1. CLOUD COMPUTING SECURITY: AMAZON WEB SERVICE
Narula, S., & Jain, A. (2015, February). Cloud computing security: Amazon web service. In 2015 Fifth International Conference on Advanced Computing & Communication Technologies (pp. 501-505). ieee.
This article focuses on how AWS (Amazon Web Service) cloud computing works. The author first reviews security research in the field of cloud security, expounding that the focus in cloud computing is security around data, access, and privacy protection. It then analyzes to readers how AWS provides network security, building real-time sliding window dashboards on streaming data, protecting data with encryption, backup and recovery methods and other functions. Finally, the article demonstrates that security should be a core operation, not an additional operation, and recognizes AWS’s outstanding performance in the field of cloud computing. This article can be seen as an introduction to the principles of AWS, which is friendly to newcomers, but has obvious limitations. , which only emphasizes the technologies that AWS is good at, and does not mention more and more comprehensive cloud security-related technologies.
2. Cloud Threat Defense – a Threat Protection and Security Compliance Solution
Bharadwaj, D. R., Bhattacharya, A., & Chakkaravarthy, M. (2018, November). Cloud threat defense–a threat protection and security compliance solution. In 2018 IEEE International Conference on Cloud Computing in Emerging Markets (CCEM) (pp. 95-99). IEEE.
This paper proposes a cloud-native and scalable cloud security solution by exploring the security issues related to cloud computing. The authors first investigate some of the key research challenges of cloud security solutions in securing dynamic cloud environments, followed by comparisons with traditional models. Through the analysis of security threats in cloud computing, the author divides the countermeasures into the following categories–Poor Identity and Access Management; Workload threats and Network threats. Finally, according to the classification, a practical solution is provided to overcome cloud providers and consumers challenges in protecting its data and valuable assets. The limitations of this paper are also obvious, the description of security threats is not detailed enough and too abstract; after the classification, the countermeasures are directly discussed and the principle analysis is less. The final solution is more of a method rollup than a new method.