Is Security Lost in the Clouds?
"The cloud" can apply to different kinds of services (typically differentiated as platform-as-a-service, infrastructure-as-a-service, and software-as-a-service), and it is the subject of rampant hype about its benefits. This paper draws on extensive readings from the literature (technical, business, and policy) and consultations with a wide range of experts over the past two years. Intended to provide a counter to the cheerleading and a framework for more balanced consideration of public cloud services, in particular, it begins with an exercise in accentuating the negative. In particular, it lays out various ways in which the cloud might be seen as a new platform for malice. The paper enumerates key issues, including kinds and sources of risk (vulnerabilities and threats) associated with providers and/or users and implications for trustworthiness in cloud contexts, as well as the prospects for new technology to counteract apparent sources of risk. It addresses different cloud contexts, and it argues for leveraging cloud concerns to rethink fundamental issues about the nature, handling, and protection of data (which may be stored or processed in the cloud - or not).
Volume (Year): 1 (2011)
Issue (Month): 81 (1st quarter)
|Contact details of provider:|| Postal: BP 4167, 34092 Montpellier cedex 5|
Phone: 33 (0)467 144 444
Fax: 33 (0)467 144 400
Web page: http://www.idate.org/en/Home/
More information through EDIRC
When requesting a correction, please mention this item's handle: RePEc:idt:journl:cs8103. See general information about how to correct material in RePEc.
For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: (BLAVIER Thomas)
If references are entirely missing, you can add them using this form.