SlideShare a Scribd company logo

3-UnitV_security.pptx

Download as PPTX, PDF
S
SubhadipDutta36

UnitV_security

Engineering
1 of 51
UNIT-IV Cloud Security: Basic Terms and Concepts, Threat Agents, Cloud Security Threats, Cloud Risk Division and Risk Management, Cloud Security Architecture, VM Security Challenges
TERMS • THREAT • Vulnerability • Risk • Asset: An asset is what we’re trying to protect. • Counter Measures: Set of actions implemented to prevent threats.
WHAT IS THREAT? • Anything that can exploit a vulnerability, intentionally or accidentally, and obtain, damage, or destroy an asset. • A threat is what we’re trying to protect against. • In computer security, a threat is a possible danger that might exploit a vulnerability to breach security and therefore cause possible harm. • A threat can be either "intentional" (i.e. hacking: an individual cracker or a criminal organization) or "accidental" (e.g. the possibility of a computer malfunctioning, or the possibility of a natural disaster such as an earthquake, a fire, or a tornado) or otherwise a circumstance, capability, action, or event.
Vulnerability • Weaknesses or gaps in a security program that can be exploited by threats to gain unauthorized access to an asset. • A vulnerability is a weakness or gap in our protection efforts. • IT resource vulnerabilities can have a range of causes, including configuration deficiencies, security policy weaknesses, user errors, hardware or firmware flaws, software bugs, and poor security architecture.
Risk • The potential for loss, damage or destruction of an asset as a result of a threat exploiting a vulnerability. • Risk is the intersection of assets, threats, and vulnerabilities. • Two metrics that can be used to determine risk for an IT resource are: • the probability of a threat occurring to exploit vulnerabilities in the ITresource • the expectation of loss upon the IT resource being compromised
• The role a threat agent assumes in relation to • vulnerabilities • threats • risks • the safeguards established by security policies and security mechanisms.
THREAT PROFILE • Threats consist of following properties: • Asset: Something of value to the organization. • Actor: who or what may violate the security requirements(CIA) • Motive: indication of whether the actor’s intentions are deliberate or accidental. • Access: how the asset will be accessed by the actor. • Outcome: the immediate result of violating the security requirements of an asset.
Sources of risk • Human error: disclosure of confidential information. • Computer abuse or crime: when a person intends to be malicious and starts to steal information from sites. • Natural and political disasters: This can happen in the form of natural calamities and wars. • Failure of hardware or software: server malfunctioning, software errors etc.
Three Pillars Of Information Security
CIA Triangle
Confidentiality • When protecting information, we want to be able to restrict access to those who are allowed to see it; everyone else should be disallowed from learning anything about its contents. This is the essence of confidentiality. • Example: ID and passwords to authenticate authorized users. • Permitting someone to look over your shoulder at your computer screen while you have confidential data displayed on it could be a breach of confidentiality.
Confidentiality • Within cloud environments, confidentiality primarily pertains to restricting access to data in transit and storage. • If a laptop computer containing sensitive information about a company's employees is stolen or sold, it could result in a breach of confidentiality. • Federal law requires that universities restrict access to private student information. The university must be sure that only those who are authorized have access to view the grade records.
ENCRYPTION
Integrity • Integrity is the assurance that the information being accessed has not been altered and truly represents what is intended. • An important issue that concerns data integrity in the cloud is whether a cloud consumer can be guaranteed that the data it transmits to a cloud service matches the data received by that cloud service. Integrity can extend to how data is stored, processed, and retrieved by cloud services and cloud-based IT resources.
Integrity • Information integrity means information truly represents its intended meaning. Information can lose its integrity through malicious intent, such as when someone who is not authorized makes a change to intentionally misrepresent something • Integrity can also be lost unintentionally, such as when a computer power surge corrupts a file or someone authorized to make a change accidentally deletes a file or enters incorrect information. • Integrity is lost when a computer virus infects a computer • when an employee is able to modify his own salary in a payroll database • when an unauthorized user vandalizes a web site • when someone is able to cast a very large number of votes in an online poll • Example: Checksums for the verification of integrity.
CHECKSUM
Availability • For any information system to serve its purpose, the information must be available when it is needed. • This means the computing systems used to store and process the information, the security controls used to protect it, and the communication channels used to access it must be functioning correctly. • High availability systems aim to remain available at all times, preventing service disruptions due to power outages, hardware failures, and system upgrades. • Ensuring availability also involves preventing denial of service attacks, such as a flood of incoming messages to the target system, essentially forcing it to shut down.
