Open Access Open Access  Restricted Access Subscription or Fee Access

An Analysis of SPI Security Issues for Cloud Computing

V. Rajasekaran, M. Suganya


Implementing cloud computing in an venture infrastructure bring significant security concerns. Successful deploying  of cloud computing in an enterprise requires proper planning and understanding of emerging risks, threats, vulnerabilities, and possible countermeasures .Cloud Computing is efficient in cost, flexible and proven delivery platform for providing consumer IT services or business over the Internet. Still, cloud Computing presents an additional level of risk because essential services are often outsourced to a third party, which makes it harder to maintain support data and service availability ,data security and privacy and demonstrate its compliance. It leverages have  many technologies (Web 2.0,SOA,virtualization); it also inherits their security issues, identifying the Major vulnerabilities in this kind of systems and the most important threats found in the literature related to Cloud Computing and its environment as well as to identify and relate  the vulnerabilities with threats and also to give  possible countermeasures for that.


Cloud Computing, Vulnerabilities, Security, Threats

Full Text:



Gartner Inc Gartner identifies the Top 10 strategic technologies for 2011. Online. Available: Accessed:15-Jul-2011

Zhao G, Liu J, Tang Y, Sun W, Zhang F, Ye X, Tang N (2009) Cloud Computing: A Statistics Aspect of Users. In: First nternational Conference on Cloud Computing (CloudCom), Beijing, China. Springer Berlin, Heidelberg,pp 347–358

Zhang S, Zhang S, Chen X, Huo X (2010) Cloud Computing Research and Development Trend. In: Second International Conference on Future Networks (ICFN’10), Sanya, Hainan, China. IEEE Computer Society,Washington, DC, USA, pp 93–97

Cloud Security Alliance (2011) Security guidance for critical areas of focus in Cloud Computing V3.0.. Available:

Marinos A, Briscoe G (2009) Community Cloud Computing. In: st International Conference on Cloud Computing (CloudCom), Beijing, China. Springer-Verlag Berlin, Heidelberg

Centre for the Protection of National Infrastructure (2010) Information Security Briefing 01/2010 Cloud Computing. Available:

Khalid A (2010) Cloud Computing: applying issues in Small Business. In: International Conference on Signal Acquisition and Processing (ICSAP’10),pp 278–281

KPMG (2010) From hype to future: KPMG’s 2010 Cloud Computing survey.Available:

Rosado DG, Gómez R, Mellado D, Fernández-Medina E (2012) Security analysis in the migration to cloud environments. Future Internet 4(2):469–487

Mather T, Kumaraswamy S, Latif S (2009) Cloud Security and Privacy. O’ReillyMedia, Inc., Sebastopol, CA

Li W, Ping L (2009) Trust model to enhance Security and interoperability of Cloud environment. In: Proceedings of the 1st International conference on Cloud Computing. Springer Berlin Heidelberg, Beijing, China, pp 69–79

Rittinghouse JW, Ransome JF (2009) Security in the Cloud. In: Cloud Computing. Implementation, Management, and Security, CRC Press

Kitchenham B (2004) Procedures for perfoming systematic review, software engineering group. Department of Computer Scinece Keele University, United Kingdom and Empirical Software Engineering, National ICT Australia Ltd, Australia. TR/SE-0401

Kitchenham B, Charters S (2007) Guidelines for performing systematic literature reviews in software engineering. Version 2.3 University of keele (software engineering group, school of computer science and mathematics) and Durham. Department of Conputer Science, UK

Brereton P, Kitchenham BA, Budgen D, Turner M, Khalil M (2007) Lessons from applying the systematic literature review process within the software engineering domain. J Syst Softw 80(4):571–583

Cloud Security Alliance (2010) Top Threats to Cloud Computing V1.0. Available:

ENISA (2009) Cloud Computing: benefits, risks and recommendations for information Security.Available:

Dahbur K, Mohammad B, Tarakji AB (2011) A survey of risks, threats and vulnerabilities in Cloud Computing. In: Proceedings of the 2011International conference on intelligent semantic Web-services andapplications. Amman, Jordan, pp 1–6

Ertaul L, Singhal S, Gökay S (2010) Security challenges in Cloud Computing. In: Proceedings of the 2010 International conference on Security and Management SAM’10. CSREA Press, Las Vegas, US, pp 36–42

Grobauer B, Walloschek T, Stocker E (2011) Understanding Cloud Computing vulnerabilities. IEEE Security Privacy 9(2):50–57

