ZTE Communications ›› 2017, Vol. 15 ›› Issue (2): 42-47.DOI: 10.3969/j.issn.1673-5188.2017.02.006

• Review • Previous Articles     Next Articles

A Survey on Cloud Security

WU Chunming, LIU Qianjun, LI Yuwei, CHENG Qiumei, ZHOU Haifeng   

  1. College of Computer Science and Technology, Zhejiang University, Hangzhou 310058, China
  • Received:2016-10-24 Online:2017-04-25 Published:2019-12-24
  • About author:WU Chunming (wuchunming@zju.edu.cn) received the Ph.D. degree in computer science from Zhejiang University in 1995. He is currently a professor with the College of Computer Science and Technology of Zhejiang University, and the Associate Director of the Research Institute of Computer System Architecture and Network Security. His research fields include Software-Defined Network, reconfigurable networks, proactive network defense, cloud security, network virtualization, and intelligent networks.|LIU Qianjun (liuqj0522@163.com) is now a Ph.D. candidate at the College of Computer Science, Zhejiang University, Hangzhou, China. Her research interests involve cloud security, big data security and smart security analytics.|LI Yuwei (liyuwei@zju.edu.cn) is now a Ph.D. candidate at the College of Computer Science, Zhejiang University, Hangzhou, China. Her research interests involve system security, code security and smart security.|CHENG Qiumei (chengqiumei@zju.edu.cn) is currently pusuing the Ph.D. degree with the College of Computer Science and Technology, Zhejiang University, Hangzhou, China. Her research interests include cloud security, software-defined security, network virtualization, software-defined networks, and proactive network defense.|ZHOU Haifeng (zhouhaifeng@zju.edu.cn) is currently pursuing the Ph.D. degree with the College of Computer Science and Technology, Zhejiang University, Hangzhou, China. His research interests include software-defined networks, software-defined network security, cloud security, proactive network defense, intelligent networks and security systems, network traffic engineering, and innovative network and security technologies.
  • Supported by:
    This work was supported by the National Key Research and Development Program of China under Grant the Fundamental Research Funds for the Central Universities, and the ZTE Industry-Academia-Research Cooperation Funds.(2016YFB0800102);the National High Technology Research Program of China under Grant(2015AA016103);the Fundamental Research Funds for the Central Universities;the ZTE Industry-Academia-Research Cooperation Funds

Abstract:

Cloud computing system packages infrastructures, applications and other resources as services, and delivers the services to market in an elastic and fast way. The significant advantages of cloud computing, e.g., scalability, elasticity, and pay-per-use, bring it considerable commercial values. Nevertheless, owing to the new application scenario, e.g., multi-tenant, cloud computing is encountering potential security risks. This paper reviews the state-of-art research in cloud security. According to the attack levels, it analyzes four kinds of attacks in the cloud, i.e., network-based attacks, VM-based attacks, storage-based attacks, and application-based attacks. The countermeasures and corresponding techniques are then introduced. Furthermore, this paper also discusses an innovative and promising solution for cloud security by dynamically changing system configuration.

Key words: cloud computing, security, virtualization, storage