Cloud Security Threats 1. Traffic Eavesdropping 2. Malicious Intermediary 3. Denial of Services 4. Insufficient Authorization 5. Virtualization Attack 6. Overlapping Trust Boundaries
1. Traffic Eavesdropping • Eavesdropping attack also referred to as sniffing or snooping attack is a major concern when comes to cyber security. Through these attacks, your information like passwords, card details, and other sensitive data is easily stolen while it is getting transferred from one device to another. • Traffic eavesdropping as the unauthorized interception of data transmitted over a network. • It can occur on wired and wireless networks.
The motivations of attackers who engage in traffic eavesdropping:  Stealing sensitive information (e.g., login credentials, financial data).  Gaining a competitive advantage.  Espionage and surveillance. The common methods used by attackers to eavesdrop on network traffic: Packet sniffing. Man-in-the-Middle (MitM) attacks. Data interception at network endpoints
Risks and consequences of traffic eavesdropping:  Data breaches.  Privacy violations.  Financial losses.  Damage to reputation. Vulnerable Communication Protocols • HTTP vs. HTTPS. • Unsecured Wi-Fi networks. • Legacy encryption standards. Countermeasures and Best Practices • Present strategies to mitigate traffic eavesdropping: • Encryption (e.g., TLS/SSL). • VPN (Virtual Private Network) usage. • Regular software updates. • Secure Wi-Fi practices.
Malicious Intermediary • Malicious Intermediary threat arises when messages are intercepted and altered by a malicious service agent, thereby potentially compromising the message’s confidentiality and/or integrity. • It may also insert harmful data into the message before forwarding it to its destination.
Insufficient Authorization • This attack occurs when access is granted to an attacker erroneously or too broadly, resulting in the attacker getting access to IT resources that are normally protected. • This is often a result of the attacker gaining direct access to IT resources that were implemented under the assumption that they would only be accessed by trusted consumer programs. • IT is also known as weak authentication.
Virtualization Attack • Virtualization provides multiple cloud consumers with access to IT resources that share underlying hardware but are logically isolated from each other. • Once cloud providers grant cloud consumers administrative access to virtualized IT resources, there is an inherent risk that cloud consumers could abuse this access to attack the underlying physical IT resources.
Overlapping Trust Boundaries • If physical IT resources within a cloud are shared by different users, these cloud service consumers have overlapping trust boundaries. • Malicious user can target shared IT resources with the intention of compromising cloud consumers or other It resources that share the same trust boundary.
Cloud Risk • Policy and organizational risks • Technical risks • Legal risks • Other risks
Policy and Organizational Risks 1. Lock-in: SaaS lock-in, PaaS lock-in, IaaS lock-in, It occurs due to high customization of services according to user demand. 2. Loss of control and governance: it can lead-fulfilment of the security requirement, lack of CIA, reduction in performance and QoS. 3. Compliances challenges 4. Cloud service termination or failure 5. Supply chain failure
Technical Risks • Isolation Failure: Computing capacity, storage, network shared among multiple users. This multi-tenancy may leads toward some threats such as (failure of logical or physical separation between memory stacks, storage and routing table) Possible attacks: SQL injection and guest-hopping attacks • Resource Exhaustions: Many resource allocation algorithms are used for allocating all resources to cloud users. So, insufficient resource provisioning and investments in infrastructure may lead to service unavailability problem or degradation in performance.
• Cloud provider malicious insider: The malicious actions of an insider could possibly have an impact on the CIA of all kind of data, IP, all kind of services and indirectly reputation of organization, customer expectation and experiences of employees. Technology can help detect insider threats through: • User activity monitoring • Incident investigations • Access management • User and behavior analytics
• Loss of encryption Keys: • Intercepting data in transit: transmission of data takes place across multiple physical machines. Data at risk during transmission from to on-premises cloud or cloud to on-premises. • Attacks: Spoofing, man-in-the-middle attacks • Insecure or ineffective deletion of data • Conflicts between customer hardening procedures and cloud environment • Malicious probes or scams • Compromise service engine
Legal Risks • Risk from changes of jurisdiction • Licensing risks • Data protection
Other Risks • Backup lost or stolen • Unauthorized access to premises • Theft of computer equipment • Natural disasters
Cloud Computing Security Architecture • Data center layer • VM layer • Service provider layer • User layer
VM Security Challenges 1. Communication between VMs or VMs and Host 2. VM escape 3. VM monitoring from the host 4. VM monitoring from another VM 5. Denial of services 6. External modification of a VM 7. External modification of the hypervisor 8. Mixed trust level VM 9. Resource contention
