Investigation of IT Security and Compliance Challenges in Security-as-a-Service for Cloud Computing

Hussain Al-Aqrabi, Lu Liu, Jie Xu, Richard Hill, Nick Antonopoulos, Yongzhao Zhan

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

34 Citations (Scopus)

Abstract

The key security challenges and solutions on the cloud have been investigated in this paper with the help of literature reviews and an experimental model created on OPNET that is simulated to produce useful statistics to establish the approach that the cloud computing service providers should take to provide optimal security and compliance. The literatures recommend the concept of Security-as-a-Service using unified threat management (UTM) for ensuring secured services on the cloud. Through the simulation results, this paper has demonstrated that UTM may not be a feasible approach to security implementation as it may become a bottleneck for the application clouds. The fundamental benefits of cloud computing (resources on demand and high elasticity) may be diluted if UTMs do not scale up effectively as per the traffic loads on the application clouds. Moreover, it is not feasible for application clouds to absorb the performance degradation for security and compliance because UTM will not be a total solution for security and compliance. Applications also share the vulnerabilities just like the systems, which will be out of UTM cloud’s control.
Original languageEnglish
Title of host publication2012 15th IEEE International Symposium on Object/Component/Service-Oriented Real-Time Distributed Computing Workshops (ISORCW)
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages124-129
Number of pages6
ISBN (Electronic)9780769546698
ISBN (Print)9781467309004
DOIs
Publication statusPublished - 10 May 2012
Externally publishedYes
EventIEEE 15th International Symposium on Object/Component/Service-Oriented Real-Time Distributed Computing Workshops - Shenzen, China
Duration: 11 Apr 201211 Apr 2012
Conference number: 15

Conference

ConferenceIEEE 15th International Symposium on Object/Component/Service-Oriented Real-Time Distributed Computing Workshops
Abbreviated titleISORC 2012
Country/TerritoryChina
CityShenzen
Period11/04/1211/04/12

Fingerprint

Dive into the research topics of 'Investigation of IT Security and Compliance Challenges in Security-as-a-Service for Cloud Computing'. Together they form a unique fingerprint.

Cite this