Introduction Research funded by Fulton Undergraduate Research Initiative (FURI). Co-Author: Dr. Partha Dasgupta. Purpose of research is bring to attention, existent vulnerabilities in Software as a Service layer of cloud computing.
Cloud Computing Overview Cloud Computing architecture is divided into three layers: Infrastructure as a Service (IaaS) Platform as a Service (Paas) Software as a Service (SaaS)http://lh6.ggpht.com/-t0mXLnfOQnM/ThMyEzI34LI/AAAAAAAAALU/6OLqERfVAu8/cloud-delivery-models_thumb%25255B4%25255D.png
Cloud Computing Models Most common cloud computing models: Public Cloud Private Cloud Hybrid Cloud
Research Two main points of entry into SaaS layer: User Point of Entry o Most common point of attack in a SaaS model Provider Point of Entry An example query that exploits the vulnerability in most database servers like PostgresSQL and MySQL, which will grant the attacker administrator privileges could be: <?php // $uid: or uid like %admin% $query = "UPDATE usertable SET pwd=... WHERE uid= or uid like %a dmin%;"; // $pwd: hehehe, trusted=100, admin=yes $query = "UPDATE usertable SET pwd=hehehe, trusted=100, admin=yes WHERE ...;"; ?>
Research To connect to the uploaded SaaS application, user will have to use a client/user portal which uses a web service interface that is vulnerable to a variety of attacks, some of which include: Buffer Overflow Cross Site Scripting SQL Injection Denial of Service
Result w The most common •Denial of Service Availability •Account lockout attacks associated with •Buffer-over-flo SaaS model in a public •Cross-site scrip ng cloud infrastructure. Data Security •Access control weakness •Privilege escala on They are divided into the •Network Penetra on Network Security •Session Hijacking following four groups: •Data Packet Intercep on Iden ty Management •Authen ca on Weakness •Insecure Trust SaaS (Software as a Service) vulnerabilities
Discussion Zero-Day Vulnerability Found in McAfee’s SaaS Products ( April 2011) Attacker can execute arbitrary code by exploiting the flaw if victim visits a malicious page or open the file. Common Vulnerability Scoring System score it to be 9 out of 10 maximum. Method will accept commands that are passed to a function that simply executes them without authentication. McAfee SaaS includes: Email Protection (Protection against viruses and spam) McAfee Integrated Suites (Protection against viruses, web threats, etc…) Patch released in August 2011.http://news.softpedia.com/news/Zero-Day-Vulnerability-Found-in-McAfee-s-SaaS-Products-247051.shtml
Conclusion Two main points of entry into SaaS layer: User Point of Entry o Most common point of attack in a SaaS model Provider Point of Entry w •Denial of Service Availability •Account lockout •Buffer-over-flo •Cross-site scrip ng Data Security •Access control weakness •Privilege escala on •Network Penetra on Network Security •Session Hijacking •Data Packet Intercep on Iden ty Management •Authen ca on Weakness •Insecure Trust SaaS (Software as a Service) vulnerabilities
Future Work Next approach is to design test cases of a security breach common to the SaaS structure including the web-services involved. Propose a suitable solution for how to minimize the intensity of the penetration attack. Document resultant effects and extent of the exploit and compare with other research projects/paper results. Document and explore the extent to which data can be exploited.