By Anrin Chakraborti, Duke University, USA, anrin.chakraborti@duke.edu | Reza Curtmola, New Jersey Institute of Technology, USA, reza.curtmola@njit.edu | Jonathan Katz, University of Maryland, USA, jkatz@cs.umd.edu | Jason Nieh, Columbia University, USA, nieh@cs.columbia.edu | Ahmad-Reza Sadeghi, Technische Universität Darmstadt, Germany, ahmad.sadeghi@trust.tu-darmstadt.de | Radu Sion, Stony Brook University, USA, sion@cs.stonybrook.edu | Yinqian Zhang, Southern University of Science and Technology, China, yinqianz@acm.org
Cloud services have revolutionized modern computing. The benefits of outsourcing data and computation come with security and privacy concerns. This monograph explores the advances in cloud security research across both industry and academia, with a special focus on secure infrastructure, services and storage. Besides overviewing the state of the art, the monograph highlights open problems, and possible future research directions.
Cloud services have revolutionized computing in the modern world. In an increasingly networked ecosystem, it is commonplace for enterprises and private parties alike to leverage cloud services for storage and compute. The most obvious benefits include scalability, increased availability, and the potential for reduced costs when compared to lower-scale on premise infrastructures. In addition, cloud-hosted data (and compute) is accessible across platforms and is not limited by geographical constraints making collaboration attractively viable.
However, the benefits of outsourcing data and computation come with security and privacy concerns. This monograph explores the advances in cloud security research across both industry and academia, with a special focus on secure infrastructure, services and storage. Besides overviewing the state of the art, the monograph highlights open problems, and possible future research directions. Cloud security is a broad topic encompassing concepts from a large cross section of domains. To make this monograph concise and meaningful, several topics and challenges that are almost entirely specific to clouds are covered. For this reason, general computing security topics such as intrusion detection, software protection, phishing etc. are excluded. While these are important building blocks that need to be considered in an end-to-end cloud-centric design, they have been extensively addressed elsewhere.
The publication is divided into three parts based on a broad clustering into hardware, computation, and storage. The monograph should appeal to researchers, students and professionals who work on Cloud Computing in general, and Cloud Security specifically.