1. Communication between VMs or VMs and Host: • Communication between VMs: This refers to the exchange of data or information between virtual machines (VMs) running on the same physical host. VMs can communicate with each other using various methods, such as virtual networks or inter-process communication (IPC). • Communication between VMs and Host: This involves interactions between virtual machines and the underlying hypervisor (host). It can include actions like VM creation, shutdown, or resource allocation. Security Challenge: The challenge here is to ensure the confidentiality and integrity of data transmitted between VMs and between VMs and the host. Unauthorized access or interception of communication can lead to data breaches or malicious attacks.
2. VM escape • VM escape, also known as a "hypervisor escape" or "guest-to-host escape," is a security vulnerability that occurs when a process or a virtual machine breaks out of its isolated environment (VM) and gains unauthorized access to the host operating system or the hypervisor. It's a significant security risk, as it can lead to the compromise of the entire virtualization infrastructure. • Security Challenge: VM escape poses a significant security challenge as it allows an attacker to break out of the isolated VM environment and gain access to the host or other VMs. Mitigating VM escape vulnerabilities is critical to prevent unauthorized access to sensitive resources.
3. VM Monitoring from the Host: • VM monitoring from the host involves the hypervisor or host system monitoring the activity and performance of virtual machines it manages. This monitoring can include tracking resource usage, checking for security threats, and ensuring that VMs are running efficiently. • Security Challenge: While monitoring VMs from the host is essential for management and security purposes, it can also be a challenge as it requires robust security measures to prevent unauthorized access to VM data and configurations. Unauthorized monitoring can lead to privacy breaches.
4. VM Monitoring from Another VM: • In this context, VM monitoring from another VM refers to one virtual machine monitoring the activities or resources of another virtual machine running on the same host. This can be for various reasons, such as security monitoring, performance optimization, or resource allocation. • Security Challenge: Allowing one VM to monitor another can create security challenges, particularly regarding privacy and data leakage. Ensuring that monitoring permissions are properly configured and monitored is crucial to prevent unauthorized surveillance.
5. Denial of Services (DoS): • Denial of Service is a cyberattack in which an attacker attempts to disrupt or make a computer system or network unavailable to its intended users by overwhelming it with a flood of illegitimate requests or traffic. The goal is to exhaust system resources, causing services to become slow or unavailable. • Security Challenge: DoS attacks can overwhelm VMs or the host with traffic, causing services to become unavailable. Security measures like intrusion detection systems (IDS), load balancing, and firewalls are needed to detect and mitigate DoS attacks.
6. External Modification of a VM: • This refers to any unauthorized or unintended changes made to the configuration, data, or state of a virtual machine from outside sources. It could be due to malicious actions or misconfigurations that impact the VM's integrity or operation. • Security Challenge: External modification of a VM can lead to unauthorized changes in configurations, data, or applications. Protecting VMs from external tampering requires strong access controls, secure boot processes, and regular security updates.
7. External Modification of the Hypervisor: • Similar to external modification of a VM, this term describes unauthorized changes made to the hypervisor (the software managing virtual machines) from outside sources. Modifying the hypervisor can have severe security implications for all VMs running on that host. • Security Challenge: Modifying the hypervisor externally can compromise the security of all VMs on a host. Ensuring the integrity of the hypervisor through secure boot, access controls, and regular security patches is essential to prevent this.
8. Mixed Trust Level VM: • A mixed trust level VM refers to a virtual machine environment in which different VMs have varying levels of trust or security requirements. Some VMs may be considered more sensitive and require stronger security measures, while others may be less critical and have more relaxed security configurations. • Security Challenge: Managing VMs with varying trust levels can be challenging. Ensuring that high-trust VMs are isolated from low-trust VMs and applying appropriate security policies to each trust level is crucial to prevent breaches and data leakage.
9. Resource Contention: • Resource contention occurs when multiple virtual machines or processes running on a host compete for the same finite resources, such as CPU, memory, or storage. This competition can lead to performance degradation for the VMs involved, potentially causing slowdowns or resource allocation issues. • Security Challenge: Resource contention can impact the performance and availability of VMs. Managing resource allocation to prevent one VM from monopolizing resources or causing others to suffer is vital for security and reliability.

