Open Access  Subscription or Fee Access

Cloud computing derives from a long history of research and development on various approaches to IT outsourcing, in which customers draw from a utility provider’s pool of capacity on a pay-as you-go basis as an alternative to operating their own infrastructure. While many of the predictions may be cloud hype, we believe the new IT procurement model offered by cloud computing is here to stay . Brushing aside the services offered, however, security is a huge concern for cloud users. Cloud fears largely stem from the perceived loss of control of sensitive data. Current control measures do not adequately address cloud computing third-party data storage and processing needs. In our vision, we propose to extend control measures from the enterprise into the cloud through the use of Trusted Computing and applied cryptographic techniques. These measures should alleviate much of today’s fear of cloud computing, and, we believe, have the potential to provide demonstrable business intelligence advantages to cloud participation. Our vision also relates to likely problems and abuses arising from a greater reliance on cloud computing, and how to maintain security in the face of such attacks. Namely, the new threats require new constructions to maintain and improve security. Among these are tools to control and understand privacy leaks, perform authentication, and guarantee availability in the face of cloud denial-of-service attacks.

Cloud, Privacy, Security, Trusted Computing.

Amazon Web Services, Amazon Elastic Compute Cloud (Amazon EC2), www.amazon.com/ec2

Samiljan, Tom; ―You Must Remember This,‖ Hemisphere Magazine, August 2009

Cloud Security Alliance (CSA): http://cloudsecurityalliance.org/

A Security Analysis of Cloud Computing: (http://cloudcomputing.sys- on.com/node/ 1203943

Cloud Security Questions? Here are some answers (http://cloudcomputing.sys-con.com/node/1330353)

FTC questions cloud-computing security. http://news.cnet.com/8301-13578_3-10198577-38.html?part=rss&subj=news&tag=2547-1_3-0-20.

Facebook users suffer viral surge. http://news.bbc.co.uk/2/hi/technology/7918839.stm.

David Binning, Top Five Cloud Computing Security Issues, Computer Weekly, April 24, 2009.

Balachandra Reddy Kandukuri, Ramakrishna Paturi V, Atanu Rakshit, Cloud Security Issues, IEEE International Conference on Services Computing, Bangalore, India, September 21-25, 2009.

Stephanie Overby, How to Negotiate a Better Cloud Computing Contract, CIO, April 21, 2010.

James Maguire, How Cloud Computing Security Resembles the Financial Meltdown, Datamation, internet.com, April 27, 2010.

USA Patriot Act Comes under Fire in B.C. Report, CBC News, October 30, 2004.

Gentry, C. Fully Homomorphic Encryption Using Ideal Lattices. In STOC. 2009 .

Chor, B., Kushilevitz, E., Goldreich, O., and Sudan, M. Private Information Retrieval. J. ACM, 45, 6 (1998), 965-981.

Trusted Computing Group (TCG): http://www.trustedcomputinggroup.org/

Sven Bugiel, Stefan Nurnberger, Ahmad-Reza Sadeghi, Thomas Schneider Twin Clouds: An Architecture for Secure Cloud Computing http:/www. zurich.ibm.com/~cca/csc2011

SW99. S. W. Smith and S. Weingart. Building a high- performance, programmable secure coprocessor. Computer Networks, 31(8):831{860, April 1999.