{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,12,3]],"date-time":"2025-12-03T17:43:10Z","timestamp":1764783790338,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":34,"publisher":"ACM","license":[{"start":{"date-parts":[[2015,10,16]],"date-time":"2015-10-16T00:00:00Z","timestamp":1444953600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2015,10,16]]},"DOI":"10.1145\/2808425.2808432","type":"proceedings-article","created":{"date-parts":[[2015,10,6]],"date-time":"2015-10-06T14:29:08Z","timestamp":1444141748000},"page":"5-16","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":3,"title":["How Private is Your Private Cloud?"],"prefix":"10.1145","author":[{"given":"Dennis","family":"Felsch","sequence":"first","affiliation":[{"name":"Horst G\u00f6rtz Institute for IT-Security, Bochum, Germany"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Mario","family":"Heiderich","sequence":"additional","affiliation":[{"name":"Horst G\u00f6rtz Institute for IT-Security, Bochum, Germany"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Frederic","family":"Schulz","sequence":"additional","affiliation":[{"name":"Horst G\u00f6rtz Institute for IT-Security, Bochum, Germany"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"J\u00f6rg","family":"Schwenk","sequence":"additional","affiliation":[{"name":"Horst G\u00f6rtz Institute for IT-Security, Bochum, Germany"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2015,10,16]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"AngularJS Home Page. {online} http:\/\/www.angularjs.org\/.  AngularJS Home Page. {online} http:\/\/www.angularjs.org\/."},{"key":"e_1_3_2_1_2_1","unstructured":"BeEF Home Page. {online} http:\/\/beefproject.com\/.  BeEF Home Page. {online} http:\/\/beefproject.com\/."},{"key":"e_1_3_2_1_3_1","unstructured":"DevStack Home Page. {online} http:\/\/devstack.org\/.  DevStack Home Page. {online} http:\/\/devstack.org\/."},{"key":"e_1_3_2_1_4_1","unstructured":"Eucalyptus FastStart. {online} https:\/\/www.eucalyptus.com\/install.  Eucalyptus FastStart. {online} https:\/\/www.eucalyptus.com\/install."},{"key":"e_1_3_2_1_5_1","unstructured":"Eucalyptus Home Page. {online} http:\/\/www.eucalyptus.com\/.  Eucalyptus Home Page. {online} http:\/\/www.eucalyptus.com\/."},{"key":"e_1_3_2_1_6_1","unstructured":"Howto: Install openQRM 5.1 on Debian Wheezy. {online} http:\/\/openqrm-enterprise.com\/resources\/documentation-howtos\/howtos\/install-openqrm-51-on-debian-wheezy.html.  Howto: Install openQRM 5.1 on Debian Wheezy. {online} http:\/\/openqrm-enterprise.com\/resources\/documentation-howtos\/howtos\/install-openqrm-51-on-debian-wheezy.html."},{"key":"e_1_3_2_1_7_1","unstructured":"NoScript Home Page. {online} http:\/\/noscript.net\/.  NoScript Home Page. {online} http:\/\/noscript.net\/."},{"key":"e_1_3_2_1_8_1","unstructured":"noVNC Home Page. {online} http:\/\/kanaka.github.io\/noVNC\/.  noVNC Home Page. {online} http:\/\/kanaka.github.io\/noVNC\/."},{"key":"e_1_3_2_1_9_1","unstructured":"OpenNebula Home Page. {online} http:\/\/opennebula.org\/.  OpenNebula Home Page. {online} http:\/\/opennebula.org\/."},{"key":"e_1_3_2_1_10_1","unstructured":"OpenNebula on Ubuntu 14.04 and KVM. {online} http:\/\/docs.opennebula.org\/4.6\/design_and_installation\/quick_starts\/qs_ubuntu_kvm.html.  OpenNebula on Ubuntu 14.04 and KVM. {online} http:\/\/docs.opennebula.org\/4.6\/design_and_installation\/quick_starts\/qs_ubuntu_kvm.html."},{"key":"e_1_3_2_1_11_1","unstructured":"OpenQRM Home Page. {online} http:\/\/www.openqrm-enterprise.com\/.  