Full Paper View Go Back
Vulnerabilities and Countermeasures on Cloud: A Survey
Kamal Bunkar1 , Chhaya Arya2
Section:Survey Paper, Product Type: Journal
Vol.6 ,
Issue.3 , pp.72-79, Jun-2018
Online published on Jun 30, 2018
Copyright © Kamal Bunkar, Chhaya Arya . This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.
View this paper at Google Scholar | DPI Digital Library
How to Cite this Paper
- IEEE Citation
- MLA Citation
- APA Citation
- BibTex Citation
- RIS Citation
IEEE Style Citation: Kamal Bunkar, Chhaya Arya, “Vulnerabilities and Countermeasures on Cloud: A Survey,” International Journal of Scientific Research in Network Security and Communication, Vol.6, Issue.3, pp.72-79, 2018.
MLA Style Citation: Kamal Bunkar, Chhaya Arya "Vulnerabilities and Countermeasures on Cloud: A Survey." International Journal of Scientific Research in Network Security and Communication 6.3 (2018): 72-79.
APA Style Citation: Kamal Bunkar, Chhaya Arya, (2018). Vulnerabilities and Countermeasures on Cloud: A Survey. International Journal of Scientific Research in Network Security and Communication, 6(3), 72-79.
BibTex Style Citation:
@article{Bunkar_2018,
author = {Kamal Bunkar, Chhaya Arya},
title = {Vulnerabilities and Countermeasures on Cloud: A Survey},
journal = {International Journal of Scientific Research in Network Security and Communication},
issue_date = {6 2018},
volume = {6},
Issue = {3},
month = {6},
year = {2018},
issn = {2347-2693},
pages = {72-79},
url = {https://www.isroset.org/journal/IJSRNSC/full_paper_view.php?paper_id=435},
publisher = {IJCSE, Indore, INDIA},
}
RIS Style Citation:
TY - JOUR
UR - https://www.isroset.org/journal/IJSRNSC/full_paper_view.php?paper_id=435
TI - Vulnerabilities and Countermeasures on Cloud: A Survey
T2 - International Journal of Scientific Research in Network Security and Communication
AU - Kamal Bunkar, Chhaya Arya
PY - 2018
DA - 2018/06/30
PB - IJCSE, Indore, INDIA
SP - 72-79
IS - 3
VL - 6
SN - 2347-2693
ER -
Abstract :
A system, programme, or process that has a vulnerability or flaw that could be used by bad actors to undermine the security or integrity of that system is said to be vulnerable. Organisations must establish a complete cybersecurity strategy that includes routine security assessments, vulnerability scanning, patch management, employee training, and incident response planning in order to reduce vulnerabilities. Protecting systems and data from potential exploitation requires staying up to date on the newest security threats and best practises. Misconfigurations, software defects, insecure APIs (Application Programming Interfaces), and insufficient access controls are only a few of the causes of cloud vulnerabilities. This review paper reviewed different related studies published from 2010 to 2017 from the academia and industry. They classified the security issues as per defined taxonomy with real-life examples that provided a rationale for discussion and highlighted the related impact of the security issues. Security and privacy were cited as important obstacles to the cloud`s rapid rise in earlier research. However, the narrative evaluation offered in this study offers an integrationist end-to-end mapping of cloud security requirements, detected threats, known vulnerabilities, and recommended responses, which appears to be a first-time presentation of this information in one location.
Key-Words / Index Term :
Attack Classification; Cloud Computing; Threats Classification; Threat Identification; Vulnerabilities
References :
[1] Akhil D More, Shailesh Nelwade, Avinash Chhabra, Nachiket Bhosale and Abha Pathak, Jan. 2016, „A Review on Privacy Preserving Public Auditing for Data Storage Security?, International Journal of Innovative Research in Computer and Communication Engineering, Vol. 4, No. 1, pp. 50 - 56.
[2] Aized Amin Soofi, Irfan Khan, M and Fazal – e – Amin , May 2014, „A Review on Data Security in Cloud Computing?, International Journal of Computer Applications, Vol. 94, No. 5, pp. 26 – 35
[3] H. Takabi, J.B.D. Joshi, G.-J. Ahn, Security and privacy challenges in cloud computing environments, IEEE Secur. Priv. (ISSN: 1540-7993) 8 (6) (2010) 24–31.
[4] Alevitina Dubovitskaya, Visara Urovi, Matteo Vasirani, Karl Aberer and Michael I. Schumacher, 2015, „A Cloud Based eHealth Architecture for Privacy Preserving Data Integration, IFIP, pp. 585 – 598.
[5] B. Grobauer, T. Walloschek, E. Stocker, Understanding cloud computing vulnerabilities, IEEE Secur. Priv. (ISSN: 1540-7993) 9 (2) (2011) 50–57.
[6] S. Subashini, V. Kavitha, A survey on security issues in service delivery models of cloud computing, J. Netw. Comput. Appl. (ISSN: 1084-8045) 34 (1) (2011) 1–11.
[7] Anantha Lakshmi, M and Shaik Mahammad Rasheed, April 2016, “Integrity Constraints for Cloud Auditing Services Using Third Party Services?, International Journal of Advanced Research in Computer and Communication Engineering, Vol. 5, No. 4, pp. 32 – 38
[8] S. Pearson, Privacy, security and trust in cloud computing, in: S. Pearson, G. Yee (Eds.), Privacy and Security for Cloud Computing, Springer, London, UK, ISBN: 978-1-4471-4189-1, 2013, pp. 3–42.
