Advanced search
Publication Cover
Journal of Computer Information Systems Volume 58, 2018 - Issue 1
Submit an article Journal homepage
1,137
Views
26
CrossRef citations to date
0
Altmetric
Articles

Taxonomy for Identification of Security Issues in Cloud Computing Environments

Monjur AhmedAuckland University of Technology, Auckland, New ZealandORCID Iconhttp://orcid.org/0000-0003-1929-3950
ORCID Icon &
Alan T. LitchfieldAuckland University of Technology, Auckland, New ZealandCorrespondence[email protected]
ORCID Iconhttp://orcid.org/0000-0002-3876-0940
ORCID Icon
Pages 79-88 | Published online: 27 Sep 2016

References

  • Ahmed M, Litchfield AT, Sharma C. A distributed security model for cloud computing, In Proceedings of the Americas Conference on Information Systems, 2016, San Diego.
  • Akande AO, April NA, Belle JV. Management Issues with Cloud Computing, ACM ICCC’13; 2013 December 1–2; p. 119–124.
  • Alfath A, Baina K, Baina S. Cloud computing security: fine-grained analysis and security approaches. IEEE 2013 National Security Days (JNS3) Conference, IEEE, Rabat; 2013; p. 1–6.
  • Arshad J, Townend P, and Xu J. A novel intrusion severity analysis approach for Clouds. Future Gener Comput Syst. 2013;29:416–428.
  • Azeemi IK, Lewis M, Tryfonas T. Migrating to the cloud: lessons and limitations of ‘traditional’ is success models. Procedia Comput Sci. 2013;16:737–746.
  • Beevi FHA, Wagner S, Hallerstede S, Pedersen CF. Data quality oriented taxonomy of ambient assisted living systems, IET International Conference on Technologies for Active and Assisted Living (TechAAL); 2015 November 5-5; London.
  • Behl A, Behl K. An analysis of cloud computing security issues, World Congress on Information and Communication Technologies (WICT), IEEE; 2012; Trivandrum; p. 109–114.
  • Buyya R, Yeo CS, Venugopal S, Broberg J, Brandic I. Cloud computing and emerging IT platforms: Vision, hype, and reality for delivering computing as the 5th utility. Future Gener Comput Syst. 2009;25:599–616.
  • Bloomberg. Amazon.com server said to have been used in Sony attack. 2011. http://www.bloomberg.com/news/2011-05-13/sony-network-said-to-have-been-invaded-by-hackers-using-amazon-com-server.html.
  • Bloomberg. Sony network breach shows amazon cloud’s appeal for hackers. 2011. http://www.bloomberg.com/news/2011-05-15/sony-attack-shows-amazon-s-cloud-service-lures-hackers-at-pennies-an-hour.html.
  • Bouayad A, Blilat A, Mejhed N, Ghazi ME. Cloud computing: Security challenges. Colloquium in Information Science and Technology (CIST), IEEE, Fez: 2012; 26–31.
  • Bradley T. Zappos hacked: What you need to know. 2015. Available from http://www.pcworld.com/article/248244/zappos_hacked_what_you_need_to_know.html
  • Cardoso A, Simões P. Cloud computing: Concepts, technologies and challenges. ViNOrg 2011, CCIS 248, Springer-Verlag Berlin Heidelberg; 2012, 127–136.
  • Casola V, Cuomo A, Rak M, Villano U. The CloudGrid approach: security analysis and performance evaluation. Future Gener Comput Syst. 2013;29:387–401.
  • Casalicchio E, Silvestri L. Mechanisms for SLA provisioning in cloud-based service providers. Comput Networks 2013;57:795–810.
  • Cheng F. Security attack safe mobile and cloud-based one-time password tokens using rubbing encryption algorithm. Mobile Networks Appl. 2011;16:304–336.
  • Chou T. Security threats on cloud computing vulnerabilities. Int J Comput Sci Inf Technol. 2013:5(3):79–88.
  • Chow R, Jakobsson M, Masuoka R, Molina J, Niu Y, Shi E, Song Z. Authentication in the Clouds: A Framework and Its Application to Mobile Users. ACM, CCSW’10; 2010 October 8; Chicago, Illinois, USA, p. 1–6.
  • CNN. JPMorgan: 76 million customers hacked. 2014. Available from http://money.cnn.com/2014/10/02/technology/security/jpmorgan-hack/
  • CNN. Dropbox’s password nightmare highlights cloud risks. 2011. Available from http://money.cnn.com/2011/06/22/technology/dropbox_passwords/
