Cloud Computing Security and Privacy

Published in: Megaprojects: Building Infrastructure by Fostering Engineering Collaboration, Efficient and Effective Integration and Innovative Planning: Proceedings of the 10th Latin American and Caribbean Conference for Engineering and Technology
Date of Conference: July 23-25, 2012
Location of Conference: Panama City, Panama
Authors: Jeffrey Duffany
Refereed Paper: #273

Abstract

Cloud computing security is comprised of elements drawn from computer security, network security and information security. It encompasses policies, technologies, and controls employed to protect data, applications, and the cloud computing infrastructure. The security aspects of cloud computing are examined from the point of view of its inherent vulnerabilities with regard to availability, user authentication and privacy and trust. Recent events such as the April 21, 2011 collapse of the Amazon Elastic Compute Cloud (EC2) are used to illustrate these vulnerabilities and to suggest measures that can be implemented to improve cloud security. This is followed by a discussion of key aspects of cloud security including data protection, physical and personnel security, application security and legal issues. This is followed by a discussion of strategies that can be employed to better manage and mitigate security risks associated with cloud computing.