Subashini S, Kavitha V (2011) A survey on Security issues in service delivery models of Cloud Computing. J Netw Comput Appl 34(1):1–11

Jensen M, Schwenk J, Gruschka N, Iacono LL (2009) On technical Securityissues in Cloud Computing. In: IEEE International conference on Cloud Computing (CLOUD’09). 116, 116, pp 109–116

Onwubiko C (2010) Security issues to Cloud Computing. In: Antonopoulos N, Gillam L (ed) Cloud Computing: principles, systems & applications. 2010,Springer-Verlag

Morsy MA, Grundy J, Müller I (2010) An analysis of the Cloud Computing Security problem. In: Proceedings of APSEC 2010 Cloud Workshop. APSEC, Sydney, Australia

Jansen WA (2011) Cloud Hooks: Security and Privacy Issues in Cloud Computing. In: Proceedings of the 44th Hawaii International Conference on System Sciences, Koloa, Kauai, HI. IEEE Computer Society, Washington, DC, USA, pp 1–10

Zissis D, Lekkas D (2012) Addressing Cloud Computing Security issues. FuturGener Comput Syst 28(3):583–592

Jansen W, Grance T (2011) Guidelines on Security and privacy in public Cloud Computing. NIST, Special Publication 800–144, Gaithersburg, MD

Mell P, Grance T (2011) The NIST definition of Cloud Computing. NIST,Special Publication 800–145, Gaithersburg, MD

Zhang Q, Cheng L, Boutaba R (2010) Cloud Computing: state-of-the-art andresearch challenges. Journal of Internet Services Applications 1(1):7–18

Ju J, Wang Y, Fu J, Wu J, Lin Z (2010) Research on Key Technology in SaaS.In: International Conference on Intelligent Computing and Cognitive Informatics (ICICCI), Hangzhou, China. IEEE Computer Society, Washington,DC, USA, pp 384–387

Owens D (2010) Securing elasticity in the Cloud. Commun ACM 53(6):46–51

OWASP (2010) The Ten most critical Web application Security risks. Available: OWASP_Top_Ten_Project

Zhang Y, Liu S, Meng X (2009) Towards high level SaaS maturity model:methods and case study. In: Services Computing conference. APSCC, IEEEAsia-Pacific, pp 273–278

Chong F, Carraro G, Wolter R (2006) Multi-tenan data architecture. Online.Available: aa479086.aspx. Accessed:05-Jun-2011

Bezemer C-P, Zaidman A (2010) Multi-tenant SaaS applications:maintenance dream or nightmare? In: Proceedings of the Joint ERCIM Workshop on Software Evolution (EVOL) and International Workshop on Principles of Software Evolution (IWPSE), Antwerp, Belgium. ACM New York,NY, USA, pp 88–92

Viega J (2009) Cloud Computing and the common Man. Computer 42(8):106–108

Cloud Security Alliance (2012) Security guidance for critical areas of Mobile Computing. Available: initiatives/mobile/Mobile_Guidance_v1.pdf

Keene C (2009) The Keene View on Cloud Computing. Online. Available: 16-Jul-2011

Xu K, Zhang X, Song M, Song J (2009) Mobile Mashup: Architecture, Challenges and Suggestions. In: International Conference on Management and Service Science. MASS’09. IEEE Computer Society, Washington, DC, USA,pp 1–4

Chandramouli R, Mell P (2010) State of Security readiness. Crossroads 16(3):23–25

Jaeger T, Schiffman J (2010) Outlook: cloudy with a chance of Security challenges and improvements. IEEE Security Privacy 8(1):77–80

Dawoud W, Takouna I, Meinel C (2010) Infrastructure as a service security: Challenges and solutions. In: the 7th International Conference on Informatics and Systems (INFOS), Potsdam, Germany. IEEE Computer Society, Washington, DC, USA, pp 1–8

Jasti A, Shah P, Nagaraj R, Pendse R (2010) Security in multi-tenancy cloud.In: IEEE International Carnahan Conference on Security Technology (ICCST), KS,USA. IEEE Computer Society, Washington, DC, USA, pp 35–41

Garfinkel T, Rosenblum M (2005) when virtual is harder than real: Security challenges in virtual machine based computing environments. In: Proceedings of the 10th conference on Hot Topics in Operating Systems, Santa Fe, NM. volume 10. USENIX Association Berkeley, CA, USA, pp 227–229


  • There are currently no refbacks.

Creative Commons License
This work is licensed under a Creative Commons Attribution 3.0 License.