  • Computerworld. JPMorgan Chase breach affected 83 million customers. 2014. Available from http://www.computerworld.co.nz/article/556581/jpmorgan-chase-breach-affected-83-million-customers
  • Dahbur K, Mohammad B, Tarakji AB. A survey of risks, threats and vulnerabilities in cloud computing. ACM, ISWSA’11, Amman, Jordan: April 18–20, 2011.
  • Duncan A, Creese S, Goldsmith M. Insider attacks in cloud computing. IEEE 11th International Conference on Trust, Security and Privacy in Computing and Communications; 2012; p. 857–862.
  • Emeakaroha VC, Netto MAS, Calheiros RN, Brandic I, Buyya R, Rose CAFD. Towards autonomic detection of SLA violations in cloud infrastructures. Future Gener Comput Syst. 2012;28:1017–1029.
  • Fan C, Huang S. Controllable privacy preserving search based on symmetric predicate encryption in cloud storage. Future Gener Comput Syst. 2013;29:1716–1724.
  • Fernandes DAB, Soares LFB, Gomes JV, Freire MM, Inácio PRM. Security issues in cloud environments: A survey. Int J Inf Secur. 2014;13:113–170.
  • Fernando N, Loke SW, Rahayu W. Mobile cloud computing: A survey. Future Gener Comput Syst. 2013;29:84–106.
  • Gonzalez N, Miers C, Redıgolo F, Simplıcio M, Carvalho T, Naslund M, Pourzandi M. A quantitative analysis of current security concerns and solutions for cloud computing, J Cloud Comput Adv Syst Appl. 2012;1(11):1–18.
  • Grobauer B, Walloschek T, Stocker E. Understanding cloud computing vulnerabilities, IEEE Security and Privacy 2011, March/April, 2011, p. 50–57.
  • Guo Q, Sun D, Chang G, Sun L, Wang X. Modeling and evaluation of trust in cloud computing environments. 2011 3rd International Conference on Advanced Computer Control (ICACC 2011); 2011. p. 112–116.
  • Haniff DJ, Baber C. Wearable Computers for the fire service and police force: Technological and human factors, ISWC ‘99 Proceedings of the 3rd IEEE International Symposium on Wearable Computers, ACM; 1999, p. 185–186.
  • Hashemi SM, Ardakani MRM. Taxonomy of the security aspects of cloud computing systems – A survey. Int J Appl Inf Syst. 2012:4(1):21–28.
  • Hawkey K, Gagne A, Botta D, Beznosov K, Werlinger R, Muldner K. Human, Organizational and Technological Factors of IT Security, CHI 2008 Proceedings, Florence; April 5–10 2008; Italy, p. 3639–3644.
  • He X, Chomsiri T, Nanda P, Tan Z. Improving cloud network security using the tree-rule firewall. Future Gener Comput Syst. 2014;30:116–126.
  • Herterich MM, Buehnen T, Uebernickel F, Brenner W. A Taxonomy of Industrial Service Systems Enabled by Digital Product Innovation, 49th Hawaii International Conference on System Sciences; 2016 January 5–8; Hawaii, p. 1236–1245.
  • ISO/IEC 19099 Information technology — Virtualization management specification. British Standards Organization. 2014.
  • Jaeger PT, Lin J, Grimes JM. Cloud Computing and information policy: computing in a policy cloud?. J Inf Technol Politics 2008;5(3):269–283.
  • Jorissen K, Vila FD, Rehr JJ. A high performance scientific cloud computing environment for materials simulations. Comput Phys Commun. 2012;183:1911–1919.
  • Khalil IM, Khreishah A, Bouktif S, Ahmad A. Security Concerns in Cloud Computing, 10th International Conference on Information Technology: New Generations, IEEE; 2013; Las Vegas, p. 411–416.
  • Khan AN, Kiah MLM, Khan SU, Madani SA. Towards secure mobile cloud computing: A survey. Future Gener Comput Syst. 2013;29:1278–1299.
  • Khan KM, Malluhi Q. Establishing trust in cloud computing, IT Pro, ( September/October), 2010, p. 20–26.
  • Krombholz K, Hobel H, Huber M, Weippl E. Social Engineering Attacks on the Knowledge Worker, ACM SIN ’13; 2013 November 26–28; Aksaray, Turkey, p. 28–35.
  • Kueppers S, Schilingno M. Getting our act together: Human and technological factors in establishing an on–line knowledge base, SIGUCCS 99, ACM, Denver, Colorado: 1999, p. 135–139.
  • Kulkarni P, Khanai R. Addressing mobile cloud computing security issues: a survey, IEEE ICCSP 2015 conference; 2015; Bangalore, India, p. 1463–1467.
