6/5/2020 Originality Report
https://blackboard.nec.edu/webapps/mdb-sa-BB5b75a0e7334a9/originalityReport/ultra?attemptId=2ab444ee-13c8-49eb-86f5-578168754de8&course_id=_47058_1&includeDeleted=true&print=true 1/12
%21
%20
%1
SafeAssign Originality Report
Cloud Computing - 202040 - CRN174 - Pollak • Final Project
%26Total Score: Medium risk
Santhosh Muthyapu
Submission UUID: 43a98d6d-211b-6de9-9bf1-1de6250058fd
Total Number of Reports
3
Highest Match
43 %
Bibliography.docx
Average Match
26 %
Submitted on
06/05/20
11:46 AM EDT
Average Word Count
816
Highest: CLOUDMISCONFIGURATION.pptx
%43Attachment 1
Global database (3)
Student paper Student paper Student paper
Institutional database (1)
Student paper
Internet (1)
fiids
Top sources (3)
Excluded sources (0)
View Originality Report - Old Design
Word Count: 193
Bibliography.docx
1 5 3
2
4
2 Student paper 1 Student paper 5 Student paper
https://blackboard.nec.edu/webapps/mdb-sa-BB5b75a0e7334a9/originalityReport?attemptId=2ab444ee-13c8-49eb-86f5-578168754de8&course_id=_47058_1&includeDeleted=true&print=true&force=true
6/5/2020 Originality Report
https://blackboard.nec.edu/webapps/mdb-sa-BB5b75a0e7334a9/originalityReport/ultra?attemptId=2ab444ee-13c8-49eb-86f5-578168754de8&course_id=_47058_1&includeDeleted=true&print=true 2/12
Source Matches (6)
Student paper 83%
Student paper 92%
Student paper 94%
Student paper 81%
Bibliography: Baset, S., Suneja, S., Bila, N., Tuncer, O., & Isci, C. (2017). Usable declarative configuration specification and validation for applications, systems, and cloud.
Proceedings of the 18th ACM/IFIP/USENIX Middleware Conference on Industrial Track - Middleware ’17. https://doi.org/10.1145/3154448.3154453
Berger, S., Garion, S., Moatti, Y., Naor, D., Pendarakis, D., Shulman-Peleg, A., Rao, J. R., Valdez, E., & Weinsberg, Y. (2016). Security intelligence for cloud management
infrastructures. IBM Journal of Research and Development, 60(4), 11:1–11:13. https://doi.org/10.1147/JRD.2016.2572462
Duncan, R. (2020). A multi-cloud world requires a multi-cloud security approach. Computer Fraud & Security, 2020(5), 11–12. https://doi.org/10.1016/S1361-3723(20)30052-X
January 15, S. P. on, & 2020. (2020, January 15). Cloud Misconfigurations: The Security Problem Coming From Inside IT. Security Boulevard.
https://securityboulevard.com/2020/01/cloud-misconfigurations-the-security-problem-coming-from-inside-it/ Torkura, K. A., Sukmana, M. I. H., Strauss, T., Graupner, H., Cheng, F.,
& Meinel, C. (2018, November 1). CSBAuditor: Proactive Security Risk Analysis for Cloud Storage Broker Systems. IEEE Xplore. https://doi.org/10.1109/NCA.2018.8548329
1
2 2
3
4 5
1
Student paper
Proceedings of the 18th ACM/IFIP/USENIX Middleware
Conference on Industrial Track - Middleware ’17.
https://doi.org/10.1145/3154448.3154453
Original source
Proceedings of the 18th ACM/IFIP/USENIX Middleware
Conference on Industrial Track - Middleware '17
doi:10.1145/3.