Recommended

Unit 1.pptx
Unit 1.pptxUnit 1.pptx
Unit 1.pptxMsVaishaliKumar
 
attack vectors by chimwemwe.pptx
attack vectors by chimwemwe.pptxattack vectors by chimwemwe.pptx
attack vectors by chimwemwe.pptxJenetSilence
 
BAIT1103 Chapter 1
BAIT1103 Chapter 1BAIT1103 Chapter 1
BAIT1103 Chapter 1limsh
 
Network security and firewalls
Network security and firewallsNetwork security and firewalls
Network security and firewallsMurali Mohan
 
Computer security concepts
Computer security conceptsComputer security concepts
Computer security conceptsG Prachi
 
information security (network security methods)
information security (network security methods)information security (network security methods)
information security (network security methods)Zara Nawaz
 
Information security ist lecture
Information security ist lectureInformation security ist lecture
Information security ist lectureZara Nawaz
 
Cloud Security in cloud computing 1.pptx
Cloud Security in cloud computing 1.pptxCloud Security in cloud computing 1.pptx
Cloud Security in cloud computing 1.pptxRahulBhole12
 

Recommended

Unit 1.pptx
Unit 1.pptxUnit 1.pptx
Unit 1.pptxMsVaishaliKumar
 
attack vectors by chimwemwe.pptx
attack vectors by chimwemwe.pptxattack vectors by chimwemwe.pptx
attack vectors by chimwemwe.pptxJenetSilence
 
BAIT1103 Chapter 1
BAIT1103 Chapter 1BAIT1103 Chapter 1
BAIT1103 Chapter 1limsh
 
Network security and firewalls
Network security and firewallsNetwork security and firewalls
Network security and firewallsMurali Mohan
 
Computer security concepts
Computer security conceptsComputer security concepts
Computer security conceptsG Prachi
 
information security (network security methods)
information security (network security methods)information security (network security methods)
information security (network security methods)Zara Nawaz
 
Information security ist lecture
Information security ist lectureInformation security ist lecture
Information security ist lectureZara Nawaz
 
Cloud Security in cloud computing 1.pptx
Cloud Security in cloud computing 1.pptxCloud Security in cloud computing 1.pptx
Cloud Security in cloud computing 1.pptxRahulBhole12
 
