Cloud Computing Security
Upcoming SlideShare
Loading in...5
×

Like this? Share it with your network

Share
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
  • very nice report...
    Are you sure you want to
    Your message goes here
No Downloads

Views

Total Views
3,307
On Slideshare
3,307
From Embeds
0
Number of Embeds
0

Actions

Shares
Downloads
455
Comments
1
Likes
4

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. Security in Cloud ComputingADISSERTATION REPORT ON Security in Cloud ComputingIndus Institute of Technology & Engineering Page 1
  • 2. Security in Cloud Computing SECURITY IN CLOUD COMPUTING By Dhaval Dave (08MCA008) M.C.A, Indus Institute of Technology & Engineering, Gujarat University, 2011 A Dissertation Submitted in Partial Fulfilment of the Requirements for the degree of Master of Computer Application In Computer Science. Department of MCA, Indus Institute of Technology & Engineering, January 2011Indus Institute of Technology & Engineering Page 2
  • 3. Security in Cloud ComputingACKNOWLEDGEMENT Thanks to my Prof. Vrutik Shah who thoroughly introduced me to research.He was always anxious to provide me with a Study environment suitable for developingmyself and always there to keep me on the right track. And, infinite thanks to Prof. H.K. Desai, Head of Department of I.I.T.E. & MyAll Prof., who never had any doubts that I would succeed. Also thanks to the colleagues for allowing me to feel at home at CollegeCampus due to the excellent educational culture. Further thanks to my parents who always gave me support that allowed me topursue my self-fulfillment. I acknowledge all the help I have received from so manypeople in accomplishing this project and wish to thank them. Acknowledged By:- Dhaval DaveIndus Institute of Technology & Engineering Page 3
  • 4. Security in Cloud ComputingPREFACE “Security in Cloud Computing” was taken by us in Dissertation in ourSemester-V as our project for the partial fulfilment of MCA. It is matter of pleasure for me to submit this documentation of the dissertationwork done during Semester-V of MCA. By:- Dhaval DaveIndus Institute of Technology & Engineering Page 4
  • 5. Security in Cloud ComputingTable of Contents 1. Introduction of Cloud Computing 8 1.1 Abstract 9 1.2 Introduction 10 1.3 Cloud Evolution 11 1.4 Comparison 13 2. What is Cloud Computing 14 2.1 Cloud Architecture 15 2.2 Cloud Components 16 2.2.1 Clients 17 2.2.2 DataCenter 18 2.2.3 Distributed Servers 18 3. Cloud Computing Deployment Models 19 3.1 Public Clouds 19 3.2 Private Clouds 21 3.3 Hybrid Clouds 22 3.4 Community Clouds 23 4. Cloud Computing Service Model 24 4.1 Software as a Service(SaaS) 25 4.2 Platform as a Service(PaaS) 25 4.3 Infrastructure as a Service(IaaS) 26 4.4 Anything as a Service(XaaS) 26 4.5 Virtualization & Private Clouds 27 5. Advantages of Clouds 29 6. Cloud Computing Reference Model 31 7. Security for Cloud Computing 33 7.1 Defining Security in Cloud 33 7.2 Security Issues and Challenges 34 7.3 Security Advantages in Cloud Environment 34 7.4 Security Disadvantages in Cloud Environment 35 7.5 Security Issues in Virtualization 37 7.6 Survey of Cloud Computing 38 7.7 Traditional Datacenter Security 39 8. Virtualization - The Catalyst of the Cloud 40 8.1 Confidentiality 40 8.2 Integrity 40 8.3 Authentication 41 8.4 Availability 41 8.5 Accountability 41 8.6 Assurance 42 8.7 Resilience 42 9. Cloud Computing Security Issues 43 10. Cloud Security Challenges 47 10.1 Administrative Access to Servers Applications 47 10.2 Dynamic Virtual Machines : VM State and Sprawl 47 10.3 Vulnerability Exploits and VM to VM Attacks 48Indus Institute of Technology & Engineering Page 5
  • 6. Security in Cloud Computing 10.4 Encryption and Data Protection 48 10.5 Policy and Compliance 48 10.6 Patch Management 49 10.7 Perimeter Protection and Zoning 49 10.8 Rogue Corporate Resources 49 11. Data Protection, Identity Management, Security 50 11.1 Data Protection 50 11.2 Identity Management 50 11.3 Physical and Personnel Security 50 12. Availability 51 13. Application Securities, User Centric Access Control, Transparency 53 13.1 Application Securities 53 13.2 Centric Access Control 53 13.3 Transparency 54 14. New Opportunities 55 15. Conclusions 58 16. Vulnerabilities 60 17. References 61 18. Appendices 62Indus Institute of Technology & Engineering Page 6
  • 7. Security in Cloud ComputingList of FiguresFigure 1:- Cloud Computing 14Figure 2:- Cloud Architecture 15Figure 3:- Cloud Components 16Figure 4:- Public Cloud Model 20Figure 5:- Private Cloud Model 21Figure 6:- Hybrid Cloud Model 22Figure 7:- Cloud Computing Reference Model 32Figure 8:- Security Architecture Design 43List of TablesTable 1:- Cloud Computing Service Model 24Table 2:- Major Cloud Service Providers 38Table 3:- Summary of Security Mechanisms by Major Clouds Service Providers 39Indus Institute of Technology & Engineering Page 7
  • 8. Security in Cloud Computing1. Introduction of Cloud Computing According to Gartner’s Hype Cycle Special Report for 2009, “technologies atthe ‘Peak of Inflated Expectations’ during 2009 include cloud computing, e-books…and Internet TV, while social software and micro blogging sites…have tipped over thepeak and will soon experience disillusionment among enterprise users”. Is cloudcomputing also heading for the trough of disillusionment? The Internet is often represented as a cloud and the term “cloud computing”arises from that analogy. Accenture defines cloud computing as the dynamicprovisioning of IT capabilities (hardware, software, or services) from third parties overa network. McKinsey says that clouds are hardware-based services offering compute,network and storage capacity where: hardware management is highly abstracted fromthe buyer; buyers incur infrastructure costs as variable OPEX [operating expenditures];and infrastructure capacity is highly elastic (up or down). The cloud model differs fromtraditional outsourcing in that customers do not hand over their own IT resources to bemanaged. Instead they plug into the cloud, treating it as they would an internal datacenter or computer providing the same functions. Large companies can afford to build and expand their own data centers butsmall- to medium-sized enterprises often choose to house their IT infrastructure insomeone else’s facility. A collocation center is a type of data center where multiplecustomers locate network, server and storage assets, and interconnect to a variety oftelecommunications and other network service providers with a minimum of cost andcomplexity.Indus Institute of Technology & Engineering Page 8
  • 9. Security in Cloud Computing1.1Abstract The Cloud Computing concept offers dynamically scalable resourcesprovisioned as a service over the Internet. Economic benefits are the main driver for theCloud, since it promises the reduction of capital expenditure and operationalexpenditure. Organizations are increasingly looking to cloud computing to improveoperational efficiency and help with the bottom line. Cloud computing gets its namefrom the drawings typically used to describe the Internet. Cloud computing comes inmany forms: There are Software-as-a-Service (SaaS) providers like salesforce.com;platform-as-a-service (PaaS) like Amazons, Infrastructure-as-a-Service (IaaS),Software-plus-Service (SpS). Web services that offer application programminginterfaces (APIs) that enable developers to exploit functionality over the Internet.Increasingly, businesses of all sizes are choosing to migrate their data, applications andservices to the cloud. The Advantages are clear-increased availability, Lightweight,easy accessible applications, lower maintenance and administrative costs. But securityand privacy concerns present a strong barrier-to-entry. cloud computing to realise itsfull potential and become mainstream member of IT portfolio & choices, a lot ofchallenges are required to be tackled related to privacy & Security. This Dissertation isconcerned with discovery of the vulnerabilities in the landscape of clouds, discovery ofsecurity solutions, and finding evidence that early-adopters or developers have grownmore concerned with security.Indus Institute of Technology & Engineering Page 9
  • 10. Security in Cloud Computing1.2 Introduction We are entering into a new era of computing, and its all about the “cloud”.This immediately brings up several important questions, which deserve thoughtfulanswers: “What is cloud computing?” “Is it real, or just another buzzword?” And mostimportant, “How does it affect me?” Cloud computing as the dynamic provisioning of IT capabilities (hardware,software, or services) from third parties over a network. The term cloud computingrefers to the delivery of scalable IT resources over the Internet, as opposed to hostingand operating those resources locally, such as on a college or university network. Thoseresources can include applications and services, as well as the infrastructure on whichthey operate. By deploying IT infrastructure and services over the network, anorganization can purchase these resources on an as-needed basis and avoid the capitalcosts of software and hardware The coming shift to cloud computing is a major change in our industry. One ofthe most important parts of that shift is the advent (The coming or arrival, especially ofsomething extremely important) of cloud platforms. As its name suggests, this kind ofplatform lets developers write applications that run in the cloud, or use servicesprovided from the cloud, or both. Different names are used for this kind of platformtoday, including on-demand platform and platform as a service (PaaS). Whatever it’scalled, this new way of supporting applications has great potential. To see why, think about how application platforms are used today. When adevelopment team creates an on-premises application (i.e., one that will run within anorganization), much of what that application needs already exists. An operating systemprovides basic support for executing the application, interacting with storage, andmore, while other computers in the environment offer services such as remote storage.If the creators of every on-premises application first had to build all of these basics,we’d have many fewer applications today.Indus Institute of Technology & Engineering Page 10