OpenQRM Home Page. {online} http:\/\/www.openqrm-enterprise.com\/."},{"key":"e_1_3_2_1_12_1","unstructured":"OpenStack Home Page. {online} http:\/\/openstack.org\/.  OpenStack Home Page. {online} http:\/\/openstack.org\/."},{"key":"e_1_3_2_1_13_1","volume-title":"Thomas Eisenbarth, and Berk Sunar. Fine grain cross-vm attacks on xen and vmware are possible! IACR Cryptology ePrint Archive","author":"Apecechea Gorka Irazoqui","year":"2014","unstructured":"Gorka Irazoqui Apecechea , Mehmet Sinan Inci , Thomas Eisenbarth, and Berk Sunar. Fine grain cross-vm attacks on xen and vmware are possible! IACR Cryptology ePrint Archive , 2014 :248, 2014. Gorka Irazoqui Apecechea, Mehmet Sinan Inci, Thomas Eisenbarth, and Berk Sunar. Fine grain cross-vm attacks on xen and vmware are possible! IACR Cryptology ePrint Archive, 2014:248, 2014."},{"key":"e_1_3_2_1_14_1","volume-title":"June","author":"Fielding R.","year":"1999","unstructured":"R. Fielding , J. Gettys , J. Mogul , H. Frystyk , L. Masinter , P. Leach , and T. Berners-Lee . Hypertext Transfer Protocol -- HTTP\/1.1. RFC 2616 (Draft Standard) , June 1999 . Obsoleted by RFCs 7230, 7231, 7232, 7233, 7234, 7235, updated by RFCs 2817, 5785, 6266, 6585. R. Fielding, J. Gettys, J. Mogul, H. Frystyk, L. Masinter, P. Leach, and T. Berners-Lee. Hypertext Transfer Protocol -- HTTP\/1.1. RFC 2616 (Draft Standard), June 1999. Obsoleted by RFCs 7230, 7231, 7232, 7233, 7234, 7235, updated by RFCs 2817, 5785, 6266, 6585."},{"key":"e_1_3_2_1_15_1","volume-title":"ISO","author":"International Organization for Standardization.","year":"2014","unstructured":"International Organization for Standardization. Information technology -- cloud computing -- overview and vocabulary. ISO 17788:2014 , ISO , Geneva, Switzerland , 2014 . International Organization for Standardization. Information technology -- cloud computing -- overview and vocabulary. ISO 17788:2014, ISO, Geneva, Switzerland, 2014."},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICWS.2009.70"},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1145\/2490257.2490285"},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1145\/2382196.2382276"},{"key":"e_1_3_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.1145\/2508859.2516723"},{"key":"e_1_3_2_1_20_1","unstructured":"Jann Horn. AngularJS Sandbox Bypasses. {online} https:\/\/code.google.com\/p\/mustache-security\/wiki\/AngularJS#Sandbox_Bypasses.  Jann Horn. AngularJS Sandbox Bypasses. {online} https:\/\/code.google.com\/p\/mustache-security\/wiki\/AngularJS#Sandbox_Bypasses."},{"key":"e_1_3_2_1_22_1","unstructured":"Mathias Karlsson. AngularJS 1.2.19--1.2.23 \/ > 1.3.0-beta.14. {online} https:\/\/code.google.com\/p\/mustache-security\/wiki\/AngularJS#AngularJS_1.2.19--1.2.23_\/_%3E_1.3.0-beta.14.  Mathias Karlsson. AngularJS 1.2.19--1.2.23 \/ > 1.3.0-beta.14. {online} https:\/\/code.google.com\/p\/mustache-security\/wiki\/AngularJS#AngularJS_1.2.19--1.2.23_\/_%3E_1.3.0-beta.14."},{"key":"e_1_3_2_1_23_1","unstructured":"Amit Klein. DOM based cross site scripting or XSS of the third kind. http:\/\/www.webappsec.org\/projects\/articles\/071105.shtml 2005.  Amit Klein. DOM based cross site scripting or XSS of the third kind. http:\/\/www.webappsec.org\/projects\/articles\/071105.shtml 2005."},{"key":"e_1_3_2_1_24_1","volume-title":"The NIST definition of cloud computing. NIST Special Publication 800--145","author":"Mell Peter","year":"2011","unstructured":"Peter Mell and Tim Grance . The NIST definition of cloud computing. NIST Special Publication 800--145 , 2011 . Peter Mell and Tim Grance. The NIST definition of cloud computing. NIST Special Publication 800--145, 2011."