Security Risks And Concerns In Cloud Computing

Research Methodology

Question:

Save Time On Research and Writing
Hire a Pro to Write You a 100% Plagiarism-Free Paper.
Get My Paper

Describe about the Emerging Issues and Challenges in Cloud Computing?

Deployment of cloud computing within the infrastructure of enterprise bring significant concerns related to security. Successfully implementing the cloud computing in the enterprise need appropriate understanding and planning related to the emergence of vulnerabilities, threats, risks and possible counter- measures (Viega, 2009). Enterprises should be analyzing the threats, risks and available countermeasures with respect to security in the organization before the adoption of technology.

In this research, discussion will be created on the risks of security and concerns related to cloud computing. It will be enlightening the steps that can be taken up by the enterprise for the reduction of risks related to security and the protection of resources. This research will also be explaining the weaknesses, benefits and areas with applicability in the management of information risk.

The research methodologies used for the final presentation of this research involved three different phases. The first phase involved the presentation of a systematic review on the literature with appropriate analysis. The second phase is the methodology of research used for the collection of data in a significant manner in order to ensure accurate results and discussions. For the purpose of the collection of data, surveys and interviews had been conducted at the level of the entire industry. The narrative analysis of this data collected by conducting interviews will be done in a significant manner. The third phase will be involving a comparative analysis for answering the research questions stated above. Systematic literature review is an important source for the identification, evaluation and interpretation of all of the related available research important for the completion of this specific research and phenomena of interest.

Save Time On Research and Writing
Hire a Pro to Write You a 100% Plagiarism-Free Paper.
Get My Paper

Since a long duration of time, organizations have been experiencing and will continuously be experiencing in this era of cloud computing related to losses in a number of systems. These have been having and will have a direct influence over the asset that is most valuable, information, and hence, it is extremely important for protecting each and every organization. With the continuous evolution of cloud computing, there are a number of major providers of cloud computing like Yahoo, Microsoft, Google, Amazon and a number of others where there is provision of these types of services like Storage as a service, Platform as a Service (PaaS), Software as a Service (SaaS) and IaaS (Infrastructure as a Service) (Kaleeswaran, 2012).

Enterprises have started to look into the technology of cloud computing, as a way of cutting down the amount of costs, and increasing the level of profitability, as across each and every industry, CIOs have been continuously been under pressure for the reduction of head counts,tal assets, and supporting costs. For all these purposes, cloud systems provide them a way for meeting these goals (Vaikuntanathan, 2011). There are a number of definition formulated for cloud computing and these will be discussed further ahead in the review of literature. Cloud computing, as a whole, combines a number of different and important technologies that have matured and evolved with the passage of time. The cloud computing of present day has evolved in a number of ways that includes infrastructure, computing, storage and open APIs in combination. Cloud computing cannot be considered as being attractive only for the large scale enterprises, but also the startups, small enterprises, medium enterprises and entrepreneurs who would be availing huge benefits for their business by cloud computing.

Cloud Computing and Its Advantages

Defining Cloud Computing

The term cloud computing involves a number of different services through web, networking, distributed computing and virtualization. It is a way to offer services to the users by assisting them for tapping within extreme pool related to sharing of computing resources like network, storage and servers. Users can utilize services by simply plugging within the cloud and making payment for what is being used by him or her only (Viega, 2009). All of these features contribute in making cloud computing highly advantageous and beneficial, so there is huge demand for it. This type of model of computing helps in consolidating the side of server and results in the reduction of costs by considering the economies of scale as being highly advantageous. The cloud promises for the free users from often complicated and tedious tasks for the management and provision of resources related to computing for running the respective application.

The cloud also contributes in bringing a number of benefits that include 1) a model pay-as-you-go cost, 2) applications being deployed at a faster and easier rate, 3) elastic and dynamic ways for the provision of resources, 4) infrastructure with more robustness and security (Curran, 2011). Each and every single benefit is provided to the user by the cloud in no additional amount of costs, while at the same point of time, there is provision of these with a high degree of flexibility in the computing resources being used and provided. The resources can be related to the service of storage, computing and other related specifications. There can is accessibility of the applications and data of the users from any location with the help of a single device, having two main requirements (Fernandez, 2013). These two main requirements are system of cloud computing and internet connection interface software over their device that can be extremely simple as that of web browser.