  • 11. Security in Cloud Computing The cloud is growing at a time when climate change and reducing emissionsfrom energy use is of paramount concern. With the growth of the cloud, however,comes an increasing demand for energy. For all of this content to be delivered to us inreal time, virtual mountains of video, pictures and other data must be stored somewhereand be available for almost instantaneous access. That ‘somewhere’ is data centres -massive storage facilities that consume incredible amounts of energy.1.3 Cloud Evolution The evolution of cloud computing can be traced to grid computing. The conceptof “The Grid” exploded in popularity “The Grid: Blueprint for a new ComputingInfrastructure” by Ian Foster and Carl Kesselman was published in 1998. The basis ofthe grid is the electric utility grid that provides electric power to your home andbusiness. Using the same concept, hardware and software would be provided from thegrid on-demand much like electricity to run lights and everything else that plugs intothe wall. What is interesting is that many of the same issues that plagued the grid alsoplague cloud computing. Defining the grid, vendor lock-in, and forming standards werejust some of the issues. Cloud computing expands upon the grid, but still suffers fromsome of the same issues. The main focus of cloud computing from the providers view as extraneoushardware connected to support downtime on any device in the network, without achange in the users perspective. Also, the users software image should be easilytransferable from one cloud to another. It proposes that a layering mechanism shouldoccur between the front-end software, middle-ware networking and back-end serversand storage, so that each part can be designed, implemented, tested and ran independentfrom subsequent layers. with its development challenges and industry research efforts.it describes cloud computing security problems and benefits and showcases a model ofsecure architecture for cloud computing implementation.Indus Institute of Technology & Engineering Page 11
  • 12. Security in Cloud Computing Critics argue that cloud computing is not secure enough because data leavescompanies local area networks. It is up to the clients to decide the vendors, dependingon how willing they are to implement secure policies and be subject to 3rd partyverifications. Salesforce, Amazon and Google are currently providing such services,charging clients using an on-demand policy. Increasingly, businesses of all sizes are choosing to migrate their data,applications and services to the cloud. The Advantages are clear-increased availability,Lightweight, easy accessible applications, lower maintenance and administrativecosts—but so too are the risks. Possible Benefits arising out of adopting cloud computing models have beenrecently .well documented in literature and therefore these are not reproduced here.However, for cloud computing to realise its full potential and become mainstreammember of IT portfolio & choices, a lot of challenges are required to be tackled relatedto privacy & Security and associated regulation compliance, vendor Lock-in &Standards, interoperability, latency, performance & Reliability Concerns.Indus Institute of Technology & Engineering Page 12
  • 13. Security in Cloud Computing1.4 ComparisonsCloud computing can be confused with:1. Grid computing — "a form of distributed computing and parallel computing,whereby a super and virtual computer is composed of a cluster of networked, looselycoupled computers acting in concert to perform very large tasks"2. Utility computing — the "packaging of computing resources, such as computationand storage, as a metered service similar to a traditional public utility, such aselectricity";3. Autonomic computing — "computer systems capable of self-management".Indus Institute of Technology & Engineering Page 13
  • 14. Security in Cloud Computing2.0 What is Cloud Computing? As we said previously, the term the cloud is often used as a metaphor for theInternet and has become a familiar cliché. However, when “the cloud” is combinedwith “computing,” it causes a lot of confusion. To define the term using a very broad ”sense, they contend that anything beyond the firewall perimeter is in the cloud. A moretempered view of cloud computing considers it the delivery of computational resourcesfrom a location other than the one from which you are computing. Cloud computing is about moving services, computation and/or data moving data—for costand business advantage advantage—off-site to an internal or external, location site location-transparent,centralized facility or contractor. By making data available in the cloud, it can be moreeasily and ubiquitously accessed, often at much lower cost, increasing its value by oftenenabling opportunities for enhanced collaboration, integration, and analysis on a sharedcommon platform. Cloud computing models that encompass a subscription based or pay subscription-based pay-per-useparadigm provide a service that can be used over the Internet and extends an IT shop’sexisting capabilities. Many users have found that this approach provides a return oninvestment that IT managers are more than willing to accept.Figure 1 :- Cloud ComputingIndus Institute of Technology & Engineering Page 14
  • 15. Security in Cloud Computing2.1 Cloud Architecture In Cloud architecture, the systems architecture(A system architecture orsystems architecture is the conceptual model that defines the structure, behaviour, andmore views of a system. An architecture description is a formal description andrepresentation of a system) of the software systems(The term software system is oftenused as a synonym of computer program or software.) involved in the delivery of cloudcomputing, typically involves multiple cloud components communicating with eachother over application programming interfaces, usually web services. This resemblesthe Unix philosophy of having multiple programs each doing one thing well andworking together over universal interfaces. Complexity is controlled and the resultingsystems are more manageable than their monolithic counterparts.Figure 2 :- Cloud ArchitectureIndus Institute of Technology & Engineering Page 15
  • 16. Security in Cloud Computing2.2 Cloud ComponentsFigure 3 :- Cloud Components A cloud computing solution is made up of several elements: clients, thedatacentre, and distributed servers. As shown in Above Figure, these components makeup the three parts of a cloud computing solution. Each element has a purpose and plays a specific role in delivering a functionalcloud-based application, so let’s take a closer look.Indus Institute of Technology & Engineering Page 16
  • 17. Security in Cloud Computing2.2.1 Clients Clients are, in a cloud computing architecture, the exact same things that theyare in a local area network (LAN). They are, typically, the computers that just sit onyour desk. But they might also be laptops, tablet computers, mobile phones, or PDAs(Personal digital assistant or Palmtop Computer)—all big drivers for cloud computingbecause of their mobility. Anyway, clients are the devices that the end users interactwith to manage their information on the cloud. Clients generally fall into threecategories:• Mobile -Mobile devices include PDAs or Smartphone’s, like a Blackberry, WindowsMobile Smartphone or an iPhone.• Thin -Clients are computers that do not have internal hard drives, but rather let theservers do all the work, but then display the information.• Thick -This type of client is a regular computer, using a web browser like Firefoxor Internet Explorer to connect to the cloud.Thin clients are becoming an increasingly popular solution, because of their price andeffect on the environment. Some benefits to using thin clients include• Lower hardware costs -Thin clients are cheaper than thick clients because they do notcontain as much hardware. They also last longer before they need to be upgraded orbecome obsolete.• Lower IT costs -Thin clients are managed at the server and there are fewer points offailure.• Security -Since the processing takes place on the server and there is no hard drive,there’s less chance of malware invading the device. Also, since thin clients don’t workwithout a server, there’s less chance of them being physically stolen.• Data security -Since data is stored on the server, there’s less chance for data to be lostif the client computer crashes or is stolen.Indus Institute of Technology & Engineering Page 17
  • 18. Security in Cloud Computing2.2.2 Datacenter The datacenter is the collection of servers where the application to which yousubscribe is housed. It could be a large room in the basement of your building or aroom full of servers on the other side of the world that you access via the Internet.A growing trend in the IT world is vitalizing servers. That is, software can be installedallowing multiple instances of virtual servers to be used. In this way, you can have halfa dozen virtual servers running on one physical server.The number of virtual servers that can exist on a physical server depends on thesize and speed of the physical server and what applications will be running on thevirtual server.2.2.3 Distributed Servers In Distributed Servers, the servers don’t all have to be housed in the samelocation. Often, servers are in geographically disparate locations. But to you, the cloudsubscriber, these servers act as if they’re humming away right next to each other.This gives the service provider more flexibility in options and security. For instance,Amazon has their cloud solution in servers all over the world. If something were tohappen at one site, causing a failure, the service would still be accessed throughanother site. Also, if the cloud needs more hardware, they need not throw more serversin the safe room—they can add them at another site and simply make it part of thecloud.Indus Institute of Technology & Engineering Page 18
