: International Conference on Availability, Reliability and Security, pp. 25\u201332. IEEE (2009)","DOI":"10.1109\/ARES.2009.11"},{"key":"208_CR130","doi-asserted-by":"crossref","unstructured":"Jensen, M., Schwenk, J., Gruschka, N., Iacono, L.: On Technical security issues in cloud computing. In: IEEE International Conference on Cloud Computing, pp. 109\u2013116. IEEE Computer Society, Washington, DC, USA (2009). doi: 10.1109\/CLOUD.2009.60","DOI":"10.1109\/CLOUD.2009.60"},{"key":"208_CR131","doi-asserted-by":"crossref","first-page":"452","DOI":"10.1016\/j.proenv.2011.12.072","volume":"11, Part A","author":"B Jin","year":"2011","unstructured":"Jin, B., Wang, Y., Liu, Z., Xue, J.: A trust model based on cloud model and Bayesian networks. Procedia Environ. Sci. 11, Part A, 452\u2013459 (2011). doi: 10.1016\/j.proenv.2011.12.072","journal-title":"Procedia Environ. Sci."},{"key":"208_CR132","doi-asserted-by":"crossref","unstructured":"Kandukuri, B., Paturi, V., Rakshit, A.: Cloud security issues. In: IEEE International Conference on Services Computing, pp. 517\u2013520. IEEE (2009). doi: 10.1109\/SCC.2009.84","DOI":"10.1109\/SCC.2009.84"},{"issue":"17","key":"208_CR133","doi-asserted-by":"crossref","first-page":"2939","DOI":"10.1016\/j.comnet.2009.10.004","volume":"53","author":"K Kant","year":"2009","unstructured":"Kant, K.: Data center evolution: a tutorial on state of the art, issues, and challenges. Comput. Netw. 53(17), 2939\u20132965 (2009). doi: 10.1016\/j.comnet.2009.10.004","journal-title":"Comput. Netw."},{"key":"208_CR134","unstructured":"Katsuki, T.: Crisis for Windows Sneaks onto Virtual Machines. Symantec Blog (2012)"},{"issue":"4","key":"208_CR135","doi-asserted-by":"crossref","first-page":"61","DOI":"10.1109\/MSP.2009.87","volume":"7","author":"L Kaufman","year":"2009","unstructured":"Kaufman, L.: Data security in the world of cloud computing. IEEE Secur. Priv. 7(4), 61\u201364 (2009)","journal-title":"IEEE Secur. Priv."},{"key":"208_CR136","doi-asserted-by":"crossref","unstructured":"Kerrigan, B., Chen, Y.: A study of entropy sources in cloud computers: random number generation on cloud hosts. In: Proceedings of the 6th International Conference on Mathematical Methods, Models and Architectures for Computer Network Security (MMM-ACNS), pp. 286\u2013298. Springer, St. Petersburg, Russia (2012). doi: 10.1007\/978-3-642-33704-8_24","DOI":"10.1007\/978-3-642-33704-8_24"},{"issue":"5","key":"208_CR137","doi-asserted-by":"crossref","first-page":"20","DOI":"10.1109\/MITP.2010.128","volume":"12","author":"K Khan","year":"2010","unstructured":"Khan, K., Malluhi, Q.: Establishing trust in cloud computing. IT Prof. 12(5), 20\u201327 (2010). doi: 10.1109\/MITP.2010.128","journal-title":"IT Prof."},{"issue":"6","key":"208_CR138","doi-asserted-by":"crossref","first-page":"833","DOI":"10.1016\/j.future.2012.01.006","volume":"28","author":"MT Khorshed","year":"2012","unstructured":"Khorshed, M.T., Ali, A.S., Wasimi, S.A.: A survey on gaps, threat remediation challenges and some thoughts for proactive attack detection in cloud computing. Future Gener. Comput. Syst. 28(6), 833\u2013851 (2012). doi: 10.1016\/j.future.2012.01.006","journal-title":"Future Gener. Comput. Syst."},{"key":"208_CR139","unstructured":"King, C.I.: Intel Rdrand Instruction Revisited. http:\/\/smackerelofopinion.blogspot.co.uk\/2012\/10\/intel-rdrand-instruction-revisited.html (2012). Accessed May 2013"},{"key":"208_CR140","doi-asserted-by":"crossref","unstructured":"King, S., Chen, P.: SubVirt: implementing malware with virtual machines. In: IEEE Symposium on Security and Privacy, pp. 14 pp.-327. IEEE Computer Society, Washington, DC, USA (2006). doi: 10.1109\/SP.2006.38","DOI":"10.1109\/SP.2006.38"},{"key":"208_CR141","unstructured":"Kirkland, D.: Entropy (or rather the lack thereof) in OpenStack instances... and how to improve that. http:\/\/www.openstack.org\/summit\/san-diego-2012\/openstack-summit-sessions\/presentation\/entropy-or-lack-thereof-in-openstack-instances (2012). Accessed May 2013"},{"issue":"1","key":"208_CR142","doi-asserted-by":"crossref","first-page":"36","DOI":"10.1109\/MSP.2012.61","volume":"11","author":"L Kufel","year":"2013","unstructured":"Kufel, L.: Security event monitoring in a distributed systems environment. IEEE Secur. Priv. 11(1), 36\u201343 (2013). doi: 10.1109\/MSP.2012.61","journal-title":"IEEE Secur. Priv."},{"key":"208_CR143","unstructured":"Leder, F., Werner, T.: Know Your Enemy: Containing Conficker. http:\/\/www.honeynet.org\/files\/KYE-Conficker.pdf (2010). White Paper. Accessed May 2013"},{"key":"208_CR144","unstructured":"Leder, F., Werner, T.: Containing Conficker. http:\/\/net.cs.uni-bonn.de\/wg\/cs\/applications\/containing-conficker\/ (2011). Accessed May 2013"},{"key":"208_CR145","unstructured":"Lee, J.H., Park, M.W., Eom, J.H., Chung, T.M.: Multi-level intrusion detection system and log management in cloud computing. In: 13th International Conference on Advanced Communication Technology, pp. 552\u2013555. IEEE (2011)"},{"key":"208_CR146","unstructured":"Lemos, R.: Blue Security Folds Under Spammer\u2019s Wrath. SecurityFocus (2013)"},{"key":"208_CR147","doi-asserted-by":"crossref","unstructured":"Lenk, A., Klems, M., Nimis, J., Tai, S., Sandholm, T.: What\u2019s inside the cloud? An architectural map of the cloud landscape. In: Proceedings of the ICSE Workshop on Software Engineering Challenges of Cloud Computing, pp. 23\u201331. IEEE Computer Society, Washington, DC, USA (2009). doi: 10.1109\/CLOUD.2009.5071529","DOI":"10.1109\/CLOUD.2009.5071529"},{"key":"208_CR148","unstructured":"Leopando, J.: World Backup Day: The 3\u20132\u20131 Rule. Trend Micro TrendLabs (2013)"},{"key":"208_CR149","doi-asserted-by":"crossref","unstructured":"Li, F., Lai, A., Ddl, D.: Evidence of advanced persistent threat: a case study of malware for political espionage. In: 6th International Conference on Malicious and Unwanted Software (MALWARE), pp. 102\u2013109. Fajardo, PR, USA (2011). doi: 10.1109\/MALWARE.2011.6112333","DOI":"10.1109\/MALWARE.2011.6112333"},{"key":"208_CR150","doi-asserted-by":"crossref","unstructured":"Li, H.C., Liang, P.H., Yang, J.M., Chen, S.J.: Analysis on cloud-based security vulnerability assessment. In: IEEE 7th International Conference on e-Business Engineering, pp. 490\u2013494. IEEE (2010). doi: 10.1109\/ICEBE.2010.77","DOI":"10.1109\/ICEBE.2010.77"},{"issue":"1","key":"208_CR151","doi-asserted-by":"crossref","first-page":"78","DOI":"10.1109\/MSP.2013.15","volume":"11","author":"Q Li","year":"2013","unstructured":"Li, Q., Clark, G.: Mobile security: a look ahead. IEEE Secur. Priv. 11(1), 78\u201381 (2013). doi: 10.1109\/MSP.2013.15","journal-title":"IEEE Secur. Priv."