Caca
Páginas: 9 (2132 palabras)
Publicado: 26 de junio de 2012
Ingeniería Civil Industrial, Tecnología & SistemasUniversidad de La Serena, Chile |
Addressing cloud computing security issues |
Alejandro Álvarez-Marín1,*, Oscar Canihuante Araya2, Valeria Cortés Ramirez2, Catherine Pizarro Araya2, Javiera Rojas Bravo2(1) Académico, Departamento de Ingeniería Industrial, Universidad de La Serena, Chile(2) Estudiantes, Ingeniería Civil Industrial,Universidad de La Serena, Chile |
Información Artículo | | Resumen |
PublicaciónJunio de 2012 | | The recent emergence of cloud computing has drastically altered everyone’s perception of infrastructure architectures, software delivery and development models. Projecting as an evolutionary step, following the transition from mainframe computers to client/server deployment models, cloud computingencompasses elements from grid computing, utility computing and autonomic computing, into an innovative deployment architecture. This rapid transition towards the clouds, has fuelled concerns on a critical issue for the success of information systems, communication and information security. From a security perspective, a number of unchartered risks and challenges have been introduced from thisrelocation to the clouds, deteriorating much of the effectiveness of traditional protection mechanisms. As a result the aim of this paper is twofold; firstly to evaluate cloud security by identifying unique security requirements and secondly to attempt to present a viable solution that eliminates these potential threats. This paper proposes introducing a Trusted Third Party, tasked with assuring specificsecurity characteristics within a cloud environment. The proposed solution calls upon cryptography, specifically Public Key Infrastructure operating in concert with SSO and LDAP, to ensure the authentication, integrity and confidentiality of involved data and communications. The solution, presents a horizontal level of service, available to all implicated entities, that realizes a security mesh,within which essential trust is maintained. |
Palabras ClavePalabra Clave 01Palabra Clave 02Palabra Clave 03 | | |
Autor de Correspondencia *Benavente N° 980La Serena, Chile1720170aalvarez@userena.closcar.canihuante@hotmail.comcatherine.pizarroaraya@gmail.comjaviera.rojasb@gmail.com+56 051204262 | | |
1. INTRODUCCIÓN
Throughout computer science history, numerous attempts have beenmade to disengage users from computer hardware needs, from time-sharing utilities envisioned in the 1960s, network computers of the 1990s, to the commercial grid systems of more recent years. This abstraction is steadily becoming a reality as a number of academic and business leaders in this field of science are spiraling towards cloud computing. Cloud computing is an innovative Information System(IS) architecture (Castillo, 2009), visualized as what may be the future of computing, a driving force demanding from its audience to rethink their understanding of operating systems, client–server architectures, and browsers. Cloud computing has leveraged users from hardware requirements, while reducing overall client side requirements and complexity.
As cloud computing is achieving increasedpopularity, concerns are being voiced about the security issues introduced through the adoption of this new model. The effectiveness and efficiency of traditional protection mechanisms are being reconsidered, as the characteristics of this innovative deployment model, differ widely from them of traditional architectures (Toro, 2010). In this paper we attempt to demystify the unique securitychallenges introduced in a cloud environment and clarify issues from a security perspective. The notion of trust and security is investigated and specific security requirements are documented. This paper proposes a security solution, which leverages clients from the security burden, by trusting a Third Party. The Third Party is tasked with assuring specific security characteristics within a distributed...
Addressing cloud computing security issues |
Alejandro Álvarez-Marín1,*, Oscar Canihuante Araya2, Valeria Cortés Ramirez2, Catherine Pizarro Araya2, Javiera Rojas Bravo2(1) Académico, Departamento de Ingeniería Industrial, Universidad de La Serena, Chile(2) Estudiantes, Ingeniería Civil Industrial,Universidad de La Serena, Chile |
Información Artículo | | Resumen |
PublicaciónJunio de 2012 | | The recent emergence of cloud computing has drastically altered everyone’s perception of infrastructure architectures, software delivery and development models. Projecting as an evolutionary step, following the transition from mainframe computers to client/server deployment models, cloud computingencompasses elements from grid computing, utility computing and autonomic computing, into an innovative deployment architecture. This rapid transition towards the clouds, has fuelled concerns on a critical issue for the success of information systems, communication and information security. From a security perspective, a number of unchartered risks and challenges have been introduced from thisrelocation to the clouds, deteriorating much of the effectiveness of traditional protection mechanisms. As a result the aim of this paper is twofold; firstly to evaluate cloud security by identifying unique security requirements and secondly to attempt to present a viable solution that eliminates these potential threats. This paper proposes introducing a Trusted Third Party, tasked with assuring specificsecurity characteristics within a cloud environment. The proposed solution calls upon cryptography, specifically Public Key Infrastructure operating in concert with SSO and LDAP, to ensure the authentication, integrity and confidentiality of involved data and communications. The solution, presents a horizontal level of service, available to all implicated entities, that realizes a security mesh,within which essential trust is maintained. |
Palabras ClavePalabra Clave 01Palabra Clave 02Palabra Clave 03 | | |
Autor de Correspondencia *Benavente N° 980La Serena, Chile1720170aalvarez@userena.closcar.canihuante@hotmail.comcatherine.pizarroaraya@gmail.comjaviera.rojasb@gmail.com+56 051204262 | | |
1. INTRODUCCIÓN
Throughout computer science history, numerous attempts have beenmade to disengage users from computer hardware needs, from time-sharing utilities envisioned in the 1960s, network computers of the 1990s, to the commercial grid systems of more recent years. This abstraction is steadily becoming a reality as a number of academic and business leaders in this field of science are spiraling towards cloud computing. Cloud computing is an innovative Information System(IS) architecture (Castillo, 2009), visualized as what may be the future of computing, a driving force demanding from its audience to rethink their understanding of operating systems, client–server architectures, and browsers. Cloud computing has leveraged users from hardware requirements, while reducing overall client side requirements and complexity.
As cloud computing is achieving increasedpopularity, concerns are being voiced about the security issues introduced through the adoption of this new model. The effectiveness and efficiency of traditional protection mechanisms are being reconsidered, as the characteristics of this innovative deployment model, differ widely from them of traditional architectures (Toro, 2010). In this paper we attempt to demystify the unique securitychallenges introduced in a cloud environment and clarify issues from a security perspective. The notion of trust and security is investigated and specific security requirements are documented. This paper proposes a security solution, which leverages clients from the security burden, by trusting a Third Party. The Third Party is tasked with assuring specific security characteristics within a distributed...
Leer documento completo
Regístrate para leer el documento completo.