  • 19. Security in Cloud Computing3.0 Cloud Computing Deployment models Cloud computing architects provides three basic service models • Public cloud • Private cloud • Hybrid cloud • Community Cloud IT organizations can choose to deploy applications on public, private, or hybridclouds, each of which has its trade-offs. The terms public, private, and hybrid do notdictate location. While public clouds are typically “out there” on the Internet andprivate clouds are typically located on premises, a private cloud might be hosted at aCollocation (share or designate to share the same place) facility as well. A number of considerations with regard to which cloud computing model theychoose to employ, and they might use more than one model to solve differentproblems. An application needed on a temporary basis might be best suited fordeployment in a public cloud because it helps to avoid the need to purchase additionalequipment to solve a temporary need. Likewise, a permanent application, or one thathas specific requirements on quality of service or location of data, might best bedeployed in a private or hybrid cloud.3.1 Public clouds Public clouds are run by third parties, and applications from differentcustomers are likely to be mixed together on the cloud’s servers, storage systems, andnetworks. Public clouds are most often hosted away from customer premises, and theyprovide a way to reduce customer risk and cost by providing a flexible, even temporaryextension to enterprise infrastructure.Indus Institute of Technology & Engineering Page 19
  • 20. Security in Cloud Computing If a public cloud is implemented with performance, security, and data localityin mind, the existence of other applications running in the cloud should be transparentto both cloud architects and end users. Portions of a public cloud can be carved out for the exclusive use of a singleclient, creating a virtual private datacenter. Rather than being limited to deployingvirtual machine images in a public cloud, a virtual private datacenter gives customersgreater visibility into its infrastructure. Now customers can manipulate not just virtualmachine images, but also servers, storage systems, network devices, and networktopology.Figure 4: - Public Cloud ModelIndus Institute of Technology & Engineering Page 20
  • 21. Security in Cloud Computing3.2 Private clouds Private clouds are built for the exclusive use of one client, providing the utmostcontrol over data, security, and quality of service . The company owns theinfrastructure and has control over how applications are deployed on it. Private cloudsmay be deployed in an enterprise datacenter, and they also may be deployedat a collocation facility. Private clouds can be built and managed by a company’s own IT organizationor by a cloud provider. In this “hosted private” model, a company such as Sun caninstall, configure, and operate the infrastructure to support a private cloud within acompany’s enterprise datacenter. This model gives companies a high level of controlover the use of cloud resources while bringing in the expertise needed to establish andoperate the environment.Figure 5: - Private Cloud ModelIndus Institute of Technology & Engineering Page 21
  • 22. Security in Cloud Computing3.3 Hybrid clouds Hybrid clouds combine both public and private cloud models. They can help toprovide on-demand, externally provisioned scale. The ability to augment a privatecloud with the resources of a public cloud can be used to maintain service levels in theface of rapid workload fluctuations. This is most often seen with the use of storageclouds to support Web 2.0 applications. A hybrid cloud also can be used to handleplanned workload spikes. Sometimes called “surge computing,” a public cloud can beused to perform periodic tasks that can be deployed easily on a public cloud. Hybrid clouds introduce the complexity of determining how to distributeapplications across both a public and private cloud. Among the issues that need to beconsidered is the relationship between data and processing resources. If the data issmall, or the application is stateless, a hybrid cloud can be much more successful thanif large amounts of data must be transferred into a public cloud for a small amount ofprocessing.Figure 6:- Hybrid Cloud ModelIndus Institute of Technology & Engineering Page 22
  • 23. Security in Cloud Computing3.4 Community clouds In Community Cloud the cloud infrastructure is shared by severalorganizations and supports a specific community that has shared concerns (e.g.,mission, security requirements, policy, or compliance considerations). It may bemanaged by the organizations or a third party and may exist on-premises oroff-premises.Indus Institute of Technology & Engineering Page 23
  • 24. Security in Cloud Computing4.0 Cloud computing Service Model In practice, cloud service providers tend to offer services that can be groupedinto three categories: software as a service, platform as a service, and infrastructure asa service. These categories group together the various layers with some overlap.Table 1: - Cloud Computing Service ModelIndus Institute of Technology & Engineering Page 24
  • 25. Security in Cloud Computing4.1 Software as a service (SaaS) Software as a service features a complete application offered as a service ondemand. A single instance of the software runs on the cloud and services multiple endusers or client organizations. The most widely known example of SaaS is salesforce.com, though many otherexamples have come to market, including the Google Apps offering of basic businessservices including email and word processing. Although salesforce.com preceded the definition of cloud computing by a fewyears, it now operates by leveraging its companion force.com, which can be defined asa platform as a service.4.2 Platform as a service (PaaS) Platform as a service encapsulates a layer of software and provides it as aservice that can be used to build higher-level services. There are at least twoperspectives on PaaS depending on the perspective of the producer or consumer of theservices:• Someone producing PaaS might produce a platform by integrating an OS,middleware, application software, and even a development environment that is thenprovided to a customer as a service. For example, someone developing a PaaS offeringmight base it on a set of Sun™ xVM hypervisor virtual machines that include aNetBeans™ integrated development environment, a Sun GlassFish™ Web stack andsupport for additional programming languages such as Perl or Ruby.• Someone using PaaS would see an encapsulated service that is presented to themthrough an API. The customer interacts with the platform through the API, and theplatform does what is necessary to manage and scale itself to provide a given level ofservice. Virtual appliances can be classified as instances of PaaS. A content switchappliance, for example, would have all of its component software hidden from thecustomer, and only an API or GUI for configuring and deploying the service providedIndus Institute of Technology & Engineering Page 25
  • 26. Security in Cloud Computingto them. PaaS offerings can provide for every phase of software development andtesting, or they can be specialized around a particular area such as contentmanagement. Commercial examples of PaaS include the Google Apps Engine, which servesapplications on Google’s infrastructure. PaaS services such as these can provide apowerful basis on which to deploy applications, however they may be constrained bythe capabilities that the cloud provider chooses to deliver.4.3 Infrastructure as a service (IaaS) Infrastructure as a service delivers basic storage and compute capabilities asstandardized services over the network. Servers, storage systems, switches, routers,and other systems are pooled and made available to handle workloads that range fromapplication components to high-performance computing applications. Commercialexamples of IaaS include Joyent, whose main product is a line of virtualized serversthat provide a highly available on-demand infrastructure.4.4 Anything-as-a-Service (XaaS) Which is also a subset of cloud computing? XaaS broadly encompasses aprocess of activating reusable software components over the network. The mostcommon and successful example is Software-as-a-Service. The growth of“as-a-service” offerings has been facilitated by extremely low barriers to entry (they areoften accessible for free or available as recurring charges on a personal credit card). Asa result, such offerings have been adopted by consumers and small businesses wellbefore pushing into the enterprise space. All “as-a-service” offerings share a number ofcommon attributes, including little or no capital expenditure since the requiredinfrastructure is owned by the service provider, massive scalability, multitenancy, anddevice and location independence allowing consumers remote access to systems usingnearly any current available technology.Indus Institute of Technology & Engineering Page 26
