Cloud computing offers a new exciting form of service to users in need of compute infrastructure. It provides users a pay-as-you go model, and allows users to outsource costs such as management, power and cooling, procurement and provisioning. Unfortunately, cloud computing poses serious security concerns. Users want to ensure the security of their data and code while executing in the cloud. At the same time cloud providers want to protect their infrastructure from being abused. We elaborate on these issues in our HotOS paper, VEE paper, and our paper on location-based SLAs on cloud providers. We have also been exploring the use of trusted computing to protect user data stored in the cloud using a system called Unicorn. More recently we have been working on Unity, an untrusted cloud storage system, and H-One, and IaaS cloud auditing framework. We have built and studied Caelus, a system that uses a smartphone to monitor a cloud for malicious activity. You can also check out our survey on the State of IaaS Cloud Security.