Lecture 01- What is Information Security.ppt
Lecture 01- What is Information Security.pptLecture 01- What is Information Security.ppt
Lecture 01- What is Information Security.pptshahadd2021
 
Cyber-Security-Unit-1.pptx
Cyber-Security-Unit-1.pptxCyber-Security-Unit-1.pptx
Cyber-Security-Unit-1.pptxTikdiPatel
 
Data Network Security
Data Network SecurityData Network Security
Data Network SecurityAtif Rehmat
 
Security Threats
Security ThreatsSecurity Threats
Security ThreatsYasmeen Shaikh
 
Ch01 NetSec5e.pdf
Ch01 NetSec5e.pdfCh01 NetSec5e.pdf
Ch01 NetSec5e.pdfMohammadAbusaa3
 
Chapter1 intro network_security_sunorganised
Chapter1 intro network_security_sunorganisedChapter1 intro network_security_sunorganised
Chapter1 intro network_security_sunorganisedBule Hora University
 
Chapter- I introduction
Chapter- I introductionChapter- I introduction
Chapter- I introductionDr.Florence Dayana
 
Chapter-I introduction
Chapter-I introductionChapter-I introduction
Chapter-I introductionDr.Florence Dayana
 
Ch01 NetSec5e.pptx
Ch01 NetSec5e.pptxCh01 NetSec5e.pptx
Ch01 NetSec5e.pptxAwais725629
 
information security.pptx
information security.pptxinformation security.pptx
information security.pptxAwais725629
 
abc.pptx
abc.pptxabc.pptx
abc.pptxBhargaviGorde1
 
Lecture Cloud Security.pptx
Lecture Cloud Security.pptxLecture Cloud Security.pptx
Lecture Cloud Security.pptxShimoFcis
 
Lec 1- Intro to cyber security and recommendations
Lec 1- Intro to cyber security and recommendationsLec 1- Intro to cyber security and recommendations
Lec 1- Intro to cyber security and recommendationsBilalMehmood44
 
Topic 5.0 basic security part 1
Topic 5.0 basic security part 1Topic 5.0 basic security part 1
Topic 5.0 basic security part 1Atika Zaimi
 
Data information and security unit 1.pdf
Data information and security unit 1.pdfData information and security unit 1.pdf
Data information and security unit 1.pdfdeepakbharathi16
 
CNS - Chapter1
CNS - Chapter1CNS - Chapter1
CNS - Chapter1JeevananthamArumugam
 
ch1-1.ppt
ch1-1.pptch1-1.ppt
ch1-1.pptNayyabMirTahir
 
Week-09-10-11-12 Fundamentals of Cybersecurity.pptx
Week-09-10-11-12 Fundamentals of Cybersecurity.pptxWeek-09-10-11-12 Fundamentals of Cybersecurity.pptx
Week-09-10-11-12 Fundamentals of Cybersecurity.pptxyasirkhokhar7
 
Ethical hacking
Ethical hacking Ethical hacking
Ethical hacking Јаѓќеѕн Јажѕшаф
 
Cloud Security.pptx
Cloud Security.pptxCloud Security.pptx
Cloud Security.pptxBinod Rimal
 
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...Christo Ananth
 
Call Us -/9953056974- Call Girls In Vikaspuri-/- Delhi NCR
Call Us -/9953056974- Call Girls In Vikaspuri-/- Delhi NCRCall Us -/9953056974- Call Girls In Vikaspuri-/- Delhi NCR
Call Us -/9953056974- Call Girls In Vikaspuri-/- Delhi NCR9953056974 Low Rate Call Girls In Saket, Delhi NCR
 

More Related Content

Similar to 3-UnitV_security.pptx

Lecture 01- What is Information Security.ppt
Lecture 01- What is Information Security.pptLecture 01- What is Information Security.ppt
Lecture 01- What is Information Security.pptshahadd2021
 