  • 27. Security in Cloud Computing On the surface, it appears that XaaS is a potentially game-changing technologythat could reshape IT. However, most CIOs still depend on internal infrastructuresbecause they are not convinced that cloud computing is ready for prime time. Manycontend that if you want real reliability, you must write more reliable applications.Regardless of one’s view on the readiness of cloud computing to meet corporate ITrequirements, it cannot be ignored. The concept of pay-as-you-go applications,development platforms, processing power, storage, or any other cloud-enabled serviceshas emerged and can be expected to reshape IT over the next decade.4.5 Virtualization and Private Clouds Virtualization of computers or operating systems hides the physicalcharacteristics of a computing platform from users; instead it shows another abstractcomputing platform. A hypervisor is a piece of virtualization software that allowsmultiple operating systems to run on a host computer concurrently. Virtualizationproviders include VMware, Microsoft, and Citrix Systems. Virtualization is an enablerof cloud computing. Recently some vendors have described solutions that emulate cloud computingon private networks, referring to these as “private” or “internal” clouds (where “public”or “external” cloud describes cloud computing in the traditional mainstream sense).Private cloud products claim to deliver some of the benefits of cloud computing withoutthe pitfalls. Hybrid solutions are also possible: building internal clouds and connectingcustomer data centers to those of external cloud providers. It has been reported that EliLilly wants to benefit from both internal and external clouds3 and that Amylin6 islooking at private cloud VMware as a complement to EC2. Other experts, however, areskeptical: one has even gone as far as to describe private clouds as absolute rubbish.7Platform Computing has recently launched a cloud management system, Platform ISF,enabling customers to manage workload across both virtual and physical environmentsand support multiple hypervisors and operating systems from a single interface.VMware, the market leader in virtualization technology, is moving into cloudtechnologies in a big way, with vSphere 4. The company is building a huge partnernetwork of service providers and is also releasing a “vCloud API”. VMware wantsIndus Institute of Technology & Engineering Page 27
  • 28. Security in Cloud Computingcustomers to build a series of “virtual data centers”, each tailored to meet differentrequirements, and then have the ability to move workloads in the virtual data centers tothe infrastructure provided by cloud vendors. Cisco, EMC and VMware have formed a new venture called Acadia. Itsstrategy for private cloud computing is based on Cisco’s servers and networking,VMware’s server virtualization and EMC’s storage. (Note, by the way, that EMC ownsnearly 85% of VMware.) Other vendors, such as Google, disagree with VMware’semphasis on private clouds; in return VMware says Google’s online applications arenot ready for the enterprise.Indus Institute of Technology & Engineering Page 28
  • 29. Security in Cloud Computing5.0 Advantages of Cloud • Agility improves with users ability to rapidly and inexpensively re-provision technological infrastructure resources • Cost is claimed to be greatly reduced and capital expenditure is converted to operational expenditure. This ostensibly lowers barriers to entry, as infrastructure is typically provided by a third-party and does not need to be purchased for one-time or infrequent intensive computing tasks. • Device and location independence enable users to access systems using a web browser regardless of their location or what device they are using (e.g., PC, mobile). As infrastructure is off-site (typically provided by a third-party) and accessed via the Internet, users can connect from anywhere. • Multi-tenancy enables sharing of resources and costs across a large pool of users • Reliability is improved if multiple redundant sites are used, which makes well designed cloud computing suitable for business continuity and disaster recovery. • Scalability via dynamic ("on-demand") provisioning of resources on a fine-grained, self-service basis near real-time, without users having to engineer for peak loads. Performance is monitored, and consistent and loosely coupled architectures are constructed using web services as the system interface • Maintenance cloud computing applications are easier to maintain, since they dont have to be installed on each users computer.Indus Institute of Technology & Engineering Page 29
  • 30. Security in Cloud Computing • Metering cloud computing resources usage should be measurable and should be metered per client and application on daily, weekly, monthly, and annual basis. This will enable clients on choosing the vendor cloud on cost and reliability • Security could improve due to centralization of data, increased security-focused resources, etc., but concerns can persist about loss of control over certain sensitive data, and the lack of security for stored kernels. Security is often as good as or better than under traditional systems, in part because providers are able to devote resources to solving security issues that many customers cannot afford. Furthermore, the complexity of security is greatly increased when data is distributed over a wider area and / or number of devices.Indus Institute of Technology & Engineering Page 30
  • 31. Security in Cloud Computing6.0 Cloud Computing Reference Model Understanding the relationships and dependencies between Cloud Computingmodels is critical to understanding Cloud Computing security risks. IaaS is the foundation of all cloud services, with PaaS building upon IaaS, andSaaS in turn building upon PaaS as described in the Cloud Reference Model diagram.In this way, just as capabilities are inherited, so are information security issues and risk.It is important to note that commercial cloud providers may not neatly fit into thelayered service models. Nevertheless, the reference model is important for relatingreal-world services to an architectural framework and understanding the resources andservices requiring security analysis. IaaS includes the entire infrastructure resourcestack from the facilities to the hardware platforms that reside in them. It incorporatesthe capability to abstract resources (or not), as well as deliver physical and logicalconnectivity to those resources. Ultimately, IaaS provides a set of APIs which allowmanagement and other forms of interaction with the infrastructure by consumers. PaaS sits atop IaaS and adds an additional layer of integration with applicationdevelopment frameworks; middleware capabilities; and functions such as database,messaging, and queuing; which allow developers to build applications upon to theplatform; and whose programming languages and tools are supported by the stack.SaaS in turn is built upon the underlying IaaS and PaaS stacks; and provides aself-contained operating environment used to deliver the entire user experienceincluding the content, its presentation, the application(s), and management capabilities.Indus Institute of Technology & Engineering Page 31
  • 32. Security in Cloud ComputingFigure 7:- Cloud Computing Reference ModelIndus Institute of Technology & Engineering Page 32
  • 33. Security in Cloud Computing7.0 Security for Cloud Computing There is a number of security issues associated with cloud computing but theseissues fall into two broad categories: Security issues faced by cloud providers(organizations providing Software-, Platform-, or Infrastructure-as-a-Service via thecloud) and security issues faced by their customers. In most cases, the provider mustensure that their infrastructure is secure and that their clients’ data and applications areprotected while the customer must ensure that the provider has taken the proper securitymeasures to protect their information. Security controls in cloud computing are, for the most part, no different thansecurity controls in any IT environment. Cloud computing may present different risksto an organization than traditional IT solutions. Cloud computing is about gracefullylosing control while maintaining accountability even if the operational responsibilityfalls upon one or more third parties. While cloud security concerns can be grouped into any number of dimensionsthese dimensions have been aggregated into three general areas Security and Privacy,Compliance, and Legal or Contractual Issues.7.1 Defining Security in the Cloud If we wish to enable cloud-driven growth and innovation through security, wemust have a clear framing on what is meant by security. Security has been notoriouslyhard to define in the general case. The canonical goals of information security areConfidentiality, Integrity, and Availability. We borrow from NIST to includeAccountability and Assurance, and then add a sixth category of Resilience. We definethese terms below and map them to the cloud context, with a few examples of how theycan be supported by both technical and non-technical mechanisms.Indus Institute of Technology & Engineering Page 33
  • 34. Security in Cloud Computing To begin to answer these questions, let’s quickly look at the security of thetraditional datacenter and the impact of virtualization technology, which is enabling thecloud computing revolution.7.2 Security Issues and Challenges IaaS (Infrastructure as a Service), PaaS (Platform as a Service), and SaaS(Software as a Service) are three general models of cloud computing. Each of thesemodels possess a different impact on application security. However, in a typicalscenario where an application is hosted in a cloud, two broad security questions thatarises are: • How secure is the Data? • How secure is the Code? Cloud computing environment is generally assumed as a potential cost saver as wellas provider of higher service quality. Security, Availability, and Reliability is the majorquality concerns of cloud service users. Gens et. al., suggests that security in one of theprominent challenge among all other quality challenges.7.3 Security Advantages in Cloud Environments Current cloud service providers operate very large systems. They havesophisticated processes and expert personnel for maintaining their systems, whichsmall enterprises may not have access to. As a result, there are many direct and indirectsecurity advantages for the cloud users. Here we present some of the key securityadvantages of a cloud computing environment: • Data Centralization: In a cloud environment, the service provider takes care of storage issues and small business need not spend a lot of money on physical storage devices. Also, cloud based storage provides a way to centralize the data faster and potentially cheaper. This is particularly useful for small businesses,Indus Institute of Technology & Engineering Page 34
