SlideShare a Scribd company logo

652020 Originality Reporthttpsblackboard.nec.eduweba.docx

Download as DOCX, PDF
B
BHANU281672

6/5/2020 Originality Report https://blackboard.nec.edu/webapps/mdb-sa-BB5b75a0e7334a9/originalityReport/ultra?attemptId=2ab444ee-13c8-49eb-86f5-578168754de8&course_id=_47058_1&includeDeleted=true&print=true 1/12 %21 %20 %1 SafeAssign Originality Report Cloud Computing - 202040 - CRN174 - Pollak • Final Project %26Total Score: Medium risk Santhosh Muthyapu Submission UUID: 43a98d6d-211b-6de9-9bf1-1de6250058fd Total Number of Reports 3 Highest Match 43 % Bibliography.docx Average Match 26 % Submitted on 06/05/20 11:46 AM EDT Average Word Count 816 Highest: CLOUDMISCONFIGURATION.pptx %43Attachment 1 Global database (3) Student paper Student paper Student paper Institutional database (1) Student paper Internet (1) fiids Top sources (3) Excluded sources (0) View Originality Report - Old Design Word Count: 193 Bibliography.docx 1 5 3 2 4 2 Student paper 1 Student paper 5 Student paper https://blackboard.nec.edu/webapps/mdb-sa-BB5b75a0e7334a9/originalityReport?attemptId=2ab444ee-13c8-49eb-86f5-578168754de8&course_id=_47058_1&includeDeleted=true&print=true&force=true 6/5/2020 Originality Report https://blackboard.nec.edu/webapps/mdb-sa-BB5b75a0e7334a9/originalityReport/ultra?attemptId=2ab444ee-13c8-49eb-86f5-578168754de8&course_id=_47058_1&includeDeleted=true&print=true 2/12 Source Matches (6) Student paper 83% Student paper 92% Student paper 94% Student paper 81% Bibliography: Baset, S., Suneja, S., Bila, N., Tuncer, O., & Isci, C. (2017). Usable declarative configuration specification and validation for applications, systems, and cloud. Proceedings of the 18th ACM/IFIP/USENIX Middleware Conference on Industrial Track - Middleware ’17. https://doi.org/10.1145/3154448.3154453 Berger, S., Garion, S., Moatti, Y., Naor, D., Pendarakis, D., Shulman-Peleg, A., Rao, J. R., Valdez, E., & Weinsberg, Y. (2016). Security intelligence for cloud management infrastructures. IBM Journal of Research and Development, 60(4), 11:1–11:13. https://doi.org/10.1147/JRD.2016.2572462 Duncan, R. (2020). A multi-cloud world requires a multi-cloud security approach. Computer Fraud & Security, 2020(5), 11–12. https://doi.org/10.1016/S1361-3723(20)30052-X January 15, S. P. on, & 2020. (2020, January 15). Cloud Misconfigurations: The Security Problem Coming From Inside IT. Security Boulevard. https://securityboulevard.com/2020/01/cloud-misconfigurations-the-security-problem-coming-from-inside-it/ Torkura, K. A., Sukmana, M. I. H., Strauss, T., Graupner, H., Cheng, F., & Meinel, C. (2018, November 1). CSBAuditor: Proactive Security Risk Analysis for Cloud Storage Broker Systems. IEEE Xplore. https://doi.org/10.1109/NCA.2018.8548329 1 2 2 3 4 5 1 Student paper Proceedings of the 18th ACM/IFIP/USENIX Middleware Conference on Industrial Track - Middleware ’17. https://doi.org/10.1145/3154448.3154453 Original source Proceedings of the 18th ACM/IFIP/USENIX Middleware Conference on Industrial Track - Middleware '17 doi:10.1145/3.