},{"key":"208_CR152","doi-asserted-by":"crossref","unstructured":"Li, X., Loh, P., Tan, F.: Mechanisms of polymorphic and metamorphic viruses. In: European Intelligence and Security Informatics Conference (EISIC), pp. 149\u2013154. Berkeley\/Oakland, CA, USA (2011). doi: 10.1109\/EISIC.2011.77","DOI":"10.1109\/EISIC.2011.77"},{"key":"208_CR153","doi-asserted-by":"crossref","unstructured":"Liu, F., Su, X., Liu, W., Shi, M.: The design and application of Xen-based host system firewall and its extension. In: International Conference on Electronic Computer Technology, pp. 392\u2013395. Macau, China (2009). doi: 10.1109\/ICECT.2009.83","DOI":"10.1109\/ICECT.2009.83"},{"key":"208_CR154","doi-asserted-by":"crossref","unstructured":"Liu, H.: A new form of DoS attack in a cloud and its avoidance mechanism. In: Proceedings of the ACM Workshop on Cloud Computing Security, pp. 65\u201376. ACM, New York, NY, USA (2010). doi: 10.1145\/1866835.1866849","DOI":"10.1145\/1866835.1866849"},{"key":"208_CR155","unstructured":"LivingSocial: LivingSocial Security Notice. https:\/\/livingsocial.com\/createpassword (2013). Accessed May 2013"},{"key":"208_CR156","doi-asserted-by":"crossref","unstructured":"Luo, S., Lin, Z., Chen, X., Yang, Z., Chen, J.: Virtualization security for cloud computing service. In: International Conference on Cloud and Service Computing, pp. 174\u2013179. IEEE Computer Society, Washington, DC, USA (2011)","DOI":"10.1109\/CSC.2011.6138516"},{"key":"208_CR157","unstructured":"Mandiant: APT1: Exposing One of China\u2019s Cyber Espionage Units. http:\/\/intelreport.mandiant.com\/Mandiant_APT1_Report.pdf (2013). Accessed Apr. 2013"},{"issue":"12","key":"208_CR158","doi-asserted-by":"crossref","first-page":"9","DOI":"10.1016\/S1353-4858(08)70140-5","volume":"2008","author":"S Mansfield-Devine","year":"2008","unstructured":"Mansfield-Devine, S.: Danger in the clouds. Netw. Secur. 2008(12), 9\u201311 (2008). doi: 10.1016\/S1353-4858(08)70140-5","journal-title":"Netw. Secur."},{"key":"208_CR159","unstructured":"Marlinspike, M.: New tricks for defeating SSL in practice. https:\/\/www.blackhat.com\/presentations\/bh-dc-09\/Marlinspike\/BlackHat-DC-09-Marlinspike-Defeating-SSL.pdf (2009). Accessed Apr. 2013"},{"key":"208_CR160","unstructured":"Marlinspike, M.: sslstrip. http:\/\/www.thoughtcrime.org\/software\/sslstrip\/ (2009). Accessed Apr. 2013"},{"issue":"1","key":"208_CR161","doi-asserted-by":"crossref","first-page":"13","DOI":"10.1109\/MSP.2013.1","volume":"11","author":"D Martin","year":"2013","unstructured":"Martin, D.: Implementing effective controls in a mobile, agile, cloud-enabled enterprise. IEEE Secur. Priv. 11(1), 13\u201314 (2013). doi: 10.1109\/MSP.2013.1","journal-title":"IEEE Secur. Priv."},{"key":"208_CR162","doi-asserted-by":"crossref","unstructured":"Mathisen, E.: Security challenges and solutions in cloud computing. In: Proceedings of the 5th IEEE International Conference on Digital Ecosystems and Technologies, pp. 208\u2013212. IEEE (2011). doi: 10.1109\/DEST.2011.5936627","DOI":"10.1109\/DEST.2011.5936627"},{"key":"208_CR163","unstructured":"McAfee: McAfee Threats Report\u2014Fourth Quarter 2012. http:\/\/www.mcafee.com\/us\/resources\/reports\/rp-quarterly-threat-q4-2012.pdf (2013). Accessed Apr. 2013"},{"key":"208_CR164","doi-asserted-by":"crossref","unstructured":"McCune, J., Li, Y., Qu, N., Zhou, Z., Datta, A., Gligor, V., Perrig, A.: TrustVisor: efficient TCB reduction and attestation. In: IEEE Symposium on Security and Privacy (SP), pp. 143\u2013158. Oakland, CA, USA (2010). doi: 10.1109\/SP.2010.17","DOI":"10.1109\/SP.2010.17"},{"issue":"2","key":"208_CR165","doi-asserted-by":"crossref","first-page":"80","DOI":"10.1109\/MSECP.2004.1281254","volume":"2","author":"G McGraw","year":"2004","unstructured":"McGraw, G.: Software security. IEEE Secur. Priv. 2(2), 80\u201383 (2004). doi: 10.1109\/MSECP.2004.1281254","journal-title":"IEEE Secur. Priv."},{"key":"208_CR166","doi-asserted-by":"crossref","unstructured":"McIntosh, M., Austel, P.: XML signature element wrapping attacks and countermeasures. In: Proceedings of the Workshop on Secure Web Services, pp. 20\u201327. ACM, New York, NY, USA (2005). doi: 10.1145\/1103022.1103026","DOI":"10.1145\/1103022.1103026"},{"key":"208_CR167","unstructured":"McKendrick, J.: 7 Predictions for Cloud Computing in 2013 That Make Perfect Sense. Forbes (2012)"},{"key":"208_CR168","unstructured":"MEGA: The MEGA API. https:\/\/mega.co.nz\/#developers (2013). Accessed Apr. 2013"},{"key":"208_CR169","unstructured":"Microsoft: Microsoft Hyper-V Server 2012 Website. https:\/\/www.microsoft.com\/en-us\/server-cloud\/hyper-v-server\/ (2013). Accessed Jun. 2013"},{"key":"208_CR170","unstructured":"Microsoft: Microsoft Security Intelligence Report: Volume 14. http:\/\/www.microsoft.com\/security\/sir\/default.aspx (2013). Accessed Apr. 2013"},{"key":"208_CR171","doi-asserted-by":"crossref","unstructured":"Modi, C., Patel, D., Borisaniya, B., Patel, H., Patel, A., Rajarajan, M.: A survey of intrusion detection techniques in cloud. J. Netw. Comput. Appli. (2012). doi: 10.1016\/j.jnca.2012.05.003 . Available online 2 June 2012","DOI":"10.1016\/j.jnca.2012.05.003"},{"key":"208_CR172","unstructured":"Mohamed, E., Abdelkader, H., El-Etriby, S.: Enhanced data security model for cloud computing. In: 8th International Conference on Informatics and Systems, pp. CC-12\u2013CC-17. IEEE (2012)"},{"key":"208_CR173","unstructured":"Mohan, V., Hamlen, K.W.: Frankenstein: stitching malware from benign binaries. In: Proceedings of the 6th USENIX Conference on Offensive Technologies, pp. 8\u20138. USENIX Association, Bellevue, WA, USA (2012)"},{"key":"208_CR174","doi-asserted-by":"crossref","unstructured":"Monfared, A., Jaatun, M.: Monitoring intrusions and security breaches in highly distributed cloud environments. In: IEEE 3rd International Conference on Cloud Computing Technology and Science, pp. 772\u2013777. IEEE Computer Society, Washington, DC, USA (2011). doi: 10.1109\/CloudCom.2011.119","DOI":"10.1109\/CloudCom.2011.119"},{"key":"208_CR175","unstructured":"Morsy, M.A., Grundy, J., M\u00fcller, I.: An analysis of the cloud computing security problem. In: Proceedings of Asia Pacific Software Engineering Conference Cloud Workshop, pp. 1\u20136. IEEE Computer Society, Washington, DC, USA (2010)"},{"key":"208_CR176","unstructured":"Moser, S.: Change I7d8c1f9b: add \u2019random _seed\u2019 entry to instance metadata. https:\/\/review.openstack.org\/#c\/14550\/ (2012). Accessed May 2013"},{"key":"208_CR177","unstructured":"MPICH: MPICH Website. http:\/\/www.mpich.org\/ (2013). Accessed Apr. 2013"},{"key":"208_CR178","unstructured":"Musthaler, L.: DDoS-as-a-Service? You Betcha! It\u2019s Cheap, It\u2019s Easy, and It\u2019s Available to Anyone. Security Bistro (2012)"},{"key":"208_CR179","doi-asserted-by":"crossref","unstructured":"Narayanan, A., Shmatikov, V.: De-anonymizing social networks. In: 30th IEEE Symposium on Security and Privacy, pp. 173\u2013187. IEEE Computer Society, Washington, DC, USA (2009). doi: 10.1109\/SP.2009.22","DOI":"10.1109\/SP.2009.22"},{"key":"208_CR180","unstructured":"Nathoo, N.: Cloud Wars\u2014The Fall of Cloud Storage. CloudTimes (2013). Accessed Apr. 2013"},{"key":"208_CR181","unstructured":"Nebula: Introducing Nebula One. https:\/\/www.nebula.com\/nebula-one (2013). Accessed Apr. 2013"},{"key":"208_CR182","unstructured":"Network-Tools: Network-Tools Website. http:\/\/network-tools.com\/ (2013). Accessed Apr. 2013"},{"key":"208_CR183","doi-asserted-by":"crossref","unstructured":"Newsome, J., Karp, B., Song, D.: Polygraph: automatically generating signatures for polymorphic worms. In: IEEE Symposium on Security and Privacy, pp. 226\u2013241. Athens, Greece (2005). doi: 10.1109\/SP.2005.15","DOI":"10.1109\/SP.2005.15"},{"key":"208_CR184","unstructured":"NIST: NIST Cloud Computing Reference Architecture. http:\/\/www.nist.gov\/customcf\/get_pdf.cfm?pub_id=909505 (2011). Accessed Jul. 2013"},{"key":"208_CR185","unstructured":"NIST: The NIST Definition of Cloud Computing. http:\/\/csrc.nist.gov\/publications\/nistpubs\/800-145\/SP800-145.pdf (2011). Accessed Sept. 2012"},{"key":"208_CR186","unstructured":"NIST: NIST Cloud Computing Program. http:\/\/www.nist.gov\/itl\/cloud\/ (2012). Accessed Sept. 2012"},{"key":"208_CR187","unstructured":"NIST: NIST Cloud Computing Security Reference Architecture. http:\/\/collaborate.nist.gov\/twiki-cloud-computing\/pub\/CloudComputing\/CloudSecurity\/NIST_Security_Reference_Architecture_2013.05.15_v1.0.pdf (2013). Accessed Jul. 2013"},{"key":"208_CR188","doi-asserted-by":"crossref","unstructured":"Oberheide, J., Cooke, E., Jahanian, F.: Empirical exploitation of live virtual machine migration. In: Proceedings of the Black Hat Convention (2008). doi: 10.1109\/ICCIAutom.2011.6183990","DOI":"10.1109\/ICCIAutom.2011.6183990"},{"key":"208_CR189","unstructured":"OCCI: OCCI Website. http:\/\/occi-wg.org\/ (2013). Accessed Apr. 2013"},{"key":"208_CR190","doi-asserted-by":"crossref","unstructured":"Okamura, K., Oyama, Y.: Load-based covert channels between Xen virtual machines. In: Proceedings of the ACM Symposium on Applied Computing, pp. 173\u2013180. ACM, New York, NY, USA (2010). doi: 10.1145\/1774088.1774125","DOI":"10.1145\/1774088.1774125"},{"issue":"5","key":"208_CR191","doi-asserted-by":"crossref","first-page":"41","DOI":"10.1109\/MSP.2011.98","volume":"9","author":"P O\u2019Kane","year":"2011","unstructured":"O\u2019Kane, P., Sezer, S., McLaughlin, K.: Obfuscation: the hidden malware. IEEE Secur. Priv. 9(5), 41\u201347 (2011). doi: 10.1109\/MSP.2011.98","journal-title":"IEEE Secur. Priv."},{"key":"208_CR192","unstructured":"O\u2019Neill, M.: Cloud APIs\u2014the Next Battleground for Denial-of-Service Attacks. CSA Blog (2013)"},{"key":"208_CR193","unstructured":"Open Cloud Initiative (OCI): OCI Website. http:\/\/www.opencloudinitiative.org\/ (2013). Accessed May 2013"},{"key":"208_CR194","unstructured":"OpenNebula: OpenNebula Website. http:\/\/opennebula.org\/ (2013). Accessed Apr. 2013"},{"key":"208_CR195","unstructured":"OpenStack: OpenStack Website. http:\/\/www.openstack.org\/ (2013). Accessed Apr. 2013"},{"key":"208_CR196","unstructured":"Oracle: Oracle Java SE Critical Patch Update Advisory\u2014April 2013. http:\/\/www.oracle.com\/technetwork\/topics\/security\/javacpuapr2013-1928497.html (2013). Accessed Apr. 2013"},{"key":"208_CR197","unstructured":"Oracle: VirtualBox Website. https:\/\/www.virtualbox.org\/ (2013). Accessed Jun. 2013"},{"key":"208_CR198","unstructured":"Ortega, A.: Your Malware Shall Not Fool Us With Those Anti Analysis Tricks. AlienVault Labs (2012)"},{"key":"208_CR199","unstructured":"OSVDB: The Open Source Vulnerability Database Website. http:\/\/www.osvdb.org\/ (2013). Accessed Apr. 2013"},{"key":"208_CR200","unstructured":"OWASP: The Then Most Critical Web Application Security Risks. http:\/\/owasptop10.googlecode.com\/files\/OWASP (2010). Accessed Oct. 2012"},{"key":"208_CR201","unstructured":"OWASP: The Then Most Critical Web Application Security Risks. https:\/\/www.owasp.org\/index.php\/Top_10_2013 (2013). Accessed Apr. 2013"},{"key":"208_CR202","unstructured":"Oyama, Y., Giang, T.T.D., Chubachi, Y., Shinagawa, T., Kato, K.: Detecting malware signatures in a thin hypervisor. In: Proceedings of the 27th Annual ACM Symposium on Applied Computing (SAC), pp. 1807\u20131814. ACM, Trento, Italy (2012). doi: 10.1145\/2231936.2232070"},{"issue":"10","key":"208_CR203","first-page":"25","volume":"4","author":"A Panah","year":"2012","unstructured":"Panah, A., Panah, A., Panah, O., Fallahpour, S.: Challenges of security issues in cloud computing layers. Rep. Opin. 4(10), 25\u201329 (2012)","journal-title":"Rep. Opin."