  • 35. Security in Cloud Computing which cannot spend additional money on security professionals to monitor the data. • Incident Response: IaaS providers can put up a dedicated forensic server that can be used on demand basis. Whenever a security violation takes place, the server can be brought online. In some investigation cases, a backup of the environment can be easily made and put onto the cloud without affecting the normal course of business. • Forensic Image Verification Time: Some cloud storage implementations expose a cryptographic check sum or hash. For example, Amazon S3 generates MD5 (Message-Digest algorithm 5) hash automatically when you store an object. Therefore in theory, the need to generate time consuming MD5 checksums using external tools is eliminated. • Logging: In a traditional computing paradigm by and large, logging is often an afterthought. In general, insufficient disk space is allocated that makes logging either non-existent or minimal. However, in a cloud, storage need for standard logs is automatically solved.7.4 Security Disadvantages in Cloud Environments In spite of security advantages, cloud computing paradigm also introduces somekey security challenges. Here we discuss some of these key security challenges: • Data Location: In general, cloud users are not aware of the exact location of the datacenter and also they do not have any control over the physical access mechanisms to that data. Most well-known cloud service providers have datacenters around the globe. Some service providers also take advantage of their global datacenters. However, in some cases applications and data might be stored in countries, which can judiciary concerns. For example, if the user data is stored in X country then service providers will be subjected to the securityIndus Institute of Technology & Engineering Page 35
  • 36. Security in Cloud Computing requirements and legal obligations of X country. This may also happen that a user does not have the information of these issues. • Investigation: Investigating an illegitimate activity may be impossible in cloud environments. Cloud services are especially hard to investigate, because data for multiple customers may be co-located and may also be spread across multiple datacenters. Users have little knowledge about the network topology of the underlying environment. Service provider may also impose restrictions on the network security of the service users. • Data Segregation: Data in the cloud is typically in a shared environment together with data from other customers. Encryption cannot be assumed as the single solution for data segregation problems. In some situations, customers may not want to encrypt data because there may be a case when encryption accident can destroy the data. • Long-term Viability: Service providers must ensure the data safety in changing business situations such as mergers and acquisitions. Customers must ensure data availability in these situations. Service provider must also make sure data security in negative business conditions like prolonged outage etc. • Compromised Servers: In a cloud computing environment, users do not even have a choice of using physical acquisition toolkit. In a situation, where a server is compromised; they need to shut their servers down until they get a previous backup of the data. This will further cause availability concerns. • Regulatory Compliance: Traditional service providers are subjected to external audits and security certifications. If a cloud service provider does not adhere to these security audits, then it leads to a obvious decrease in customer trust. • Recovery: Cloud service providers must ensure the data security in natural and man-made disasters. Generally, data is replicated across multiple sites.Indus Institute of Technology & Engineering Page 36
  • 37. Security in Cloud Computing However, in the case of any such unwanted event, provider must do a complete and quick restoration.7.5 Security Issues in Virtualization Full Virtualization and Para Virtualization is two kinds of virtualization in acloud computing paradigm. In full virtualization, entire hardware architecture isreplicated virtually. However, in para virtualization, an operating system TowardsAnalyzing Data Security Risks in Cloud Computing Environments 259 is modified sothat it can be run concurrently with other operating systems. VMM (Virtual Machine Monitor), is a software layer that abstracts the physicalresources used by the multiple virtual machines. The VMM provides a virtual processorand other virtualized versions of system devices such as I/O devices, storage, memory,etc. VMM Instance Isolation ensures that different instances running on the samephysical machine are isolated from each other. However, current VMMs do not offerperfect isolation. Many bugs have been found in all popular VMMs that allow escapingfrom VM (Virtual machine). Vulnerabilities have been found in all virtualizationsoftware’s, which can be exploited by malicious users to bypass certain securityrestrictions or/and gain escalated privileges. Below are few examples for this: • Vulnerability in Microsoft Virtual PC and Microsoft Virtual Server could allow a guest operating system user to run code on the host or another guest operating system. • Vulnerability was found in VMware’s shared folders mechanism that grants users of a guest system read and write access to any portion of the host’s file system including the system folder and other security-sensitive files.Indus Institute of Technology & Engineering Page 37
  • 38. Security in Cloud Computing • Vulnerability in Xen can be exploited by “root” users of a guest domain to execute arbitrary commands.7.6 Survey of Cloud Computing We carry out a small survey of major cloud service providers to investigate thesecurity mechanisms to overcome the security issues discussed in this paper. Weconsider ten major cloud service providers. These providers provide their services in allmajor areas of cloud computing, including SaaS, PaaS and IaaS. Table 1 shows the list of service providers that we studied in this survey. Inorder to analyze the complete state of art of security in cloud computing, the surveyneeds to be more exhaustive. However, due to the fact that the scope of our work is notjust to explore the state of art but to look at the major factors that affect security in cloudcomputing. Therefore we have intentionally not considered other cloud serviceproviders in this survey.Table 2:- Major Cloud Service ProvidersService Provider Type NamesIaaS Amazon EC2, Amazon S3, GoGridPaaS Google App Engine, Microsoft Azure Services, Amazon Elastic Map ReduceSaaS Salesforce, Google Docs In table 2, we present the results of the survey that depicts the current state ofsecurity mechanisms. Information given in table 2 is based on the information availableonline at the official websites of these providersIndus Institute of Technology & Engineering Page 38
  • 39. Security in Cloud ComputingTable 3:- Summary of Security Mechanisms by Major Cloud Service ProvidersSecurity Issue ResultsPassword Recovery 90% are using standard methods like other common services, while 10% are using sophisticated techniques.Encryption Mechanism 40% are using standard SSL encryption, while 20% are using encryption mechanism but at an extra cost. 40% are using advance methods like HTTPS access also.Data Location 70% have their datacenters located in more than one country, while 10% are located at a single location. 20% are not open about this issue.Availability History In 40% there is a reported downtime alongwith a result in data loss, while in 60% cases data availability is good.Proprietary/Open Only 10% providers have open mechanism.Monitoring Services 70% are providing extra monitoring services, while 10% are using automatic techniques. 20 % are not open about this issue.7.7 Traditional Datacenter Security The word ‘datacenter’ has long evoked images of massive server farms behindlocked doors, where electricity and cooling were as important as network security tomaintain reliability and availability of data. Perimeter security controls are the mostcommon approach taken for traditional datacenter security. This approach typicallyincludes perimeter firewall, demilitarized zones (DMZ), network segmentation,network intrusion detection and prevention systems (IDS/IPS) and network monitoringtools.Indus Institute of Technology & Engineering Page 39
  • 40. Security in Cloud Computing8.0 Virtualization – The Catalyst of the Cloud Advancements in virtualization technologies enable enterprises to get morecomputing power from the underutilized capacity of physical servers. The traditionaldatacenter footprint is shrinking to enable cost savings and “greener” IT through serverconsolidation. Enterprises and service providers are using virtualization to enablemulti-tenant uses of what used to be single-tenant or single-purpose physical servers. Extending virtual machines to public clouds causes the enterprise networkperimeter to evaporate and the lowest-common denominator to impact the security ofall. The inability of physical segregation and hardware-based security to deal withattacks between virtual machines on the same server highlights the need formechanisms to be deployed directly on the server, or virtual machines. Deploying this line of defense at the virtual machine itself enables criticalapplications and data to be moved to cloud environments.8.1 Confidentiality Confidentiality refers to keeping data private. Privacy is of tent amountimportance as data leaves the borders of the organization. Not only must internalsecrets and sensitive personal data be safeguarded, but metadata and transactional datacan also leak important details about firms or individuals. Confidentiality is supportedby, among other things, technical tools such as encryption and access control, as well aslegal protections.8.2 Integrity Integrity is a degree confidence that the data in the cloud is what is supposed tobe there, and is protected against accidental or intentional alteration withoutauthorization. It also extends to the hurdles of synchronizing multiple databases.Indus Institute of Technology & Engineering Page 40
