Cloud Computing Security: Opportunities and Caveats

The Cloud computing paradigm is increasingly successful today, as it enables convenient access to a number of economically viable large computing and storage resources. Clouds offer on-demand scalable services for heavy workloads and large computations, saving the maintenance expenses of costly server farms. At the same time, multicore and manycore hardware is flourishing, even allowing massive parallel computing on a single chip. As a further opportunity, mobile devices, permanently connected to the cloud, are now extremely powerful and feature multiple execution cores. In such novel scenarios it becomes mandatory to provide adequate security and privacy guarantees to both service providers and users. The problem is complex, as present cloud landscape actors have conflicting requirements and objectives. Security concerns over cloud computing resources are often due to virtual machine integrity and privacy issues (possibly due to malware infections). In addition, cloud nodes can deliberately choose to misbehave in order to save resources and thus reduce maintenance costs. As a consequence, availability and correctness of stored data and computed results from remote services can be an issue. Even network reliability can be an issue, given the increasingly widespread deployment of powerful but potentially dangerous approaches such as software defined networking and network function virtualization. Furthermore, given that cloud nodes are heterogeneous and span from manycore cluster nodes (hosting powerful manycore GPUs) to mobile devices (also featuring manycore GPUs), care must be taken in evaluating and addressing specific security issues of each platform while at the same time keeping in mind that these pervasively-available and constantly-connected resources have a common substrate and common global security issues. This book surveys security issues of cloud computing over distributed heterogeneous computing and network resources. It investigates different directions and proposes possible approaches in a variety of scenarios. It can be a useful source of information and reference, to better understand the complexity and heterogeneity of modern cloud-based architectures and of related security issues.