Cyber-Security-Unit-1.pptx
Cyber-Security-Unit-1.pptxCyber-Security-Unit-1.pptx
Cyber-Security-Unit-1.pptxTikdiPatel
 
Data Network Security
Data Network SecurityData Network Security
Data Network SecurityAtif Rehmat
 
Chapter1 intro network_security_sunorganised
Chapter1 intro network_security_sunorganisedChapter1 intro network_security_sunorganised
Chapter1 intro network_security_sunorganisedBule Hora University
 
Ch01 NetSec5e.pptx
Ch01 NetSec5e.pptxCh01 NetSec5e.pptx
Ch01 NetSec5e.pptxAwais725629
 
information security.pptx
information security.pptxinformation security.pptx
information security.pptxAwais725629
 
Lecture Cloud Security.pptx
Lecture Cloud Security.pptxLecture Cloud Security.pptx
Lecture Cloud Security.pptxShimoFcis
 
Lec 1- Intro to cyber security and recommendations
Lec 1- Intro to cyber security and recommendationsLec 1- Intro to cyber security and recommendations
Lec 1- Intro to cyber security and recommendationsBilalMehmood44
 
Topic 5.0 basic security part 1
Topic 5.0 basic security part 1Topic 5.0 basic security part 1
Topic 5.0 basic security part 1Atika Zaimi
 
Data information and security unit 1.pdf
Data information and security unit 1.pdfData information and security unit 1.pdf
Data information and security unit 1.pdfdeepakbharathi16
 
Week-09-10-11-12 Fundamentals of Cybersecurity.pptx
Week-09-10-11-12 Fundamentals of Cybersecurity.pptxWeek-09-10-11-12 Fundamentals of Cybersecurity.pptx
Week-09-10-11-12 Fundamentals of Cybersecurity.pptxyasirkhokhar7
 
Cloud Security.pptx
Cloud Security.pptxCloud Security.pptx
Cloud Security.pptxBinod Rimal
 

Similar to 3-UnitV_security.pptx (20)

Lecture 01- What is Information Security.ppt
Lecture 01- What is Information Security.pptLecture 01- What is Information Security.ppt
Lecture 01- What is Information Security.ppt
 
Cyber-Security-Unit-1.pptx
Cyber-Security-Unit-1.pptxCyber-Security-Unit-1.pptx
Cyber-Security-Unit-1.pptx
 
Data Network Security
Data Network SecurityData Network Security
Data Network Security
 
Security Threats
Security ThreatsSecurity Threats
Security Threats
 
Ch01 NetSec5e.pdf
Ch01 NetSec5e.pdfCh01 NetSec5e.pdf
Ch01 NetSec5e.pdf
 
Chapter1 intro network_security_sunorganised
Chapter1 intro network_security_sunorganisedChapter1 intro network_security_sunorganised
Chapter1 intro network_security_sunorganised
 
Chapter- I introduction
Chapter- I introductionChapter- I introduction
Chapter- I introduction
 
Chapter-I introduction
Chapter-I introductionChapter-I introduction
Chapter-I introduction
 
Ch01 NetSec5e.pptx
Ch01 NetSec5e.pptxCh01 NetSec5e.pptx
Ch01 NetSec5e.pptx
 
information security.pptx
information security.pptxinformation security.pptx
information security.pptx
 
abc.pptx
abc.pptxabc.pptx
abc.pptx
 
Lecture Cloud Security.pptx
Lecture Cloud Security.pptxLecture Cloud Security.pptx
Lecture Cloud Security.pptx
 
Lec 1- Intro to cyber security and recommendations
Lec 1- Intro to cyber security and recommendationsLec 1- Intro to cyber security and recommendations
Lec 1- Intro to cyber security and recommendations
 
Topic 5.0 basic security part 1
Topic 5.0 basic security part 1Topic 5.0 basic security part 1
Topic 5.0 basic security part 1
 
Data information and security unit 1.pdf
Data information and security unit 1.pdfData information and security unit 1.pdf
Data information and security unit 1.pdf
 
