What’s New About Cloud Computing Security?

Yanpei Chen, Vern Paxson and Randy H. Katz

EECS Department
University of California, Berkeley
Technical Report No. UCB/EECS-2010-5
January 20, 2010

http://www.eecs.berkeley.edu/Pubs/TechRpts/2010/EECS-2010-5.pdf

While the economic case for cloud computing is compelling, the security challenges it poses are equally striking. In this work we strive to frame the full space of cloud-computing security issues, attempting to separate justified concerns from possible over-reactions. We examine contemporary and historical perspectives from industry, academia, government, and “black hats”. We argue that few cloud computing security issues are fundamentally new or fundamentally intractable; often what appears “new” is so only relative to “traditional” computing of the past several years. Looking back further to the time-sharing era, many of these problems already received attention. On the other hand, we argue that two facets are to some degree new and fundamental to cloud computing: the complexities of multi-party trust considerations, and the ensuing need for mutual auditability.


BibTeX citation:

@techreport{Chen:EECS-2010-5,
    Author = {Chen, Yanpei and Paxson, Vern and Katz, Randy H.},
    Title = {What’s New About Cloud Computing Security?},
    Institution = {EECS Department, University of California, Berkeley},
    Year = {2010},
    Month = {Jan},
    URL = {http://www.eecs.berkeley.edu/Pubs/TechRpts/2010/EECS-2010-5.html},
    Number = {UCB/EECS-2010-5},
    Abstract = {While the economic case for cloud computing is compelling, the security challenges it poses are equally striking. In this work we strive to frame the full space of cloud-computing security issues, attempting to separate justified concerns from possible over-reactions. We examine contemporary and historical perspectives from industry, academia, government, and “black hats”. We argue that few cloud computing security issues are fundamentally new or fundamentally intractable; often what appears “new” is so only relative to “traditional” computing of the past several years. Looking back further to the time-sharing era, many of these problems already received attention. On the other hand, we argue that two facets are to some degree new and fundamental to cloud computing: the complexities of multi-party trust considerations, and the ensuing need for mutual auditability.}
}

EndNote citation:

%0 Report
%A Chen, Yanpei
%A Paxson, Vern
%A Katz, Randy H.
%T What’s New About Cloud Computing Security?
%I EECS Department, University of California, Berkeley
%D 2010
%8 January 20
%@ UCB/EECS-2010-5
%U http://www.eecs.berkeley.edu/Pubs/TechRpts/2010/EECS-2010-5.html
%F Chen:EECS-2010-5