Title: About PaaS security

Authors: Donghoon Kim; Henry E. Schaffer; Mladen Alan Vouk

Addresses: Department of Computer Science, Arkansas State University, Jonesboro, AR, USA ' Office of Information Technology, North Carolina State University, Raleigh, NC, USA ' Department of Computer Science, North Carolina State University, Raleigh, NC, USA

Abstract: Platform as a service (PaaS) provides middleware resources to cloud customers. As demand for PaaS services increases, so do concerns about the security of PaaS. This paper discusses principal PaaS security and integrity requirements, and vulnerabilities and the corresponding countermeasures. We consider three core cloud elements - multi-tenancy, isolation, and virtualisation and how they relate to PaaS services and security trends and concerns such as user and resource isolation, side-channel vulnerabilities in multi-tenant environments, and protection of sensitive data and recommend a number of effective procedures which can help in providing security.

Keywords: platform as a service; PaaS; cloud; vulnerability; countermeasure; vitalisation; isolation; multi-tenancy; side-channel attacks; data integrity.

DOI: 10.1504/IJCC.2017.090200

International Journal of Cloud Computing, 2017 Vol.6 No.4, pp.325 - 341

Available online: 23 Feb 2018 *

Full-text access for editors Access for subscribers Purchase this article Comment on this article