32nd Brazilian Symposium on
Computer Networks and Distributed Systems

Florianopolis - Brazil, May 5-9, 2014
Short Course 5: Análise de Segurança para Soluções de Computação em Nuvem.

Authors: Charles Miers (UFSC), Marcos Simplicio Jr, Tereza Carvalho (USP), Guilherme Koslovski (UDESC), Marco Rojas (USP), Bruno Rodrigues (UDESC), Leonardo Horn Iwaya, Bruno Barros (USP)

Date and Time: May 9, 2014 (Friday), 8:30am to 12:00pm


Cloud computing solutions are increasingly adopted by companies and government from several sectors of the economy. In this scenario, the choice of cloud solutions can occur either by hiring an external service (public or community cloud) or by creating an own cloud to provide services only for this institution (private cloud). Even though the cloud technology does bring some interesting benefits for its users, the security aspects related to cloud computing solutions are not always fully understood before hiring such service or even during its operation. The goal of this document is, building on theoretical research and practical experience, to present the main security issues related to cloud computing. We review the main concepts of cloud computing, focusing the discussion on the key issues and safety standards specific to this scenario. Finally, aiming to illustrate how this body of knowledge can be used in practice, we present a case study in which we analyze the API communications on the OpenStack Havana solution.