  • 41. Security in Cloud ComputingIntegrity is supported by well audited code, well-designed distributed systems, androbust access control mechanisms.8.3 AuthenticationUser authentication is often the primary basis for access control, keeping the bad guysout while allowing authorized users in with a minimum of fuss. In the cloudenvironment, authentication and access control are more important than ever since thecloud and all of its data are accessible to anyone over the Internet. The TPM can easilyprovide stronger authentication than username and passwords. TCG’s IF-MAPstandard allows for real-time communication between the cloud provider and thecustomer about authorized users and other security issues. When a user is fired orreassigned, the customer’s identity management system can notify the cloud providerin real-time so that the user’s cloud access can be modified or revoked within seconds.If the fired user is logged into the cloud, they can be immediately disconnected. TrustedComputing enables authentication of client PCs and other devices, which also is criticalto ensuring security in cloud computing.8.4 Availability Availability means being able to use the system as anticipated. Cloudtechnologies can increase availability through widespread internet-enabled access, butthe client is dependent on the timely and robust provision of resources. Availability issupported by capacity building and good architecture by the provider, as well aswell-defined contracts and terms of agreement.8.5 Accountability Accountability maps actions in the system to responsible parties. Inside thecloud, actions must be traced uniquely back to an entity, allowing for integration intoorganizational processes, conflict resolution and deterrence of bad behavior.Indus Institute of Technology & Engineering Page 41
  • 42. Security in Cloud ComputingAccountability is supported by robust identity, authentication and access control, aswell as the ability to log transactions and then, critically, audit these logs.8.6 Assurance Assurance refers to the need for a system to behave as expected. In the cloudcontext, it is important that the cloud provider provides what the client has specified.This is not simply a matter of the software and hardware behaving as the client expectsbut that the needs of the organization are understood, and that these needs areaccurately translated into information architecture requirements, which are thenfaithfully implemented in the cloud system. Assurance is supported by a trustedcomputing architecture in the cloud, and a by careful processes mapping from businesscase to technical details to legal agreements.8.7 Resilience Resilience in a system allows it to cope with security threats, rather than failingcritically. Cloud technology can increase resilience, with a broader base, backup dataand systems, and the potential identify threats and dynamically counteract. However,by shifting critical systems and functions to an outside party, organizations canaggravate resilience by introducing a single point of failure. Resilience is supported byredundancy, diversification and real-time forensic capacity.Indus Institute of Technology & Engineering Page 42
  • 43. Security in Cloud Computing9.0 Cloud Computing Security Issues In order to ensure that data is secure (that it cannot be accessed by unauthorizedusers or simply lost) and that data privacy is maintained, cloud providers attend to thefollowing areas in Security and Privacy issues.Figure 8: - Security Architecture DesignIndus Institute of Technology & Engineering Page 43
  • 44. Security in Cloud Computing A security architecture framework should be established with consideration ofprocesses (enterprise authentication and authorization, access control, confidentiality,integrity, no repudiation, security management, etc.), operational procedures,technology specifications, people and organizational management, and securityprogram compliance and reporting. A security architecture document should bedeveloped that defines security and privacy principles to meet business objectives.Documentation is required for management controls and metrics specific to assetclassification and control, physical security, system access controls, network andcomputer management, application development and maintenance, business continuity,and compliance. A design and implementation program should also be integrated withthe formal system development life cycle to include a business case, requirementsdefinition, design, and implementation plans. Technology and design methods shouldbe included, as well as the security processes necessary to provide the followingservices across all technology layers: 9.1 Authentication 9.2 Authorization 9.3 Availability 9.4 Confidentiality 9.5 Integrity 9.6 Accountability 9.7 Privacy The creation of a secure architecture provides the engineers, data center operationspersonnel, and network operations personnel a common blueprint to design, build, andtest the security of the applications and systems. Design reviews of new changes can be better assessed against this architecture toassure that they conform to the principles described in the architecture, allowing formore consistent and effective design reviews.Indus Institute of Technology & Engineering Page 44
  • 45. Security in Cloud Computing • Secure Software Development Life Cycle (SecSDLC) The SecSDLC involves identifying specific threats and the risks they represent,followed by design and implementation of specific controls to counter those threats andassist in managing the risks they pose to the organization and/or its customers. TheSecSDLC must provide consistency, repeatability, and conformance. The SDLCconsists of six phases, and there are steps unique to the SecSDLC in each of phases: o Investigation: Define project processes and goals, and document them in the program security policy. o Analysis: Analyze existing security policies and programs, analyze current threats and controls, examine legal issues, and perform risk analysis. o Logical design: Develop a security blueprint, plan incident response actions, plan business responses to disaster, and determine the feasibility of continuing and/or outsourcing the project. o Physical design: Select technologies to support the security blueprint, develop a definition of a successful solution, design physical security measures to support technological solutions, and review and approve plans. o Implementation: Buy or develop security solutions. At the end of this phase, present a tested package to management for approval. o Maintenance: Constantly monitor, test, modify, update, and repair to respond to changing threats.Indus Institute of Technology & Engineering Page 45
  • 46. Security in Cloud Computing In the SecSDLC, application code is written in a consistent manner that caneasily be audited and enhanced; core application services are provided in a common,structured, and repeatable manner; and framework modules are thoroughly tested forsecurity issues before implementation and continuously retested for conformancethrough the software regression test cycle. Additional security processes are developedto support application development projects such as external and internal penetrationtesting and standard security requirements based on data classification. Formal trainingand communications should also be developed to raise awareness of processenhancements.Indus Institute of Technology & Engineering Page 46
  • 47. Security in Cloud Computing10 Cloud Security Challenges At first glance, the security requirements for cloud computing providers wouldappear to be the same as traditional datacenters — apply a strong network securityperimeter and keep the bad guys out. However, as previously stated, physicalsegregation and hardware-based security cannot protect against attacks between virtualmachines on the same server. The following outlines some of the primary concerns thatenterprises should be aware of when planning their cloud computing deployments.10.1 Administrative Access to Servers andApplications One of the most important characteristics of cloud computing is that it offers“self-service” access to computing power, most likely via the Internet. In traditionaldatacenters, administrative access to servers is controlled and restricted to direct oron-premise connections. In cloud computing, this administrative access must now beconducted via the Internet, increasing exposure and risk. It is extremely important torestrict administrative access and monitor this access to maintain visibility of changesin system control.10.2 Dynamic Virtual Machines: VM State andSprawl Virtual machines are dynamic. They can quickly be reverted to previousinstances, paused and restarted, relatively easily. They can also be readily cloned andseamlessly moved between physical servers. This dynamic nature and potential for VMsprawl makes it difficult to achieve and maintain consistent security. Vulnerabilities orconfiguration errors may be unknowingly propagated. Also, it is difficult to maintain anauditable record of the security state of a virtual machine at any given point in time. Incloud computing environments, it will be necessary to be able to prove the security stateIndus Institute of Technology & Engineering Page 47