Education
1 of 39
6/5/2020 Originality Report https://blackboard.nec.edu/webapps/mdb-sa- BB5b75a0e7334a9/originalityReport/ultra?attemptId=2ab444ee- 13c8-49eb-86f5- 578168754de8&course_id=_47058_1&includeDeleted=true&pri nt=true 1/12 %21 %20 %1 SafeAssign Originality Report Cloud Computing - 202040 - CRN174 - Pollak • Final Project %26Total Score: Medium risk Santhosh Muthyapu Submission UUID: 43a98d6d-211b-6de9-9bf1-1de6250058fd Total Number of Reports 3 Highest Match 43 % Bibliography.docx Average Match
26 % Submitted on 06/05/20 11:46 AM EDT Average Word Count 816 Highest: CLOUDMISCONFIGURATION.pptx %43Attachment 1 Global database (3) Student paper Student paper Student paper Institutional database (1) Student paper Internet (1) fiids Top sources (3) Excluded sources (0) View Originality Report - Old Design Word Count: 193 Bibliography.docx 1 5 3
2 4 2 Student paper 1 Student paper 5 Student paper https://blackboard.nec.edu/webapps/mdb-sa- BB5b75a0e7334a9/originalityReport?attemptId=2ab444ee-13c8- 49eb-86f5- 578168754de8&course_id=_47058_1&includeDeleted=true&pri nt=true&force=true 6/5/2020 Originality Report https://blackboard.nec.edu/webapps/mdb-sa- BB5b75a0e7334a9/originalityReport/ultra?attemptId=2ab444ee- 13c8-49eb-86f5- 578168754de8&course_id=_47058_1&includeDeleted=true&pri nt=true 2/12 Source Matches (6) Student paper 83% Student paper 92% Student paper 94% Student paper 81% Bibliography: Baset, S., Suneja, S., Bila, N., Tuncer, O., & Isci, C. (2017). Usable declarative configuration specification and validation for applications, systems, and cloud. Proceedings of the 18th ACM/IFIP/USENIX Middleware
Conference on Industrial Track - Middleware ’17. https://doi.org/10.1145/3154448.3154453 Berger, S., Garion, S., Moatti, Y., Naor, D., Pendarakis, D., Shulman-Peleg, A., Rao, J. R., Valdez, E., & Weinsberg, Y. (2016). Security intelligence for cloud management infrastructures. IBM Journal of Research and Development, 60(4), 11:1–11:13. https://doi.org/10.1147/JRD.2016.2572462 Duncan, R. (2020). A multi-cloud world requires a multi-cloud security approach. Computer Fraud & Security, 2020(5), 11–12. https://doi.org/10.1016/S1361-3723(20)30052-X January 15, S. P. on, & 2020. (2020, January 15). Cloud Misconfigurations: The Security Problem Coming From Inside IT. Security Boulevard. https://securityboulevard.com/2020/01/cloud-misconfigurations- the-security-problem-coming-from-inside-it/ Torkura, K. A., Sukmana, M. I. H., Strauss, T., Graupner, H., Cheng, F., & Meinel, C. (2018, November 1). CSBAuditor: Proactive Security Risk Analysis for Cloud Storage Broker Systems. IEEE Xplore. https://doi.org/10.1109/NCA.2018.8548329 1 2 2 3 4 5 1 Student paper
Proceedings of the 18th ACM/IFIP/USENIX Middleware Conference on Industrial Track - Middleware ’17. https://doi.org/10.1145/3154448.3154453 Original source Proceedings of the 18th ACM/IFIP/USENIX Middleware Conference on Industrial Track - Middleware '17 doi:10.1145/3154448.3154454 2 Student paper Berger, S., Garion, S., Moatti, Y., Naor, D., Pendarakis, D., Shulman-Peleg, A., Rao, J. Original source Berger, S., Garion, S., Moatti, Y., Naor, D., Pendarakis, D., Shulman-Peleg, A., 2 Student paper Security intelligence for cloud management infrastructures. IBM Journal of Research and Development, 60(4), 11:1–11:13. Original source Security intelligence for cloud management infrastructures IBM Journal of Research and Development, 60(4), 11-1
3 Student paper https://doi.org/10.1016/S1361-3723(20)30052-X Original source https://doi.org/10.1016/S1361-3723(18)30052-6 6/5/2020 Originality Report https://blackboard.nec.edu/webapps/mdb-sa- BB5b75a0e7334a9/originalityReport/ultra?attemptId=2ab444ee- 13c8-49eb-86f5- 578168754de8&course_id=_47058_1&includeDeleted=true&pri nt=true 3/12 %5 %3 %2 %10Attachment 2 Global database (4) Student paper Student paper Student paper Student paper Institutional database (1)
Student paper Internet (1) firemon Top sources (3) Excluded sources (0) fiids 65% Student paper 90% 4 Student paper (2020, January 15). Original source 15 FEBBRAIO 2020 5 Student paper The Security Problem Coming From Inside IT. Original source The Security Problem Coming From Inside IT.Security Word Count: 1,239
CLOUDMISCONFIGURATION.pptx 3 2 6 5 4 1 4 Student paper 3 Student paper 1 firemon 6/5/2020 Originality Report https://blackboard.nec.edu/webapps/mdb-sa- BB5b75a0e7334a9/originalityReport/ultra?attemptId=2ab444ee- 13c8-49eb-86f5- 578168754de8&course_id=_47058_1&includeDeleted=true&pri nt=true 4/12 CLOUD MISCONFIGURATION Name: Santhosh Muthyapu Institution: New England College Date: 06/05/2020 Introduction Cloud misconfigurations are a major security risk for organizations They rise when configurations are not done properly
Such misconfigurations expose the organization to security breaches Cloud misconfigurations are now a major security risk for organizations adopting or moving to cloud. They involve security risks that arise when cloud configuration is not done properly hence exposing assets of the organization to possible security breaches. Currently cloud misconfiguration represents the biggest threat that is facing enterprise cloud security 2 Human factor in misconfigurations Human error accounting for most misconfigurations According to the 2018 IBM X-Force Report data breaches with regard to cloud misconfigurations increased by 424% due to human error (Duncan, 2020) 95% of security incidences are fault of customers The human factor in such misconfigurations is a concern for many with human error accounting for most misconfigurations when it comes to cloud solutions. According to the 2018 IBM X-Force Report data breaches with regard to cloud misconfigurations increased by 424% due to human error (Duncan, 2020). Further projections revealed that as of 2020 most of the cloud security incidences or at least 95% would be the fault of customers. 3 Challenges
Permission controls Access restrictions AWS misconfigurations (Torkura et al., 2018) Some of the challenges associated with misconfigurations include permission controls, access restrictions and AWS security misconfigurations 4 AWS security misconfigurations Misconfiguration may occur on EC2 server The server offers security between the port and protocol access level Such a misconfiguration would allow an attacker to gain access to the servers AWS security group involve misconfigurations with regard to EC2 server instances which offers security between the port and protocol access level. A misconfiguration related to this group would allow an attacker to gain access to the servers that are based in cloud and have unauthorized access to the data. 5 AWS security misconfigurations The server may be made accessible via the SSH port (22) This occurs during troubleshooting or debugging Such an error allows attackers to gain access from any location worldwide
1 6/5/2020 Originality Report https://blackboard.nec.edu/webapps/mdb-sa- BB5b75a0e7334a9/originalityReport/ultra?attemptId=2ab444ee- 13c8-49eb-86f5- 578168754de8&course_id=_47058_1&includeDeleted=true&pri nt=true 5/12 Such an error allows attackers to gain access from any location worldwide Most common misconfiguration in this regard usually happens when the server is made accessible via the SSH port (22) that can occur during troubleshooting or debugging. Such a misconfiguration would make it easier for any attacker to gain unauthorized access to the servers from any location in the world. 6 Access restrictions Misconfigurations Occur as a result of inadequate access restrictions Access restrictions prevent unauthorized access Example include unsecured AWS S3 storage buckets Access restrictions misconfigurations happen when there are inadequate access restrictions that can prevent unauthorized access to the cloud infrastructure putting most
organizations around the world at risk. The unrestricted issue in this category involves unsecured AWS S3 storage buckets. Such a misconfiguration could allow attackers to access and even download critical data or information regarding the organization. It can also enable attackers to write on the cloud accounts of the organization. 7 Permission controls misconfigurations They occur when the organization fails to apply the least privilege principle This creates many security risks Permissions limit user activity or actions Absence of permissions allows users to perform unrestricted actions. (Baset et al., 2017). Permission controls misconfigurations come about when the organization fails to apply the least privilege principle hence creating many security risks. As of such permissions relating to accounts of individuals are not limited hence users or individuals can perform unrestricted actions which may not relate to the service they seeking on the platform hence ending up compromising the security of the organization as a result 8 WLAN security WLAN security systems provide security measures for a network
Networks usually prone to unauthorized access The security systems prevent attacker from interfering with the data in the network Encryption Authentication Invisibility (Berger et al., 2016). WLAN security systems offer the necessary protection or security measures for a given network. Such is necessary as networks are prone to unauthorized access by attackers hence making the data or assets of the organization vulnerable. In preventing such most organizations employ encryption solutions, authentication and invisibility among other security techniques with regard to WLANs. Good security measures enable detection, prevention or blocking intruders into the network 9 WLAN security Misconfigurations Misconfigured Aps result to most cases of WLAN breaches Use of intrusion sensors recommended rather than relying on sniffers 6/5/2020 Originality Report https://blackboard.nec.edu/webapps/mdb-sa-
BB5b75a0e7334a9/originalityReport/ultra?attemptId=2ab444ee- 13c8-49eb-86f5- 578168754de8&course_id=_47058_1&includeDeleted=true&pri nt=true 6/12 Use of intrusion sensors recommended rather than relying on sniffers Weak security deployments Weak passphrases Default SSID usage misconfigurations on such security systems such as misconfigured APs result to most cases of WLAN breaches. As a result most organizations ought to make use of intrusion sensors that are independent from the vendor and not rely so much on sniffers. Other vulnerabilities may include lack of security configuration at consumer access points, weak security deployments, weak passphrases and default SSID usage. 10 Solution s to misconfigurations
Adopting automated cloud security solutions Use of embedded security Mixture of human controlled and autonomous methods in validating policy settings and conducting real time network testing (Torkura et al., 2018) In addressing issues regarding with misconfigurations organizations need to adopt automation solutions with regard to with regard to cybersecurity and policy automation in order for them to keep up with the daily increment in activities and adoption of cloud solutions. With more automated information technology security tasks an organization is better placed and prepared to see to it that hybrid cloud complexities are reduced and improved network visibility which will prevent any misconfigurations from happening. Additionally use of embedded security processes and a mixture of human controlled and fully autonomous methods in validating policy settings and conducting real time network testing should see to it that an organization has consistent security in its cloud platforms 11
Advantages and disadvantages Advantages Data security Protection against DDoS attacks Competitive advantage over rivals Regulatory compliance Disadvantages Data theft Lawsuits Tarnished reputation for organization Conclusion Misconfigurations major security risks for organizations Human error leading cause of misconfigurations Reducing
misconfigurations can be achieved via automation of security solitons I l i i fi ti j it i k f i ti th t d ti l d l ti h th d t th t h hi h i l di 2 6/5/2020 Originality Report https://blackboard.nec.edu/webapps/mdb-sa- BB5b75a0e7334a9/originalityReport/ultra?attemptId=2ab444ee- 13c8-49eb-86f5- 578168754de8&course_id=_47058_1&includeDeleted=true&pri nt=true 7/12 Source Matches (7) firemon 64% Student paper 66% Student paper 83%
Student paper 92% In conclusion misconfigurations are now a major security risks for organizations that are adopting cloud solutions hence the need to ensure that human errors which is leading cause of such is reduced. This can be achieved by automation of security solutions in cloud to ensure consistency in cloud security and a reduction in misconfigurations. 13 References Baset, S., Suneja, S., Bila, N., Tuncer, O., & Isci, C. (2017). Usable declarative configuration specification and validation for applications, systems, and cloud. Proceedings of the 18th ACM/IFIP/USENIX Middleware Conference on Industrial Track - Middleware ’17. https://doi.org/10.1145/3154448.3154453 Berger, S., Garion, S., Moatti, Y., Naor, D., Pendarakis, D., Shulman-Peleg, A., Rao, J. R., Valdez, E., & Weinsberg, Y. (2016). Security intelligence for cloud management
