Electrical Engineering
      and Computer Sciences

Electrical Engineering and Computer Sciences

COLLEGE OF ENGINEERING

UC Berkeley

What’s New About Cloud Computing Security?

Yanpei Chen, Vern Paxson and Randy H. Katz

EECS Department
University of California, Berkeley
Technical Report No. UCB/EECS-2010-5
January 20, 2010

http://www.eecs.berkeley.edu/Pubs/TechRpts/2010/EECS-2010-5.pdf

While the economic case for cloud computing is compelling, the security challenges it poses are equally striking. In this work we strive to frame the full space of cloud-computing security issues, attempting to separate justified concerns from possible over-reactions. We examine contemporary and historical perspectives from industry, academia, government, and “black hats”. We argue that few cloud computing security issues are fundamentally new or fundamentally intractable; often what appears “new” is so only relative to “traditional” computing of the past several years. Looking back further to the time-sharing era, many of these problems already received attention. On the other hand, we argue that two facets are to some degree new and fundamental to cloud computing: the complexities of multi-party trust considerations, and the ensuing need for mutual auditability.


BibTeX citation:

@techreport{Chen:EECS-2010-5,
    Author = {Chen, Yanpei and Paxson, Vern and Katz, Randy H.},
    Title = {What’s New About Cloud Computing Security?},
    Institution = {EECS Department, University of California, Berkeley},
    Year = {2010},
    Month = {Jan},
    URL = {http://www.eecs.berkeley.edu/Pubs/TechRpts/2010/EECS-2010-5.html},
    Number = {UCB/EECS-2010-5},
    Abstract = {While the economic case for cloud computing is compelling, the security challenges it poses are equally striking. In this work we strive to frame the full space of cloud-computing security issues, attempting to separate justified concerns from possible over-reactions. We examine contemporary and historical perspectives from industry, academia, government, and “black hats”. We argue that few cloud computing security issues are fundamentally new or fundamentally intractable; often what appears “new” is so only relative to “traditional” computing of the past several years. Looking back further to the time-sharing era, many of these problems already received attention. On the other hand, we argue that two facets are to some degree new and fundamental to cloud computing: the complexities of multi-party trust considerations, and the ensuing need for mutual auditability.}
}

EndNote citation:

%0 Report
%A Chen, Yanpei
%A Paxson, Vern
%A Katz, Randy H.
%T What’s New About Cloud Computing Security?
%I EECS Department, University of California, Berkeley
%D 2010
%8 January 20
%@ UCB/EECS-2010-5
%U http://www.eecs.berkeley.edu/Pubs/TechRpts/2010/EECS-2010-5.html
%F Chen:EECS-2010-5