Information warfare and security
Information warfare and security
A break in the clouds: towards a cloud definition
ACM SIGCOMM Computer Communication Review
Taking account of privacy when designing cloud computing services
CLOUD '09 Proceedings of the 2009 ICSE Workshop on Software Engineering Challenges of Cloud Computing
Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds
Proceedings of the 16th ACM conference on Computer and communications security
Technology, Policy, Law, and Ethics Regarding U.S. Acquisition and Use of Cyberattack Capabilities
Technology, Policy, Law, and Ethics Regarding U.S. Acquisition and Use of Cyberattack Capabilities
Computer
A survey of risks, threats and vulnerabilities in cloud computing
Proceedings of the 2011 International Conference on Intelligent Semantic Web-Services and Applications
Stuxnet: Dissecting a Cyberwarfare Weapon
IEEE Security and Privacy
Hi-index | 0.00 |
While hype around the benefits of `cloud computing'increase, challenges in maintaining data security and data privacy have also been recognised as significant vulnerabilities (Ristenpart et al. in Proceedings of the 14th ACM conference on computer and communications security, pp 103---115, 2009; Pearson in CLOUD'09, pp 44---52, 2009; Vouk in J Comput Inf Technol 4:235---246, 2008). These vulnerabilities generate a range of questions relating to the capacity of organisations relying on cloud solutions to effectively manage risk. This has become particularly the case as the threats faced by organisations have moved increasingly away from indiscriminate malware to more targeted cyber-attack tools. From forensic computing perspective it has also been recognised that `cloud solutions' pose additional challenges for forensic computing specialists including discoverability and chain of evidence (Ruan et al. in Adv Digital Forensics VII:35---46, 2011; Reilly et al. in Int J Multimedia Image Process 1:26---34, 2011). However, to date there has been little consideration of how the differences between indiscriminate malware and targeted cyber-attack tools further problematize the capacity of organisations to manage risk. This paper also considers these risks and differentiates between technical, legal and ethical dilemmas posed. The paper also highlights the need for organisations to be aware of these issues when deciding to move to cloud solutions.