},{"key":"208_CR204","unstructured":"Parallels: Oracle VM Server Website. http:\/\/www.oracle.com\/us\/technologies\/virtualization\/oraclevm\/ (2013). Accessed Jun. 2013"},{"key":"208_CR205","unstructured":"Parallels: Parallels Website. http:\/\/www.parallels.com\/eu\/products\/ (2013). Accessed Jun. 2013"},{"key":"208_CR206","doi-asserted-by":"crossref","unstructured":"Patel, A., Taghavi, M., Bakhtiyari, K., J\u00fanior, J.C.: An intrusion detection and prevention system in cloud computing: a systematic review. J. Netw. Comput. Appli. (2012). doi: 10.1016\/j.jnca.2012.08.007 . Available online 31 Aug. 2012","DOI":"10.1016\/j.jnca.2012.08.007"},{"key":"208_CR207","unstructured":"Patel, P.: Solution: FUTEX \\_WAIT hangs Java on Linux \/ Ubuntu in vmware or virtual box. http:\/\/www.springone2gx.com\/blog\/pratik_patel\/2010\/01\/solution_futex_wait_hangs_java_on_linux_ubuntu_in_vmware_or_virtual_box (2010). Accessed May 2013"},{"key":"208_CR208","doi-asserted-by":"crossref","unstructured":"Patidar, S., Rane, D., Jain, P.: A survey paper on cloud computing. In: 2nd International Conference on Advanced Computing Communication Technologies, pp. 394\u2013398. IEEE (2012). doi: 10.1109\/ACCT.2012.15","DOI":"10.1109\/ACCT.2012.15"},{"key":"208_CR209","unstructured":"PCI Security Standards: PCI SSC Data Security Standards Overview. https:\/\/www.pcisecuritystandards.org\/security_standards\/index.php (2012). Accessed Oct. 2012"},{"issue":"2","key":"208_CR210","doi-asserted-by":"crossref","first-page":"1:71","DOI":"10.1145\/2431211.2431216","volume":"45","author":"M Pearce","year":"2013","unstructured":"Pearce, M., Zeadally, S., Hunt, R.: Virtualization: issues, security threats, and solutions. ACM Comput. Surv. 45(2), 1:71\u20131:739 (2013). doi: 10.1145\/2431211.2431216","journal-title":"ACM Comput. Surv."},{"key":"208_CR211","doi-asserted-by":"crossref","unstructured":"Pearson, S.: Privacy, security and trust in cloud computing. In: Pearson, S., Yee, G. (eds.) Privacy and Security for Cloud Computing, pp. 3\u201342. Springer London (2013). doi: 10.1007\/978-1-4471-4189-1_1","DOI":"10.1007\/978-1-4471-4189-1_1"},{"key":"208_CR212","doi-asserted-by":"crossref","unstructured":"Perez-Botero, D., Szefer, J., Lee, R.B.: Characterizing hypervisor vulnerabilities in cloud computing servers. In: Proceedings of the 2013 International Workshop on Security in Cloud Computing (SCC), pp. 3\u201310. ACM, New York, NY, USA (2013). doi: 10.1145\/2484402.2484406","DOI":"10.1145\/2484402.2484406"},{"key":"208_CR213","unstructured":"Pfaff, B., Pettit, J., Koponen, T., Amidon, K., Casado, M., Shenker, S.: Extending networking into the virtualization layer. In: Proceedings of the 8th ACM Workshop on Hot Topics in Networks. ACM SIGCOMM (2009)"},{"issue":"6","key":"208_CR214","doi-asserted-by":"crossref","first-page":"80","DOI":"10.1109\/MSP.2010.190","volume":"8","author":"M Prandini","year":"2010","unstructured":"Prandini, M., Ramilli, M., Cerroni, W., Callegati, F.: Splitting the HTTPS stream to attack secure web connections. IEEE Secur. Priv. 8(6), 80\u201384 (2010). doi: 10.1109\/MSP.2010.190","journal-title":"IEEE Secur. Priv."},{"key":"208_CR215","unstructured":"Prince, M.: The DDoS That Almost Broke the Internet. CloudFlare (2013)"},{"key":"208_CR216","unstructured":"Prince, M.: The DDoS That Knocked Spamhaus Offline (And How We Mitigated It). CloudFlare (2013)"},{"key":"208_CR217","doi-asserted-by":"crossref","unstructured":"Prolexic: Prolexic Quarterly Global DDoS Attack Report Q1 2013. https:\/\/www.prolexic.com\/knowledge-center-ddos-attack-report-2013-q1.html (2013). Accessed Apr. 2013","DOI":"10.1016\/S1353-4858(13)70045-X"},{"key":"208_CR218","doi-asserted-by":"crossref","unstructured":"Rahaman, M.A., Schaad, A., Rits, M.: Towards secure SOAP message exchange in a SOA. In: Proceedings of the 3rd ACM Workshop on Secure Web Services, pp. 77\u201384. ACM, New York, NY, USA (2006). doi: 10.1145\/1180367.1180382","DOI":"10.1145\/1180367.1180382"},{"key":"208_CR219","doi-asserted-by":"crossref","unstructured":"Ramgovind, S., Eloff, M., Smith, E.: The management of security in cloud computing. In: Information Security for South Africa, pp. 1\u20137. IEEE (2010). doi: 10.1109\/ISSA.2010.5588290","DOI":"10.1109\/ISSA.2010.5588290"},{"key":"208_CR220","unstructured":"Rasmusson, L., Aslam, M.: Protecting private data in the cloud. In: Proceedings of the 2nd International Conference on Cloud Computing and Services Science (CLOSER), pp. 5\u201312. Porto, Portugal (2012)"},{"key":"208_CR221","doi-asserted-by":"crossref","unstructured":"Rauti, S., Lepp\u00e4nen, V.: Browser extension-based man-in-the-browser attacks against Ajax applications with countermeasures. In: Proceedings of the 13th International Conference on Computer Systems and Technologies (CompSysTech), pp. 251\u2013258. ACM, Ruse, Bulgaria (2012) doi: 10.1145\/2383276.2383314","DOI":"10.1145\/2383276.2383314"},{"key":"208_CR222","unstructured":"RedHat: KVM Website. http:\/\/www.linux-kvm.org\/ (2013). Accessed Jun. 2013"},{"key":"208_CR223","unstructured":"RepoCERT: Botnet Using Plesk Vulnerability and Takedown. Seclists Website (2013)"},{"issue":"1","key":"208_CR224","doi-asserted-by":"crossref","first-page":"3","DOI":"10.1007\/s10723-010-9171-y","volume":"9","author":"BP Rimal","year":"2011","unstructured":"Rimal, B.P., Jukan, A., Katsaros, D., Goeleven, Y.: Architectural requirements for cloud computing systems: an enterprise cloud approach. J. Grid Comput. 9(1), 3\u201326 (2011). doi: 10.1007\/s10723-010-9171-y","journal-title":"J. Grid Comput."