{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,3,5]],"date-time":"2024-03-05T22:04:34Z","timestamp":1709676274693},"reference-count":23,"publisher":"IGI Global","issue":"3","content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2011,7,1]]},"abstract":"
Cloud Computing (CC) is revolutionizing the methodology by which IT services are being utilized. It is being introduced and marketed with many attractive promises that are enticing to many companies and managers, such as reduced capital costs and relief from managing complex information technology infrastructure. However, along with desirable benefits come risks and security concerns that must be considered and addressed correctly. Thus, security issues must be considered as a major issue when considering Cloud Computing. This paper discusses Cloud Computing and its related concepts; highlights and categorizes many of the security issues introduced by the \u201ccloud\u201d; surveys the risks, threats, and vulnerabilities; and makes the necessary recommendations that can help promote the benefits and mitigate the risks associated with Cloud Computing.<\/p>","DOI":"10.4018\/ijcac.2011070101","type":"journal-article","created":{"date-parts":[[2011,10,19]],"date-time":"2011-10-19T16:07:30Z","timestamp":1319040450000},"page":"1-11","source":"Crossref","is-referenced-by-count":8,"title":["Security Issues in Cloud Computing"],"prefix":"10.4018","volume":"1","author":[{"given":"Kamal","family":"Dahbur","sequence":"first","affiliation":[{"name":"New York Institute of Technology, Jordan"}]},{"given":"Bassil","family":"Mohammad","sequence":"additional","affiliation":[{"name":"New York Institute of Technology, Jordan"}]},{"given":"Ahmad Bisher","family":"Tarakji","sequence":"additional","affiliation":[{"name":"New York Institute of Technology, Jordan"}]}],"member":"2432","reference":[{"key":"ijcac.2011070101-0","doi-asserted-by":"publisher","DOI":"10.1145\/1721654.1721672"},{"key":"ijcac.2011070101-1","unstructured":"BBC. (2009). The sidekick cloud disaster. Retrieved from http:\/\/bbc.co.uk.\/blogs\/technology\/2009\/10\/the_sidekick_cloud_disaster.html"},{"key":"ijcac.2011070101-2","unstructured":"Blogspot. (2008). The blue pill. Retrieved from http:\/\/theinvesiblethings.blogspot.com\/2008\/07\/0wning-xen-invegas.html"},{"key":"ijcac.2011070101-3","author":"N.Carr","year":"2008","journal-title":"The big switch: Our new destiney"},{"key":"ijcac.2011070101-4","doi-asserted-by":"crossref","unstructured":"Chow, G. J. (2009). Controlling data in the cloud: Outsourcing computation without outsourcing control. In Proceedings of the ACM Workshop on Cloud Computing and Security, Chicago, IL (pp. 85-90).","DOI":"10.1145\/1655008.1655020"},{"key":"ijcac.2011070101-5","unstructured":"CSA. (2010). Top threats to cloud computing, v1.0. Retrieved from https:\/\/cloudsecurityalliance.org\/topthreats\/csathreats.v1.0.pdf"},{"key":"ijcac.2011070101-6","unstructured":"Danchev, D. (2009). Zeus crimeware using Amazon's EC2 as command and control server. Retrieved from http:\/\/www.zdnet.com\/blog\/security\/zeus-crimeware-using-amazons-ec2-as-command-and-control-server\/5010"},{"key":"ijcac.2011070101-7","unstructured":"ENISA. (2010). Cloud computing: Benefits, risks and recommendations for information security. Retrieved from http:\/\/www.coe.int\/t\/dghl\/cooperation\/economiccrime\/cybercrime\/cy-activity-interface-2010\/presentations\/Outlook\/Udo%20Helmbrecht_ENISA_Cloud%20Computing_Outlook.pdf"},{"key":"ijcac.2011070101-8","unstructured":"Ferguson, T. (2009). Outage hits thousands of businesses. Retrieved from http:\/\/news.cnet.com\/8301-1001_3-10136540-92.html"},{"key":"ijcac.2011070101-9","unstructured":"Ferreiro, D. S. (2010). Guidance on managing records in cloud