CNS - Chapter1
CNS - Chapter1CNS - Chapter1
CNS - Chapter1
 
ch1-1.ppt
ch1-1.pptch1-1.ppt
ch1-1.ppt
 
Week-09-10-11-12 Fundamentals of Cybersecurity.pptx
Week-09-10-11-12 Fundamentals of Cybersecurity.pptxWeek-09-10-11-12 Fundamentals of Cybersecurity.pptx
Week-09-10-11-12 Fundamentals of Cybersecurity.pptx
 
Ethical hacking
Ethical hacking Ethical hacking
Ethical hacking
 
Cloud Security.pptx
Cloud Security.pptxCloud Security.pptx
Cloud Security.pptx
 

Recently uploaded

Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...Christo Ananth
 
Extrusion Processes and Their Limitations
Extrusion Processes and Their LimitationsExtrusion Processes and Their Limitations
Extrusion Processes and Their Limitations120cr0395
 
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escortsranjana rawat
 
(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...
(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...
(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...ranjana rawat
 
UNIT-V FMM.HYDRAULIC TURBINE - Construction and working
UNIT-V FMM.HYDRAULIC TURBINE - Construction and workingUNIT-V FMM.HYDRAULIC TURBINE - Construction and working
UNIT-V FMM.HYDRAULIC TURBINE - Construction and workingrknatarajan
 
Introduction and different types of Ethernet.pptx
Introduction and different types of Ethernet.pptxIntroduction and different types of Ethernet.pptx
Introduction and different types of Ethernet.pptxupamatechverse
 
UNIT-III FMM. DIMENSIONAL ANALYSIS
UNIT-III FMM. DIMENSIONAL ANALYSISUNIT-III FMM. DIMENSIONAL ANALYSIS
UNIT-III FMM. DIMENSIONAL ANALYSISrknatarajan
 
IMPLICATIONS OF THE ABOVE HOLISTIC UNDERSTANDING OF HARMONY ON PROFESSIONAL E...
IMPLICATIONS OF THE ABOVE HOLISTIC UNDERSTANDING OF HARMONY ON PROFESSIONAL E...IMPLICATIONS OF THE ABOVE HOLISTIC UNDERSTANDING OF HARMONY ON PROFESSIONAL E...
IMPLICATIONS OF THE ABOVE HOLISTIC UNDERSTANDING OF HARMONY ON PROFESSIONAL E...RajaP95
 
APPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICS
APPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICSAPPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICS
APPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICSKurinjimalarL3
 
Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...
Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...
Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...Call Girls in Nagpur High Profile
 
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...Soham Mondal
 
Porous Ceramics seminar and technical writing
Porous Ceramics seminar and technical writingPorous Ceramics seminar and technical writing
Porous Ceramics seminar and technical writingrakeshbaidya232001
 
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptx
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptxDecoding Kotlin - Your guide to solving the mysterious in Kotlin.pptx
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptxJoão Esperancinha
 
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur EscortsHigh Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escortsranjana rawat
 
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLS
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLSMANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLS
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLSSIVASHANKAR N
 
HARDNESS, FRACTURE TOUGHNESS AND STRENGTH OF CERAMICS
HARDNESS, FRACTURE TOUGHNESS AND STRENGTH OF CERAMICSHARDNESS, FRACTURE TOUGHNESS AND STRENGTH OF CERAMICS
HARDNESS, FRACTURE TOUGHNESS AND STRENGTH OF CERAMICSRajkumarAkumalla
 

Recently uploaded (20)

Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
 
Call Us -/9953056974- Call Girls In Vikaspuri-/- Delhi NCR
Call Us -/9953056974- Call Girls In Vikaspuri-/- Delhi NCRCall Us -/9953056974- Call Girls In Vikaspuri-/- Delhi NCR
Call Us -/9953056974- Call Girls In Vikaspuri-/- Delhi NCR
 
Extrusion Processes and Their Limitations
Extrusion Processes and Their LimitationsExtrusion Processes and Their Limitations
Extrusion Processes and Their Limitations
 
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
 
(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...
(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...
(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...
 