},{"key":"208_CR225","unstructured":"Ripe, NCC: Database Query. http:\/\/apps.db.ripe.net\/search\/query.html (2013). Accessed Apr. 2013"},{"key":"208_CR226","doi-asserted-by":"crossref","unstructured":"Riquet, D., Grimaud, G., Hauspie, M.: Large-scale coordinated attacks: impact on the cloud security. In: 6th International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing, pp. 558\u2013563. IEEE (2012). doi: 10.1109\/IMIS.2012.76","DOI":"10.1109\/IMIS.2012.76"},{"key":"208_CR227","doi-asserted-by":"crossref","unstructured":"Ristenpart, T., Tromer, E., Shacham, H., Savage, S.: Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds. In: Proceedings of the 16th ACM Conference on Computer and Communications Security, pp. 199\u2013212. ACM, New York, NY, USA (2009)","DOI":"10.1145\/1653662.1653687"},{"key":"208_CR228","unstructured":"Ristenpart, T., Yilek, S.: When good randomness goes bad: virtual machine reset vulnerabilities and hedging deployed cryptography. In: Proceedings of Network and Distributed Security Symposium (NDSS), pp. 1\u201318. The Internet Society, San Diego, CA, USA (2010)"},{"key":"208_CR229","doi-asserted-by":"crossref","unstructured":"Roberts II, J.C., Al-Hamdani, W.: Who can you trust in the cloud?: a review of security issues within cloud computing. In: Proceedings of the Information Security Curriculum Development Conference, pp. 15\u201319. ACM, New York, NY, USA (2011). doi: 10.1145\/2047456.2047458","DOI":"10.1145\/2047456.2047458"},{"issue":"9","key":"208_CR230","doi-asserted-by":"crossref","first-page":"44","DOI":"10.1109\/MC.2011.223","volume":"44","author":"F Rocha","year":"2011","unstructured":"Rocha, F., Abreu, S., Correia, M.: The final Frontier: confidentiality and privacy in the cloud. Computer 44(9), 44\u201350 (2011). doi: 10.1109\/MC.2011.223","journal-title":"Computer"},{"key":"208_CR231","doi-asserted-by":"crossref","unstructured":"Rocha, F., Correia, M.: Lucy in the sky without diamonds: stealing confidential data in the cloud. In: IEEE\/IFIP 41st International Conference on Dependable Systems and Networks Workshops, pp. 129\u2013134. IEEE (2011). doi: 10.1109\/DSNW.2011.5958798","DOI":"10.1109\/DSNW.2011.5958798"},{"issue":"1","key":"208_CR232","doi-asserted-by":"crossref","first-page":"96","DOI":"10.1016\/j.cose.2011.10.006","volume":"31","author":"L Rodero-Merino","year":"2012","unstructured":"Rodero-Merino, L., Vaquero, L.M., Caron, E., Desprez, F., Muresan, A.: Building safe PaaS clouds: a survey on security in multitenant software platforms. Comput. Secur. 31(1), 96\u2013108 (2012). doi: 10.1016\/j.cose.2011.10.006","journal-title":"Comput. Secur."},{"key":"208_CR233","doi-asserted-by":"crossref","unstructured":"Rong, C., Nguyen, S.T., Jaatun, M.G.: Beyond lightning: a survey on security challenges in cloud computing. Comput. Electr. Eng. (2012). doi: 10.1016\/j.compeleceng.2012.04.015 Available online 19 May 2012","DOI":"10.1016\/j.compeleceng.2012.04.015"},{"key":"208_CR234","unstructured":"Roy, I., Setty, S.T.V., Kilzer, A., Shmatikov, V., Witchel, E.: Airavat: security and privacy for MapReduce. In: Proceedings of the 7th USENIX Symposium on Networked Systems Design and Implementation, pp. 20\u201320. USENIX Association, Berkeley, CA, USA (2010)"},{"key":"208_CR235","unstructured":"RSA: RSA SecurID Website. http:\/\/sweden.emc.com\/security\/rsa-securid.htm (2013). Accessed Jun. 2013"},{"key":"208_CR236","unstructured":"RSA FirstWatch: Tales from the Darkside: Another Mule Recruitment Site. RSA Blog (2013)"},{"key":"208_CR237","unstructured":"Rutkowska, J.: Subverting VistaTM Kernel for fun and profit. Black Hat Conv. (2008)"},{"key":"208_CR238","doi-asserted-by":"crossref","unstructured":"Sabahi, F.: Cloud computing security threats and responses. In: IEEE 3rd International Conference on Communication Software and Networks, pp. 245\u2013249. IEEE (2011). doi: 10.1109\/ICCSN.2011.6014715","DOI":"10.1109\/ICCSN.2011.6014715"},{"key":"208_CR239","doi-asserted-by":"crossref","unstructured":"Sadashiv, N., Kumar, S.: Cluster, grid and cloud computing: a detailed comparison. In: 6th International Conference on Computer Science Education, pp. 477\u2013482. IEEE (2011). doi: 10.1109\/ICCSE.2011.6028683","DOI":"10.1109\/ICCSE.2011.6028683"},{"issue":"1","key":"208_CR240","first-page":"44","volume":"11","author":"K Salah","year":"2013","unstructured":"Salah, K., Alcaraz, Calero J.: Using cloud computing to implement a security overlay network. IEEE Secur. Priv. 11(1), 44\u201353 (2013). doi: 10.1109\/MSP.2012.88","journal-title":"IEEE Secur. Priv."},{"key":"208_CR241","unstructured":"SAML v2.0: OASIS Website. https:\/\/www.oasis-open.org\/standards#samlv2.0 (2005). Accessed Apr. 2013"},{"key":"208_CR242","unstructured":"Santos, N., Gummadi, K.P., Rodrigues, R.: Towards trusted cloud computing. In: Proceedings of the Conference on Hot Topics in Cloud Computing. USENIX Association, Berkeley, CA, USA (2009)"},{"key":"208_CR243","unstructured":"Schloesser, M., Guarnieri, C.: Vaccinating Systems Against VM-aware Malware. Rapid7 Labs (2013)"},{"key":"208_CR244","unstructured":"Schloesser, M., Guarnieri, C.: Vaccinating Systems Against VM-aware Malware. https:\/\/github.com\/rapid7\/vaccination (2013). Accessed May 2013"},{"key":"208_CR245","unstructured":"Schneier, B.: Homomorphic Encryption Breakthrough. https:\/\/www.schneier.com\/blog\/archives\/2009\/07\/homomorphic_enc.html (2009). Accessed May 2013"},{"key":"208_CR246","unstructured":"SecurityFocus: Xen CVE-2013-1920 Local Memory Corruption Vulnerability. SecurityFocus (2013)"},{"key":"208_CR247","doi-asserted-by":"crossref","unstructured":"Sekar, V., Maniatis, P.: Verifiable resource accounting for cloud computing services. In: Proceedings of the 3rd ACM Workshop on Cloud Computing Security, pp. 21\u201326. ACM, New York, NY, USA (2011). doi: 10.1145\/2046660.2046666","DOI":"10.1145\/2046660.2046666"},{"key":"208_CR248","doi-asserted-by":"crossref","unstructured":"Sengupta, S., Kaulgud, V., Sharma, V.: Cloud computing security\u2014trends and research directions. In: IEEE World Congress on Services, pp. 524\u2013531. IEEE Computer Society, Washington, DC, USA (2011). doi: 10.1109\/SERVICES.2011.20","DOI":"10.1109\/SERVICES.2011.20"},{"key":"208_CR249","doi-asserted-by":"crossref","unstructured":"Shin, S., Gu, G.: CloudWatcher: network security monitoring using OpenFlow in dynamic cloud networks (or: how to provide security monitoring as a service in clouds?). In: 20th IEEE International Conference on Network Protocols (ICNP), pp. 1\u20136. Austin, TX, USA (2012).doi: 10.1109\/ICNP.2012.6459946","DOI":"10.1109\/ICNP.2012.6459946"},{"key":"208_CR250","unstructured":"Shinotsuka, H.: Malware Authors Using New Techniques to Evade Automated Threat Analysis Systems. Symantec Blog (2012)"},{"key":"208_CR251","unstructured":"Singh, A.: Don\u2019t Click the Left Mouse Button: Introducing Trojan UpClicker. FireEye Blog (2012)"},{"issue":"8","key":"208_CR252","doi-asserted-by":"crossref","first-page":"15","DOI":"10.1016\/S1353-4858(09)70077-7","volume":"2009","author":"K Sloan","year":"2009","unstructured":"Sloan, K.: Security in a virtualised world. Netw. Secur. 