computing environments. Retrieved from http:\/\/www.egov.vic.gov.au\/focus-on-countries\/north-and-south-america-and-the-caribbean\/united-states\/government-initiatives-united-states\/culture-sport-and-recreation-united-states\/archives-and-public-records-united-states\/guidance-on-managing-records-in-cloud-computing-environments.html"},{"key":"ijcac.2011070101-10","doi-asserted-by":"publisher","DOI":"10.1109\/MSP.2010.115"},{"key":"ijcac.2011070101-11","unstructured":"Hobson, D. (2009). Global secure systems: Into the Cloud we go....have we thought about security issues? Retrieved from http:\/\/www.globalsecuritymag.com\/David-Hobson-Global-Secure-Systems,20090122,7110"},{"key":"ijcac.2011070101-12","doi-asserted-by":"crossref","unstructured":"Jensen, M., Schwenk, J., Gruschka, N., & Lo Iacono, L. (2009). On technical security issues in cloud computing. In Proceedings of the IEEE International Conference on Cloud Computing, Bangalore, India.","DOI":"10.1109\/CLOUD.2009.60"},{"key":"ijcac.2011070101-13","author":"T.Mather","year":"2009","journal-title":"Cloud security and privacy"},{"key":"ijcac.2011070101-14","unstructured":"Naraine, R. (2007). 100% undetectable malware' challenge. Retrieved from http:\/\/zdnet.com\/blog\/security\/rutkowska-faces-100-undetectable-malware-challenge\/334"},{"key":"ijcac.2011070101-15","unstructured":"NIST. (2010). Cloud computing forum and workshop. Retrieved from http:\/\/csrc.nist.gov\/groups\/SNS\/cloud-computing\/"},{"key":"ijcac.2011070101-16","doi-asserted-by":"crossref","unstructured":"Pearson, S. (2009). Taking account of privacy wehn designing cloud computing services. In Proceedings of the International Workshop on Software Engineering Challenges of Cloud Computing. Vancouver, BC, Canada.","DOI":"10.1109\/CLOUD.2009.5071532"},{"key":"ijcac.2011070101-17","doi-asserted-by":"publisher","DOI":"10.1145\/1515964.1517412"},{"key":"ijcac.2011070101-18","unstructured":"Rutkowska, J. (2007). Security challenges in virtualaized environments. Paper presented at the Nordic Virtualization Forum."},{"key":"ijcac.2011070101-19","doi-asserted-by":"publisher","DOI":"10.1109\/MITP.2009.89"},{"key":"ijcac.2011070101-20","doi-asserted-by":"crossref","unstructured":"Wei, J., Zhang, X., Ammons, G., Bala, V., & Ning, P. (2009). Managing security of virtual machine images in a cloud environment. In Proceedings of the ACM Cloud Computing Security Workshop (pp. 91-96).","DOI":"10.1145\/1655008.1655021"},{"key":"ijcac.2011070101-21","doi-asserted-by":"publisher","DOI":"10.1109\/MIC.2010.147"},{"key":"ijcac.2011070101-22","doi-asserted-by":"crossref","unstructured":"Youseff, L., Butrico, M., & Da Silva, D. (2008). Towards a unified ontology of cloud computing. Retrieved from http:\/\/www.cs.ucsb.edu\/~lyouseff\/CCOntology\/CloudOntology.pdf","DOI":"10.1109\/GCE.2008.4738443"}],"container-title":["International Journal of Cloud Applications and Computing"],"original-title":[],"language":"ng","link":[{"URL":"https:\/\/www.igi-global.com\/viewtitle.aspx?TitleId=58057","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,6,1]],"date-time":"2022-06-01T21:59:51Z","timestamp":1654120791000},"score":1,"resource":{"primary":{"URL":"https:\/\/services.igi-global.com\/resolvedoi\/resolve.aspx?doi=10.4018\/ijcac.2011070101"}},"subtitle":["A Survey of Risks, Threats and Vulnerabilities"],"short-title":[],"issued":{"date-parts":[[2011,7,1]]},"references-count":23,"journal-issue":{"issue":"3","published-print":{"date-parts":[[2011,7]]}},"URL":"http:\/\/dx.doi.org\/10.4018\/ijcac.2011070101","relation":{},"ISSN":["2156-1834","2156-1826"],"issn-type":[{"value":"2156-1834","type":"print"},{"value":"2156-1826","type":"electronic"}],"subject":["General Medicine"],"published":{"date-parts":[[2011,7,1]]}}}