Given the increasing popularity of cloud computing, it is important to provide the means to make its use as convenient and effective as possible. Two of the main concerns are security and availability, and this article introduces three aspects that contribute to improving the quality of these requirements. An interesting quality aspect of data, rarely mentioned, is freshness, ensuring that retrieved data always reflects the most recent updates. The first idea introduced is an authenticated file system intended for the secure migration of existing file systems that ensures their integrity and freshness. A second approach is to add an external entity acting on behalf of the customers to make sure the provider complies with predefined security policies. The final proposal involves a way to increase data availability by distributing copies of the data over several clouds. The article also mentions some topics that require more research, for example, control of confidentiality.
Based on these ideas, the authors propose a security architecture for clouds. However, this architecture leaves out important aspects due to its narrow focus. Cloud security requires a holistic view of the complete architecture. For example, their proposed solution to confidentiality requires processing the data in encrypted form, a currently impractical approach. Why not use an authorization system? Their definition of availability considers only system crashes and not denial-of-service attacks, another aspect needed in a commercial cloud.
The article is clear and well organized, and should be of interest to those who study cloud system security.