2. 26 %
Submitted on
06/05/20
11:46 AM EDT
Average Word Count
816
Highest: CLOUDMISCONFIGURATION.pptx
%43Attachment 1
Global database (3)
Student paper Student paper Student paper
Institutional database (1)
Student paper
Internet (1)
fiids
Top sources (3)
Excluded sources (0)
View Originality Report - Old Design
Word Count: 193
Bibliography.docx
1 5 3
3. 2
4
2 Student paper 1 Student paper 5 Student paper
https://blackboard.nec.edu/webapps/mdb-sa-
BB5b75a0e7334a9/originalityReport?attemptId=2ab444ee-13c8-
49eb-86f5-
578168754de8&course_id=_47058_1&includeDeleted=true&pri
nt=true&force=true
6/5/2020 Originality Report
https://blackboard.nec.edu/webapps/mdb-sa-
BB5b75a0e7334a9/originalityReport/ultra?attemptId=2ab444ee-
13c8-49eb-86f5-
578168754de8&course_id=_47058_1&includeDeleted=true&pri
nt=true 2/12
Source Matches (6)
Student paper 83%
Student paper 92%
Student paper 94%
Student paper 81%
Bibliography: Baset, S., Suneja, S., Bila, N., Tuncer, O., & Isci,
C. (2017). Usable declarative configuration specification and
validation for applications, systems, and cloud.
Proceedings of the 18th ACM/IFIP/USENIX Middleware
4. Conference on Industrial Track - Middleware ’17.
https://doi.org/10.1145/3154448.3154453
Berger, S., Garion, S., Moatti, Y., Naor, D., Pendarakis, D.,
Shulman-Peleg, A., Rao, J. R., Valdez, E., & Weinsberg, Y.
(2016). Security intelligence for cloud management
infrastructures. IBM Journal of Research and Development,
60(4), 11:1–11:13. https://doi.org/10.1147/JRD.2016.2572462
Duncan, R. (2020). A multi-cloud world requires a multi-cloud
security approach. Computer Fraud & Security, 2020(5), 11–12.
https://doi.org/10.1016/S1361-3723(20)30052-X
January 15, S. P. on, & 2020. (2020, January 15). Cloud
Misconfigurations: The Security Problem Coming From Inside
IT. Security Boulevard.
https://securityboulevard.com/2020/01/cloud-misconfigurations-
the-security-problem-coming-from-inside-it/ Torkura, K. A.,
Sukmana, M. I. H., Strauss, T., Graupner, H., Cheng, F.,
& Meinel, C. (2018, November 1). CSBAuditor: Proactive
Security Risk Analysis for Cloud Storage Broker Systems. IEEE
Xplore. https://doi.org/10.1109/NCA.2018.8548329
1
2 2
3
4 5
1
Student paper
5. Proceedings of the 18th ACM/IFIP/USENIX Middleware
Conference on Industrial Track - Middleware ’17.
https://doi.org/10.1145/3154448.3154453
Original source
Proceedings of the 18th ACM/IFIP/USENIX Middleware
Conference on Industrial Track - Middleware '17
doi:10.1145/3154448.3154454
2
Student paper
Berger, S., Garion, S., Moatti, Y., Naor, D., Pendarakis, D.,
Shulman-Peleg, A., Rao, J.
Original source
Berger, S., Garion, S., Moatti, Y., Naor, D., Pendarakis, D.,
Shulman-Peleg, A.,
2
Student paper
Security intelligence for cloud management
infrastructures. IBM Journal of Research and
Development, 60(4), 11:1–11:13.
Original source
Security intelligence for cloud management
infrastructures IBM Journal of Research and
Development, 60(4), 11-1
7. Student paper
Internet (1)
firemon
Top sources (3)
Excluded sources (0)
fiids 65%
Student paper 90%
4
Student paper
(2020, January 15).
Original source
15 FEBBRAIO 2020
5
Student paper
The Security Problem Coming From Inside IT.