infrastructures. IBM Journal of Research and Development, 60(4), 11:1–11:13. https://doi.org/10.1147/JRD.2016.2572462 Duncan, R. (2020). A multi-cloud world requires a multi-cloud security approach. Computer Fraud & Security, 2020(5), 11–12. https://doi.org/10.1016/S1361-3723(20)30052-X January 15, S. P. on, & 2020. (2020, January 15). Cloud Misconfigurations: The Security Problem Coming From Inside IT. Security Boulevard. https://securityboulevard.com/2020/01/cloud-misconfigurations- the-security-problem-coming-from-inside-it/ Torkura, K. A., Sukmana, M. I. H., Strauss, T., Graupner, H., Cheng, F., & Meinel, C. (2018, November 1). CSBAuditor: Proactive Security Risk Analysis for Cloud Storage Broker Systems. IEEE Xplore. https://doi.org/10.1109/NCA.2018.8548329 3 4 4 5 6
1 Student paper According to the 2018 IBM X-Force Report data breaches with regard to cloud misconfigurations increased by 424% due to human error (Duncan, 2020). Original source In 2018, IBM revealed that there was a 424% increase in data breaches due to cloud misconfigurations that were caused by human error 2 Student paper Other vulnerabilities may include lack of security configuration at consumer access points, weak security deployments, weak passphrases and default SSID usage. Original source
Further threats include weak passphrases, weak security deployments, and default SSID usage 3 Student paper Proceedings of the 18th ACM/IFIP/USENIX Middleware Conference on Industrial Track - Middleware ’17. https://doi.org/10.1145/3154448.3154453 Original source Proceedings of the 18th ACM/IFIP/USENIX Middleware Conference on Industrial Track - Middleware '17 doi:10.1145/3154448.3154454 4 Student paper Berger, S., Garion, S., Moatti, Y., Naor, D., Pendarakis, D., Shulman-Peleg, A., Rao, J. Original source
Berger, S., Garion, S., Moatti, Y., Naor, D., Pendarakis, D., Shulman-Peleg, A., 6/5/2020 Originality Report https://blackboard.nec.edu/webapps/mdb-sa- BB5b75a0e7334a9/originalityReport/ultra?attemptId=2ab444ee- 13c8-49eb-86f5- 578168754de8&course_id=_47058_1&includeDeleted=true&pri nt=true 8/12 Student paper 94% Student paper 81% Student paper 90%4 Student paper Security intelligence for cloud management infrastructures. IBM Journal of Research and Development, 60(4), 11:1–11:13.
Original source Security intelligence for cloud management infrastructures IBM Journal of Research and Development, 60(4), 11-1 5 Student paper https://doi.org/10.1016/S1361-3723(20)30052-X Original source https://doi.org/10.1016/S1361-3723(18)30052-6 6 Student paper The Security Problem Coming From Inside IT. Original source
The Security Problem Coming From Inside IT.Security 6/5/2020 Originality Report https://blackboard.nec.edu/webapps/mdb-sa- BB5b75a0e7334a9/originalityReport/ultra?attemptId=2ab444ee- 13c8-49eb-86f5- 578168754de8&course_id=_47058_1&includeDeleted=true&pri nt=true 9/12 %9 %8 %7 %24Attachment 3 Global database (4) Student paper Student paper Student paper Student paper
Institutional database (1) Student paper Internet (3) firemon hpi 1reddrop Top sources (3) Excluded sources (0) Word Count: 1,016 Santhosh Muthyapu Final Project- Cloudmisconfiguration.docx 5 4 7 6 2 3 8 1 2 Student paper 5 Student paper 3 firemon
Running Head: CLOUD MISCONFIGURATIONS 1 CLOUD MISCONFIGURATIONS 5 Cloud Misconfigurations Santhosh Muthyapu New England College Date: 06/05/202 Cloud security risks from misconfiguration Cloud misconfigurations are now a major security risk for organizations adopting or moving to the cloud. They involve security risks that arise when cloud configuration is not done properly hence exposing assets of the organization to possible security breaches. Currently, cloud misconfiguration represents the biggest threat that is facing enterprise cloud security. The human factor in such misconfigurations is a concern for many with human error accounting for most misconfigurations when it comes to cloud solutions. According to the 2018 IBM X-Force Report, data breaches concerning cloud misconfigurations increased by 424% due to
human error (Duncan, 2020). Further projections revealed that as of 2020 most of the cloud security incidences or at least 95% would be the fault of customers. Some of the challenges associated with misconfigurations include permission controls, access restrictions, and AWS security misconfigurations (Torkura et al., 2018). AWS security group involves misconfigurations with regard to EC2 server instances which offers security between the port and protocol access level. A misconfiguration related to this group would allow an attacker to gain access to the servers that are based in the cloud and have unauthorized access to the data. The most common misconfiguration in this regard usually happens when the server is made accessible via the SSH port (22) that can occur during troubleshooting or debugging. Such a misconfiguration would make it easier for an attacker to gain unauthorized access to the servers from any location in the world Access restrictions misconfigurations happen when there are inadequate access restrictions that can prevent unauthorized access to the cloud infrastructure putting most 1 2
3 6/5/2020 Originality Report https://blackboard.nec.edu/webapps/mdb-sa- BB5b75a0e7334a9/originalityReport/ultra?attemptId=2ab444ee- 13c8-49eb-86f5- 578168754de8&course_id=_47058_1&includeDeleted=true&pri nt=true 10/12 Source Matches (10) world. Access restrictions misconfigurations happen when there are inadequate access restrictions that can prevent unauthorized access to the cloud infrastructure putting most organizations around the world at risk. The misreported issue in this category involves unsecured AWS S3 storage buckets. Such a misconfiguration could allow attackers to access and even download critical data or information regarding the organization. It can also enable attackers to write on the cloud accounts of the organization. Permission controls misconfigurations come about when the organization fails to apply the least privilege principle hence creating many security
risks. As such permissions relating to accounts of individuals are not limited hence users or individuals can perform unrestricted actions that may not relate to the service they seeking on the platform hence ending up compromising the security of the organization as a result (Baset et al., 2017). WLAN security systems offer the necessary protection or security measures for a given network. Such is necessary as networks are prone to unauthorized access by attackers hence making the data or assets of the organization vulnerable. In preventing such most organizations employ encryption solutions, authentication, and invisibility among other security techniques with regard to WLANs. Good security measures enable detection, prevention, or blocking intruders into the network (Berger et al., 2016). However, misconfigurations on such security systems such as misconfigured APs result in most cases of WLAN breaches. As a result, most organizations ought to make use of intrusion sensors that are independent of the vendor and not rely so much on sniffers. Other vulnerabilities may include lack of security configuration at consumer access points, weak security deployments, weak passphrases, and default SSID usage. In addressing issues regarding misconfigurations organizations need to adopt automation solutions with regard to with regard to cybersecurity and policy automation in order for
them to keep up with the daily increment in activities and adoption of cloud solutions. With more automated information technology security tasks an organization is better placed and prepared to see to it that hybrid cloud complexities are reduced and improved network visibility which will prevent any misconfigurations from happening. Additionally use of embedded security processes and a mixture of human-controlled and fully autonomous methods in validating policy settings and conducting real-time network testing should see to it that an organization has consistent security in its cloud platforms (Torkura et al., 2018). Addressing such misconfigurations is advantageous as it enables the organization to protect its assets DDoS attacks, ensuring data security by preventing high profile breaches that may tarnish the reputation of the organization or cause the organization to face lawsuits. Additionally ensuring cloud security may provide a competitive advantage for a given organization over its competitors as customers or users will always prefer to have their data secured. Ensuring cloud security also ensure regulatory compliance with predetermined policies from governing bodies. The disadvantages of misconfigurations is that they pose tat security risks that may expose the assets of the organization to attacks leading to data breaches hence suffering the losses that come with it.
4 In conclusion, misconfigurations are now major security risks for organizations that are adopting cloud solutions hence the need to ensure that human errors which is the leading cause of such is reduced. This can be achieved by automation of security solutions in the cloud to ensure consistency in cloud security and a reduction in misconfigurations. References Baset, S., Suneja, S., Bila, N., Tuncer, O., & Isci, C. (2017). Usable declarative configuration specification and validation for applications, systems, and cloud. Proceedings of the 18th ACM/IFIP/USENIX Middleware Conference on Industrial Track - Middleware ’17. https://doi.org/10.1145/3154448.3154453 Berger, S., Garion, S., Moatti, Y., Naor, D., Pendarakis, D., Shulman-Peleg, A., Rao, J. R., Valdez, E., & Weinsberg, Y. (2016). Security intelligence for cloud management infrastructures. IBM Journal of Research and Development,
60(4), 11:1–11:13. https://doi.org/10.1147/JRD.2016.2572462 Duncan, R. (2020). A multi-cloud world requires a multi-cloud security approach. Computer Fraud & Security, 2020(5), 11–12. https://doi.org/10.1016/S1361-3723(20)30052-X January 15, S. P. on, & 2020. (2020, January 15). Cloud Misconfigurations: The Security Problem Coming From Inside IT. Security Boulevard. https://securityboulevard.com/2020/01/cloud-misconfigurations- the-security-problem-coming-from-inside-it/ Torkura, K. A., Sukmana, M. I. H., Strauss, T., Graupner, H., Cheng, F., & Meinel, C. (2018, November 1). CSBAuditor: Proactive Security Risk Analysis for Cloud Storage Broker Systems. IEEE Xplore. https://doi.org/10.1109/NCA.2018.8548329 5 2 2 6 7
8 6/5/2020 Originality Report https://blackboard.nec.edu/webapps/mdb-sa- BB5b75a0e7334a9/originalityReport/ultra?attemptId=2ab444ee- 13c8-49eb-86f5- 578168754de8&course_id=_47058_1&includeDeleted=true&pri nt=true 11/12 1reddrop 66% Student paper 100% firemon 65% Student paper 66% Student paper 83% Student paper 92% Student paper 94%
Student paper 81% 1 Student paper CLOUD MISCONFIGURATIONS 1 CLOUD MISCONFIGURATIONS 5 Original source Cloud Security Misconfigurations Cloud Security Misconfigurations 2 Student paper Cloud security risks from misconfiguration Original source Cloud security risks from misconfiguration
3 Student paper According to the 2018 IBM X-Force Report, data breaches concerning cloud misconfigurations increased by 424% due to human error (Duncan, 2020). Original source In 2018, IBM revealed that there was a 424% increase in data breaches due to cloud misconfigurations that were caused by human error 4 Student paper Other vulnerabilities may include lack of security configuration at consumer access points, weak security deployments, weak passphrases, and default SSID usage. Original source Further threats include weak passphrases, weak security
deployments, and default SSID usage 5 Student paper Proceedings of the 18th ACM/IFIP/USENIX Middleware Conference on Industrial Track - Middleware ’17. https://doi.org/10.1145/3154448.3154453 Original source Proceedings of the 18th ACM/IFIP/USENIX Middleware Conference on Industrial Track - Middleware '17 doi:10.1145/3154448.3154454 2 Student paper Berger, S., Garion, S., Moatti, Y., Naor, D., Pendarakis, D., Shulman-Peleg, A., Rao, J. Original source
Berger, S., Garion, S., Moatti, Y., Naor, D., Pendarakis, D., Shulman-Peleg, A., 2 Student paper Security intelligence for cloud management infrastructures. IBM Journal of Research and Development, 60(4), 11:1–11:13. Original source Security intelligence for cloud management infrastructures IBM Journal of Research and Development, 60(4), 11-1 6 Student paper https://doi.org/10.1016/S1361-3723(20)30052-X Original source
https://doi.org/10.1016/S1361-3723(18)30052-6 6/5/2020 Originality Report https://blackboard.nec.edu/webapps/mdb-sa- BB5b75a0e7334a9/originalityReport/ultra?attemptId=2ab444ee- 13c8-49eb-86f5- 578168754de8&course_id=_47058_1&includeDeleted=true&pri nt=true 12/12 Student paper 90% hpi 73% 7 Student paper The Security Problem Coming From Inside IT. Original source The Security Problem Coming From Inside IT.Security
8 Student paper Proactive Security Risk Analysis for Cloud Storage Broker Systems. Original source 23 Oct 2018 Kennedy Torkura CSBAuditor - Proactive Security Risk Analysis for Cloud Storage Broker Systems