Even though cloud computing has a number of beneficial features, but the concerns of security in the cloud has consistently been the greatest inhibitors in order to adopt cloud computing. One of the key concern related to cloud computing is the security for the data of users. The environment of cloud contributes in providing sharing of resources, so it appears as being highly risky for the movement of data within the hands of the one providing cloud (Viega, 2009). Data being stored at the cloud is a part of the shared environment, so the hacking becomes extremely simply either because of accidental factors or malicious hackers.

Issues of security in cloud computing has been identified as a significant obstacle involved in adopting it. The grouping of cloud computing can be done into multiple tenancy issues, account control, management of console security, malicious insiders, accountability, recovery, exploitation of bug, privacy, segregation of data, and sensitive accessibility of data (ENISA, 2009). There are a number of other risks and challenges involved in the cloud computing that result in the compromise of security that has to be considered for building trusting amongst the base of customers with respect to the technology of cloud computing.

Challenges and Risks in Cloud Computing

Very common and crucial challenges of security had been described by Akhil Behl. There are a number of threats related to security which comes from within and beyond the environment of consumer or cloud providers (Gobi, 2013). These have been classified within the insider threats. However, outsider threats include loss of data, issues regarding multiple tenancy, malicious attacks, disruption of service and loss of control as well. There is a need for adopting the feature of security within the environment of cloud for the protection of the virtual infrastructure of the cloud.

According to the seven issues of cloud identified of Gartner, it is extremely important for addressing certain attacks of leakage in data such as the attacks on Denial of Service (Gökay, 2010). Successfully implementing the cloud computing in the enterprise need appropriate understanding and planning related to the emergence of vulnerabilities, threats, risks and possible counter- measures. Enterprises should be analyzing the threats, risks and available countermeasures with respect to security in the organization before the adoption of technology.

Cloud computing contributes in providing efficiency, flexibility and cost effectiveness within the services. However, there is no 100 per cent guarantee for the security it provides. The most significant concerns with respect to cloud computing are security and privacy. There are a number of issues related to security in cloud computing. Out of a number of issues related to security, security of data has been identified as a major obstacle in adapting the services of cloud computing (Hashizume and Fernandez, 2013). Security of data in cloud computing is extremely important for ensuring that there has been no accessibility of the data under the presence of an unauthorized individual. The most important issues related to the security of data will be discussed further ahead in this section of the report.

It has been identified as one of the most crucial issues in the security of cloud. Integrity of data contributes in describing the completeness or wholeness of the data. The achievement of this can be easily done in the system that stands along by utilizing the properties of ACID. But it cannot be considered as being easy for achieving the integrity of data in the environment of cloud as the management of transaction is amongst the biggest issues in the services of web (Hocenski, 2010). Even though there is availability of standards such as WS- Transaction and WS- Reliability towards managing the integrity of data with the services of web, but these are still in the period of maturation (Kaleeswaran, 2012). Damage being caused to the data that has been stored within the cloud may take place in the duration of transaction with respect to the absence of control in integrity of the cloud. As a solution for this particular issue, the protocol of Byzantine fault- tolerant replication has been suggested as being highly significant.

Data is stored by consumers on cloud without the knowledge of as to where the data is being stored. Locality of data is highly important as majority of the enterprises do not show willingness towards the storage of data within the location beyond the nation. In such a case, an agreement is presented, approved and signed between the provider of cloud and the customer who is showing willingness for the storage of data at a specific server or location (Khanna and Jaiswal, 2013). Model of cloud should be ensuring reliability and security of the data being located. Location of data for the storage of data over the cloud has been identified as a major issue from the perspective of gaining the trust of clients and securing the data. Location for the storage of data within the cloud can be given priority in accordance with the requirements or wish of the users (Meinel, 2010). User will be defining as to which data of the user is non- sensitive and which one is sensitive in nature. There is a need for providing an interface to the users in the duration of storing data that consists of checking the level at which data is sensitive and data has to be stored in accordance with the wish of the users for the sensitivity of data.

