Classifying Security Threats in Cloud Networking
2015 (English)In: Proceedings of the 5th International Conference on Cloud Computing and Services Science / [ed] Markus Helfert, Donald Ferguson and Víctor Méndez Muñoz, SciTePress , 2015, 214-220 p.Conference paper (Refereed)
A central component of managing risks in cloud computing is to understand the nature of security threats. The relevance of security concerns are evidenced by the efforts from both the academic community and technological organizations such as NIST, ENISA and CSA, to investigate security threats and vulnerabilities related to cloud systems. Provisioning secure virtual networks (SVNs) in a multi-tenant environment is a fundamental aspect to ensure trust in public cloud systems and to encourage their adoption. However, comparing existing SVN-oriented solutions is a difficult task due to the lack of studies summarizing the main concerns of network virtualization and providing a comprehensive list of threats those solutions should cover. To address this issue, this paper presents a threat classification for cloud networking, describing threat categories and attack scenarios that should be taken into account when designing, comparing, or categorizing solutions. The classification is based o n the CSA threat report, building upon studies and surveys from the specialized literature to extend the CSA list of threats and to allow a more detailed analysis of cloud network virtualization issues.
Place, publisher, year, edition, pages
SciTePress , 2015. 214-220 p.
Cloud Networking, Cloud Security, Security Threats, Security Taxonomy
Computer and Information Science
IdentifiersURN: urn:nbn:se:kau:diva-40673DOI: 10.5220/0005489402140220ISBN: 978-989-758-104-5 (print)OAI: oai:DiVA.org:kau-40673DiVA: diva2:905718
CLOSER 2015 - The 5th International Conference on Cloud Computing and Services Science, 20 – 22 May 2015, Lisbon, Portugal