Recommended

7132019 Originality Reporthttpsucumberlands.blackboar.docx
7132019 Originality Reporthttpsucumberlands.blackboar.docx7132019 Originality Reporthttpsucumberlands.blackboar.docx
7132019 Originality Reporthttpsucumberlands.blackboar.docxsleeperharwell
 
SafeAssign Originality ReportSummer 2019 - Security Architecture.docx
SafeAssign Originality ReportSummer 2019 - Security Architecture.docxSafeAssign Originality ReportSummer 2019 - Security Architecture.docx
SafeAssign Originality ReportSummer 2019 - Security Architecture.docxjeffsrosalyn
 
HYBRIDIZED MODEL FOR DATA SECURITY BASED ON SECURITY HASH ANALYSIS (SHA 512) ...
HYBRIDIZED MODEL FOR DATA SECURITY BASED ON SECURITY HASH ANALYSIS (SHA 512) ...HYBRIDIZED MODEL FOR DATA SECURITY BASED ON SECURITY HASH ANALYSIS (SHA 512) ...
HYBRIDIZED MODEL FOR DATA SECURITY BASED ON SECURITY HASH ANALYSIS (SHA 512) ...IJNSA Journal
 
1 - HKT Reporting.pdf
1 - HKT Reporting.pdf1 - HKT Reporting.pdf
1 - HKT Reporting.pdfeLearning Consortium 電子學習聯盟
 
Research Paper TopicITS835 – Enterprise Risk Managemen.docx
Research Paper TopicITS835 – Enterprise Risk Managemen.docxResearch Paper TopicITS835 – Enterprise Risk Managemen.docx
Research Paper TopicITS835 – Enterprise Risk Managemen.docxaudeleypearl
 
Sheet1Country ACountry BProduct 110 Reds9 GreensProduct 22 Reds2.2.docx
Sheet1Country ACountry BProduct 110 Reds9 GreensProduct 22 Reds2.2.docxSheet1Country ACountry BProduct 110 Reds9 GreensProduct 22 Reds2.2.docx
Sheet1Country ACountry BProduct 110 Reds9 GreensProduct 22 Reds2.2.docxedgar6wallace88877
 
Novel cloud computingsecurity issues
Novel cloud computingsecurity issuesNovel cloud computingsecurity issues
Novel cloud computingsecurity issuesJoo Manthar
 
cloudComputingSec_p3.pptx
cloudComputingSec_p3.pptxcloudComputingSec_p3.pptx
cloudComputingSec_p3.pptxSteven Quach
 

Recommended

7132019 Originality Reporthttpsucumberlands.blackboar.docx
7132019 Originality Reporthttpsucumberlands.blackboar.docx7132019 Originality Reporthttpsucumberlands.blackboar.docx
7132019 Originality Reporthttpsucumberlands.blackboar.docxsleeperharwell
 
SafeAssign Originality ReportSummer 2019 - Security Architecture.docx
SafeAssign Originality ReportSummer 2019 - Security Architecture.docxSafeAssign Originality ReportSummer 2019 - Security Architecture.docx
SafeAssign Originality ReportSummer 2019 - Security Architecture.docxjeffsrosalyn
 
HYBRIDIZED MODEL FOR DATA SECURITY BASED ON SECURITY HASH ANALYSIS (SHA 512) ...
HYBRIDIZED MODEL FOR DATA SECURITY BASED ON SECURITY HASH ANALYSIS (SHA 512) ...HYBRIDIZED MODEL FOR DATA SECURITY BASED ON SECURITY HASH ANALYSIS (SHA 512) ...
HYBRIDIZED MODEL FOR DATA SECURITY BASED ON SECURITY HASH ANALYSIS (SHA 512) ...IJNSA Journal
 