2009(8), 15\u201318 (2009). doi: 10.1016\/S1353-4858(09)70077-7","journal-title":"Netw. Secur."},{"key":"208_CR253","unstructured":"SNIA: Cloud Data Management Interface (CDMI). http:\/\/www.snia.org\/cdmi (2013). Accessed Apr. 2013"},{"key":"208_CR254","unstructured":"Somorovsky, J., Mayer, A., Schwenk, J., Kampmann, M., Jensen, M.: On breaking SAML: be whoever you want to be. In: Proceedings of the 21st USENIX Security Symposium, pp. 21\u201321. USENIX Association, Bellevue, WA, USA (2012)"},{"key":"208_CR255","doi-asserted-by":"crossref","unstructured":"Songjie, Yao, J., Wu, C.: Cloud computing and its key techniques. In: International Conference on Electronic and Mechanical Engineering and Information Technology, vol. 1, pp. 320\u2013324. IEEE (2011). doi: 10.1109\/EMEIT.2011.6022935","DOI":"10.1109\/EMEIT.2011.6022935"},{"issue":"1","key":"208_CR256","first-page":"54","volume":"11","author":"A Sood","year":"2013","unstructured":"Sood, A., Enbody, R.: Targeted cyberattacks: a superset of advanced persistent threats. IEEE Secur. Priv. 11(1), 54\u201361 (2013). doi: 10.1109\/MSP.2012.90","journal-title":"IEEE Secur. Priv."},{"issue":"6","key":"208_CR257","doi-asserted-by":"crossref","first-page":"1831","DOI":"10.1016\/j.jnca.2012.07.007","volume":"35","author":"SK Sood","year":"2012","unstructured":"Sood, S.K.: A combined approach to ensure data security in cloud computing. J. Netw. Comput. Appli. 35(6), 1831\u20131838 (2012). doi: 10.1016\/j.jnca.2012.07.007","journal-title":"J. Netw. Comput. Appli."},{"key":"208_CR258","unstructured":"Spoon Website: Browser Sandbox. http:\/\/spoon.net\/browsers (2013). Accessed Apr. 2013"},{"key":"208_CR259","unstructured":"Stamos, A., Becherer, A., Wilcox, N.: Cloud Computing Security: Raining on the Trendy New Parade. https:\/\/www.blackhat.com\/html\/bh-usa-09\/bh-usa-09-archives.html (2009)"},{"key":"208_CR260","unstructured":"Staten, J.: 2013 Cloud Predictions: We\u2019ll Finally Get Real About Cloud. Forrester Blog (2012)"},{"issue":"1","key":"208_CR261","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1016\/j.jnca.2010.07.006","volume":"34","author":"S Subashini","year":"2011","unstructured":"Subashini, S., Kavitha, V.: A survey on security issues in service delivery models of cloud computing. J. Netw. Comput. Appli. 34(1), 1\u201311 (2011). doi: 10.1016\/j.jnca.2010.07.006","journal-title":"J. Netw. Comput. Appli."},{"key":"208_CR262","doi-asserted-by":"crossref","first-page":"2852","DOI":"10.1016\/j.proeng.2011.08.537","volume":"15","author":"D Sun","year":"2011","unstructured":"Sun, D., Chang, G., Sun, L., Wang, X.: Surveying and analyzing security, privacy and trust issues in cloud computing environments. Procedia Eng. 15, 2852\u20132856 (2011). doi: 10.1016\/j.proeng.2011.08.537","journal-title":"Procedia Eng."},{"key":"208_CR263","doi-asserted-by":"crossref","unstructured":"Sun, K., Li, Y., Hogstrom, M., Chen, Y.: Sizing multi-space in heap for application isolation. In: Companion to the 21st ACM SIGPLAN Symposium on Object-Oriented Programming Systems, Languages, and Applications (OOPSLA), pp. 647\u2013648. ACM, Portland, OR, USA (2006). doi: 10.1145\/1176617.1176654","DOI":"10.1145\/1176617.1176654"},{"key":"208_CR264","doi-asserted-by":"crossref","unstructured":"Sun, M.K., Lin, M.J., Chang, M., Laih, C.S., Lin, H.T.: Malware virtualization-resistant behavior detection. In: IEEE 17th International Conference on Parallel and Distributed Systems (ICPADS), pp. 912\u2013917. Tainan, Taiwan (2011). doi: 10.1109\/ICPADS.2011.78","DOI":"10.1109\/ICPADS.2011.78"},{"key":"208_CR265","doi-asserted-by":"crossref","unstructured":"Suzaki, K., Iijima, K., Yagi, T., Artho, C.: Memory deduplication as a threat to the guest OS. In: Proceedings of the 4th European Workshop on System Security, pp. 1:1\u20131:6. ACM, Salzburg, Austria (2011). doi: 10.1145\/1972551.1972552","DOI":"10.1145\/1972551.1972552"},{"key":"208_CR266","unstructured":"Suzaki, K., Iijima, K., Yagi, T., Artho, C.: Software side channel attack on memory deduplication. In: 23rd ACM Symposium on Operating Systems Principles. ACM, Cascais, Portugal (2011). Poster"},{"key":"208_CR267","unstructured":"Symantec: Internet Security Threat Report 2013. https:\/\/www.symantec.com\/security_response\/publications\/threatreport.jsp (2013). Accessed Apr. 2013"},{"key":"208_CR268","unstructured":"Symantec Security Response: Internet Explorer Zero-Day Used in Watering Hole Attack: Q &A. Symantec Blog (2012)"},{"key":"208_CR269","doi-asserted-by":"crossref","unstructured":"Szefer, J., Keller, E., Lee, R.B., Rexford, J.: Eliminating the hypervisor attack surface for a more secure cloud. In: Proceedings of the 18th ACM Conference on Computer and Communications Security (CCS), pp. 401\u2013412. ACM, Chicago, IL, USA (2011). doi: 10.1145\/2046707.2046754","DOI":"10.1145\/2046707.2046754"},{"issue":"6","key":"208_CR270","doi-asserted-by":"crossref","first-page":"24","DOI":"10.1109\/MSP.2010.186","volume":"8","author":"H Takabi","year":"2010","unstructured":"Takabi, H., Joshi, J., Ahn, G.: Security and privacy challenges in cloud computing environments. IEEE Secur. Priv. 8(6), 24\u201331 (2010)","journal-title":"IEEE Secur. Priv."},{"key":"208_CR271","doi-asserted-by":"crossref","unstructured":"Tang, M., Lv, Q., Lu, Z., Zhao, Q., Song, Y.: Dynamic virtual switch protocol using Openflow. In: 13th ACIS International Conference on Software Engineering, Artificial Intelligence, Networking and Parallel Distributed Computing (SNPD), pp. 603\u2013608. Kyoto, Japan (2012). doi: 10.1109\/SNPD.2012.129","DOI":"10.1109\/SNPD.2012.129"},{"key":"208_CR272","unstructured":"Tanvi: Mixed Content Blocking Enabled in Firefox 23! Firefox Blog (2013)"},{"issue":"9","key":"208_CR273","doi-asserted-by":"crossref","first-page":"32","DOI":"10.1109\/MSPEC.2011.5995897","volume":"48","author":"G Taylor","year":"2011","unstructured":"Taylor, G., Cox, G.: Digital randomness. IEEE Spectr. 48(9), 32\u201358 (2011). doi: 10.1109\/MSPEC.2011.5995897","journal-title":"IEEE Spectr."},{"issue":"3","key":"208_CR274","doi-asserted-by":"crossref","first-page":"4","DOI":"10.1016\/S1353-4858(11)70024-1","volume":"2011","author":"M Taylor","year":"2011","unstructured":"Taylor, M., Haggerty, J., Gresty, D., Lamb, D.: Forensic investigation of cloud computing systems. Netw. Secur. 