Original source
The Security Problem Coming From Inside IT.Security
Word Count: 1,239
8. CLOUDMISCONFIGURATION.pptx
3 2 6
5
4
1
4 Student paper 3 Student paper 1 firemon
6/5/2020 Originality Report
https://blackboard.nec.edu/webapps/mdb-sa-
BB5b75a0e7334a9/originalityReport/ultra?attemptId=2ab444ee-
13c8-49eb-86f5-
578168754de8&course_id=_47058_1&includeDeleted=true&pri
nt=true 4/12
CLOUD MISCONFIGURATION
Name: Santhosh Muthyapu
Institution: New England College
Date: 06/05/2020
Introduction
Cloud misconfigurations are a major security risk for
organizations
They rise when configurations are not done properly
9. Such misconfigurations expose the organization to security
breaches
Cloud misconfigurations are now a major security risk for
organizations adopting or moving to cloud. They involve
security risks that arise when cloud configuration is not done
properly hence exposing assets of the organization to possible
security breaches. Currently cloud misconfiguration represents
the biggest threat that is facing enterprise cloud
security
2
Human factor in misconfigurations
Human error accounting for most misconfigurations
According to the 2018 IBM X-Force Report data breaches with
regard to cloud misconfigurations increased by 424% due to
human error (Duncan, 2020) 95% of security incidences
are fault of customers
The human factor in such misconfigurations is a concern for
many with human error accounting for most misconfigurations
when it comes to cloud solutions. According to
the 2018 IBM X-Force Report data breaches with regard to
cloud misconfigurations increased by 424% due to human error
(Duncan, 2020). Further projections revealed that as of
2020 most of the cloud security incidences or at least 95%
would be the fault of customers.
3
Challenges
10. Permission controls
Access restrictions
AWS misconfigurations (Torkura et al., 2018)
Some of the challenges associated with misconfigurations
include permission controls, access restrictions and AWS
security misconfigurations
4
AWS security misconfigurations Misconfiguration may occur on
EC2 server
The server offers security between the port and protocol access
level
Such a misconfiguration would allow an attacker to gain access
to the servers
AWS security group involve misconfigurations with regard to
EC2 server instances which offers security between the port and
protocol access level. A misconfiguration related to
this group would allow an attacker to gain access to the servers
that are based in cloud and have unauthorized access to the
data. 5
AWS security misconfigurations The server may be made
accessible via the SSH port (22) This occurs during
troubleshooting or debugging
Such an error allows attackers to gain access from any location
worldwide
11. 1
6/5/2020 Originality Report
https://blackboard.nec.edu/webapps/mdb-sa-
BB5b75a0e7334a9/originalityReport/ultra?attemptId=2ab444ee-
13c8-49eb-86f5-
578168754de8&course_id=_47058_1&includeDeleted=true&pri
nt=true 5/12
Such an error allows attackers to gain access from any location
worldwide
Most common misconfiguration in this regard usually happens
when the server is made accessible via the SSH port (22) that
can occur during troubleshooting or debugging. Such
a misconfiguration would make it easier for any attacker to gain
unauthorized access to the servers from any location in the
world.
6
Access restrictions
Misconfigurations Occur as a result of inadequate access
restrictions
Access restrictions prevent unauthorized access
Example include unsecured AWS S3 storage buckets
Access restrictions misconfigurations happen when there are
inadequate access restrictions that can prevent unauthorized
access to the cloud infrastructure putting most
12. organizations around the world at risk. The unrestricted issue in
this category involves unsecured AWS S3 storage buckets. Such
a misconfiguration could allow attackers to access
and even download critical data or information regarding the
organization. It can also enable attackers to write on the cloud
accounts of the organization.
7
Permission controls misconfigurations
They occur when the organization fails to apply the least
privilege principle
This creates many security risks
Permissions limit user activity or actions
Absence of permissions allows users to perform unrestricted
actions. (Baset et al., 2017).
Permission controls misconfigurations come about when the
organization fails to apply the least privilege principle hence
creating many security risks. As of such permissions
relating to accounts of individuals are not limited hence users or
individuals can perform unrestricted actions which may not
relate to the service they seeking on the platform
hence ending up compromising the security of the organization
as a result
8
WLAN security
WLAN security systems provide security measures for a
network
13. Networks usually prone to unauthorized access
The security systems prevent attacker from interfering with the
data in the network
Encryption
Authentication
Invisibility (Berger et al., 2016).
