Segurança das nuvens computacionais: uma visão dos principais problemas e soluções
DOI:
https://doi.org/10.11606/issn.2316-9036.v0i97p27-42Keywords:
cloud computing, computing safety, safety classificationAbstract
The use of cloud computing has ushered in a new paradigm for delivering computing services, the one in which one does not need to have all the resources to be able to provide a service, and mainly, it is a paradigm in which users only pay for the resources they actually use. However, financial cost is not alone the decisive factor for adopting or migrating to cloud computing, but rather the safety in the services that are provided. This article aims at identifying the primary safety issues (problems and solutions) related to cloud computing, as well as classifying and analyzing quantitatively each one of the identified issues. The quantitative analysis has yielded information on the concentration of research related to safety in computing clouds, and also a comparison between the identified problems and solutions.Downloads
References
AGARWAL, A. “The Legal Issues Around Cloud Computing”, julho/2010. Disponível em: http://www.labnol.org/internet/cloud-computing-legal-issues/14120.
ANDRZEJAK, A.; KONDO, D.; YI, S. “Decision Model for Cloud Computing Under SLA Constraints”, in Modeling, Analysis Simulation of Computer and Telecommunication Systems (Mascots), IEEE International Symposium on. [S.l.: s.n.], 2010, pp. 257-66.
BAKSHI, A.; YOGESH, B. “Securing Cloud from ddos Attacks Using Intrusion Detection System in Virtual Machine”, in Communication Software and Networks, 2010. ICCSN ’10. Second International Conference on. [S.l.: s.n.], Feb., pp. 260-4.
BRANDIC, I. et al. “Compliant Cloud Computing (C3): Architecture and Language Support for User-driven Compliance Management in Clouds”, in Cloud Computing (Cloud), 2010.
IEEE 3rd International Conference on [S.l.: s.n.], 2010, pp. 244-51.
BRISCOE, G.; MARINOS, A. “Digital Ecosystems in the Clouds: Towards Community Cloud Computing”, in Digital Ecosystems and Technologies, 2009. DEST ’09. 3rd IEEE International Conference on. [S.l.: s.n.], 2009, pp. 103-8.
CATTEDDU, D.; HOGBEN, G. Benefits, Risks and Recommendations for Information Security, novembro/2009.
CHOW, R. et al. “Controlling Data in the Cloud: Outsourcing Computation Without Outsourcing Control”, in Proceedings of the 2009 ACM Workshop on Cloud Computing Security. New York, USA, ACM, 2009, (CCSW ’09), pp. 85–90.
CLULEY, G. Evernote Hacked – “Almost 50 Million Passwords Reset After Security Breach”. Disponível em: nakedsecurity.sophos.com/2013/03/02/evernote-hacked-almost-50-million-passwords-reset-after-security-breach. Acesso em: 15/3/2013.
DORION, P. “Data Destruction Services: When Data Deletion Is Not Enough”, 2010. Disponível em: http://searchdatabackup.techtarget.com/tip/Data-destructionservices-When-data-deletion-is-not-enough.
ESPINER, T. “Salesforce Tight-lipped after Phishing Attack, 2007. Disponível em: http://www.zdnet.com/salesforce-tight-lipped-after-phishing-attack-3039290616.
GADIA, S. “Cloud Computing: An Auditor’s Perspective”, in Isaca Journal, v. 6, 2009.
GENOVESE, S. “Akamai Introduces Cloud-based Firewall”, 2009. Disponível em: http://cloudcomputing.sys-con.com/node/1219023.
GILBERTSON, S. “Lessons From a Cloud Failure: It’s Not Amazon, It’s You”. Disponível em: http://www.wired.com/business/2011/04/lessons-amazon-cloud-failure. Acesso em: 15/3/2013.
GONG, C. et al. “The Characteristics of Cloud Computing”, in Parallel Processing Workshops (ICPPW), 2010 39th International Conference on [S.l.: s.n.], Sept., pp. 275-79.
