By Topic

Analysis on Cloud-Based Security Vulnerability Assessment

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

4 Author(s)
Huan-Chung Li ; Grad. Inst. of Networking & Multimedia, Nat. Taiwan Univ., Taipei, Taiwan ; Po-Huei Liang ; Jiann-Min Yang ; Shiang-Jiun Chen

Cloud computing delivery model can significantly reduce enterprise IT costs and complexities. This technology can handle the rapidly gowning environment and provide more flexible resources sharing and hence it has become as anew information technology infrastructure recently. In contrast to traditional enterprise IT solution, cloud computing moves the application software and databases to the servers in large data centers which raise many security challenges. The business model now allows the users to purchase the capacity they require when they require it. The providers can maximize the utilization by multiplexing customer virtual machines (VMs) across a shared physical infrastructure. In the shared cloud environment, it would be possible to launch an attack cross VMs. How to define the policies for individual virtual firewall becomes more important. In this paper, we investigate the different security vulnerability assessments among the cloud environments. Experiment shows there are more vulnerability happened if vulnerability tools and the servers are in the same LAN. In other word, the hackers can find an easier way to get the target information if sit on the same LAN. This experimental result can be used to analysis the risk in third party compute clouds.

Published in:

e-Business Engineering (ICEBE), 2010 IEEE 7th International Conference on

Date of Conference:

10-12 Nov. 2010