{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,12,22]],"date-time":"2025-12-22T22:06:58Z","timestamp":1766441218035,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":32,"publisher":"ACM","license":[{"start":{"date-parts":[[2011,10,21]],"date-time":"2011-10-21T00:00:00Z","timestamp":1319155200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2011,10,21]]},"DOI":"10.1145\/2046660.2046664","type":"proceedings-article","created":{"date-parts":[[2011,10,25]],"date-time":"2011-10-25T12:23:06Z","timestamp":1319545386000},"page":"3-14","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":90,"title":["All your clouds are belong to us"],"prefix":"10.1145","author":[{"given":"Juraj","family":"Somorovsky","sequence":"first","affiliation":[{"name":"Horst G\u00f6rtz Institute for IT-Security, Ruhr-University, Bochum, Germany"}]},{"given":"Mario","family":"Heiderich","sequence":"additional","affiliation":[{"name":"Horst G\u00f6rtz Institute for IT-Security, Ruhr-University, Bochum, Germany"}]},{"given":"Meiko","family":"Jensen","sequence":"additional","affiliation":[{"name":"Horst G\u00f6rtz Institute for IT-Security, Ruhr-University, Bochum, Germany"}]},{"given":"J\u00f6rg","family":"Schwenk","sequence":"additional","affiliation":[{"name":"Horst G\u00f6rtz Institute for IT-Security, Ruhr-University, Bochum, Germany"}]},{"given":"Nils","family":"Gruschka","sequence":"additional","affiliation":[{"name":"NEC Europe Ltd., Heidelberg, Germany"}]},{"given":"Luigi","family":"Lo Iacono","sequence":"additional","affiliation":[{"name":"Faculty of Information, Media and Electrical Engineering, Cologne University of Applied Sciences, Cologne, Germany"}]}],"member":"320","published-online":{"date-parts":[[2011,10,21]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"Eucalyptus. http:\/\/open.eucalyptus.com\/.  Eucalyptus. http:\/\/open.eucalyptus.com\/."},{"key":"e_1_3_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.1109\/CSF.2010.27"},{"key":"e_1_3_2_1_3_1","volume-title":"OWASP AppSec Research","author":"Balduzzi M.","year":"2010","unstructured":"Balduzzi , M. New Insights Into Clickjacking . In OWASP AppSec Research ( 2010 ). Balduzzi, M. New Insights Into Clickjacking. In OWASP AppSec Research (2010)."},{"key":"e_1_3_2_1_4_1","volume-title":"XML Signature Syntax and Processing","author":"Bartel M.","year":"2008","unstructured":"Bartel , M. , Boyer , J. , Fox , B. , LaMacchia , B. , and Simon , E . XML Signature Syntax and Processing ( Second Edition). W3C Recommendation ( 2008 ). http:\/\/www.w3.org\/TR\/2008\/REC-xmldsig-core-20080610\/. Bartel, M., Boyer, J., Fox, B., LaMacchia, B., and Simon, E. XML Signature Syntax and Processing (Second Edition). W3C Recommendation (2008). http:\/\/www.w3.org\/TR\/2008\/REC-xmldsig-core-20080610\/."},{"key":"e_1_3_2_1_5_1","volume-title":"IADIS Applied Computing 2008 (Apr.","author":"Benameur A.","year":"2008","unstructured":"Benameur , A. , Kadir , F. A. , and Fenet , S . XML Rewriting Attacks: Existing Solutions and their Limitations . In IADIS Applied Computing 2008 (Apr. 2008 ), IADIS Press . Benameur, A., Kadir, F. A., and Fenet, S. XML Rewriting Attacks: Existing Solutions and their Limitations. In IADIS Applied Computing 2008 (Apr. 2008), IADIS Press."},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1145\/1030083.1030120"},{"key":"e_1_3_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1145\/1103022.1103024"},{"key":"e_1_3_2_1_8_1","volume-title":"SOAP 1.1. W3C Note","author":"Box D.","year":"2000","unstructured":"Box , D. , Ehnebuske , D. , Kakivaya , G. , Layman , A. , Mendelsohn , N. , Nielsen , H. F. , Thatte , S. , and Winer , D . SOAP 1.1. W3C Note ( 2000 ). Box, D., Ehnebuske, D., Kakivaya, G., Layman, A., Mendelsohn, N., Nielsen, H. F., Thatte, S., and Winer, D. SOAP 1.1. W3C Note (2000)."