Much ado about security appeal: cloud provider collaborations and their risks

Authors:
Olga Wenge;Melanie Siebenhaar;Ulrich Lampe;Dieter Schuller;Ralf Steinmetz
Affiliations:
Multimedia Communication Lab (KOM), Technische Universität Darmstadt, Germany;Multimedia Communication Lab (KOM), Technische Universität Darmstadt, Germany;Multimedia Communication Lab (KOM), Technische Universität Darmstadt, Germany;Multimedia Communication Lab (KOM), Technische Universität Darmstadt, Germany;Multimedia Communication Lab (KOM), Technische Universität Darmstadt, Germany
Venue:
ESOCC'12 Proceedings of the First European conference on Service-Oriented and Cloud Computing
Year:
2012

Citing 14
Cited 0

Alignment of Authentication Information for Trust Federation

EDOCW '07 Proceedings of the 2007 Eleventh International IEEE EDOC Conference Workshop
Cloud Security Issues

SCC '09 Proceedings of the 2009 IEEE International Conference on Services Computing
Sky Computing

IEEE Internet Computing
A Guideline to Enforce Data Protection and Privacy Digital Laws in Malaysia

ICCRD '10 Proceedings of the 2010 Second International Conference on Computer Research and Development
Identity Federation Broker for Service Cloud

ICSS '10 Proceedings of the 2010 International Conference on Service Sciences
Security for the cloud infrastructure: trusted virtual data center implementation

IBM Journal of Research and Development
Intercloud Security Considerations

CLOUDCOM '10 Proceedings of the 2010 IEEE Second International Conference on Cloud Computing Technology and Science
Privacy, Security and Trust Issues Arising from Cloud Computing

CLOUDCOM '10 Proceedings of the 2010 IEEE Second International Conference on Cloud Computing Technology and Science
Application of a Distributed Security Method to End-2-End Services Security in Independent Heterogeneous Cloud Computing Environments

SERVICES '11 Proceedings of the 2011 IEEE World Congress on Services
Security SLAs for Federated Cloud Services

ARES '11 Proceedings of the 2011 Sixth International Conference on Availability, Reliability and Security
An Identity-Centric Internet: Identity in the Cloud, Identity as a Service and Other Delights

ARES '11 Proceedings of the 2011 Sixth International Conference on Availability, Reliability and Security
Understanding the Complexity Surrounding Multitenancy in Cloud Computing

ICEBE '11 Proceedings of the 2011 IEEE 8th International Conference on e-Business Engineering
A Multi-Level Security Model for PartitioningWorkflows over Federated Clouds

CLOUDCOM '11 Proceedings of the 2011 IEEE Third International Conference on Cloud Computing Technology and Science
A Distributed Access Control Architecture for Cloud Computing

IEEE Software

Quantified Score

Hi-index	0.00

Visualization

Abstract

The lack of capacity, unplanned outages of sub-contractors, a disaster recovery plan, acquisitions, or other financial goals may force cloud providers to enter into collaborations with other cloud providers. However, the cloud provider is not always fully aware of the security level of a potential collaborative cloud provider. This can lead to security breaches and customers' data leakage, ending in court cases and financial penalties. In our paper, we analyze different types of cloud collaborations with respect to their security concerns and discuss possible solutions. We also outline trusted security entities as a feasible approach for managing security governance risks and propose our security broker solution for ad hoc cloud collaborations. Our work provides support in the cloud provider selection process and can be used by cloud providers as a foundation for their initial risk assessment.