2011(3), 4\u201310 (2011). doi: 10.1016\/S1353-4858(11)70024-1","journal-title":"Netw. Secur."},{"key":"208_CR275","unstructured":"The Linux Foundation: Xen Website. http:\/\/http:\/\/www.xenproject.org\/ (2013). Accessed Jun. 2013"},{"issue":"1","key":"208_CR276","doi-asserted-by":"crossref","first-page":"32","DOI":"10.1109\/MSP.2012.161","volume":"11","author":"H Thompson","year":"2013","unstructured":"Thompson, H.: The human element of information security. IEEE Secur. Priv. 11(1), 32\u201335 (2013). doi: 10.1109\/MSP.2012.161","journal-title":"IEEE Secur. Priv."},{"key":"208_CR277","unstructured":"Thorsheim, P.: The Final Word on the LinkedIn Leak. http:\/\/securitynirvana.blogspot.pt\/2012\/06\/final-word-on-linkedin-leak.html (2012). Accessed May 2013"},{"issue":"1","key":"208_CR278","first-page":"3","volume":"3","author":"V Toubiana","year":"2011","unstructured":"Toubiana, V., Nissenbaum, H.: Analysis of Google logs retention policies. J. Priv. Confid. 3(1), 3\u201326 (2011)","journal-title":"J. Priv. Confid."},{"key":"208_CR279","doi-asserted-by":"crossref","unstructured":"Townsend, M.: Managing a security program in a cloud computing environment. In: Information Security Curriculum Development Conference, pp. 128\u2013133. ACM, New York, NY, USA (2009). doi: 10.1145\/1940976.1941001","DOI":"10.1145\/1940976.1941001"},{"key":"208_CR280","unstructured":"Trader, T.: GPU Monster Shreds Password Hashes. HPCwire (2012)"},{"key":"208_CR281","doi-asserted-by":"crossref","unstructured":"Tripathi, A., Mishra, A.: Cloud computing security considerations. In: IEEE International Conference on Signal Processing, Communications and Computing, pp. 1\u20135. IEEE (2011). doi: 10.1109\/ICSPCC.2011.6061557","DOI":"10.1109\/ICSPCC.2011.6061557"},{"issue":"1","key":"208_CR282","doi-asserted-by":"crossref","first-page":"32","DOI":"10.1109\/MITP.2011.117","volume":"14","author":"HY Tsai","year":"2012","unstructured":"Tsai, H.Y., Siebenhaar, M., Miede, A., Huang, Y., Steinmetz, R.: Threat as a service?: virtualization\u2019s impact on cloud security. IT Prof. 14(1), 32\u201337 (2012). doi: 10.1109\/MITP.2011.117","journal-title":"IT Prof."},{"key":"208_CR283","doi-asserted-by":"crossref","unstructured":"Tseng, H.M., Lee, H.L., Hu, J.W., Liu, T.L., Chang, J.G., Huang, W.C.: Network virtualization with cloud virtual switch. In: IEEE 17th International Conference on Parallel and Distributed Systems (ICPADS), pp. 998\u20131003. Tainan, Taiwan (2011). doi: 10.1109\/ICPADS.2011.159","DOI":"10.1109\/ICPADS.2011.159"},{"issue":"1","key":"208_CR284","doi-asserted-by":"crossref","first-page":"93","DOI":"10.1007\/s00607-010-0140-x","volume":"91","author":"LM Vaquero","year":"2011","unstructured":"Vaquero, L.M., Rodero-Merino, L., Mor\u00e1n, D.: Locking the sky: a survey on IaaS cloud security. Computing 91(1), 93\u2013118 (2011). doi: 10.1007\/s00607-010-0140-x","journal-title":"Computing"},{"issue":"8","key":"208_CR285","doi-asserted-by":"crossref","first-page":"106","DOI":"10.1109\/MC.2009.252","volume":"42","author":"J Viega","year":"2009","unstructured":"Viega, J.: Cloud computing and the common man. Computer 42(8), 106\u2013108 (2009). doi: 10.1109\/MC.2009.252","journal-title":"Computer"},{"key":"208_CR286","unstructured":"VMware: VMware vSphere. https:\/\/www.vmware.com\/support\/product-support\/vsphere\/ (2013). Accessed Apr. 2013"},{"key":"208_CR287","unstructured":"VMware: VMware Website. https:\/\/www.vmware.com\/products\/ (2013). Accessed Jun. 2013"},{"key":"208_CR288","unstructured":"VMware: What is OVF? https:\/\/www.vmware.com\/technical-resources\/virtualization-topics\/virtual-appliances\/ovf.html (2013). Accessed Apr. 2013"},{"key":"208_CR289","unstructured":"VMware Community Forums: Low\/proc\/sys\/kernel\/random\/entr opy_avail causes exim to stop sending mail. http:\/\/communities.vmware.com\/message\/530909 (2006). Accessed May 2013"},{"key":"208_CR290","doi-asserted-by":"crossref","unstructured":"Vu, Q.H., Pham, T.V., Truong, H.L., Dustdar, S., Asal, R.: DEMODS: a description model for data-as-a-service. In: IEEE 26th International Conference on Advanced Information Networking and Applications (AINA), pp. 605\u2013612. Fukuoka, Japan (2012). doi: 10.1109\/AINA.2012.91","DOI":"10.1109\/AINA.2012.91"},{"issue":"4","key":"208_CR291","doi-asserted-by":"crossref","first-page":"19","DOI":"10.1109\/MNET.2010.5510914","volume":"24","author":"C Wang","year":"2010","unstructured":"Wang, C., Ren, K., Lou, W., Li, J.: Toward publicly auditable secure cloud data storage services. IEEE Netw. 24(4), 19\u201324 (2010). doi: 10.1109\/MNET.2010.5510914","journal-title":"IEEE Netw."},{"key":"208_CR292","doi-asserted-by":"crossref","unstructured":"Wang, C., Wang, Q., Ren, K., Lou, W.: Ensuring data storage security in cloud computing. In: 17th International Workshop on Quality of Service, pp. 1\u20139. IEEE (2009). doi: 10.1109\/IWQoS.2009.5201385","DOI":"10.1109\/IWQoS.2009.5201385"},{"key":"208_CR293","doi-asserted-by":"crossref","unstructured":"Wang, G., Ng, T.: The impact of virtualization on network performance of Amazon EC2 data center. In: Proceedings of the IEEE INFOCOM, pp. 1\u20139. Sand Diego, CA, USA (2010). doi: 10.1109\/INFCOM.2010.5461931","DOI":"10.1109\/INFCOM.2010.5461931"},{"key":"208_CR294","unstructured":"Ward, M.: Facebook Users Suffer Viral Surge. BBC News (2009)"},{"key":"208_CR295","unstructured":"Websense: 2013 Threat Report. https:\/\/www.websense.com\/content\/websense-2013-threat-report.aspx (2013). Accessed Apr. 2013"},{"key":"208_CR296","doi-asserted-by":"crossref","unstructured":"Wei, J., Zhang, X., Ammons, G., Bala, V., Ning, P.: Managing security of virtual machine images in a cloud environment. In: Proceedings of the ACM Workshop on Cloud Computing Security, pp. 91\u201396. ACM, New York, NY, USA (2009). doi: 10.1145\/1655008.1655021","DOI":"10.1145\/1655008.1655021"},{"key":"208_CR297","doi-asserted-by":"crossref","unstructured":"Wu, H., Ding, Y., Winer, C., Yao, L.: Network security for virtual machine in cloud computing. In: 5th International Conference on Computer