  • Kulkarni G, Gambhir J, Patil T, Dongare A. A Security Aspects in Cloud Computing, IEEE 3rd International Conference on Software Engineering and Service Science (ICSESS), IEEE; 2012; Beijing, China, p. 547–550.
  • Lee K. Security threats in cloud computing environments. Int J Secur Its Appl. 2012;6(4):25–32.
  • Liangli M, Yanshen, C., Yufei, S, Qingyi W. Virtualization maturity reference model for green software, International Conference on Control Engineering and Communication Technology, IEEE; 2012 December 7–9; China, p. 573–576.
  • Litchfield AT, Althouse J. A systematic review of cloud computing, big data and databases on the cloud, In Proceedings of the Americas Conference on Information Systems; 2014; Georgia, Savannah, US, p. 1–19.
  • Liu W. Research on cloud computing security problem and strategy, 2nd International Conference on Consumer Electronics, Communications and Networks (CECNet), IEEE, Yichang, 2012, 1216–1219.
  • Modi C, Patel D, Borisaniya B, Patel H, Patel A, Rajarajan M. A survey of intrusion detection techniques in Cloud. J Network Comput Appl. 2013;36:42–57.
  • Mohamadi M, Ranjbaran T. Effective factors on the success or failure of the online payment systems, focusing on human factors, 7th International Conference on e-Commerce in Developing Countries with Focus of e-Security, IEEE; 2013 April 17–18; Iran, p. 1–12.
  • Mrosek R, Dehling T, Sunyaev A. Taxonomy of health IT and medication adherence. Health Policy Technol. 2016;4:215–224.
  • Nickerson RC, Varshney U, Muntermann J. A method for taxonomy development and its application in information systems. Eur J Inf Syst. 2013;22:336–359.
  • Noor TH, Sheng QZ, Zeadally S, Yu J. Trust management of services in cloud environments: obstacles and solutions. ACM Comput Surv. 2013;46(1):12:1–12: 30.
  • Patel A, Taghavi M, Bakhtiyari K, Junior JC. An intrusion detection and prevention system in cloud computing: a systematic review. J Network Comput Appl. 2013;36:25–41.
  • Paul I. The LastPass security breach: what you need to know, do, and watch out for. [16 June, 2015] Available from http://www.pcworld.com/article/2936621/the-lastpass-security-breach-what-you-need-to-know-do-and-watch-out-for.html
  • PCWorld. Don’t blame iCloud Yet for Hacked Celebrity Nudes. 2014. Available from http://www.pcworld.com/article/2601081/dont-blame-icloud-yet-for-hacked-celebrity-nudes.html
  • Perez-Botero D, Szefer J, Lee RB. Characterizing hypervisor vulnerabilities in cloud computing servers. ACM, CloudComputing’13; 2013 May 8; Hangzhou, China, p. 3–10.
  • Rabai LBA, Jouini M, Aissa AB, Mili A. A cybersecurity model in cloud computing environments. J King Saud Univ Comput Inf Sci. 2013;25:63–75.
  • Roberts JC, Al-Hamdani W. Who can you Trust in the Cloud? a Review of Security Issues within Cloud Computing, ACM Information Security Curriculum Development Conference 2011; 2011 October 7–9, p. 15–19.
  • Robling G, Muller M. Social engineering: A serious underestimated problem. ACM ITiCSE’09; 2009 July 6–8; Paris, France, p. 384–387.
  • Rong C, Nguyen ST, Jaatun MG. Beyond lightning: a survey on security challenges in cloud computing. Comput Electr Eng. 2013;39:47–54.
  • Schwartz MJ. Zappos breach: 8 Lessons Learned; 17 January, 2015 Available from http://www.darkreading.com/attacks-and-breaches/zappos-breach-8-lessons-learned/d/d-id/1102303?
  • Sen A, Madria S. Off-line risk assessment of cloud service provider, IEEE 10th World Congress on Services, IEEE; 2014 June 27 – July 2, p. 58–65.
  • Shaikh FB, Haider S. Security Threats in Cloud Computing, 6th International Conference on Internet Technology and Secured Transactions, IEEE, Abu Dhabi, United Arab Emirates: 2011 December 11–14, p. 214–219.
  • Singh A, Shrivastava M. Overview of attacks on cloud computing. Int J Eng Innovative Technol. 2012;1(4):321–323.