1 - HKT Reporting.pdf
1 - HKT Reporting.pdf1 - HKT Reporting.pdf
1 - HKT Reporting.pdfeLearning Consortium 電子學習聯盟
 
Research Paper TopicITS835 – Enterprise Risk Managemen.docx
Research Paper TopicITS835 – Enterprise Risk Managemen.docxResearch Paper TopicITS835 – Enterprise Risk Managemen.docx
Research Paper TopicITS835 – Enterprise Risk Managemen.docxaudeleypearl
 
Sheet1Country ACountry BProduct 110 Reds9 GreensProduct 22 Reds2.2.docx
Sheet1Country ACountry BProduct 110 Reds9 GreensProduct 22 Reds2.2.docxSheet1Country ACountry BProduct 110 Reds9 GreensProduct 22 Reds2.2.docx
Sheet1Country ACountry BProduct 110 Reds9 GreensProduct 22 Reds2.2.docxedgar6wallace88877
 
Novel cloud computingsecurity issues
Novel cloud computingsecurity issuesNovel cloud computingsecurity issues
Novel cloud computingsecurity issuesJoo Manthar
 
cloudComputingSec_p3.pptx
cloudComputingSec_p3.pptxcloudComputingSec_p3.pptx
cloudComputingSec_p3.pptxSteven Quach
 
Effective Information Flow Control as a Service: EIFCaaS
Effective Information Flow Control as a Service: EIFCaaSEffective Information Flow Control as a Service: EIFCaaS
Effective Information Flow Control as a Service: EIFCaaSIRJET Journal
 
CLOUD COMPUTING -Risks, Countermeasures, Costs and Benefits-
CLOUD COMPUTING -Risks, Countermeasures, Costs and Benefits-CLOUD COMPUTING -Risks, Countermeasures, Costs and Benefits-
CLOUD COMPUTING -Risks, Countermeasures, Costs and Benefits-Lillian Ekwosi-Egbulem
 
Implementation of user authentication as a service for cloud network
Implementation of user authentication as a service for cloud networkImplementation of user authentication as a service for cloud network
Implementation of user authentication as a service for cloud networkSalam Shah
 
Implementation_of_User_Authentication_as
Implementation_of_User_Authentication_asImplementation_of_User_Authentication_as
Implementation_of_User_Authentication_asMasood Shah
 
(Pdf) yury chemerkin _ita_2013 proceedings
(Pdf) yury chemerkin _ita_2013 proceedings(Pdf) yury chemerkin _ita_2013 proceedings
(Pdf) yury chemerkin _ita_2013 proceedingsSTO STRATEGY
 
Ponemon cloud security study
Ponemon cloud security studyPonemon cloud security study
Ponemon cloud security studyDome9 Security
 
AbstractCloud computing technology has become the new fron.docx
AbstractCloud computing technology has become the new fron.docxAbstractCloud computing technology has become the new fron.docx
AbstractCloud computing technology has become the new fron.docxSALU18
 
Running head technology vulnerabilities in the cloud
Running head technology vulnerabilities in the cloud Running head technology vulnerabilities in the cloud
Running head technology vulnerabilities in the cloud AKHIL969626
 
journal paper
journal paperjournal paper
journal paperrikaseorika
 
Hindering data theft attack through fog computing
Hindering data theft attack through fog computingHindering data theft attack through fog computing
Hindering data theft attack through fog computingeSAT Publishing House
 
Access Control For Local Area Network Performance Essay
Access Control For Local Area Network Performance EssayAccess Control For Local Area Network Performance Essay
Access Control For Local Area Network Performance EssayDotha Keller
 
6212020 Originality Reporthttpsucumberlands.blackboar.docx
6212020 Originality Reporthttpsucumberlands.blackboar.docx6212020 Originality Reporthttpsucumberlands.blackboar.docx
6212020 Originality Reporthttpsucumberlands.blackboar.docxBHANU281672
 
Br36413417
Br36413417Br36413417
Br36413417IJERA Editor
 
A Comparative Review on Data Security Challenges in Cloud Computing
A Comparative Review on Data Security Challenges in Cloud ComputingA Comparative Review on Data Security Challenges in Cloud Computing
A Comparative Review on Data Security Challenges in Cloud ComputingIRJET Journal
 
INFORMATION SECURITY IN CLOUD COMPUTING
INFORMATION SECURITY IN CLOUD COMPUTINGINFORMATION SECURITY IN CLOUD COMPUTING
INFORMATION SECURITY IN CLOUD COMPUTINGijitcs
 
Security for Effective Data Storage in Multi Clouds
Security for Effective Data Storage in Multi CloudsSecurity for Effective Data Storage in Multi Clouds
Security for Effective Data Storage in Multi CloudsEditor IJCATR
 
Cloud computing
Cloud computingCloud computing
Cloud computingVivekananda college
 
IRJET - Virtual Data Auditing at Overcast Environment
IRJET - Virtual Data Auditing at Overcast EnvironmentIRJET - Virtual Data Auditing at Overcast Environment
IRJET - Virtual Data Auditing at Overcast EnvironmentIRJET Journal
 
Causes And Consequences Of Data Leakage
Causes And Consequences Of Data LeakageCauses And Consequences Of Data Leakage
Causes And Consequences Of Data LeakagePatty Buckley
 
A data quarantine model to secure data in edge computing
A data quarantine model to secure data in edge computingA data quarantine model to secure data in edge computing
A data quarantine model to secure data in edge computingIJECEIAES
 
64c51786.docx
64c51786.docx64c51786.docx
64c51786.docxBHANU281672
 
61Identify the case study you selected. Explain whether the.docx
61Identify the case study you selected. Explain whether the.docx61Identify the case study you selected. Explain whether the.docx
61Identify the case study you selected. Explain whether the.docxBHANU281672
 

More Related Content

Similar to 652020 Originality Reporthttpsblackboard.nec.eduweba.docx

Effective Information Flow Control as a Service: EIFCaaS
Effective Information Flow Control as a Service: EIFCaaSEffective Information Flow Control as a Service: EIFCaaS
Effective Information Flow Control as a Service: EIFCaaSIRJET Journal
 
CLOUD COMPUTING -Risks, Countermeasures, Costs and Benefits-
CLOUD COMPUTING -Risks, Countermeasures, Costs and Benefits-CLOUD COMPUTING -Risks, Countermeasures, Costs and Benefits-
CLOUD COMPUTING -Risks, Countermeasures, Costs and Benefits-Lillian Ekwosi-Egbulem
 
Implementation of user authentication as a service for cloud network
Implementation of user authentication as a service for cloud networkImplementation of user authentication as a service for cloud network
Implementation of user authentication as a service for cloud networkSalam Shah
 
Implementation_of_User_Authentication_as
Implementation_of_User_Authentication_asImplementation_of_User_Authentication_as
Implementation_of_User_Authentication_asMasood Shah
 
(Pdf) yury chemerkin _ita_2013 proceedings
(Pdf) yury chemerkin _ita_2013 proceedings(Pdf) yury chemerkin _ita_2013 proceedings
(Pdf) yury chemerkin _ita_2013 proceedingsSTO STRATEGY
 
Ponemon cloud security study
Ponemon cloud security studyPonemon cloud security study
Ponemon cloud security studyDome9 Security
 
AbstractCloud computing technology has become the new fron.docx
AbstractCloud computing technology has become the new fron.docxAbstractCloud computing technology has become the new fron.docx
AbstractCloud computing technology has become the new fron.docxSALU18
 
Running head technology vulnerabilities in the cloud
Running head technology vulnerabilities in the cloud Running head technology vulnerabilities in the cloud
Running head technology vulnerabilities in the cloud AKHIL969626
 
Hindering data theft attack through fog computing
Hindering data theft attack through fog computingHindering data theft attack through fog computing
Hindering data theft attack through fog computingeSAT Publishing House
 
Access Control For Local Area Network Performance Essay
Access Control For Local Area Network Performance EssayAccess Control For Local Area Network Performance Essay
Access Control For Local Area Network Performance EssayDotha Keller
 
6212020 Originality Reporthttpsucumberlands.blackboar.docx
6212020 Originality Reporthttpsucumberlands.blackboar.docx6212020 Originality Reporthttpsucumberlands.blackboar.docx
6212020 Originality Reporthttpsucumberlands.blackboar.docxBHANU281672
 
A Comparative Review on Data Security Challenges in Cloud Computing
A Comparative Review on Data Security Challenges in Cloud ComputingA Comparative Review on Data Security Challenges in Cloud Computing
A Comparative Review on Data Security Challenges in Cloud ComputingIRJET Journal
 
INFORMATION SECURITY IN CLOUD COMPUTING
INFORMATION SECURITY IN CLOUD COMPUTINGINFORMATION SECURITY IN CLOUD COMPUTING
INFORMATION SECURITY IN CLOUD COMPUTINGijitcs
 
Security for Effective Data Storage in Multi Clouds
Security for Effective Data Storage in Multi CloudsSecurity for Effective Data Storage in Multi Clouds
Security for Effective Data Storage in Multi CloudsEditor IJCATR
 
IRJET - Virtual Data Auditing at Overcast Environment
IRJET - Virtual Data Auditing at Overcast EnvironmentIRJET - Virtual Data Auditing at Overcast Environment
IRJET - Virtual Data Auditing at Overcast EnvironmentIRJET Journal
 
Causes And Consequences Of Data Leakage
Causes And Consequences Of Data LeakageCauses And Consequences Of Data Leakage
Causes And Consequences Of Data LeakagePatty Buckley
 
A data quarantine model to secure data in edge computing
A data quarantine model to secure data in edge computingA data quarantine model to secure data in edge computing
A data quarantine model to secure data in edge computingIJECEIAES
 

Similar to 652020 Originality Reporthttpsblackboard.nec.eduweba.docx (20)

Effective Information Flow Control as a Service: EIFCaaS
Effective Information Flow Control as a Service: EIFCaaSEffective Information Flow Control as a Service: EIFCaaS
Effective Information Flow Control as a Service: EIFCaaS
 
CLOUD COMPUTING -Risks, Countermeasures, Costs and Benefits-
CLOUD COMPUTING -Risks, Countermeasures, Costs and Benefits-CLOUD COMPUTING -Risks, Countermeasures, Costs and Benefits-
CLOUD COMPUTING -Risks, Countermeasures, Costs and Benefits-
 
Implementation of user authentication as a service for cloud network
Implementation of user authentication as a service for cloud networkImplementation of user authentication as a service for cloud network
Implementation of user authentication as a service for cloud network
 
Implementation_of_User_Authentication_as
Implementation_of_User_Authentication_asImplementation_of_User_Authentication_as
Implementation_of_User_Authentication_as
 