WLAN security systems offer the necessary protection or
security measures for a given network. Such is necessary as
networks are prone to unauthorized access by attackers
hence making the data or assets of the organization vulnerable.
In preventing such most organizations employ encryption
solutions, authentication and invisibility among other
security techniques with regard to WLANs. Good security
measures enable detection, prevention or blocking intruders into
the network
9
WLAN security Misconfigurations
Misconfigured Aps result to most cases of WLAN breaches
Use of intrusion sensors recommended rather than relying on
sniffers
6/5/2020 Originality Report
https://blackboard.nec.edu/webapps/mdb-sa-
14. BB5b75a0e7334a9/originalityReport/ultra?attemptId=2ab444ee-
13c8-49eb-86f5-
578168754de8&course_id=_47058_1&includeDeleted=true&pri
nt=true 6/12
Use of intrusion sensors recommended rather than relying on
sniffers
Weak security deployments
Weak passphrases
Default SSID usage
misconfigurations on such security systems such as
misconfigured APs result to most cases of WLAN breaches.
As a result most organizations ought to make use of intrusion
sensors that are independent from the vendor and not rely so
much on sniffers. Other vulnerabilities may
include lack of security configuration at consumer access
points, weak security deployments, weak passphrases and
default SSID usage.
10
Solution
s to misconfigurations
15. Adopting automated cloud security solutions
Use of embedded security
Mixture of human controlled and autonomous methods in
validating policy settings and conducting real time network
testing (Torkura et al., 2018)
In addressing issues regarding with misconfigurations
organizations need to adopt automation solutions with regard to
with regard to cybersecurity and policy automation in
order for them to keep up with the daily increment in activities
and adoption of cloud solutions. With more automated
information technology security tasks an organization is
better placed and prepared to see to it that hybrid cloud
complexities are reduced and improved network visibility which
will prevent any misconfigurations from happening.
Additionally use of embedded security processes and a mixture
of human controlled and fully autonomous methods in
validating policy settings and conducting real time network
testing should see to it that an organization has consistent
security in its cloud platforms
11
16. Advantages and disadvantages
Advantages
Data security
Protection against DDoS attacks
Competitive advantage over rivals
Regulatory compliance
Disadvantages
Data theft
Lawsuits
Tarnished reputation for organization
Conclusion
Misconfigurations major security risks for organizations
Human error leading cause of misconfigurations Reducing
17. misconfigurations can be achieved via automation of security
solitons
I l i i fi ti j it i k f i ti th t d ti l d l ti h th d t th t h hi h i l di
2
6/5/2020 Originality Report
https://blackboard.nec.edu/webapps/mdb-sa-
BB5b75a0e7334a9/originalityReport/ultra?attemptId=2ab444ee-
13c8-49eb-86f5-
578168754de8&course_id=_47058_1&includeDeleted=true&pri
nt=true 7/12
Source Matches (7)
firemon 64%
Student paper 66%
Student paper 83%
18. Student paper 92%
In conclusion misconfigurations are now a major security risks
for organizations that are adopting cloud solutions hence the
need to ensure that human errors which is leading
cause of such is reduced. This can be achieved by automation of
security solutions in cloud to ensure consistency in cloud
security and a reduction in misconfigurations.
13
References
Baset, S., Suneja, S., Bila, N., Tuncer, O., & Isci, C. (2017).
Usable declarative configuration specification and validation
for applications, systems, and cloud. Proceedings of the
18th ACM/IFIP/USENIX Middleware Conference on Industrial
Track - Middleware ’17.
https://doi.org/10.1145/3154448.3154453
Berger, S., Garion, S., Moatti, Y., Naor, D., Pendarakis, D.,
Shulman-Peleg, A., Rao, J. R., Valdez, E., & Weinsberg, Y.
