Abstract
Cloud Computing is without a doubt one of the most significant innovations presented in the global technological map. The number of potential users enrolling and using cloud services increases exponentially on a daily bases. The great demand from online users for cloud services along with the reduced operational costs that the latter offers has motivated many organisations and companies to consider migrating organizational services, data and applications on the Cloud. However, despite the various positive characteristics of all cloud service models like reduced costs, better availability insurance, on demand data storage and computation power, cloud migration may hinder various security and privacy issues that need to be considered before an organization or company decides to move on to the Cloud. This paper aims to reveal the major security and privacy concepts for all three cloud service models and through a systematic analysis to guide the organization’s stakeholders in deciding which service model best fits their needs based on their security and privacy requirements.
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
Cloud Security Alliance “Top Threats to Cloud Computing V1.0” (retrieved September 22, 2012), https://cloudsecurityalliance.org/topthreats/csathreats.v1.0.pdf
Heiser, J., Nicolett, M.: Assessing the Security Risks of Cloud Computing, white paper, Gartner group, ID Number: G00157782 (published June 3, 2008)
Subashini, S., Kavitha, V.: A survey on security issues in service delivery models of cloud computing. Journal of Network and Computer Applications 34(1), 1–11 (2010)
Cloud Security Alliance “Security Guidance for Critical Areas of Focus in Cloud Computing V3.0” (retrieved September 22, 2012), https://cloudsecurityalliance.org/guidance/csaguide.v3.0.pdf
Draft, EU Directive for Security issues in Cloud Computing (2012)
Kalloniatis, C., Kavakli, E., Gritzalis, S.: PriS Methodology: Incorporating Privacy Requirements into the System Design Process. In: Mylopoulos, J., Spafford, G. (eds.) Proceedings of the SREIS 2005 13th IEEE International Requirements Engineering Conference – Symposium on Requirements Engineering for Information Security. IEEE CPS, Paris (2005)
Kalloniatis, C., Kavakli, E., Gritzalis, S.: Addressing privacy requirements in system design: The PriS method. Requirements Engineering 13(3), 241–255 (2008)
Kalloniatis, C., Kavakli, E., Kontellis, E.: PRIS tool: A case tool for privacy-oriented Requirements Engineering. Journal of Information Systems Security 6(1), 3–19 (2010)
Kavakli, E., Kalloniatis, C., Loucopoulos, P., Gritzalis, S.: Incorporating Privacy Requirements into the System Design Process: The PriS Conceptual Framework. Internet Research, Special issue on Privacy and Anonymity in the Digital Era: Theory, Technologies and Practice 16(2), 140–158 (2006)
Kalloniats, C., Kavakli, E., Gritzalis, S.: Dealing with Privacy Issues during the System Design Process. In: 5th IEEE International Symposium on Signal Processing and Information Technology, Athens, Greece, December 18-21 (2005)
Mouratidis, H., Kalloniatis, C., Islam, S., Huget, M.P., Gritzalis, S.: Aligning Security and Privacy to support the development of Secure Information Systems. Journal of Universal Computer Science (2012)
Mouratidis, H., Giorgini, P.: Secure Tropos: A Security-Oriented Extension Of The Tropos Methodology. International Journal of Software Engineering and Knowledge Engineering (2007)
Mouratidis, Giorgini, P.: Security Attack Testing (SAT) - testing the security of information systems at design time. Inf. Syst. 32(8), 1166–1183 (2007)
Wei, L., et al.: Managing Security of Virtual Machine Images in a Cloud Environment (2009)
Microsoft Technical report: Privacy in the cloud computing era, a Microsoft perspective, Microsoft Corp., Redmond, USA (November 2009)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2013 International Federation for Information Processing
About this paper
Cite this paper
Kalloniatis, C., Manousakis, V., Mouratidis, H., Gritzalis, S. (2013). Migrating into the Cloud: Identifying the Major Security and Privacy Concerns. In: Douligeris, C., Polemi, N., Karantjias, A., Lamersdorf, W. (eds) Collaborative, Trusted and Privacy-Aware e/m-Services. I3E 2013. IFIP Advances in Information and Communication Technology, vol 399. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-37437-1_7
Download citation
DOI: https://doi.org/10.1007/978-3-642-37437-1_7
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-37436-4
Online ISBN: 978-3-642-37437-1
eBook Packages: Computer ScienceComputer Science (R0)