Cloud Security Overview

1. CLOUD SECURITY
BY PURVA DUBLAY

2. CLOUD
INFRASTRUCTURE

3. THIS ILLUSTRATION SHOWS THE
POSSIBLE COMMUNICATION
PATHS BETWEEN FIVE ACTORS.

4. RISK ASSESSMENT IN CLOUD COMPUTING
 TOPMOST THREATS IN CLOUD COMPUTING –
 DATA BREACHES -
 DATA LOSS -
 ACCOUNT OR SERVICE TRAFFIC HIJACKING -
 INSECURE INTERFACE AND APIS –
 DENIAL OF SERVICE –
 MALICIOUS INSIDERS -
 INSUFFICIENT DUE DILIGENCE -
 ABUSE OF CLOUD SERVICES -
 SHARED TECHNOLOGY VULNERABILITIES -

5. VIRTUAL MACHINE VULNERABILITIES
 DRAWBACKS OF VIRTUAL MACHINE : -
 VM ATTACKS - CLOUD SERVER CONTAINS MORE THAN ONE VMS. ONCE VM IS
COMPROMISED, VMS ON THE SAME PHYSICAL SERVER CAN ATTACK EACH
OTHER AS THEY SHARE THE SAME RESOURCES.
 MULTITENANCY - BY DESIGN, CLOUD SHARE THE SAME SOFTWARE AND
HARDWARE SOURCE TO RUN THEIR VMS. AS A RESULT, INFORMATION LEAKAGE
AND INCREASE IN THE ATTACK SURFACE CAN OCCUR.
 HYPERVISOR ATTACKS - ATTACKER OFTEN CONSIDER HYPERVISOR AS A
POTENTIAL TARGET BECAUSE OF ITS ABILITY TO CONTROL OVER ALL INSTALLED
VMS, THE PHYSICAL SYSTEM AND THE HOSTED APPLICATIONS. EX. HYPER
JACKING, VM ESCAPE.

6. SECURITY STANDARDS RECOMMENDATIONS
 SIEM -
 Identity Access Management (IAM) –
 Data Dispersion –
 Data Leakage Prevention (DLP) –
 Bit Splitting –
 Cloud-watch -
 Load Balancer –
 Ensure Effective Exit Process –
 Disaster Recovery Plan -

7. REFRENCES
 Guidelines on Security and Privacy in Public Cloud Computing -
http://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-
144.pdf
 Cloud Security Alliance - https://cloudsecurityalliance.org/group/security-
as-a-service/#_downloads
 Cloud standards Customer Council - http://www.cloud-council.org/
 Security and Privacy Controls for Federal Information Systems and
Organizations -
http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-53r4.pdf