(2016). Security intelligence for cloud management
19. infrastructures. IBM Journal of Research and Development,
60(4), 11:1–11:13. https://doi.org/10.1147/JRD.2016.2572462
Duncan, R. (2020). A multi-cloud world requires a multi-cloud
security approach. Computer Fraud & Security, 2020(5), 11–12.
https://doi.org/10.1016/S1361-3723(20)30052-X
January 15, S. P. on, & 2020. (2020, January 15). Cloud
Misconfigurations: The Security Problem Coming From Inside
IT. Security Boulevard.
https://securityboulevard.com/2020/01/cloud-misconfigurations-
the-security-problem-coming-from-inside-it/ Torkura, K. A.,
Sukmana, M. I. H., Strauss, T., Graupner, H., Cheng, F.,
& Meinel, C. (2018, November 1). CSBAuditor: Proactive
Security Risk Analysis for Cloud Storage Broker Systems. IEEE
Xplore. https://doi.org/10.1109/NCA.2018.8548329
3
4 4
5
6
20. 1
Student paper
According to the 2018 IBM X-Force Report data breaches
with regard to cloud misconfigurations increased by
424% due to human error (Duncan, 2020).
Original source
In 2018, IBM revealed that there was a 424% increase in
data breaches due to cloud misconfigurations that were
caused by human error
2
Student paper
Other vulnerabilities may include lack of security
configuration at consumer access points, weak security
deployments, weak passphrases and default SSID usage.
Original source
21. Further threats include weak passphrases, weak security
deployments, and default SSID usage
3
Student paper
Proceedings of the 18th ACM/IFIP/USENIX Middleware
Conference on Industrial Track - Middleware ’17.
https://doi.org/10.1145/3154448.3154453
Original source
Proceedings of the 18th ACM/IFIP/USENIX Middleware
Conference on Industrial Track - Middleware '17
doi:10.1145/3154448.3154454
4
Student paper
Berger, S., Garion, S., Moatti, Y., Naor, D., Pendarakis, D.,
Shulman-Peleg, A., Rao, J.
Original source
22. Berger, S., Garion, S., Moatti, Y., Naor, D., Pendarakis, D.,
Shulman-Peleg, A.,
6/5/2020 Originality Report
https://blackboard.nec.edu/webapps/mdb-sa-
BB5b75a0e7334a9/originalityReport/ultra?attemptId=2ab444ee-
13c8-49eb-86f5-
578168754de8&course_id=_47058_1&includeDeleted=true&pri
nt=true 8/12
Student paper 94%
Student paper 81%
Student paper 90%4
Student paper
Security intelligence for cloud management
infrastructures. IBM Journal of Research and
Development, 60(4), 11:1–11:13.
23. Original source
Security intelligence for cloud management
infrastructures IBM Journal of Research and
Development, 60(4), 11-1
5
Student paper
https://doi.org/10.1016/S1361-3723(20)30052-X
Original source
https://doi.org/10.1016/S1361-3723(18)30052-6
6
Student paper
The Security Problem Coming From Inside IT.
Original source
24. The Security Problem Coming From Inside IT.Security
6/5/2020 Originality Report
https://blackboard.nec.edu/webapps/mdb-sa-
BB5b75a0e7334a9/originalityReport/ultra?attemptId=2ab444ee-
13c8-49eb-86f5-
578168754de8&course_id=_47058_1&includeDeleted=true&pri
nt=true 9/12
%9
%8
%7
%24Attachment 3
Global database (4)
Student paper Student paper Student paper
Student paper
25. Institutional database (1)
Student paper
Internet (3)
firemon hpi 1reddrop
Top sources (3)
Excluded sources (0)
Word Count: 1,016
Santhosh Muthyapu Final Project- Cloudmisconfiguration.docx
5 4 7
6
2
3 8 1
2 Student paper 5 Student paper 3 firemon
26. Running Head: CLOUD MISCONFIGURATIONS 1
CLOUD MISCONFIGURATIONS 5
Cloud Misconfigurations
Santhosh Muthyapu
New England College Date: 06/05/202
Cloud security risks from misconfiguration
Cloud misconfigurations are now a major security risk for
organizations adopting or moving to the cloud. They involve
security risks that arise when cloud configuration is not
done properly hence exposing assets of the organization to
possible security breaches. Currently, cloud misconfiguration
represents the biggest threat that is facing enterprise
cloud security. The human factor in such misconfigurations is a
concern for many with human error accounting for most
misconfigurations when it comes to cloud solutions.