Security Risks in Cloud Computing

Cloud computing contributes in providing an environment to the users where the data can be hosted by them. Unauthorized ability for the accessibility of crucial data of the enterprise can result in causing major disaster (Owens, 2010). Therefore, it is the responsibility of the cloud providers for guaranteeing that the accessibility of the data will only be in the hands of the legitimate users. Achievement of confidentiality in data can be done by the encryption. The provider of cloud should be implementing authentication with high suitability and the mechanism of accounting for the achievement of confidentiality and should be assuring the user of cloud that there is confidentiality and safety of the data (Viega, 2009). A solution for the confidentiality of data had been proposed that has been termed as Silver line. This is a combination technology that is in consideration of data from the end- to- end encryption by the organization or the owner and the users or the customers.

Even though the adoption of cloud computing is focused on the provision of significant advantages to the enterprises, but due to the fear of leakage in data, majority of them hold back to adopt these. Leakage of data has been becoming one of the most significant concern from the point- of- view of security (Liu and Meng, 2011). Cloud has been identified as an external party where there is hosting the data of customer, and has the potentiality of accessing the data of customer. The environment of cloud contributes in providing sharing of resources, so it appears as being highly risky for the movement of data within the hands of the one providing cloud. Data being stored at the cloud is a part of the shared environment, so the hacking becomes extremely simply either because of accidental factors or malicious hackers. The cloud computing of present day has evolved in a number of ways that includes infrastructure, computing, storage and open APIs in combination (Mell, 2010). Cloud computing cannot be considered as being attractive only for the large scale enterprises, but also the startups, small enterprises, medium enterprises and entrepreneurs who would be availing huge benefits for their business by cloud computing.

Another significant concern related to cloud computing has been identified as services being available. Availability of data is referred to as a term utilized by certain manufacturers of computer storage and providers of storage service for describing the services and products that help in ensuring that there is continuous availability of data at the needed level for initiation of activities in certain situations that range from being normal to disastrous in nature (Pendse, 2010). In general context, the achievement for the availability of data is done by the involvement of redundancy where there is storage of data and how it can be assessed in a safe and secure way. The data being unavailable may result in the outages of services. These types of incidents have been experienced by Gmail and Amazon S3 (Rahman, 2011). Therefore, it can be stated that policies for the strong recovery of data are an extremely important requirement. Two extremely important approaches for the provision of making data available are the network of storage area (SAN) and storage attached to the network (NAS).

Conclusion

Provider of cloud must be focused on ensuring that the data of each and every client is being backed up in a number of different servers in a number of different copies on regular basis for the provision of recovery within the situations of disaster such as failure of hardware (Rosenblum, 2005). For the prevention of accidental leakage in the data that has been backed up, there can be a utilization of strong schemes of encryption. Some techniques for the recovery and back- up of data include replacement strategy of hot and cold back- up services (CBSRS), Technique of parity cloud service (PCS), and technology of High Security Rake and Distribution (HS-DRT) (Schiffman, 2010). The development of all of these techniques has been done under the domain of cloud.

There is a need for providing an interface to the users in the duration of storing data that consists of checking the level at which data is sensitive and data has to be stored in accordance with the wish of the users for the sensitivity of data. Damage being caused to the data that has been stored within the cloud may take place in the duration of transaction with respect to the absence of control in integrity of the cloud (Viega, 2009). As a solution for this particular issue, the protocol of Byzantine fault- tolerant replication has been suggested as being highly significant.

A solution for the confidentiality of data had been proposed that has been termed as Silver line. This is a combination technology that is in consideration of data from the end- to- end encryption by the organization or the owner and the users or the customers. It can be stated that policies for the strong recovery of data are an extremely important requirement. Two extremely important approaches for the provision of making data available are the network of storage area (SAN) and storage attached to the network (NAS) (Vaikuntanathan, 2011). Some techniques for the recovery and back- up of data include replacement strategy of hot and cold back- up services (CBSRS), Technique of parity cloud service (PCS), and technology of High Security Rake and Distribution (HS-DRT). The development of all of these techniques has been done under the domain of cloud.

  • What are the major risks of security in Cloud Computing for the users?
  • How can these risks and issues be avoided in a significant manner? What are the techniques available for this concern?
  • To what limit can the risks of security impact the users of Cloud Computing?

The problem of research helps in identifying the concern which requires further investigation within the research. In this paper of research, the problem of research is focused on identifying the major issues of security being encountered by the providers or the users of cloud computing. Cloud computing involves an external system for the storage of data and relying upon the public internet that is focused on the enhancement of risks that have been threatening the security of the providers or users.