GONZALEZ, N.; MIERS, C.; REDÍGOLO, F.; SIMPLÍCIO, M.; CARVALHO, T.; NÄSLUND, M.; POURZANDI, M. “A Quantitative Analysis of Current Security Concerns and Solutions for Cloud Computing”, in Journal of Cloud Computing – Advances, Systems and Applications, v. 1, 2012.
JAEGER, T.; SAILER, R.; SREENIVASAN, Y. “Managing the Risk of Covert Information Flows in Virtual Machine Systems”, in Proceedings of the 12th ACM Symposium on Access Control Models and Technologies. New York, ACM, 2007, (SACMAT’07), pp. 81–90.
JANSEN, W.; GRANCE, T. SP 800-144. Guidelines on Security and Privacy in Public Cloud Computing. Gaithersburg, National Institute of Standards & Technology, 2011.
JENSEN, M. et al. “On Technical Security Issues in Cloud Computing”, in IEEE. Cloud Computing, 2009. Cloud’09. IEEE International Conference on. [S.l.], 2009, pp. 109–16.
KRAUTHEIM, F. J. “Private Virtual Infrastructure for Cloud Computing”, in Usenix Association. Proceedings of the 2009 Conference on Hot Topics in Cloud Computing[S.l.], 2009, pp. 5-5.
LI, H. et al. “Identity-based Authentication for Cloud Computing”, in Cloud Computing, Springer, 2009, pp. 157-66.
MUSTHALER, L. “Cost-effective Data Encryption in the Cloud”, 2009. Disponível em: http://www.networkworld.com/newsletters/2009/121409bestpractices.html.
NELSON, S. D.; SIMEK, J. W. “Virtualization and Cloud Computing: Benefits and E-Discovery Implications”, julho/2011. Disponível em: http://www.slaw.ca/2011/07/19/virtualization-and-cloud-computing-benefits-and-e-discovery-implications.
PAVOLOTSKY, J. “Top Five Legal Issues For The Cloud”, 2010. Disponível em: http://www.forbes.com/2010/04/12/cloud-computing-enterprise-technology-cio-network-legal.html.
RISTENPART, T. et al. “Hey, You, Get off of My Cloud: Exploring Information Leakage in Third-party Compute Clouds”, in ACM. Proceedings of the 16th ACM Conference on Computer and Communications Security [S.l.], 2009, pp. 199-212.
ROSE, J. “Cloudy with a Chance of 0-day”, 2009. Disponível em: https://www.owasp.org/images/1/12/Cloudy_with_a_chance_of_0_day_-_Jon_Rose-Tom_Leavey.pdf.
SIMMONDS, P.; REZEK, C.; REED, A. Security Guidance for Critical Areas of Focus in Cloud Computing V3.0, dezembro/2011.
TECH, C. “Examining Redundancy in the Data Center Powered by the Cloud and Disaster Recovery”, 2010. Disponível em: http://consonustech.hubpages.com/hub/ExaminingRedundancy-in-the-Data-Center.
TO MPKINS, D. “Security for Cloud-based Enterprise Applications”. Fevereiro/2009. Disponível em: http://blog.dt.org/index.php/2009/02/security-for-cloud-basedenterprise-applications.
TRENDMICRO. “Making Virtual Machines Cloud-Ready”. Maio/2010. Disponível em: http://resources.idgenterprise.com/original/AST-0024016_Making_virtual_machines_cloud_
ready.pdf.
VENTERS, W., and WHITLEY, E.A. “A Critical Review of Cloud Computing: Researching Desires and Realities”, in Journal of Information Technology (JIT), v. 27, n. 3, 2012, pp. 179-7.
YAN, L.; RONG, C.; ZHAO, G. “Strengthen Cloud Computing Security with Federal Identity Management Using Hierarchical Identity-based Cryptography”, in Cloud Computing, Springer, 2009, pp. 167-77.
Downloads
Published
Issue
Section
License
Copyright (c) 2023 Revista USP
This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.
|
Pertence à revista. Uma vez publicado o artigo, os direitos passam a ser da revista, sendo proibida a reprodução e a inclusão de trechos sem a permissão do editor. |
