On Cloud Security and Usability: How Do We Make Security Usable?

Open Access
Author:
Aiken, William V
Area of Honors:
Security and Risk Analysis
Degree:
Bachelor of Science
Document Type:
Thesis
Thesis Supervisors:
  • Jungwoo Ryoo, Thesis Supervisor
  • David R M Barnes, Faculty Reader
  • Laura Rotunno, Honors Advisor
Keywords:
  • cloud computing
  • software engineering
  • data sharing
  • software architecture
  • encryption
  • security
  • usability
Abstract:
The rapid adoption of cloud computing means an unprecedented amount of sharing technological resources. In an architecture that relies on systematic sharing, it is absolutely crucial to design robust cloud systems with measurable security patterns built into them in order to provide adequate audits and reviews of security performance. And yet even now security is frequently reported as the number one concern when enterprises turn to cloud based solutions. This hesitancy applies to global corporations with a large number of employees as well as small businesses and even the average end user. As a result of increasingly rapid adoption, cloud service providers cannot expect all users to fully understand the security patterns and practices or how to take full advantage of them. This paper reviews the current architecture and its approach to auditable security mechanisms for cloud based platforms, and it also takes an in-depth look at how to achieve understandable and usable security tools for the average, uninterested end users. From there, the research covers several mechanisms for implementing usable security on cloud platforms with a special focus on how to design cloud systems via secure software engineering patterns.