Title: About PaaS security
Authors: Donghoon Kim; Henry E. Schaffer; Mladen Alan Vouk
Addresses: Department of Computer Science, Arkansas State University, Jonesboro, AR, USA ' Office of Information Technology, North Carolina State University, Raleigh, NC, USA ' Department of Computer Science, North Carolina State University, Raleigh, NC, USA
Abstract: Platform as a service (PaaS) provides middleware resources to cloud customers. As demand for PaaS services increases, so do concerns about the security of PaaS. This paper discusses principal PaaS security and integrity requirements, and vulnerabilities and the corresponding countermeasures. We consider three core cloud elements - multi-tenancy, isolation, and virtualisation and how they relate to PaaS services and security trends and concerns such as user and resource isolation, side-channel vulnerabilities in multi-tenant environments, and protection of sensitive data and recommend a number of effective procedures which can help in providing security.
Keywords: platform as a service; PaaS; cloud; vulnerability; countermeasure; vitalisation; isolation; multi-tenancy; side-channel attacks; data integrity.
International Journal of Cloud Computing, 2017 Vol.6 No.4, pp.325 - 341
Accepted: 07 Sep 2017
Published online: 23 Feb 2018 *