Featured Image
Why is it important?
Cloud computing offers the potential for significant cost reductions and increased agility for users. However, security concerns continue to be raised as a potential barrier to uptake for private, community and public clouds. A report from the European Network and Information Security Agency (ENISA) on the Priorities for Research on Current and Emerging Network Technologies highlighted trusted-cloud models as one of its top priorities for further research. More recently – September, 2012 – Carnegie Mellon University’s CERT have released a paper describing insider threats to cloud computing as a direction for new research. Further, a project completed at the University of Warwick in 2010, investigated security aspects of cloud computing and in particular the potential for cascade effects. This research involved a detailed modelling of the threat and vulnerability landscape, including the incentives and motivations which might drive attackers. One of the conclusions is that insider threats potentially pose the most significant source of risk.
Perspectives
Many organisations appear to be outsourcing their data to cloud services without performing the normal due dilligence checks that one would expect when employing external services. The impact of their data being compromised (confidentiality, integrity and availability) are underestimated to date with cloud services.
Adrian Duncan
University of Oxford
Read the Original
This page is a summary of: An overview of insider attacks in cloud computing, Concurrency and Computation Practice and Experience, March 2014, Wiley,
DOI: 10.1002/cpe.3243.
You can read the full text:
Contributors
The following have contributed to this page
