146

M. Bakro et al.

Table 1 Overview of cloud computing security issues [22]

Issues of security

Attacks

Affected service delivery

models

Responsible

characteristics of cloud

Threat to C-I-A-A-P

Directions of protection

Virtualization-related

issues

– Cross-VM attack

– Data violations

– Application security

– Access control

infringement

IaaS, PaaS, SaaS

Multi-tenancy

Confidentiality,

integrity,

availability

– Isolation of VM

– Use of trusted VM image

– Use of firewall/IDS

– Strong authentication

– Encryption

Physical security

issues

– Physical damage to

infrastructure

– Theft

IaaS

Broad network access

Accountability, privacy

– Backup of data

– Backup of application

– Reserved resources

Network-related issues – Data violations

– DNS server attack

– IP-based attacks

– Attack on DHCP server

– Traffic flow analysis

IaaS, SaaS

Broad network access

Confidentiality,

availability,

privacy

– Use of firewall/IDS

– Encryption

Data-related issues

– Modification of data

– Deletion of data

– Loss of data

– Unauthorized access

IaaS, PaaS, SaaS

Multi-tenancy, broad

network access

Confidentiality,

integrity,

privacy

– Strong authentication

– Encryption of data

– Isolation of data

– Backup of data

– Use of database intrusion

detection

(continued)