  • 48. Security in Cloud Computingof a system, regardless of its location or proximity to other, potentially insecure virtualmachines.10.3 Vulnerability Exploits and VM-TO-VM Attacks Cloud computing servers use the same operating systems, enterprise and webapplications as localized virtual machines and physical servers. The ability for anattacker or malware to remotely exploit vulnerabilities in these systems andapplications is a significant threat to virtualized cloud computing environments. Inaddition, co-location of multiple virtual machines increases the attack surface and riskof VM-to-VM compromise. Intrusion detection and prevention systems need to be ableto detect malicious activity at the virtual-machine level, regardless of the location of theVM within the virtualized cloud environment.10.4 Encryption and Data Protection Many regulations and standards such as the PCI DSS and HIPAA includerequirements for the use of encryption to protect critical information—such ascardholder data and personally identifiable information (PII)—to achieve complianceor safe harbor in the event of a breach. The multi-tenant nature of the cloud amplifiesthese requirements and creates unique challenges with the accessibility and protectionof encryption credentials used to ensure data protection.10.5 Policy and Compliance Enterprises are experiencing significant pressure to comply with a wide rangeof regulations and standards such as PCI, HIPAA, and GLBA in addition to auditingpractices such as SAS70 and ISO. Enterprises need to prove compliance with securitystandards, regardless of the location of the systems required to be in scope ofregulation, be that on-premise physical servers, on-premise virtual machines oroff-premise virtual machines running on cloud computing resources.Indus Institute of Technology & Engineering Page 48
  • 49. Security in Cloud Computing10.6 Patch Management The self-service nature of cloud computing may create confusion for patchmanagement efforts. Once an enterprises subscribes to a cloud computingresource—for example by creating a Web server from templates offered by the cloudcomputing service provider—the patch management for that server is no longer in thehands of the cloud computing vendor, but is now the responsibility of the subscriber.Keeping in mind that according to the previously mentioned Verizon 2008 Data BreachInvestigations Report, 90% of known vulnerabilities that were exploited had patchesavailable for at least six months prior to the breach, organizations leveraging cloudcomputing need to keep vigilant to maintain cloud resources with the most recentvendor supplied patches. If patching is impossible or unmanageable, compensatingcontrols such as “virtual patching” need to be considered.10.7 Perimeter Protection and Zoning In cloud computing, the enterprise perimeter evaporates and thelowest-common denominator impacts the security of all. The enterprise firewall, thefoundation for establishing security policy and zoning for networks, can either nolonger reach cloud computing servers, or its policies are no longer in the control of theresource owner, but the responsibility of the cloud computing provider. To establishzones of trust in the cloud, the virtual machines must be self-defending, effectivelymoving the perimeter to the virtual machine itself.10.8 Rogue Corporate Resources Eager for immediate computing resources and results, non-IT savvy individualsand groups are jumping at cloud computing. Important corporate data and applicationsare being deployed in the cloud, possibly oblivious to the security implications.Indus Institute of Technology & Engineering Page 49
  • 50. Security in Cloud Computing11 Data Protection, Identity Management, Security11.1 Data Protection To be considered protected, data from one customer must be properlysegregated from that of another; it must be stored securely when “at rest” and it must beable to move securely from one location to another. Cloud providers have systems inplace to prevent data leaks or access by third parties. Proper separation of duties shouldensure that auditing and/or monitoring cannot be defeated, even by privileged users atthe cloud provider.11.2 Identity Management Every enterprise will have its own identity management system to controlaccess to information and computing resources. Cloud providers either integrate thecustomer’s identity management system into their own infrastructure, using federationor SSO technology, or provide an identity management solution of their own.11.3 Physical and Personnel Security Providers ensure that physical machines are adequately secure and that accessto these machines as well as all relevant customer data is not only restricted but thataccess is documented. Finally, providers ensure that all critical data (credit cardnumbers, for example) are masked and that only authorized users have access to data inits entirety. Moreover, digital identities and credentials must be protected as should anydata that the provider collects or produces about customer activity in the cloud.Indus Institute of Technology & Engineering Page 50
  • 51. Security in Cloud Computing12 Availability Cloud providers assure customers that they will have regular and predictable accessto their data and applications. For example, consider some of the cloud-related cloudoutages which have been widely reported… Bit bucket, DDoSd Off The Air ,Indus Institute of Technology & Engineering Page 51
  • 52. Security in Cloud ComputingMaintenance Induced Cascading FailuresIndus Institute of Technology & Engineering Page 52
  • 53. Security in Cloud Computing13 Application Securities, User Centric AccessControl, Transparency13.1 Application Securities Cloud providers ensure that applications available as a service via the cloud aresecure. Securing application software that is running on being developed in the cloud.This includes items such as whether it’s appropriate to migrate or design an applicationto run in the cloud, and if so, what type of cloud platform is most appropriate (SaaS,PaaS, or IaaS). Some specific security issues related to the cloud are also discussed.13.2 User Centric Access Control The traditional model of application-centric access control, where eachapplication keeps track of its collection of users and manages them, is not feasible incloud based architectures. This is more so, because the user space maybe shared acrossapplications that can lead to data replication, making mapping of users and theirprivileges a herculean task. Also, it requires the user to remember multipleaccounts/passwords and maintain them. Cloud requires a user centric access controlwhere every user request to any service provider is bundled with the user identity andentitlement information. User identity will have identifiers or attributes that identityand define the user. The identity is tied to a domain, but is portable. User centricapproach leaves the user with the ultimate control of their digital identities. User centricapproach also implies that the system maintains a context of information for every user,in order to find how best to react to in a given situation to a given user request. It shouldsupport pseudonyms and multiple and discrete identities to protect user privacy. Thiscan be achieved easily by using one of the open standards like OpenID or SAML.Indus Institute of Technology & Engineering Page 53
  • 54. Security in Cloud Computing13.3 Transparency Security measures assumed in the cloud must be made available to thecustomers to gain their trust. There is always a possibility that the cloud infrastructure issecured with respect to some requirements and the customers are looking for a differentset of security. The important aspect is to see that the cloud provider meets the securityrequirements of the application and this can be achieved only through 100%transparency. Open Cloud Manifesto exerts stress on transparency in clouds, due theconsumer’s apprehensions to host their applications on a shared infrastructure, onwhich they do not have any control. Transparency can be achieved by complete auditlogging and control.Indus Institute of Technology & Engineering Page 54
  • 55. Security in Cloud Computing14 New Opportunities Combining the contemporary and historical viewpoints, we arrive at theposition that many cloud computing security problems are not in fact new, but oftenwill still require new solutions in terms of specific mechanisms. Existing contemporaryworks already explore many pertinent topics; we highlight here several areas thatdeserve more attention. First, cloud providers should offer a choice of security primitives withwell-considered defaults. Cloud users know more about their applications, but cloudproviders potentially know more about the relevant security issues due to a higherconcentration of security expertise. The cloud user would ideally choose from aspectrum of security levels and security subsystem boundaries. We believe thisflexibility could prove to be a major improvement if done well. One possible approachwould be to formulate the security primitives around defending different stakeholdersagainst different particular threat models. An additional feature might support “plugand-play" services readily compliant with common standards such as those of HIPAAor Payment Card Industry. Another important research area concerns determining apt granularities forisolation. Several are possible: isolate by virtual or physical machines, LANs, clouds,or datacenters. We at present lack a good understanding of the tradeoffs betweensecurity and performance for each of these options, but it would appear likely that cloudproviders can fruitfully offer different granularities of isolation as a part of theirspectrum of security. Side channels and covert channels pose another fundamental threat, one whichinterplays with the granularities of isolation discussed above. While not a panacea (e.g.,it takes very few bits to steal a password), a helpful analysis could include whenappropriate a quantification of channel bit rates, coupled with an assessment of the bitrate required to do harm.Indus Institute of Technology & Engineering Page 55