According to the 2018 IBM X-Force Report, data breaches
concerning cloud misconfigurations increased by 424% due to
27. human error (Duncan, 2020). Further projections revealed
that as of 2020 most of the cloud security incidences or at least
95% would be the fault of customers. Some of the challenges
associated with misconfigurations include permission
controls, access restrictions, and AWS security
misconfigurations (Torkura et al., 2018). AWS security group
involves misconfigurations with regard to EC2 server instances
which
offers security between the port and protocol access level. A
misconfiguration related to this group would allow an attacker
to gain access to the servers that are based in the
cloud and have unauthorized access to the data. The most
common misconfiguration in this regard usually happens when
the server is made accessible via the SSH port (22) that
can occur during troubleshooting or debugging. Such a
misconfiguration would make it easier for an attacker to gain
unauthorized access to the servers from any location in the
world Access restrictions misconfigurations happen when there
are inadequate access restrictions that can prevent unauthorized
access to the cloud infrastructure putting most
1
2
28. 3
6/5/2020 Originality Report
https://blackboard.nec.edu/webapps/mdb-sa-
BB5b75a0e7334a9/originalityReport/ultra?attemptId=2ab444ee-
13c8-49eb-86f5-
578168754de8&course_id=_47058_1&includeDeleted=true&pri
nt=true 10/12
Source Matches (10)
world. Access restrictions misconfigurations happen when there
are inadequate access restrictions that can prevent unauthorized
access to the cloud infrastructure putting most
organizations around the world at risk. The misreported issue in
this category involves unsecured AWS S3 storage buckets. Such
a misconfiguration could allow attackers to access
and even download critical data or information regarding the
organization. It can also enable attackers to write on the cloud
accounts of the organization. Permission controls
misconfigurations come about when the organization fails to
apply the least privilege principle hence creating many security
29. risks. As such permissions relating to accounts of
individuals are not limited hence users or individuals can
perform unrestricted actions that may not relate to the service
they seeking on the platform hence ending up
compromising the security of the organization as a result (Baset
et al., 2017). WLAN security systems offer the necessary
protection or security measures for a given network. Such
is necessary as networks are prone to unauthorized access by
attackers hence making the data or assets of the organization
vulnerable. In preventing such most organizations
employ encryption solutions, authentication, and invisibility
among other security techniques with regard to WLANs. Good
security measures enable detection, prevention, or
blocking intruders into the network (Berger et al., 2016).
However, misconfigurations on such security systems such as
misconfigured APs result in most cases of WLAN breaches.
As a result, most organizations ought to make use of intrusion
sensors that are independent of the vendor and not rely so much
on sniffers. Other vulnerabilities may include
lack of security configuration at consumer access points, weak
security deployments, weak passphrases, and default SSID
usage. In addressing issues regarding misconfigurations
organizations need to adopt automation solutions with regard to
with regard to cybersecurity and policy automation in order for
30. them to keep up with the daily increment in
activities and adoption of cloud solutions. With more automated
information technology security tasks an organization is better
placed and prepared to see to it that hybrid cloud
complexities are reduced and improved network visibility which
will prevent any misconfigurations from happening.
Additionally use of embedded security processes and a
mixture of human-controlled and fully autonomous methods in
validating policy settings and conducting real-time network
testing should see to it that an organization has
consistent security in its cloud platforms (Torkura et al., 2018).
Addressing such misconfigurations is advantageous as it enables
the organization to protect its assets DDoS attacks,
ensuring data security by preventing high profile breaches that
may tarnish the reputation of the organization or cause the
organization to face lawsuits. Additionally ensuring
cloud security may provide a competitive advantage for a given
organization over its competitors as customers or users will
always prefer to have their data secured. Ensuring
cloud security also ensure regulatory compliance with
predetermined policies from governing bodies. The
disadvantages of misconfigurations is that they pose tat security
risks
that may expose the assets of the organization to attacks leading
to data breaches hence suffering the losses that come with it.