The research methodologies used for the final presentation of this research involved three different phases. The first phase involved the presentation of a systematic review on the literature with appropriate analysis. The second phase is the methodology of research used for the collection of data in a significant manner in order to ensure accurate results and discussions. For the purpose of the collection of data, surveys and interviews had been conducted at the level of the entire industry. The narrative analysis of this data collected by conducting interviews will be done in a significant manner. The third phase will be involving a comparative analysis for answering the research questions stated above. Systematic literature review is an important source for the identification, evaluation and interpretation of all of the related available research important for the completion of this specific research and phenomena of interest (Schiffman, 2010).

References

In this particular part of the research, there will be collection of data with the help of appropriate methods for ensuring there is high accuracy of the final results and discussions for understanding the challenges and issues with the technology of cloud computing from the perspective of practitioners. For the purpose of collecting the data, there has been the utilization of quantitative method that includes the conduction of interviews that have been structured in a well manner.

There has been conduction of 8 interviews in- depth that have been semi- structured with the individuals of a number of different roles and team in two different companies within the industry. Both the companies are based in Canada that have been specializing in the cloud computing as the technology that is still emerging. The first set of interviewees has been selected in a collaborative manner by the liaisons and researchers within the organizations. Then for selecting the set of next groups for conducting the interviews, there had been utilization of snowball sampling. This method of sampling uses suggestions and comments from the interviewees for guiding the process of selection related to the interviewees.

 In general sense, the interviewees had first been asked questions for describing the roles played by them as an individual of the organization and the responsibilities held by their team. Then, these interviewees were asked questions regarding how they define cloud computing from the technical point- of- view, what motivates them behind the adoption of cloud, the benefits of being significantly involved with the emergence of cloud computing, and the challenges and issues faced by them or their customers with respect to the utilization of cloud. The interviews lasted for a duration of 20 to 30 minutes each. These interviews had been transcribed and audio- taped. The phase for the collection of data had been stopped when there had been no involvement of new and different insights related to the research. This resulted in saving a large duration of time for the interviews.

For the completion of this particular research, there been an inclusion of analysis for the data collected by conducting the interviews. The data that had been collected was analysis by the iteration of codes that had been assigned. These codes had been refined further ahead as there was an increased need for coding more data. By the end of this phase, there had been utilization of approximately 30 different codes in total for tagging the data that had been collected in a significant manner. These particular contributed in providing an effective reflection of the challenges and issues related to cloud computing that is highly important for this particular research. These had been divided into three different categories that included security, portability and performance. However, the identification of these codes had been done before the identification of categories related to the challenges identified and stated in the review of literature.

In the next step of this particular phase, there had been classification of 20 different codesunder, the category that had been established in the review of literature. In case, the already present categories had not been suitable in accordance with the issue identified, new codes for classification had been established (Srinivasan, 2008). The theme for the classification and categorization of data had been done with an intension of comparing the finding with each and every part of the research, with identifying and studying the differences and similarities.

APIs have been identified as the interface being used by the customers for interacting with the services of cloud in both the organizations. In order to secure the function of processing, it has been identified that there is a need for having access control, mechanisms of encryption and verification of security, particularly when third parties begin to be built on these as a base (Stocker, 2011). For the analysis of this content, there had been a need for analyzing the model of security over the interfaces of cloud provider, ensuring access controls and strong authentication are being implemented within the performance with the transmission of encryption (Viega, 2009). In addition to this, there had been an increased need for understanding the level at which the chain related to the API is being dependent upon. Hence, it has been found that cloud computing, as a whole, combines a number of different and important technologies that have matured and evolved with the passage of time. The cloud computing of present day has evolved in a number of ways that includes infrastructure, computing, storage and open APIs in combination.

Further ahead, the issue that had been the most significant in the case of company 1 was related to the loss of data (Subashini and Kavitha, 2011). This took place when data was deleted in the absence of any backup or encoding the key unauthorized or loss access, data always ended up in being in danger as it simply ended up being stolen or lost. Hence, it can be stated that provider of cloud must be focused on ensuring that the data of each and every client is being backed up in a number of different servers in a number of different copies on regular basis for the provision of recovery within the situations of disaster such as failure of hardware (Sudha and Monica, 2010). For the prevention of accidental leakage in the data that has been backed up, there can be a utilization of strong schemes of encryption.