[9] N. Phaphoom, X. Wang, S. Samuel, S. Helmer, P. Abrahamsson, A survey study on major technical barriers affecting the decision to adopt cloud services, J. Syst. Softw. (ISSN: 0164-1212) 103 (2015) 167–181.
[10] K. Hashizume, D.G. Rosado, E. Fernández-Medina, E.B. Fernandez, An analysis of security issues for cloud computing, J. Internet Serv. Appl. (ISSN: 1869-0238) 4 (1) (2013) 1–13.
[11] Ankush R. Nistane, Shubhangi Sapkal and Deshmukh, R.R, Feb. 2016, „Privacy Preserving Public Auditing and Data Integrity for Secure Cloud Storage Using Cloud Third Party Auditor?, International Journal of Advanced Engineering, Management and Science, Vol. 2, No. 2, pp. 50 - 56.
[12] C. Modi, D. Patel, B. Borisaniya, A. Patel, M. Rajarajan, A survey on security issues and solutions at different layers of cloud computing, J. Supercomput. (ISSN: 1573-0484) 63 (2) (2013) 561–592.
[13] L. Coppolino, S. DAntonio, G. Mazzeo, L. Romano, Cloud security: Emerging threats and current solutions, Comput. Electr. Eng. (ISSN: 0045-7906) 59 (2017) 126–140.
[14] S. Singh, Y.-S. Jeong, J.H. Park, A survey on cloud computing security: Issues, threats, and solutions, J. Netw. Comput. Appl. 75 (2016) 200–222.
[15] [36] N. Khan, A. Al-Yasiri, Identifying cloud security threats to strengthen cloud computing adoption framework, Procedia Comput. Sci. (ISSN: 1877-0509) 94 (2016) 485–490.
[16] W. Huang, A. Ganjali, B.H. Kim, S. Oh, D. Lie, The state of public infrastructure-as-a-service cloud security, ACM Comput. Surv. (ISSN: 0360-0300) 47 (4) (2015) 1–31.
[17] M. Ali, S.U. Khan, A.V. Vasilakos, Security in cloud computing: Opportunities and challenges, Inform. Sci. (ISSN: 0020-0255) 305 (2015) 357–383.
[18] I.M. Khalil, A. Khreishah, M. Azeem, Cloud computing security: A survey, Computers (ISSN: 2073-431X) 3 (1) (2014) 1–35.
[19] D.A.B. Fernandes, L.F.B. Soares, J.V. Gomes, M.M. Freire, P.R.M. Inácio, Security issues in cloud environments: a survey, Int. J. Inf. Secur. (ISSN: 1615-5270) 13 (2) (2014) 113–170.
[20] Z. Xiao, Y. Xiao, Security and privacy in cloud computing, IEEE Commun. Surv. Tutor. (ISSN: 1553-877X) 15 (2) (2013) 843–859.
[21] D. Zissis, D. Lekkas, Addressing cloud computing security issues, Future Gener. Comput. Syst. (ISSN: 0167-739X) 28 (3) (2012) 583–592.
[22] L.M. Vaquero, L. Rodero-Merino, D. Morán, Locking the sky: a survey on IaaS cloud security, Computing (ISSN: 1436-5057) 91 (1) (2011) 93–118.
[23] M.A. Morsy, J. Grundy, I. Müller, An analysis of the cloud computing security problem, in: Proceedings of APSEC 2010 Cloud Workshop, 2010, pp. 1–6.
[24] Q. Zhang, L. Cheng, R. Boutaba, Cloud computing: state-of-the-art and research challenges, J. Internet Serv. Appl. (ISSN: 1869-0238) 1 (1) (2010) 7–18.
[25] M. Avram, Advantages and challenges of adopting cloud computing from an enterprise perspective, Procedia Technol. (ISSN: 2212-0173) 12 (2014) 529–534.
[26] C.-L. Hsu, J.C.-C. Lin, Factors affecting the adoption of cloud services in enterprises, Inf. Syst. E-bus. Manag. (ISSN: 1617-9846) 14 (4) (2016) 791–822.
[27] F. Liu, J. Tong, J. Mao, R. Bohn, J. Messina, L. Badger, D. Leaf, NIST Cloud Computing Reference Architecture (SP 500-292), National Institute of Standards & Technology, Gaithersburg, MD 20899-8930, USA, 2011.
[28] E. Aguiar, Y. Zhang, M. Blanton, An overview of issues and recent developments in cloud computing and storage security, in: K.J. Han, B.-Y. Choi, S. Song (Eds.), High Performance Cloud Auditing and Applications, Springer, New York, NY, USA, ISBN: 978-1-4614-3296-8, 2014, pp. 3–33.
[29] C.A. Ardagna, R. Asal, E. Damiani, Q.H. Vu, From security to assurance in the cloud: A survey, ACM Comput. Surv. (ISSN: 0360-0300) 48 (1) (2015) 1–50.
You do not have rights to view the full text article.
Please contact administration for subscription to Journal or individual article.
Mail us at ijsrnsc@gmail.com or view contact page for more details.