},{"key":"e_1_3_2_1_25_1","doi-asserted-by":"publisher","DOI":"10.1007\/s11227-012-0831-5"},{"key":"e_1_3_2_1_26_1","volume-title":"Black Hat Abu Dhabi","author":"Niemietz Marcus","year":"2012","unstructured":"Marcus Niemietz and J\u00f6rg Schwenk . Ui redressing attacks on android devices . Black Hat Abu Dhabi , 2012 . Marcus Niemietz and J\u00f6rg Schwenk. Ui redressing attacks on android devices. Black Hat Abu Dhabi, 2012."},{"key":"e_1_3_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.1145\/1653662.1653687"},{"key":"e_1_3_2_1_28_1","first-page":"101","volume-title":"CLOUD COMPUTING 2013, The Fourth International Conference on Cloud Computing, GRIDs, and Virtualization","author":"Ristov Sasko","year":"2013","unstructured":"Sasko Ristov , Marjan Gusev , and Aleksandar Donevski . Openstack cloud security vulnerabilities from inside and outside . In CLOUD COMPUTING 2013, The Fourth International Conference on Cloud Computing, GRIDs, and Virtualization , pages 101 -- 107 , 2013 . Sasko Ristov, Marjan Gusev, and Aleksandar Donevski. Openstack cloud security vulnerabilities from inside and outside. In CLOUD COMPUTING 2013, The Fourth International Conference on Cloud Computing, GRIDs, and Virtualization, pages 101--107, 2013."},{"key":"e_1_3_2_1_29_1","doi-asserted-by":"publisher","DOI":"10.1109\/CloudCom.2010.42"},{"key":"e_1_3_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.1145\/2046660.2046664"},{"key":"e_1_3_2_1_31_1","doi-asserted-by":"publisher","DOI":"10.1145\/1972551.1972552"},{"key":"e_1_3_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.1145\/2382196.2382228"},{"key":"e_1_3_2_1_33_1","doi-asserted-by":"publisher","DOI":"10.1145\/966389.966390"},{"key":"e_1_3_2_1_34_1","volume-title":"Cross-site request forgeries: Exploitation and prevention. https:\/\/www.eecs.berkeley.edu\/ daw\/teaching\/cs261-f11\/reading\/csrf.pdf","author":"Zeller William","year":"2008","unstructured":"William Zeller and Edward W. Felten . Cross-site request forgeries: Exploitation and prevention. https:\/\/www.eecs.berkeley.edu\/ daw\/teaching\/cs261-f11\/reading\/csrf.pdf , 2008 . William Zeller and Edward W. Felten. Cross-site request forgeries: Exploitation and prevention. https:\/\/www.eecs.berkeley.edu\/ daw\/teaching\/cs261-f11\/reading\/csrf.pdf, 2008."},{"key":"e_1_3_2_1_35_1","doi-asserted-by":"publisher","DOI":"10.1145\/2382196.2382230"}],"event":{"name":"CCS'15: The 22nd ACM Conference on Computer and Communications Security","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"],"location":"Denver Colorado USA","acronym":"CCS'15"},"container-title":["Proceedings of the 2015 ACM Workshop on Cloud Computing Security Workshop"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2808425.2808432","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/2808425.2808432","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T06:12:41Z","timestamp":1750227161000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2808425.2808432"}},"subtitle":["Security Analysis of Cloud Control Interfaces"],"short-title":[],"issued":{"date-parts":[[2015,10,16]]},"references-count":34,"alternative-id":["10.1145\/2808425.2808432","10.1145\/2808425"],"URL":"https:\/\/doi.org\/10.1145\/2808425.2808432","relation":{},"subject":[],"published":{"date-parts":[[2015,10,16]]},"assertion":[{"value":"2015-10-16","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}