(Pdf) yury chemerkin _ita_2013 proceedings
(Pdf) yury chemerkin _ita_2013 proceedings(Pdf) yury chemerkin _ita_2013 proceedings
(Pdf) yury chemerkin _ita_2013 proceedings
 
Ponemon cloud security study
Ponemon cloud security studyPonemon cloud security study
Ponemon cloud security study
 
AbstractCloud computing technology has become the new fron.docx
AbstractCloud computing technology has become the new fron.docxAbstractCloud computing technology has become the new fron.docx
AbstractCloud computing technology has become the new fron.docx
 
Running head technology vulnerabilities in the cloud
Running head technology vulnerabilities in the cloud Running head technology vulnerabilities in the cloud
Running head technology vulnerabilities in the cloud
 
journal paper
journal paperjournal paper
journal paper
 
Hindering data theft attack through fog computing
Hindering data theft attack through fog computingHindering data theft attack through fog computing
Hindering data theft attack through fog computing
 
Access Control For Local Area Network Performance Essay
Access Control For Local Area Network Performance EssayAccess Control For Local Area Network Performance Essay
Access Control For Local Area Network Performance Essay
 
6212020 Originality Reporthttpsucumberlands.blackboar.docx
6212020 Originality Reporthttpsucumberlands.blackboar.docx6212020 Originality Reporthttpsucumberlands.blackboar.docx
6212020 Originality Reporthttpsucumberlands.blackboar.docx
 
Br36413417
Br36413417Br36413417
Br36413417
 
A Comparative Review on Data Security Challenges in Cloud Computing
A Comparative Review on Data Security Challenges in Cloud ComputingA Comparative Review on Data Security Challenges in Cloud Computing
A Comparative Review on Data Security Challenges in Cloud Computing
 
INFORMATION SECURITY IN CLOUD COMPUTING
INFORMATION SECURITY IN CLOUD COMPUTINGINFORMATION SECURITY IN CLOUD COMPUTING
INFORMATION SECURITY IN CLOUD COMPUTING
 
Security for Effective Data Storage in Multi Clouds
Security for Effective Data Storage in Multi CloudsSecurity for Effective Data Storage in Multi Clouds
Security for Effective Data Storage in Multi Clouds
 
Cloud computing
Cloud computingCloud computing
Cloud computing
 
IRJET - Virtual Data Auditing at Overcast Environment
IRJET - Virtual Data Auditing at Overcast EnvironmentIRJET - Virtual Data Auditing at Overcast Environment
IRJET - Virtual Data Auditing at Overcast Environment
 
Causes And Consequences Of Data Leakage
Causes And Consequences Of Data LeakageCauses And Consequences Of Data Leakage
Causes And Consequences Of Data Leakage
 
A data quarantine model to secure data in edge computing
A data quarantine model to secure data in edge computingA data quarantine model to secure data in edge computing
A data quarantine model to secure data in edge computing
 

More from BHANU281672

61Identify the case study you selected. Explain whether the.docx
61Identify the case study you selected. Explain whether the.docx61Identify the case study you selected. Explain whether the.docx
61Identify the case study you selected. Explain whether the.docxBHANU281672
 
60CHAPTER THREEconsistent with the so-called performative app.docx
60CHAPTER THREEconsistent with the so-called performative app.docx60CHAPTER THREEconsistent with the so-called performative app.docx
60CHAPTER THREEconsistent with the so-called performative app.docxBHANU281672
 
6 pagesThe following sections are in the final consulting .docx
6 pagesThe following sections are in the final consulting .docx6 pagesThe following sections are in the final consulting .docx
6 pagesThe following sections are in the final consulting .docxBHANU281672
 
600 words needed1. What do we mean by the New Public Administr.docx
600 words needed1. What do we mean by the New Public Administr.docx600 words needed1. What do we mean by the New Public Administr.docx
600 words needed1. What do we mean by the New Public Administr.docxBHANU281672
 
6 peer responses due in 24 hours Each set of 2 responses wil.docx
6 peer responses due in 24 hours Each set of 2 responses wil.docx6 peer responses due in 24 hours Each set of 2 responses wil.docx
6 peer responses due in 24 hours Each set of 2 responses wil.docxBHANU281672
 
6 page paper onWhat is second language acquisition and why is .docx
6 page paper onWhat is second language acquisition and why is .docx6 page paper onWhat is second language acquisition and why is .docx
6 page paper onWhat is second language acquisition and why is .docxBHANU281672
 
600 Words1) Specify some of the ways in which human resource m.docx
600 Words1) Specify some of the ways in which human resource m.docx600 Words1) Specify some of the ways in which human resource m.docx
600 Words1) Specify some of the ways in which human resource m.docxBHANU281672
 
612020 Originality Reporthttpsucumberlands.blackboard.docx
612020 Originality Reporthttpsucumberlands.blackboard.docx612020 Originality Reporthttpsucumberlands.blackboard.docx
612020 Originality Reporthttpsucumberlands.blackboard.docxBHANU281672
 
61520, 256 PMGlobal Innovation and Intellectual Property.docx
61520, 256 PMGlobal Innovation and Intellectual Property.docx61520, 256 PMGlobal Innovation and Intellectual Property.docx
61520, 256 PMGlobal Innovation and Intellectual Property.docxBHANU281672
 
6 Developing Strategic and Operational PlansIngram Publish.docx
6 Developing Strategic and Operational PlansIngram Publish.docx6 Developing Strategic and Operational PlansIngram Publish.docx
6 Developing Strategic and Operational PlansIngram Publish.docxBHANU281672
 
617httpsdrive.google.comdriveu0mobilefolders1e8xYisfDL.docx
617httpsdrive.google.comdriveu0mobilefolders1e8xYisfDL.docx617httpsdrive.google.comdriveu0mobilefolders1e8xYisfDL.docx
617httpsdrive.google.comdriveu0mobilefolders1e8xYisfDL.docxBHANU281672
 
6.2 What protocols comprise TLS6.3 What is the difference.docx
6.2 What protocols comprise TLS6.3 What is the difference.docx6.2 What protocols comprise TLS6.3 What is the difference.docx
6.2 What protocols comprise TLS6.3 What is the difference.docxBHANU281672
 
6.2 What protocols comprise TLS6.3 What is the difference bet.docx
6.2 What protocols comprise TLS6.3 What is the difference bet.docx6.2 What protocols comprise TLS6.3 What is the difference bet.docx
6.2 What protocols comprise TLS6.3 What is the difference bet.docxBHANU281672
 
6-3 Discussion Making DecisionsDiscussion Topic Starts Jun 5, 2.docx
6-3 Discussion Making DecisionsDiscussion Topic Starts Jun 5, 2.docx6-3 Discussion Making DecisionsDiscussion Topic Starts Jun 5, 2.docx
6-3 Discussion Making DecisionsDiscussion Topic Starts Jun 5, 2.docxBHANU281672
 
5An American in IndiaWhat is my inheritance To what am .docx
5An American in IndiaWhat is my inheritance To what am .docx5An American in IndiaWhat is my inheritance To what am .docx
5An American in IndiaWhat is my inheritance To what am .docxBHANU281672
 
6 PEER RESPONSES DUE IN 24 HOURS.. EACH SET OF 2 HAS ITS OWN INSTRUC.docx
6 PEER RESPONSES DUE IN 24 HOURS.. EACH SET OF 2 HAS ITS OWN INSTRUC.docx6 PEER RESPONSES DUE IN 24 HOURS.. EACH SET OF 2 HAS ITS OWN INSTRUC.docx
6 PEER RESPONSES DUE IN 24 HOURS.. EACH SET OF 2 HAS ITS OWN INSTRUC.docxBHANU281672
 
6 peer responses due in 18 hours Each set of 2 responses will ha.docx
6 peer responses due in 18 hours Each set of 2 responses will ha.docx6 peer responses due in 18 hours Each set of 2 responses will ha.docx
6 peer responses due in 18 hours Each set of 2 responses will ha.docxBHANU281672
 
5I.Observer Effects and Examiner BiasChisum and Turvey.docx
5I.Observer Effects and Examiner BiasChisum and Turvey.docx5I.Observer Effects and Examiner BiasChisum and Turvey.docx
5I.Observer Effects and Examiner BiasChisum and Turvey.docxBHANU281672
 
6 Change Management StagesA Management Checklist to Guide Your E.docx
6 Change Management StagesA Management Checklist to Guide Your E.docx6 Change Management StagesA Management Checklist to Guide Your E.docx
6 Change Management StagesA Management Checklist to Guide Your E.docxBHANU281672
 

More from BHANU281672 (20)

64c51786.docx
64c51786.docx64c51786.docx
64c51786.docx
 
61Identify the case study you selected. Explain whether the.docx
61Identify the case study you selected. Explain whether the.docx61Identify the case study you selected. Explain whether the.docx
61Identify the case study you selected. Explain whether the.docx
 
60CHAPTER THREEconsistent with the so-called performative app.docx
60CHAPTER THREEconsistent with the so-called performative app.docx60CHAPTER THREEconsistent with the so-called performative app.docx
60CHAPTER THREEconsistent with the so-called performative app.docx
 
6 pagesThe following sections are in the final consulting .docx
6 pagesThe following sections are in the final consulting .docx6 pagesThe following sections are in the final consulting .docx
6 pagesThe following sections are in the final consulting .docx
 
600 words needed1. What do we mean by the New Public Administr.docx
600 words needed1. What do we mean by the New Public Administr.docx600 words needed1. What do we mean by the New Public Administr.docx
600 words needed1. What do we mean by the New Public Administr.docx
 
6 peer responses due in 24 hours Each set of 2 responses wil.docx
6 peer responses due in 24 hours Each set of 2 responses wil.docx6 peer responses due in 24 hours Each set of 2 responses wil.docx
6 peer responses due in 24 hours Each set of 2 responses wil.docx
 
6 page paper onWhat is second language acquisition and why is .docx
6 page paper onWhat is second language acquisition and why is .docx6 page paper onWhat is second language acquisition and why is .docx
6 page paper onWhat is second language acquisition and why is .docx
 
600 Words1) Specify some of the ways in which human resource m.docx
600 Words1) Specify some of the ways in which human resource m.docx600 Words1) Specify some of the ways in which human resource m.docx
600 Words1) Specify some of the ways in which human resource m.docx
 
612020 Originality Reporthttpsucumberlands.blackboard.docx
612020 Originality Reporthttpsucumberlands.blackboard.docx612020 Originality Reporthttpsucumberlands.blackboard.docx
612020 Originality Reporthttpsucumberlands.blackboard.docx
 
61520, 256 PMGlobal Innovation and Intellectual Property.docx
61520, 256 PMGlobal Innovation and Intellectual Property.docx61520, 256 PMGlobal Innovation and Intellectual Property.docx
61520, 256 PMGlobal Innovation and Intellectual Property.docx
 