Sciences and Convergence Information Technology (ICCIT), pp. 18\u201321. Seoul, South Korea (2010). doi: 10.1109\/ICCIT.2010.5711022","DOI":"10.1109\/ICCIT.2010.5711022"},{"key":"208_CR298","doi-asserted-by":"crossref","unstructured":"Wu, H., Ding, Y., Winer, C., Yao, L.: Network security for virtual machine in cloud computing. In: 5th International Conference on Computer Sciences and Convergence Information Technology, pp. 18\u201321. IEEE (2010). doi: 10.1109\/ICCIT.2010.5711022","DOI":"10.1109\/ICCIT.2010.5711022"},{"key":"208_CR299","unstructured":"Wueest, C.: Mobile Scam: Winning Without Playing. Symantec Blog (2013)"},{"key":"208_CR300","doi-asserted-by":"crossref","unstructured":"Xiao, Z., Xiao, Y.: Security and privacy in cloud computing. IEEE Commun. Surv. Tuts. 15(2), 843\u2013859 (2013). doi: 10.1109\/SURV.2012.060912.00182","DOI":"10.1109\/SURV.2012.060912.00182"},{"key":"208_CR301","doi-asserted-by":"crossref","unstructured":"Xu, Y., Bailey, M., Jahanian, F., Joshi, K., Hiltunen, M., Schlichting, R.: An exploration of L2 cache covert channels in virtualized environments. In: Proceedings of the 3rd ACM Workshop on Cloud Computing Security, pp. 29\u201340. ACM, New York, NY, USA (2011). doi: 10.1145\/2046660.2046670","DOI":"10.1145\/2046660.2046670"},{"key":"208_CR302","doi-asserted-by":"crossref","unstructured":"Yang, J., Chen, Z.: Cloud computing research and security issues. In: International Conference on Computational Intelligence and Software Engineering, pp. 1\u20133. IEEE (2010). doi: 10.1109\/CISE.2010.5677076","DOI":"10.1109\/CISE.2010.5677076"},{"issue":"1","key":"208_CR303","doi-asserted-by":"crossref","first-page":"73","DOI":"10.1109\/MSP.2013.10","volume":"11","author":"A Yasinsac","year":"2013","unstructured":"Yasinsac, A., Irvine, C.: Help! Is There a Trustworthy-Systems Doctor in the House? IEEE Secur. Priv. 11(1), 73\u201377 (2013). doi: 10.1109\/MSP.2013.10","journal-title":"IEEE Secur. Priv."},{"key":"208_CR304","doi-asserted-by":"crossref","unstructured":"Yilek, S.: Resettable public-key encryption: how to encrypt on a virtual machine. In: Proceedings of the International Conference on Topics in Cryptology, CT-RSA\u201910, pp. 41\u201356. Springer-Verlag, San Francisco, CA, USA (2010). doi: 10.1007\/978-3-642-11925-5_4","DOI":"10.1007\/978-3-642-11925-5_4"},{"key":"208_CR305","doi-asserted-by":"crossref","unstructured":"Yu, A., Sathanur, A., Jandhyala, V.: A partial homomorphic encryption scheme for secure design automation on public clouds. In: IEEE 21st Conference on Electrical Performance of Electronic Packaging and Systems (EPEPS), pp. 177\u2013180. Tempe, AZ, USA (2012). doi: 10.1109\/EPEPS.2012.6457871","DOI":"10.1109\/EPEPS.2012.6457871"},{"key":"208_CR306","doi-asserted-by":"crossref","unstructured":"Yu, H., Powell, N., Stembridge, D., Yuan, X.: Cloud computing and security challenges. In: Proceedings of the 50th Annual Southeast Regional Conference, pp. 298\u2013302. ACM, New York, NY, USA (2012). doi: 10.1145\/2184512.2184581","DOI":"10.1145\/2184512.2184581"},{"key":"208_CR307","doi-asserted-by":"crossref","unstructured":"Zabidi, M., Maarof, M., Zainal, A.: Malware analysis with multiple features. In: UKSim 14th International Conference on Computer Modelling and Simulation, pp. 231\u2013235. Cambridge, London (2012). doi: 10.1109\/UKSim.2012.40","DOI":"10.1109\/UKSim.2012.40"},{"key":"208_CR308","doi-asserted-by":"crossref","unstructured":"Zhang, F., Huang, Y., Wang, H., Chen, H., Zang, B.: PALM: security preserving VM live migration for systems with VMM-enforced protection. In: 3rd Asia-Pacific Trusted Infrastructure Technologies Conference, pp. 9\u201318. IEEE Computer Society, Washington, DC, USA (2008). doi: 10.1109\/APTC.2008.15","DOI":"10.1109\/APTC.2008.15"},{"key":"208_CR309","doi-asserted-by":"crossref","unstructured":"Zhang, Y., Juels, A., Reiter, M.K., Ristenpart, T.: Cross-VM side channels and their use to extract private keys. In: Proceedings of the 19th ACM Conference on Computer and Communications Security (CCS), pp. 305\u2013316. ACM, Raleigh, NC, USA (2012). doi: 10.1145\/2382196.2382230","DOI":"10.1145\/2382196.2382230"},{"key":"208_CR310","doi-asserted-by":"crossref","unstructured":"Zhou, M., Zhang, R., Xie, W., Qian, W., Zhou, A.: Security and privacy in cloud computing: a survey. In: 6th International Conference on Semantics Knowledge and Grid, pp. 105\u2013112. IEEE Computer Society, Washington, DC, USA (2010)","DOI":"10.1109\/SKG.2010.19"},{"key":"208_CR311","unstructured":"Zieg, M.: Separating fact from fiction in cloud computing. Data Center J. (2012)"},{"issue":"3","key":"208_CR312","doi-asserted-by":"crossref","first-page":"583","DOI":"10.1016\/j.future.2010.12.006","volume":"28","author":"D Zissis","year":"2010","unstructured":"Zissis, D., Lekkas, D.: Addressing cloud computing security issues. Future Gener. Comput. Syst. 28(3), 583\u2013592 (2010). doi: 10.1016\/j.future.2010.12.006","journal-title":"Future Gener. Comput. Syst."},{"key":"208_CR313","doi-asserted-by":"crossref","unstructured":"Zou, B., Zhang, H.: Toward enhancing trust in cloud computing environment. In: 2nd International Conference on Control, Instrumentation and Automation, pp. 364\u2013366 (2011). doi: 10.1109\/ICCIAutom.2011.6183990","DOI":"10.1109\/ICCIAutom.2011.6183990"}],"container-title":["International Journal of Information Security"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s10207-013-0208-7.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/article\/10.1007\/s10207-013-0208-7\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s10207-013-0208-7","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,3,6]],"date-time":"2022-03-06T23:53:43Z","timestamp":1646610823000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/s10207-013-0208-7"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2013,9,28]]},"references-count":313,"journal-issue":{"issue":"2","published-print":{"date-parts":[[2014,4]]}},"alternative-id":["208"],"URL":"https:\/\/doi.org\/10.1007\/s10207-013-0208-7","relation":{},"ISSN":["1615-5262","1615-5270"],"issn-type":[{"value":"1615-5262","type":"print"},{"value":"1615-5270","type":"electronic"}],"subject":[],"published":{"date-parts":[[2013,9,28]]}}}