For providing solution related to this problem, there had been a need for implementing the fault free access control of API, mechanism utilized for protection and encryption of data being secured, analysis for the protection of data done at both events, designing and running out of time. There had also been an increased need for considering the strategies of preservation and provider back up, and the way in which these had been defined (Vaikuntanathan, 2011).

Hence, it can be stated that both of these issues is a highly significant threat to both the organizations, in addition to the other risks of security identified in the review of literature. Cloud computing contributes in providing efficiency, flexibility and cost effectiveness within the services. However, there is no 100 per cent guarantee for the security it provides. The most significant concerns with respect to cloud computing are security and privacy (Tarakji, 2011). There are a number of issues related to security in cloud computing. Out of a number of issues related to security, security of data has been identified as a major obstacle in adapting the services of cloud computing. But still, the providers of cloud service face a number of problems such as full information for securing the user, so these type of system must be in existence for securing the information in a significant manner all across the industry.

Even though the review on literature had been presented in a systematic manner, there are a number of factors that might have contributed in increasing the level of subjectivity with respect to the finding. Firstly, the choice being made for the string of search could have been excluding the papers, creating discussion on challenges and issues but in the absence of necessarily statin that in an explicit manner within the title. Utilizing the title within the search helped in the reduction of noise in a significant manner, as otherwise, any specific paper that included the term “issue” and the term “cloud”, for an instance might end up being returned that results in providing approximately 25000 research papers, and majority of these had been irrelevant.

In the similar manner, considering the interviews conducted, classification and coding are both the processes related to subjectivity. An attempt had been made for the mitigation of this issue by the involvement of a number of researchers within these types of activities. This review on literature had also been restricted in the fact that it does not take into consideration data related to the last few month of the year 2014. This might have resulted in affecting the accuracy of results that leads towards an incomplete view related to the latest trends.

Conclusion

The cloud computing of present day has evolved in a number of ways that includes infrastructure, computing, storage and open APIs in combination. Cloud computing cannot be considered as being attractive only for the large scale enterprises, but also the startups, small enterprises, medium enterprises and entrepreneurs who would be availing huge benefits for their business by cloud computing (Townsend, 2009). Issues of security in cloud computing has been identified as a significant obstacle involved in adopting it.

The grouping of cloud computing can be done into multiple tenancy issues, account control, management of console security, malicious insiders, accountability, recovery, exploitation of bug, privacy, segregation of data, and sensitive accessibility of data. There are a number of other risks and challenges involved in the cloud computing that result in the compromise of security that has to be considered for building trusting amongst the base of customers with respect to the technology of cloud computing (Vaikuntanathan, 2011). There has been conduction of 8 interviews in- depth that have been semi- structured with the individuals of a number of different roles and team in two different companies within the industry.

Both the companies are based in Canada that have been specializing in the cloud computing as the technology that is still emerging. Another significant concern related to cloud computing has been identified as services being available. Availability of data is referred to as a term utilized by certain manufacturers of computer storage and providers of storage service for describing the services and products that help in ensuring that there is continuous availability of data at the needed level for initiation of activities in certain situations that range from being normal to disastrous in nature (Valdez, 2009). In general context, the achievement for the availability of data is done by the involvement of redundancy where there is storage of data and how it can be assessed in a safe and secure way.

References

Curran, K. (2011). Cloud Computing Security. International Journal of Ambient Computing and Intelligence, 3(1), pp. 38–46.

ENISA, (2009). Cloud Computing: benefits, risks and recommendations for information Security.

Fernandez, E. (2013). “Three misuse patterns for Cloud Computing,” In: Rosado DG, Mellado D, Fernandez-Medina E, Piattini M (ed) Security engineering for Cloud Computing: approaches and Tools. IGI Global, Pennsylvania, United States, pp 36–53

Gobi, M. (2013). An Approach for Secure Data Storage in Cloud Environment. IJCCE, pp.206-209.

Gökay, S. (2010). “Security challenges in Cloud Computing,” In: Proceedings of the 2010 International conference on Security and Management SAM’10. CSREA Press, Las Vegas, US, pp 36–42

Hashizume, K. and Fernandez, E. (2013). An analysis of security issues for cloud computing. Journal of Internet Services and Applications, [online] 4(5), pp.1-13. Available at: https://www.jisajournal.com/content/4/1/5 [Accessed 22 Dec. 2014].