6 Developing Strategic and Operational PlansIngram Publish.docx
6 Developing Strategic and Operational PlansIngram Publish.docx6 Developing Strategic and Operational PlansIngram Publish.docx
6 Developing Strategic and Operational PlansIngram Publish.docx
 
617httpsdrive.google.comdriveu0mobilefolders1e8xYisfDL.docx
617httpsdrive.google.comdriveu0mobilefolders1e8xYisfDL.docx617httpsdrive.google.comdriveu0mobilefolders1e8xYisfDL.docx
617httpsdrive.google.comdriveu0mobilefolders1e8xYisfDL.docx
 
6.2 What protocols comprise TLS6.3 What is the difference.docx
6.2 What protocols comprise TLS6.3 What is the difference.docx6.2 What protocols comprise TLS6.3 What is the difference.docx
6.2 What protocols comprise TLS6.3 What is the difference.docx
 
6.2 What protocols comprise TLS6.3 What is the difference bet.docx
6.2 What protocols comprise TLS6.3 What is the difference bet.docx6.2 What protocols comprise TLS6.3 What is the difference bet.docx
6.2 What protocols comprise TLS6.3 What is the difference bet.docx
 
6-3 Discussion Making DecisionsDiscussion Topic Starts Jun 5, 2.docx
6-3 Discussion Making DecisionsDiscussion Topic Starts Jun 5, 2.docx6-3 Discussion Making DecisionsDiscussion Topic Starts Jun 5, 2.docx
6-3 Discussion Making DecisionsDiscussion Topic Starts Jun 5, 2.docx
 
5An American in IndiaWhat is my inheritance To what am .docx
5An American in IndiaWhat is my inheritance To what am .docx5An American in IndiaWhat is my inheritance To what am .docx
5An American in IndiaWhat is my inheritance To what am .docx
 
6 PEER RESPONSES DUE IN 24 HOURS.. EACH SET OF 2 HAS ITS OWN INSTRUC.docx
6 PEER RESPONSES DUE IN 24 HOURS.. EACH SET OF 2 HAS ITS OWN INSTRUC.docx6 PEER RESPONSES DUE IN 24 HOURS.. EACH SET OF 2 HAS ITS OWN INSTRUC.docx
6 PEER RESPONSES DUE IN 24 HOURS.. EACH SET OF 2 HAS ITS OWN INSTRUC.docx
 
6 peer responses due in 18 hours Each set of 2 responses will ha.docx
6 peer responses due in 18 hours Each set of 2 responses will ha.docx6 peer responses due in 18 hours Each set of 2 responses will ha.docx
6 peer responses due in 18 hours Each set of 2 responses will ha.docx
 
5I.Observer Effects and Examiner BiasChisum and Turvey.docx
5I.Observer Effects and Examiner BiasChisum and Turvey.docx5I.Observer Effects and Examiner BiasChisum and Turvey.docx
5I.Observer Effects and Examiner BiasChisum and Turvey.docx
 
6 Change Management StagesA Management Checklist to Guide Your E.docx
6 Change Management StagesA Management Checklist to Guide Your E.docx6 Change Management StagesA Management Checklist to Guide Your E.docx
6 Change Management StagesA Management Checklist to Guide Your E.docx
 

Recently uploaded

KSHARA STURA .pptx---KSHARA KARMA THERAPY (CAUSTIC THERAPY)————IMP.OF KSHARA ...
KSHARA STURA .pptx---KSHARA KARMA THERAPY (CAUSTIC THERAPY)————IMP.OF KSHARA ...KSHARA STURA .pptx---KSHARA KARMA THERAPY (CAUSTIC THERAPY)————IMP.OF KSHARA ...
KSHARA STURA .pptx---KSHARA KARMA THERAPY (CAUSTIC THERAPY)————IMP.OF KSHARA ...M56BOOKSTORE PRODUCT/SERVICE
 
How to Configure Email Server in Odoo 17
How to Configure Email Server in Odoo 17How to Configure Email Server in Odoo 17
How to Configure Email Server in Odoo 17Celine George
 
Class 11 Legal Studies Ch-1 Concept of State .pdf
Class 11 Legal Studies Ch-1 Concept of State .pdfClass 11 Legal Studies Ch-1 Concept of State .pdf
Class 11 Legal Studies Ch-1 Concept of State .pdfakmcokerachita
 
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxSOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxiammrhaywood
 
Introduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher EducationIntroduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher Educationpboyjonauth
 
Employee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxEmployee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxNirmalaLoungPoorunde1
 
Science 7 - LAND and SEA BREEZE and its Characteristics
Science 7 - LAND and SEA BREEZE and its CharacteristicsScience 7 - LAND and SEA BREEZE and its Characteristics
Science 7 - LAND and SEA BREEZE and its CharacteristicsKarinaGenton
 
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17Celine George
 
MENTAL STATUS EXAMINATION format.docx
MENTAL STATUS EXAMINATION format.docxMENTAL STATUS EXAMINATION format.docx
MENTAL STATUS EXAMINATION format.docxPoojaSen20
 
Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityParis 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityGeoBlogs
 
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Krashi Coaching
 
The basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxThe basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxheathfieldcps1
 
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdfEnzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdfSumit Tiwari
 
A Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformA Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformChameera Dedduwage
 
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPTECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPTiammrhaywood
 
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdfssuser54595a
 
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Sapana Sha
 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introductionMaksud Ahmed
 

Recently uploaded (20)

KSHARA STURA .pptx---KSHARA KARMA THERAPY (CAUSTIC THERAPY)————IMP.OF KSHARA ...
KSHARA STURA .pptx---KSHARA KARMA THERAPY (CAUSTIC THERAPY)————IMP.OF KSHARA ...KSHARA STURA .pptx---KSHARA KARMA THERAPY (CAUSTIC THERAPY)————IMP.OF KSHARA ...
KSHARA STURA .pptx---KSHARA KARMA THERAPY (CAUSTIC THERAPY)————IMP.OF KSHARA ...
 
How to Configure Email Server in Odoo 17
How to Configure Email Server in Odoo 17How to Configure Email Server in Odoo 17
How to Configure Email Server in Odoo 17
 
Class 11 Legal Studies Ch-1 Concept of State .pdf
Class 11 Legal Studies Ch-1 Concept of State .pdfClass 11 Legal Studies Ch-1 Concept of State .pdf
Class 11 Legal Studies Ch-1 Concept of State .pdf
 
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxSOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
 
Introduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher EducationIntroduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher Education
 
TataKelola dan KamSiber Kecerdasan Buatan v022.pdf
TataKelola dan KamSiber Kecerdasan Buatan v022.pdfTataKelola dan KamSiber Kecerdasan Buatan v022.pdf
TataKelola dan KamSiber Kecerdasan Buatan v022.pdf
 
Employee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxEmployee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptx
 
Science 7 - LAND and SEA BREEZE and its Characteristics
Science 7 - LAND and SEA BREEZE and its CharacteristicsScience 7 - LAND and SEA BREEZE and its Characteristics
Science 7 - LAND and SEA BREEZE and its Characteristics
 
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
 
MENTAL STATUS EXAMINATION format.docx
MENTAL STATUS EXAMINATION format.docxMENTAL STATUS EXAMINATION format.docx
MENTAL STATUS EXAMINATION format.docx
 
Staff of Color (SOC) Retention Efforts DDSD
Staff of Color (SOC) Retention Efforts DDSDStaff of Color (SOC) Retention Efforts DDSD
Staff of Color (SOC) Retention Efforts DDSD
 
Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityParis 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activity
 
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
 
The basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxThe basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptx
 
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdfEnzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
 
A Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformA Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy Reform
 
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPTECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
 