  • Soares LFB, Fernandes DAB, Gomes JV, Freire MM, Inácio PRM. Cloud Security: State of the Art, Security, Privacy and Trust in Cloud Systems, 2014, ( 3), Springer-Verlag Berlin Heidelberg, DOI: 10.1007/978-3-642-38586-5_1.
  • Srinivasan MK, Sarukesi K, Rodrigues P, Manoj SM, Revathy P. “State-of-the-art Cloud Computing Security Taxonomies - A classification of security challenges in the present cloud computing environment”. ACM ICACCI ‘12; 2012 August 03–05; Chennai, India, p. 470–476.
  • Stuff.co.nz. Spark broadband still down for many. 2014. Available from http://www.stuff.co.nz/business/10468128/Spark-broadband-still-down-for-many
  • Sun L, Singh J, Hussain OK. Service Level Agreement (SLA) Assurance for Cloud Services: A Survey from a Transactional Risk Perspective, ACM MoMM2012, Bali, Indonesia; 2012 December 3-5; 263–266.
  • TechTimes. 2014. Apple denies iCloud, Find My iPhone security breach: Only very targeted attacks. Available from http://www.techtimes.com/articles/14717/20140907/apple-denies-icloud-find-my-iphone-security-breach-only-very-targeted-attacks.htm
  • The Wall Street Journal. Apple Denies iCloud Breach. 2014. Available from http://online.wsj.com/articles/apple-celebrity-accounts-compromised-by-very-targeted-attack-1409683803
  • TheGuardian. Uber denies security breach despite reports of logins for sale online. March, 2015. Available from http://www.theguardian.com/technology/2015/mar/30/uber-denies-security-breach-logins-for-sale-dark-web
  • TheRegister.co.uk. Slap for SnapChat web app in SNAP mishap flap: ‘ 200,000’ snaps sapped. 2014. Available from http://www.theregister.co.uk/2014/10/10/new_photo_hack_claim_200000_snapchat_photos/
  • Thornburgh T. Social Engineering: The “Dark Art”. ACM InfoSecCD Conference’04; 2004 October 8; Kennesaw, GA, USA, p. 133–135.
  • Tong J, Xiong G, Zhao Y, Guo L. 2013. A research on the vulnerability in popular P2P protocols, 2013 8th International Conference on Communications and Networking in China (CHINACOM), 2013, p. 405–409.
  • Vaquero LM, Rodero-Merino L, Morán D. Locking the sky: a survey on IaaS cloud security. Computing 2011;91:93–118.
  • Vikas S, Gurudatt K, Pawan K, Shyam G. Mobile Cloud Computing: Security Threats, 2014 International Conference on Electronics and Communication Systems (lCECS -2014); 2014 February 13-14; Coimbatore, India.
  • Yang Z, Lui JCS. Security adoption and influence of cyber-insurance markets in heterogeneous networks. Perform Eval. 2014;74:1–17.
  • You P, Peng Y, Liu W, Xue S. Security issues and solutions in cloud computing, 32nd International Conference on Distributed Computing Systems Workshops; 2012 June 18-21; Macau, China, p. 573–577.
  • Zhang G, Yang Y, Chen J. A historical probability based noise generation strategy for privacy protection in cloud computing. J Comput Syst Sci. 2012;78:1374–1381.
  • Zissis D, Lekkas D. Addressing cloud computing security issues. Future Gener Comput Syst. 2012;28:583–592.

Reprints and Corporate Permissions

Please note: Selecting permissions does not provide access to the full text of the article, please see our help page How do I view content?

To request a reprint or corporate permissions for this article, please click on the relevant link below:

Order Reprints Request Corporate Permissions

Academic Permissions

Please note: Selecting permissions does not provide access to the full text of the article, please see our help page How do I view content?

Obtain permissions instantly via Rightslink by clicking on the button below:

Request Academic Permissions

If you are unable to obtain permissions via Rightslink, please complete and submit this Permissions form. For more information, please visit our Permissions help page.

Related research

People also read lists articles that other readers of this article have read.

Recommended articles lists articles that we recommend and is powered by our AI driven recommendation engine.

Cited by lists all citing articles based on Crossref citations.
Articles with the Crossref icon will open in a new tab.