  • 56. Security in Cloud Computing One important area that has yet to receive much attention is mutual audit ability.The auditing capabilities of most existing systems focus on one-way audit ability. Incloud computing, providers and users may need to demonstrate mutual trustworthiness,in a bilateral or multilateral fashion. As discussed above, such audit ability can havemajor benefits with regard to fate-sharing, such as enabling cloud providers in searchand seizure incidents to demonstrate to law enforcement that they have turned over allrelevant evidence, and prove to users that they turned over only the necessary evidenceand nothing more. Recent work notes that implementing thorough auditing is not asimple matter even for straightforward web services. In cloud computing, it remains anopen challenge to achieve thorough auditing without impairing performance. Tocomplicate matters even further, the auditor fundamentally needs to be an independentthird party, and a third-party auditor requires a setup quite different than today’spractice, in which cloud providers record and maintain all the audit logs. In short,mutual audit ability needs significant work. On the plus side, achieving it robustlywould constitute an important security feature. More broadly, we see a need for research that seeks to understand the ecosystemof threats. Current work in the literature generally focuses only single aspects of thecloud security problem. As we begin to understand problems in isolation, we shouldalso start to put together an understanding of how different issues and threats combine.For example, in web security we understand security problems at a high-level as anecosystem involving the interplay between worms, bots, scams, spam, phishing, activecontent, browsers, usability, and other human factors. We argue that future work oncloud security needs to similarly bridge established topic boundaries. Lastly, we would highlight that breaking real clouds makes them stronger. Suchstudies involve obvious ethical issues, but provide much more compelling results thanbreaking hypothetical clouds. For example, the EC2 information leak study in triggereda highly visible security effort by Amazon Web Services, and serves as a model forsimilar future work in academia. Similarly, the Air Force Mastics securityenhancements originated from a companion effort to find security exploits. Suchcoupled attack and defense approaches serve as a model for potential government cloudsecurity projects today, and cloud providers should sponsor internal adversarial effortsto discover vulnerabilities before they become exposed in the wild. Needless to say,Indus Institute of Technology & Engineering Page 56
  • 57. Security in Cloud Computingstakeholders also need to continue to track black-hat perspectives. Finally, researchpartnerships between different types of stakeholders will likely prove very beneficial toadvancing the field.Indus Institute of Technology & Engineering Page 57
  • 58. Security in Cloud Computing15 Conclusions In cloud computing, end-to-end security is critical. Building blocks from TCGand commercial products built on these principles will help make the cloudenvironment more secure. Ongoing research from TCG and operating system or devicesecurity vendors will take advantage of the TPM using additional software to enhanceits capability for cloud computing. Other research on cloud computing security is underway at several companies. Today, the good news is that most cloud security issues canbe addressed with well-known, existing techniques. The TPM can be an independent entity that works on behalf of cloud computingcustomers. Inside every server in the cloud, the TPM and associated software can checkwhat is installed on each machine and verify the machine’s health and properperformance. When it detects a problem, TNC technology can immediately restrictaccess to a device or server. For securing data at rest in the cloud or in clients thataccess cloud data, self-encrypting drives based on Trusted Storage provide theultimately secure solution. Organizations that have already implemented TCG-based solutions canleverage their corporate investment in hardware, software and policies and re-use themfor cloud computing. If cloud computing represents an organization’s initialimplementation of TCG-based technology (used by the cloud provider), the rest of theorganization should be re-evaluated for areas where TCG technology can provideimproved internal security, including: activating TPMs, use of self-encrypting drivesand network access control through TNC. In an emerging discipline, like cloud computing, security needs to be analyzedmore frequently. With advancement in cloud technologies and increasing number ofcloud users, data security dimensions will continuously increase. In this paper, we haveanalyzed the data security risks and vulnerabilities which are present in current cloudcomputing environments.Indus Institute of Technology & Engineering Page 58
  • 59. Security in Cloud Computing The most obvious finding to emerge from this study is that, there is a need ofbetter trust management. We have built a risk analysis approach based on the prominentsecurity issues. The security analysis and risk analysis approach will help serviceproviders to ensure their customers about the data security. Similarly, the approach canalso be used by cloud service users to perform risk analysis before putting their criticaldata in a security sensitive cloud. At present, there is a lack of structured analysis approaches that can be used forrisk analysis in cloud computing environments. The approach suggested in this paper isa first step towards analyzing data security risks. This approach is easily adaptable forautomation of risk analysis.Indus Institute of Technology & Engineering Page 59
  • 60. Security in Cloud Computing16 Vulnerabilities Cloud computing shares in common with other network-based application, storageand communication platforms certain vulnerabilities in several broad areas: • Web application vulnerabilities, such as cross-site scripting and SQL injection (which are symptomatic of poor field input validation, buffer overflow; as well as default configurations or miss-configured applications. • Accessibility vulnerabilities, which are vulnerabilities inherent to the TCP/IP stack and the operating systems, such as denial of service and distributed denial of services • Authentication of the respondent device or devices. IP spoofing RIP attacks, ARP poisoning (spoofing), and DNS poisoning are all too common on the Internet. TCP/IP has some “unfixable flaws” such as “trusted machine” status of machines that have been in contact with each other, and tacit assumption that routing tables on routers will not be maliciously altered. • Data Verification, tampering, loss and theft, while on a local machine, while in transit, while at rest at the unknown third-party device, or devices, and during remote back-ups. • Physical access issues, both the issue of an organization’s staff not having physical access to the machines storing and processing a data, and the issue of unknown third parties having physical access to the machines • Privacy and control issues stemming from third parties having physical control of a data is an issue for all outsourced networked applications and storage, but cloud architectures have some specific issues that are distinct from the usual issues.Indus Institute of Technology & Engineering Page 60
  • 61. Security in Cloud Computing17 ReferencesURL:http://en.wikipedia.org/wiki/Cloud_Computinghttp://www.cloudsecurityalliance.orghttp://cloudcomputing.sys-con.com/node/1330353http://www.parc.com/content/attachments/ControllingDataInTheCloud-CCSW-09.pdfhttp://www.trustedcomputinggroup.orghttp://cloudsecurityalliance.orghttp://cloudcomputing.sys-con.com/node/1203943http://cloudcomputing.sys-con.com/node/1330353Books: • Amazon elastic computer cloud (2008), http://aws.amazon.com/ec2/ • Twenty Experts Define Cloud Computing (2008), http://cloudcomputing.syscon.com/read/612375_p.htm • Andert, D., Wakefield, R., Weise, J.: Trust Modeling for Security Architecture Development (2002), http://www.sun.com/blueprints • John, H.: Security Guidance for Critical Areas of Focus in Cloud Computing (2009), http://www.cloudsecurityalliance.org/guidance/ (Accessed 2 July 2009) • Two Factor Authentication, http://en.wikipedia.org/wiki/ • Public Key, http://en.wikipedia.org/wiki/Public_key_certificate • Buyya, R., Yeo, C.S., Venugopal, S., Broberg, J., Brandic, I.: Cloud Computing and Emerging IT Platforms: Vision, Hype, and Reality for delivering Computing as the 5th Utility. Future Generation Computer Systems 25, 599–616 • Cachin, C., Keider, I., Shraer, A.: Trusting The Cloud. IBM Research, Zurich Research laboratory (2009) • Google App Engine (2008), http://appengine.google.com • Microsoft Live Mesh (2008), http://www.mesh.com • Brodkin, J.: Seven Cloud Computing Security Risks (2008), http://www.gartner.com/DisplayDocument?id=685308Indus Institute of Technology & Engineering Page 61
  • 62. Security in Cloud Computing 18 Appendices TCG – Trusted Computing Group LAN – Local Area Network API – Application Programming Interface TPI – Trusted Platform Module DMZ - Demilitarized Zones ID -Intrusion Detection IPS- Intrusion Prevention SystemsIndus Institute of Technology & Engineering Page 62