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
 
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introduction
 

652020 Originality Reporthttpsblackboard.nec.eduweba.docx

  • 1. 6/5/2020 Originality Report https://blackboard.nec.edu/webapps/mdb-sa- BB5b75a0e7334a9/originalityReport/ultra?attemptId=2ab444ee- 13c8-49eb-86f5- 578168754de8&course_id=_47058_1&includeDeleted=true&pri nt=true 1/12 %21 %20 %1 SafeAssign Originality Report Cloud Computing - 202040 - CRN174 - Pollak • Final Project %26Total Score: Medium risk Santhosh Muthyapu Submission UUID: 43a98d6d-211b-6de9-9bf1-1de6250058fd Total Number of Reports 3 Highest Match 43 % Bibliography.docx Average Match
  • 2. 26 % Submitted on 06/05/20 11:46 AM EDT Average Word Count 816 Highest: CLOUDMISCONFIGURATION.pptx %43Attachment 1 Global database (3) Student paper Student paper Student paper Institutional database (1) Student paper Internet (1) fiids Top sources (3) Excluded sources (0) View Originality Report - Old Design Word Count: 193 Bibliography.docx 1 5 3
  • 3. 2 4 2 Student paper 1 Student paper 5 Student paper https://blackboard.nec.edu/webapps/mdb-sa- BB5b75a0e7334a9/originalityReport?attemptId=2ab444ee-13c8- 49eb-86f5- 578168754de8&course_id=_47058_1&includeDeleted=true&pri nt=true&force=true 6/5/2020 Originality Report https://blackboard.nec.edu/webapps/mdb-sa- BB5b75a0e7334a9/originalityReport/ultra?attemptId=2ab444ee- 13c8-49eb-86f5- 578168754de8&course_id=_47058_1&includeDeleted=true&pri nt=true 2/12 Source Matches (6) Student paper 83% Student paper 92% Student paper 94% Student paper 81% Bibliography: Baset, S., Suneja, S., Bila, N., Tuncer, O., & Isci, C. (2017). Usable declarative configuration specification and validation for applications, systems, and cloud. Proceedings of the 18th ACM/IFIP/USENIX Middleware
  • 4. Conference on Industrial Track - Middleware ’17. https://doi.org/10.1145/3154448.3154453 Berger, S., Garion, S., Moatti, Y., Naor, D., Pendarakis, D., Shulman-Peleg, A., Rao, J. R., Valdez, E., & Weinsberg, Y. (2016). Security intelligence for cloud management infrastructures. IBM Journal of Research and Development, 60(4), 11:1–11:13. https://doi.org/10.1147/JRD.2016.2572462 Duncan, R. (2020). A multi-cloud world requires a multi-cloud security approach. Computer Fraud & Security, 2020(5), 11–12. https://doi.org/10.1016/S1361-3723(20)30052-X January 15, S. P. on, & 2020. (2020, January 15). Cloud Misconfigurations: The Security Problem Coming From Inside IT. Security Boulevard. https://securityboulevard.com/2020/01/cloud-misconfigurations- the-security-problem-coming-from-inside-it/ Torkura, K. A., Sukmana, M. I. H., Strauss, T., Graupner, H., Cheng, F., & Meinel, C. (2018, November 1). CSBAuditor: Proactive Security Risk Analysis for Cloud Storage Broker Systems. IEEE Xplore. https://doi.org/10.1109/NCA.2018.8548329 1 2 2 3 4 5 1 Student paper
  • 5. Proceedings of the 18th ACM/IFIP/USENIX Middleware Conference on Industrial Track - Middleware ’17. https://doi.org/10.1145/3154448.3154453 Original source Proceedings of the 18th ACM/IFIP/USENIX Middleware Conference on Industrial Track - Middleware '17 doi:10.1145/3154448.3154454 2 Student paper Berger, S., Garion, S., Moatti, Y., Naor, D., Pendarakis, D., Shulman-Peleg, A., Rao, J. Original source Berger, S., Garion, S., Moatti, Y., Naor, D., Pendarakis, D., Shulman-Peleg, A., 2 Student paper Security intelligence for cloud management infrastructures. IBM Journal of Research and Development, 60(4), 11:1–11:13. Original source Security intelligence for cloud management infrastructures IBM Journal of Research and Development, 60(4), 11-1
  • 6. 3 Student paper https://doi.org/10.1016/S1361-3723(20)30052-X Original source https://doi.org/10.1016/S1361-3723(18)30052-6 6/5/2020 Originality Report https://blackboard.nec.edu/webapps/mdb-sa- BB5b75a0e7334a9/originalityReport/ultra?attemptId=2ab444ee- 13c8-49eb-86f5- 578168754de8&course_id=_47058_1&includeDeleted=true&pri nt=true 3/12 %5 %3 %2 %10Attachment 2 Global database (4) Student paper Student paper Student paper Student paper Institutional database (1)
  • 7. Student paper Internet (1) firemon Top sources (3) Excluded sources (0) fiids 65% Student paper 90% 4 Student paper (2020, January 15). Original source 15 FEBBRAIO 2020 5 Student paper The Security Problem Coming From Inside IT. Original source The Security Problem Coming From Inside IT.Security Word Count: 1,239
  • 8. CLOUDMISCONFIGURATION.pptx 3 2 6 5 4 1 4 Student paper 3 Student paper 1 firemon 6/5/2020 Originality Report https://blackboard.nec.edu/webapps/mdb-sa- BB5b75a0e7334a9/originalityReport/ultra?attemptId=2ab444ee- 13c8-49eb-86f5- 578168754de8&course_id=_47058_1&includeDeleted=true&pri nt=true 4/12 CLOUD MISCONFIGURATION Name: Santhosh Muthyapu Institution: New England College Date: 06/05/2020 Introduction Cloud misconfigurations are a major security risk for organizations They rise when configurations are not done properly
  • 9. Such misconfigurations expose the organization to security breaches Cloud misconfigurations are now a major security risk for organizations adopting or moving to cloud. They involve security risks that arise when cloud configuration is not done properly hence exposing assets of the organization to possible security breaches. Currently cloud misconfiguration represents the biggest threat that is facing enterprise cloud security 2 Human factor in misconfigurations Human error accounting for most misconfigurations According to the 2018 IBM X-Force Report data breaches with regard to cloud misconfigurations increased by 424% due to human error (Duncan, 2020) 95% of security incidences are fault of customers The human factor in such misconfigurations is a concern for many with human error accounting for most misconfigurations when it comes to cloud solutions. According to the 2018 IBM X-Force Report data breaches with regard to cloud misconfigurations increased by 424% due to human error (Duncan, 2020). Further projections revealed that as of 2020 most of the cloud security incidences or at least 95% would be the fault of customers. 3 Challenges
  • 10. Permission controls Access restrictions AWS misconfigurations (Torkura et al., 2018) Some of the challenges associated with misconfigurations include permission controls, access restrictions and AWS security misconfigurations 4 AWS security misconfigurations Misconfiguration may occur on EC2 server The server offers security between the port and protocol access level Such a misconfiguration would allow an attacker to gain access to the servers AWS security group involve misconfigurations with regard to EC2 server instances which offers security between the port and protocol access level. A misconfiguration related to this group would allow an attacker to gain access to the servers that are based in cloud and have unauthorized access to the data. 5 AWS security misconfigurations The server may be made accessible via the SSH port (22) This occurs during troubleshooting or debugging Such an error allows attackers to gain access from any location worldwide
  • 11. 1 6/5/2020 Originality Report https://blackboard.nec.edu/webapps/mdb-sa- BB5b75a0e7334a9/originalityReport/ultra?attemptId=2ab444ee- 13c8-49eb-86f5- 578168754de8&course_id=_47058_1&includeDeleted=true&pri nt=true 5/12 Such an error allows attackers to gain access from any location worldwide Most common misconfiguration in this regard usually happens when the server is made accessible via the SSH port (22) that can occur during troubleshooting or debugging. Such a misconfiguration would make it easier for any attacker to gain unauthorized access to the servers from any location in the world. 6 Access restrictions Misconfigurations Occur as a result of inadequate access restrictions Access restrictions prevent unauthorized access Example include unsecured AWS S3 storage buckets Access restrictions misconfigurations happen when there are inadequate access restrictions that can prevent unauthorized access to the cloud infrastructure putting most
  • 12. organizations around the world at risk. The unrestricted issue in this category involves unsecured AWS S3 storage buckets. Such a misconfiguration could allow attackers to access and even download critical data or information regarding the organization. It can also enable attackers to write on the cloud accounts of the organization. 7 Permission controls misconfigurations They occur when the organization fails to apply the least privilege principle This creates many security risks Permissions limit user activity or actions Absence of permissions allows users to perform unrestricted actions. (Baset et al., 2017). Permission controls misconfigurations come about when the organization fails to apply the least privilege principle hence creating many security risks. As of such permissions relating to accounts of individuals are not limited hence users or individuals can perform unrestricted actions which may not relate to the service they seeking on the platform hence ending up compromising the security of the organization as a result 8 WLAN security WLAN security systems provide security measures for a network
  • 13. Networks usually prone to unauthorized access The security systems prevent attacker from interfering with the data in the network Encryption Authentication Invisibility (Berger et al., 2016). WLAN security systems offer the necessary protection or security measures for a given network. Such is necessary as networks are prone to unauthorized access by attackers hence making the data or assets of the organization vulnerable. In preventing such most organizations employ encryption solutions, authentication and invisibility among other security techniques with regard to WLANs. Good security measures enable detection, prevention or blocking intruders into the network 9 WLAN security Misconfigurations Misconfigured Aps result to most cases of WLAN breaches Use of intrusion sensors recommended rather than relying on sniffers 6/5/2020 Originality Report https://blackboard.nec.edu/webapps/mdb-sa-
  • 14. BB5b75a0e7334a9/originalityReport/ultra?attemptId=2ab444ee- 13c8-49eb-86f5- 578168754de8&course_id=_47058_1&includeDeleted=true&pri nt=true 6/12 Use of intrusion sensors recommended rather than relying on sniffers Weak security deployments Weak passphrases Default SSID usage misconfigurations on such security systems such as misconfigured APs result to most cases of WLAN breaches. As a result most organizations ought to make use of intrusion sensors that are independent from the vendor and not rely so much on sniffers. Other vulnerabilities may include lack of security configuration at consumer access points, weak security deployments, weak passphrases and default SSID usage. 10 Solution s to misconfigurations
  • 15. Adopting automated cloud security solutions Use of embedded security Mixture of human controlled and autonomous methods in validating policy settings and conducting real time network testing (Torkura et al., 2018) In addressing issues regarding with misconfigurations organizations need to adopt automation solutions with regard to with regard to cybersecurity and policy automation in order for them to keep up with the daily increment in activities and adoption of cloud solutions. With more automated information technology security tasks an organization is better placed and prepared to see to it that hybrid cloud complexities are reduced and improved network visibility which will prevent any misconfigurations from happening. Additionally use of embedded security processes and a mixture of human controlled and fully autonomous methods in validating policy settings and conducting real time network testing should see to it that an organization has consistent security in its cloud platforms 11
  • 16. Advantages and disadvantages Advantages Data security Protection against DDoS attacks Competitive advantage over rivals Regulatory compliance Disadvantages Data theft Lawsuits Tarnished reputation for organization Conclusion Misconfigurations major security risks for organizations Human error leading cause of misconfigurations Reducing
  • 17. misconfigurations can be achieved via automation of security solitons I l i i fi ti j it i k f i ti th t d ti l d l ti h th d t th t h hi h i l di 2 6/5/2020 Originality Report https://blackboard.nec.edu/webapps/mdb-sa- BB5b75a0e7334a9/originalityReport/ultra?attemptId=2ab444ee- 13c8-49eb-86f5- 578168754de8&course_id=_47058_1&includeDeleted=true&pri nt=true 7/12 Source Matches (7) firemon 64% Student paper 66% Student paper 83%
  • 18. Student paper 92% In conclusion misconfigurations are now a major security risks for organizations that are adopting cloud solutions hence the need to ensure that human errors which is leading cause of such is reduced. This can be achieved by automation of security solutions in cloud to ensure consistency in cloud security and a reduction in misconfigurations. 13 References Baset, S., Suneja, S., Bila, N., Tuncer, O., & Isci, C. (2017). Usable declarative configuration specification and validation for applications, systems, and cloud. Proceedings of the 18th ACM/IFIP/USENIX Middleware Conference on Industrial Track - Middleware ’17. https://doi.org/10.1145/3154448.3154453 Berger, S., Garion, S., Moatti, Y., Naor, D., Pendarakis, D., Shulman-Peleg, A., Rao, J. R., Valdez, E., & Weinsberg, Y. (2016). Security intelligence for cloud management
  • 19. infrastructures. IBM Journal of Research and Development, 60(4), 11:1–11:13. https://doi.org/10.1147/JRD.2016.2572462 Duncan, R. (2020). A multi-cloud world requires a multi-cloud security approach. Computer Fraud & Security, 2020(5), 11–12. https://doi.org/10.1016/S1361-3723(20)30052-X January 15, S. P. on, & 2020. (2020, January 15). Cloud Misconfigurations: The Security Problem Coming From Inside IT. Security Boulevard. https://securityboulevard.com/2020/01/cloud-misconfigurations- the-security-problem-coming-from-inside-it/ Torkura, K. A., Sukmana, M. I. H., Strauss, T., Graupner, H., Cheng, F., & Meinel, C. (2018, November 1). CSBAuditor: Proactive Security Risk Analysis for Cloud Storage Broker Systems. IEEE Xplore. https://doi.org/10.1109/NCA.2018.8548329 3 4 4 5 6
  • 20. 1 Student paper According to the 2018 IBM X-Force Report data breaches with regard to cloud misconfigurations increased by 424% due to human error (Duncan, 2020). Original source In 2018, IBM revealed that there was a 424% increase in data breaches due to cloud misconfigurations that were caused by human error 2 Student paper Other vulnerabilities may include lack of security configuration at consumer access points, weak security deployments, weak passphrases and default SSID usage. Original source
  • 21. Further threats include weak passphrases, weak security deployments, and default SSID usage 3 Student paper Proceedings of the 18th ACM/IFIP/USENIX Middleware Conference on Industrial Track - Middleware ’17. https://doi.org/10.1145/3154448.3154453 Original source Proceedings of the 18th ACM/IFIP/USENIX Middleware Conference on Industrial Track - Middleware '17 doi:10.1145/3154448.3154454 4 Student paper Berger, S., Garion, S., Moatti, Y., Naor, D., Pendarakis, D., Shulman-Peleg, A., Rao, J. Original source
  • 22. Berger, S., Garion, S., Moatti, Y., Naor, D., Pendarakis, D., Shulman-Peleg, A., 6/5/2020 Originality Report https://blackboard.nec.edu/webapps/mdb-sa- BB5b75a0e7334a9/originalityReport/ultra?attemptId=2ab444ee- 13c8-49eb-86f5- 578168754de8&course_id=_47058_1&includeDeleted=true&pri nt=true 8/12 Student paper 94% Student paper 81% Student paper 90%4 Student paper Security intelligence for cloud management infrastructures. IBM Journal of Research and Development, 60(4), 11:1–11:13.
  • 23. Original source Security intelligence for cloud management infrastructures IBM Journal of Research and Development, 60(4), 11-1 5 Student paper https://doi.org/10.1016/S1361-3723(20)30052-X Original source https://doi.org/10.1016/S1361-3723(18)30052-6 6 Student paper The Security Problem Coming From Inside IT. Original source
  • 24. The Security Problem Coming From Inside IT.Security 6/5/2020 Originality Report https://blackboard.nec.edu/webapps/mdb-sa- BB5b75a0e7334a9/originalityReport/ultra?attemptId=2ab444ee- 13c8-49eb-86f5- 578168754de8&course_id=_47058_1&includeDeleted=true&pri nt=true 9/12 %9 %8 %7 %24Attachment 3 Global database (4) Student paper Student paper Student paper Student paper
  • 25. Institutional database (1) Student paper Internet (3) firemon hpi 1reddrop Top sources (3) Excluded sources (0) Word Count: 1,016 Santhosh Muthyapu Final Project- Cloudmisconfiguration.docx 5 4 7 6 2 3 8 1 2 Student paper 5 Student paper 3 firemon
  • 26. Running Head: CLOUD MISCONFIGURATIONS 1 CLOUD MISCONFIGURATIONS 5 Cloud Misconfigurations Santhosh Muthyapu New England College Date: 06/05/202 Cloud security risks from misconfiguration Cloud misconfigurations are now a major security risk for organizations adopting or moving to the cloud. They involve security risks that arise when cloud configuration is not done properly hence exposing assets of the organization to possible security breaches. Currently, cloud misconfiguration represents the biggest threat that is facing enterprise cloud security. The human factor in such misconfigurations is a concern for many with human error accounting for most misconfigurations when it comes to cloud solutions. According to the 2018 IBM X-Force Report, data breaches concerning cloud misconfigurations increased by 424% due to
  • 27. human error (Duncan, 2020). Further projections revealed that as of 2020 most of the cloud security incidences or at least 95% would be the fault of customers. Some of the challenges associated with misconfigurations include permission controls, access restrictions, and AWS security misconfigurations (Torkura et al., 2018). AWS security group involves misconfigurations with regard to EC2 server instances which offers security between the port and protocol access level. A misconfiguration related to this group would allow an attacker to gain access to the servers that are based in the cloud and have unauthorized access to the data. The most common misconfiguration in this regard usually happens when the server is made accessible via the SSH port (22) that can occur during troubleshooting or debugging. Such a misconfiguration would make it easier for an attacker to gain unauthorized access to the servers from any location in the world Access restrictions misconfigurations happen when there are inadequate access restrictions that can prevent unauthorized access to the cloud infrastructure putting most 1 2
  • 28. 3 6/5/2020 Originality Report https://blackboard.nec.edu/webapps/mdb-sa- BB5b75a0e7334a9/originalityReport/ultra?attemptId=2ab444ee- 13c8-49eb-86f5- 578168754de8&course_id=_47058_1&includeDeleted=true&pri nt=true 10/12 Source Matches (10) world. Access restrictions misconfigurations happen when there are inadequate access restrictions that can prevent unauthorized access to the cloud infrastructure putting most organizations around the world at risk. The misreported issue in this category involves unsecured AWS S3 storage buckets. Such a misconfiguration could allow attackers to access and even download critical data or information regarding the organization. It can also enable attackers to write on the cloud accounts of the organization. Permission controls misconfigurations come about when the organization fails to apply the least privilege principle hence creating many security
  • 29. risks. As such permissions relating to accounts of individuals are not limited hence users or individuals can perform unrestricted actions that may not relate to the service they seeking on the platform hence ending up compromising the security of the organization as a result (Baset et al., 2017). WLAN security systems offer the necessary protection or security measures for a given network. Such is necessary as networks are prone to unauthorized access by attackers hence making the data or assets of the organization vulnerable. In preventing such most organizations employ encryption solutions, authentication, and invisibility among other security techniques with regard to WLANs. Good security measures enable detection, prevention, or blocking intruders into the network (Berger et al., 2016). However, misconfigurations on such security systems such as misconfigured APs result in most cases of WLAN breaches. As a result, most organizations ought to make use of intrusion sensors that are independent of the vendor and not rely so much on sniffers. Other vulnerabilities may include lack of security configuration at consumer access points, weak security deployments, weak passphrases, and default SSID usage. In addressing issues regarding misconfigurations organizations need to adopt automation solutions with regard to with regard to cybersecurity and policy automation in order for
  • 30. them to keep up with the daily increment in activities and adoption of cloud solutions. With more automated information technology security tasks an organization is better placed and prepared to see to it that hybrid cloud complexities are reduced and improved network visibility which will prevent any misconfigurations from happening. Additionally use of embedded security processes and a mixture of human-controlled and fully autonomous methods in validating policy settings and conducting real-time network testing should see to it that an organization has consistent security in its cloud platforms (Torkura et al., 2018). Addressing such misconfigurations is advantageous as it enables the organization to protect its assets DDoS attacks, ensuring data security by preventing high profile breaches that may tarnish the reputation of the organization or cause the organization to face lawsuits. Additionally ensuring cloud security may provide a competitive advantage for a given organization over its competitors as customers or users will always prefer to have their data secured. Ensuring cloud security also ensure regulatory compliance with predetermined policies from governing bodies. The disadvantages of misconfigurations is that they pose tat security risks that may expose the assets of the organization to attacks leading to data breaches hence suffering the losses that come with it.
  • 31. 4 In conclusion, misconfigurations are now major security risks for organizations that are adopting cloud solutions hence the need to ensure that human errors which is the leading cause of such is reduced. This can be achieved by automation of security solutions in the cloud to ensure consistency in cloud security and a reduction in misconfigurations. References Baset, S., Suneja, S., Bila, N., Tuncer, O., & Isci, C. (2017). Usable declarative configuration specification and validation for applications, systems, and cloud. Proceedings of the 18th ACM/IFIP/USENIX Middleware Conference on Industrial Track - Middleware ’17. https://doi.org/10.1145/3154448.3154453 Berger, S., Garion, S., Moatti, Y., Naor, D., Pendarakis, D., Shulman-Peleg, A., Rao, J. R., Valdez, E., & Weinsberg, Y. (2016). Security intelligence for cloud management infrastructures. IBM Journal of Research and Development,
  • 32. 60(4), 11:1–11:13. https://doi.org/10.1147/JRD.2016.2572462 Duncan, R. (2020). A multi-cloud world requires a multi-cloud security approach. Computer Fraud & Security, 2020(5), 11–12. https://doi.org/10.1016/S1361-3723(20)30052-X January 15, S. P. on, & 2020. (2020, January 15). Cloud Misconfigurations: The Security Problem Coming From Inside IT. Security Boulevard. https://securityboulevard.com/2020/01/cloud-misconfigurations- the-security-problem-coming-from-inside-it/ Torkura, K. A., Sukmana, M. I. H., Strauss, T., Graupner, H., Cheng, F., & Meinel, C. (2018, November 1). CSBAuditor: Proactive Security Risk Analysis for Cloud Storage Broker Systems. IEEE Xplore. https://doi.org/10.1109/NCA.2018.8548329 5 2 2 6 7
  • 34. Student paper 81% 1 Student paper CLOUD MISCONFIGURATIONS 1 CLOUD MISCONFIGURATIONS 5 Original source Cloud Security Misconfigurations Cloud Security Misconfigurations 2 Student paper Cloud security risks from misconfiguration Original source Cloud security risks from misconfiguration
  • 35. 3 Student paper According to the 2018 IBM X-Force Report, data breaches concerning cloud misconfigurations increased by 424% due to human error (Duncan, 2020). Original source In 2018, IBM revealed that there was a 424% increase in data breaches due to cloud misconfigurations that were caused by human error 4 Student paper Other vulnerabilities may include lack of security configuration at consumer access points, weak security deployments, weak passphrases, and default SSID usage. Original source Further threats include weak passphrases, weak security
  • 36. deployments, and default SSID usage 5 Student paper Proceedings of the 18th ACM/IFIP/USENIX Middleware Conference on Industrial Track - Middleware ’17. https://doi.org/10.1145/3154448.3154453 Original source Proceedings of the 18th ACM/IFIP/USENIX Middleware Conference on Industrial Track - Middleware '17 doi:10.1145/3154448.3154454 2 Student paper Berger, S., Garion, S., Moatti, Y., Naor, D., Pendarakis, D., Shulman-Peleg, A., Rao, J. Original source
  • 37. Berger, S., Garion, S., Moatti, Y., Naor, D., Pendarakis, D., Shulman-Peleg, A., 2 Student paper Security intelligence for cloud management infrastructures. IBM Journal of Research and Development, 60(4), 11:1–11:13. Original source Security intelligence for cloud management infrastructures IBM Journal of Research and Development, 60(4), 11-1 6 Student paper https://doi.org/10.1016/S1361-3723(20)30052-X Original source
  • 39. 8 Student paper Proactive Security Risk Analysis for Cloud Storage Broker Systems. Original source 23 Oct 2018 Kennedy Torkura CSBAuditor - Proactive Security Risk Analysis for Cloud Storage Broker Systems