31. 4
In conclusion, misconfigurations are now major security risks
for organizations that are adopting cloud solutions hence the
need to ensure that human errors which is the leading
cause of such is reduced. This can be achieved by automation of
security solutions in the cloud to ensure consistency in cloud
security and a reduction in misconfigurations.
References
Baset, S., Suneja, S., Bila, N., Tuncer, O., & Isci, C. (2017).
Usable declarative configuration specification and validation
for applications, systems, and cloud. Proceedings of the
18th ACM/IFIP/USENIX Middleware Conference on Industrial
Track - Middleware ’17.
https://doi.org/10.1145/3154448.3154453
Berger, S., Garion, S., Moatti, Y., Naor, D., Pendarakis, D.,
Shulman-Peleg, A., Rao, J. R., Valdez, E., & Weinsberg, Y.
(2016). Security intelligence for cloud management
infrastructures. IBM Journal of Research and Development,
32. 60(4), 11:1–11:13. https://doi.org/10.1147/JRD.2016.2572462
Duncan, R. (2020). A multi-cloud world requires a multi-cloud
security approach. Computer Fraud & Security, 2020(5), 11–12.
https://doi.org/10.1016/S1361-3723(20)30052-X
January 15, S. P. on, & 2020. (2020, January 15). Cloud
Misconfigurations: The Security Problem Coming From Inside
IT. Security Boulevard.
https://securityboulevard.com/2020/01/cloud-misconfigurations-
the-security-problem-coming-from-inside-it/ Torkura, K. A.,
Sukmana, M. I. H., Strauss, T., Graupner, H., Cheng, F.,
& Meinel, C. (2018, November 1). CSBAuditor: Proactive
Security Risk Analysis for Cloud Storage Broker Systems. IEEE
Xplore. https://doi.org/10.1109/NCA.2018.8548329
5
2 2
6
7
34. Student paper 81%
1
Student paper
CLOUD MISCONFIGURATIONS 1 CLOUD
MISCONFIGURATIONS 5
Original source
Cloud Security Misconfigurations Cloud Security
Misconfigurations
2
Student paper
Cloud security risks from misconfiguration
Original source
Cloud security risks from misconfiguration
35. 3
Student paper
According to the 2018 IBM X-Force Report, data breaches
concerning cloud misconfigurations increased by 424%
due to human error (Duncan, 2020).
Original source
In 2018, IBM revealed that there was a 424% increase in
data breaches due to cloud misconfigurations that were
caused by human error
4
Student paper
Other vulnerabilities may include lack of security
configuration at consumer access points, weak security
deployments, weak passphrases, and default SSID usage.
Original source
Further threats include weak passphrases, weak security
36. deployments, and default SSID usage
5
Student paper
Proceedings of the 18th ACM/IFIP/USENIX Middleware
Conference on Industrial Track - Middleware ’17.
https://doi.org/10.1145/3154448.3154453
Original source
Proceedings of the 18th ACM/IFIP/USENIX Middleware
Conference on Industrial Track - Middleware '17
doi:10.1145/3154448.3154454
2
Student paper
Berger, S., Garion, S., Moatti, Y., Naor, D., Pendarakis, D.,
Shulman-Peleg, A., Rao, J.
Original source
37. Berger, S., Garion, S., Moatti, Y., Naor, D., Pendarakis, D.,
Shulman-Peleg, A.,
2
Student paper
Security intelligence for cloud management
infrastructures. IBM Journal of Research and
Development, 60(4), 11:1–11:13.
Original source
Security intelligence for cloud management
infrastructures IBM Journal of Research and
Development, 60(4), 11-1
6
Student paper
https://doi.org/10.1016/S1361-3723(20)30052-X
Original source