Hocenski, Z. (2010). “Cloud Computing Security issues and challenges,” In: Proceedings of the 33rd International convention MIPRO. IEEE Computer Society Washington DC, USA, pp. 344–349.

Kaleeswaran, S. (2012). On covert channels between virtual machines. Journal in Computer Virology Springer, 8, pp. 85–97.

Khalid, A. (2010). “Cloud Computing: applying issues in Small Business,” In: International Conference on Signal Acquisition and Processing (ICSAP’10), pp 278–281.

Khanna, L. and Jaiswal, A. (2013). Cloud Computing: Security Issues And Description Of Encryption Based Algorithms To Overcome Them. International Journal of Advanced Research in Computer Science and Software Engineering, 3(3), pp. 279-283.

Liu, S. and Meng, X. (2011). Towards High Maturity in SaaS Applications Based on Virtualization. International Journal of Information Systems in the Service Sector, 3(4), pp.39-53.

Meinel, C. (2010). “Infrastructure as a service security: Challenges and solutions,” In: the 7th International Conference on Informatics and Systems (INFOS), Potsdam, Germany. IEEE Computer Society, Washington, DC, USA, pp 1–8

Mell, P. (2010). State of Security readiness. Crossroads 16(3), pp. 23–25.

Müller, I. (2010). “An analysis of the Cloud Computing Security problem,” In: Proceedings of APSEC 2010 Cloud Workshop. APSEC, Sydney, Australia.

Ning, P. (2009). “Managing Security of virtual machine images in a Cloud environment,” In: Proceedings of the 2009 ACM workshop on Cloud Computing Security. ACM New York, NY, USA, pp. 91–96

Onwubiko, C. (2010). “Security issues to Cloud Computing,” In: Antonopoulos N, Gillam L (ed) Cloud Computing: principles, systems & applications. 2010, Springer-Verlag

Owens, D. (2010). Securing Elasticity in the Cloud. Queue, 8(5), p.10.

Pendse, R. (2010). “Security in multi-tenancy cloud,” In: IEEE International Carnahan Conference on Security Technology (ICCST), KS, USA. IEEE Computer Society, Washington, DC, USA, pp 35–41.

Rahman, S. (2011). An overview of the Security concerns in Enterprise Cloud Computing. International Journal of Network Security & Its Applications (IJNSA), 3(1), pp. 30–45.

Rosenblum, M. (2005). “When virtual is harder than real: Security challenges in virtual machine based computing environments,” In: Proceedings of the 10th conference on Hot Topics in Operating Systems, Santa Fe, NM. Vol. 10. USENIX Association Berkeley, CA, USA, pp 227–229

Schiffman, J. (2010). Outlook: cloudy with a chance of Security challenges and improvements. IEEE Security Privacy, 8(1), pp. 77–80.

Srinivasan, D. (2008). TVDc: managing Security in the trusted virtual datacenter. SIGOPS Oper. Syst. Rev., 42(1), pp. 40–47.

Stocker E (2011). Understanding Cloud Computing vulnerabilities. IEEE Security Privacy, 9(2), pp. 50–57.

Subashini, S. and Kavitha, V. (2011). A survey on security issues in service delivery models of cloud computing. Journal of Network and Computer Applications, 34(1), pp.1-11.

Sudha, M., and Monica, M. (2010). A Comprehensive Approach to Ensure Secure Data Communication in Cloud Environment. International Journal of Computer Applications, 12(8), pp.19-23.

Tarakji, A. B. (2011). “A survey of risks, threats and vulnerabilities in Cloud Computing,” In: Proceedings of the 2011 International conference on intelligent semantic Web-services and applications. Amman, Jordan, pp 1–6.

Townsend, M. (2009). “Managing a security program in a cloud computing environment,” In: Information Security Curriculum Development Conference, Kennesaw, Georgia. ACM New York, NY, USA, pp. 128–133.

Vaikuntanathan, V. (2011). “Can homomorphic encryption be practical?” In: Proceedings of the 3rd ACM workshop on Cloud Computing Security workshop. ACM New York, NY, USA, pp 113–124.

Valdez, E. (2009). Security for the Cloud infrastructure: trusted virtual data center implementation. IBM J Res Dev 53(4), pp. 560–571

Viega, J. (2009). Cloud Computing and the common Man. Computer, 42(8), pp. 106–108.