Understanding the Security, Privacy and Trust Challenges of Cloud Computing
DOI:
https://doi.org/10.13052/jcsm2245-1439.1237Keywords:
cloud, security, privacy, trustAbstract
The overall objective of this paper is to understand the Security, Privacy and Trust Challenges and to advise on policy and other interventions which should be considered in order to ensure that Indian users of cloud environments are offered appropriate protections, and to underpin Indian cloud ecosystem. Cloud computing is increasingly subject to interest from policymakers and regulatory authorities. The Indian regulator needs to develop a pan-Indian ‘cloud strategy’ that will serve to support growth and jobs and build an innovation advantage for India. However, the concern is that currently a number of challenges and risks with respect to security, privacy and trust exist that may undermine the attainment of these policy objectives. Our approach has been to undertake an analysis of the technological, operational and legal intricacies of cloud computing, taking into consideration the Indian dimension and the interests and objectives of all stakeholders (citizens, individual users, companies, cloud service providers, regulatory bodies and relevant public authorities). This paper represents an evolutionary progression in understanding the implications of cloud computing for security, privacy and trust. Starting from an overview of the challenges identified in the area of cloud, the study builds upon real-life case study implementations of cloud computing for its analysis and subsequent policy considerations. As such, we intend to offer additional value for policymakers beyond a comprehensive understanding of the current theoretical or empirically derived evidence base, which will understand the cloud computing and the associated open questions surrounding some of the important security, privacy and trust issues.
Downloads
References
A. Bisong and S.M. Rahman. An overview of the security concerns in enterprise cloudcomputing. International Journal of Network Security & Its Applications (IJNSA),3(1):30–45, 2011.
B. Grobauer, T. Walloschek, and E. Stocker. Understanding cloud computing vulnerabilities. Security & Privacy, IEEE, 9(2):50–57, 2011.
W.A. Jansen. Cloud hooks: Security and privacy issues in cloud computing. In Proceedings of 44th Hawaii International International Conference on Systems Science(HICSS-44 2011), Koloa, Kauai, HI, USA, 4–7 January 2011. IEEE Computer Society,Washington, DC, pp. 1–10, 2011.
Debabrata Nayak. Collaborative security. Paper presented at the Bangalore Security Conference, 10 December 2010.
Debabrata Nayak. Cloud security. Paper presented at Wireless Vitae Conference,Chennai, India, 28 February–3 March 2011.
Debabrata Nayak. Key management in cloud security. Paper presented at ITU, Switzer-land, 6–7 December 2010.
Debabrata Nayak. Cloud security. Paperpresented at China Shenzhen Conference, 10December 2010.
Debabrata Nayak. Mobile security. Paper presented at ASSOCHAM Security Confer-ence, India, 1 April 2011.
Debabrata Nayak. Private cloud. Paper presented at Korea-Japan-China Security Conference, 8 October 2010.
Debabrata Nayak. Key management in cloud. Paper presented at IEEE Conference COMSNET, Bangalore, 4–8 January 2011.
Debabrata Nayak. Hybrid cloud securitymanagement. Paper presented at Security Conference, China, 12 October 2010.
Debabrata Nayak. Hybrid cloud security management. Paper presented at Security conference, India, 4 April 2011.
Debabrata Nayak, D.B. Phatak, V.P. Gulati, and N. Rajendran. Mobile data network ssecurity issues and challenges. Presented paper at the International Conference onEmerging Technology Bhubaneswar, India, 19–21 December, pp. 137–148, 2003.
Debabrata Nayak, D.B. Phatak, V.P. Gulati, and N. Rajendran. Security issues in wire-less local area network. In Proceedings of IEEE Canadian Conference on Electrical and Computer Engineering, 2–5 May, pp. 108–111, 2004.
Debabrata Nayak, D.B. Phatak, V.P. Gulati, and N. Rajendran. Security issues in mobile data network. In Proceedings of IEEE Vehicular Technology International Conference2004-Fall on ‘Wireless Technologies for Global Security’, Los Angeles, CA, 26–29September, pp. 45–49, 2004.
Debabrata Nayak, D.B. Phatak, V.P. Gulati, and N. Rajendran. Modeling and evaluation of security architecture for wireless Local area Networks. In Proceedings of International Conference on Advanced Computing and Communication, Ahmedabad, 16–19December, pp. 281–285, 2004.
Debabrata Nayak and D.B. Phatak. Modelling and performance evaluation of security architecture for wireless local area networks. Transaction on Engineering Computing and Technology, 3, December 2004.
Debabrata Nayak, D.B. Phatak, and V.P. Gulati. Modeling and evaluation of security architecture for wireless local area networks by indexing methods: A novel approach. In Proceedings of the First Information Security, Practice and Experience Conference(ISPEC2005), Lecture Notes in Computer Science, Vol. 3439, pp. 25–35. Springer,Berlin/Heidelberg, 2005.
Debabrata Nayak, D.B. Phatak, and V.P. Gulati. Performance evaluation of security architecture for wireless local area networks by security policy method. In Proceedings of 2005 IEEE Sarnoff Symposium, Princeton, NJ, USA, 18–19 April, pp.37-40, 2005.
Debabrata Nayak, D.B. Phatak, V.P. Gulati, and N. Rajendran. Policy based performance evaluation of security architecture for wireless local area networks. In Proceedings of 6thWorld Wireless Congress, San Francisco, USA, 24–26 May, pp. 51–57, 2005.
Debabrata Nayak and D.B. Phatak. An adaptive and optimized security policy manager for wireless networks. In Proceedings of 2007 IEEE Asia Modelling Symposium,Phuket, Thailand, 27–30 March, pp. 155–158, 2007.
Debabrata Nayak, D.B. Phatak, and Ashutosh Saxena. Evaluation of security architecture for wireless local area networks by indexed based policy method: A novel approach.International Journal of Network Security, 7(1):1–14, July 2008.
Debabrata Nayak. Cloud security. Paper presented at ASSOCHAM Cyber Security Workshop, India, May 2012.