},{"key":"e_1_3_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1109\/MSP.2009.12"},{"key":"e_1_3_2_1_10_1","volume-title":"OASIS","author":"Chinnici R.","year":"2004","unstructured":"Chinnici , R. , Weerawarana , S. , Moreau , J.-J. , and Ryman , A . Web Services Description Language (WSDL) Version 2.0 Part 1: Core Language. Tech. rep ., OASIS , Mar. 2004 . Chinnici, R., Weerawarana, S., Moreau, J.-J., and Ryman, A. Web Services Description Language (WSDL) Version 2.0 Part 1: Core Language. Tech. rep., OASIS, Mar. 2004."},{"key":"e_1_3_2_1_11_1","volume-title":"XML Schema Part 0: Primer","author":"Fallside D. C.","year":"2004","unstructured":"Fallside , D. C. , and Walmsley , P . XML Schema Part 0: Primer Second Edition. W3C Recommendation ( 2004 ). Fallside, D. C., and Walmsley, P. XML Schema Part 0: Primer Second Edition. W3C Recommendation (2004)."},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICWS.2009.12"},{"key":"e_1_3_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.1145\/1314418.1314425"},{"key":"e_1_3_2_1_14_1","volume-title":"IT Cloud Services User Survey, pt.2: Top Benefits & Challenges. IDC eXchange","author":"Gens F.","year":"2008","unstructured":"Gens , F. IT Cloud Services User Survey, pt.2: Top Benefits & Challenges. IDC eXchange ( 2008 ). Gens, F. IT Cloud Services User Survey, pt.2: Top Benefits & Challenges. IDC eXchange (2008)."},{"key":"e_1_3_2_1_15_1","volume-title":"Jul.","author":"Goldsmith D.","year":"1994","unstructured":"Goldsmith , D. , and Davis , M . RFC 1642: UTF-7 -- A Mail-Safe Transformation Format of Unicode , Jul. 1994 . Goldsmith, D., and Davis, M. RFC 1642: UTF-7 -- A Mail-Safe Transformation Format of Unicode, Jul. 1994."},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICWS.2009.70"},{"key":"e_1_3_2_1_17_1","volume-title":"W3C","author":"Hallam-Baker P.","year":"2007","unstructured":"Hallam-Baker , P. , Kaler , C. , Monzillo , R. , and Nadalin , A . Web Services Security X.509 Certificate Token Profile. W3C recommendation , W3C , Jun. 2007 . http:\/\/www.w3.org\/TR\/2007\/REC-wsdl20-20070626. Hallam-Baker, P., Kaler, C., Monzillo, R., and Nadalin, A. Web Services Security X.509 Certificate Token Profile. W3C recommendation, W3C, Jun. 2007. http:\/\/www.w3.org\/TR\/2007\/REC-wsdl20-20070626."},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1145\/1655121.1655129"},{"key":"e_1_3_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.1109\/IWSSCloud.2011.6049019"},{"key":"e_1_3_2_1_21_1","unstructured":"Kanatoko. Bypassing Content-Disposition:Attachment on Internet Explorer 2007.  Kanatoko. Bypassing Content-Disposition:Attachment on Internet Explorer 2007."},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1145\/1103022.1103026"},{"key":"e_1_3_2_1_23_1","volume-title":"Proceedings of the Ninth Workshop on the Economics of Information Security (WEIS)","author":"Molnar D.","year":"2010","unstructured":"Molnar , D. , and Schechter , S . Self hosting vs. cloud hosting: Accounting for the security impact of hosting in the cloud . In Proceedings of the Ninth Workshop on the Economics of Information Security (WEIS) ( 2010 ). Molnar, D., and Schechter, S. Self hosting vs. cloud hosting: Accounting for the security impact of hosting in the cloud. In Proceedings of the Ninth Workshop on the Economics of Information Security (WEIS) (2010)."},{"key":"e_1_3_2_1_24_1","volume-title":"Web Services Security: SOAP Message Security 1.1 (WS-Security","author":"Nadalin A.","year":"2004","unstructured":"Nadalin , A. , Kaler , C. , Monzillo , R. , and Hallam-Baker , P. Web Services Security: SOAP Message Security 1.1 (WS-Security 2004 ). OASIS Standard Specification ( 2006). Nadalin, A., Kaler, C., Monzillo, R., and Hallam-Baker, P. Web Services Security: SOAP Message Security 1.1 (WS-Security 2004). OASIS Standard Specification (2006)."},{"key":"e_1_3_2_1_25_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICWS.2007.167"},{"key":"e_1_3_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.1145\/1653662.1653687"},{"key":"e_1_3_2_1_27_1","unstructured":"Rydstedt G. Bursztein E. Boneh D. and Jackson C. Busting Frame Busting: a Study of Clickjacking Vulnerabilities on Popular Sites.  Rydstedt G. Bursztein E. Boneh D. and Jackson C. Busting Frame Busting: a Study of Clickjacking Vulnerabilities on Popular Sites."},{"key":"e_1_3_2_1_28_1","volume-title":"XML Digital Signature API","author":"Sun Microsystems","year":"2006","unstructured":"Sun Microsystems . XML Digital Signature API , 2006 . Sun Microsystems. XML Digital Signature API, 2006."},{"key":"e_1_3_2_1_29_1","unstructured":"The Apache Software Foundation. Apache Axis2.  The Apache Software Foundation. Apache Axis2."},{"key":"e_1_3_2_1_30_1","volume-title":"Cross-Site Scripting Prevention with Dynamic Data Tainting and Static Analysis. In Network and Distributed System Security Symposium (NDSS)","author":"Vogt P.","year":"2007","unstructured":"Vogt , P. , Nentwich , F. , Jovanovic , N. , Kirda , E. , Kruegel , C. , and Vigna , G . Cross-Site Scripting Prevention with Dynamic Data Tainting and Static Analysis. In Network and Distributed System Security Symposium (NDSS) ( 2007 ). Vogt, P., Nentwich, F., Jovanovic, N., Kirda, E., Kruegel, C., and Vigna, G. Cross-Site Scripting Prevention with Dynamic Data Tainting and Static Analysis. In Network and Distributed System Security Symposium (NDSS) (2007)."},{"key":"e_1_3_2_1_31_1","volume-title":"E","author":"Williams","year":"2010","unstructured":"Williams , E . Twitter Blog : The Evolving Ecosystem , 2010 . Williams, E. Twitter Blog: The Evolving Ecosystem, 2010."},{"key":"e_1_3_2_1_32_1","volume-title":"Workshop on Web 2.0 Security and Privacy (W2SP) (May","author":"Zhou Y.","year":"2010","unstructured":"Zhou , Y. , and Evans , D . Why aren't HTTP-only cookies more widely deployed? In Workshop on Web 2.0 Security and Privacy (W2SP) (May 2010 ). Zhou, Y., and Evans, D. Why aren't HTTP-only cookies more widely deployed? In Workshop on Web 2.0 Security and Privacy (W2SP) (May 2010)."},{"key":"e_1_3_2_1_33_1","first-page":"8","author":"Zuchlinski","year":"2003","unstructured":"Zuchlinski , G. The Anatomy of Cross Site Scripting. Hitchhiker's World 8 ( 2003 ). Zuchlinski, G. The Anatomy of Cross Site Scripting. Hitchhiker's World 8 (2003).","journal-title":"The Anatomy of Cross Site Scripting. Hitchhiker's World"}],"event":{"name":"CCS'11: the ACM Conference on Computer and Communications Security","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"],"location":"Chicago Illinois USA","acronym":"CCS'11"},"container-title":["Proceedings of the 3rd ACM workshop on Cloud computing security workshop"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2046660.2046664","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/2046660.2046664","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T09:48:20Z","timestamp":1750240100000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2046660.2046664"}},"subtitle":["security analysis of cloud management interfaces"],"short-title":[],"issued":{"date-parts":[[2011,10,21]]},"references-count":32,"alternative-id":["10.1145\/2046660.2046664","10.1145\/2046660"],"URL":"https:\/\/doi.org\/10.1145\/2046660.2046664","relation":{},"subject":[],"published":{"date-parts":[[2011,10,21]]},"assertion":[{"value":"2011-10-21","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}