Roadmap to Membership of RICS - Pathways and Routes
Roadmap to Membership of RICS - Pathways and RoutesRoadmap to Membership of RICS - Pathways and Routes
Roadmap to Membership of RICS - Pathways and Routes
 
UNIT-V FMM.HYDRAULIC TURBINE - Construction and working
UNIT-V FMM.HYDRAULIC TURBINE - Construction and workingUNIT-V FMM.HYDRAULIC TURBINE - Construction and working
UNIT-V FMM.HYDRAULIC TURBINE - Construction and working
 
Introduction and different types of Ethernet.pptx
Introduction and different types of Ethernet.pptxIntroduction and different types of Ethernet.pptx
Introduction and different types of Ethernet.pptx
 
DJARUM4D - SLOT GACOR ONLINE | SLOT DEMO ONLINE
DJARUM4D - SLOT GACOR ONLINE | SLOT DEMO ONLINEDJARUM4D - SLOT GACOR ONLINE | SLOT DEMO ONLINE
DJARUM4D - SLOT GACOR ONLINE | SLOT DEMO ONLINE
 
9953056974 Call Girls In South Ex, Escorts (Delhi) NCR.pdf
9953056974 Call Girls In South Ex, Escorts (Delhi) NCR.pdf9953056974 Call Girls In South Ex, Escorts (Delhi) NCR.pdf
9953056974 Call Girls In South Ex, Escorts (Delhi) NCR.pdf
 
UNIT-III FMM. DIMENSIONAL ANALYSIS
UNIT-III FMM. DIMENSIONAL ANALYSISUNIT-III FMM. DIMENSIONAL ANALYSIS
UNIT-III FMM. DIMENSIONAL ANALYSIS
 
IMPLICATIONS OF THE ABOVE HOLISTIC UNDERSTANDING OF HARMONY ON PROFESSIONAL E...
IMPLICATIONS OF THE ABOVE HOLISTIC UNDERSTANDING OF HARMONY ON PROFESSIONAL E...IMPLICATIONS OF THE ABOVE HOLISTIC UNDERSTANDING OF HARMONY ON PROFESSIONAL E...
IMPLICATIONS OF THE ABOVE HOLISTIC UNDERSTANDING OF HARMONY ON PROFESSIONAL E...
 
APPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICS
APPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICSAPPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICS
APPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICS
 
Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...
Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...
Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...
 
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...
 
Porous Ceramics seminar and technical writing
Porous Ceramics seminar and technical writingPorous Ceramics seminar and technical writing
Porous Ceramics seminar and technical writing
 
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptx
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptxDecoding Kotlin - Your guide to solving the mysterious in Kotlin.pptx
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptx
 
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur EscortsHigh Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
 
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLS
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLSMANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLS
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLS
 
HARDNESS, FRACTURE TOUGHNESS AND STRENGTH OF CERAMICS
HARDNESS, FRACTURE TOUGHNESS AND STRENGTH OF CERAMICSHARDNESS, FRACTURE TOUGHNESS AND STRENGTH OF CERAMICS
HARDNESS, FRACTURE TOUGHNESS AND STRENGTH OF CERAMICS
 

3-UnitV_security.pptx

  • 1. UNIT-IV Cloud Security: Basic Terms and Concepts, Threat Agents, Cloud Security Threats, Cloud Risk Division and Risk Management, Cloud Security Architecture, VM Security Challenges
  • 2. TERMS • THREAT • Vulnerability • Risk • Asset: An asset is what we’re trying to protect. • Counter Measures: Set of actions implemented to prevent threats.
  • 3. WHAT IS THREAT? • Anything that can exploit a vulnerability, intentionally or accidentally, and obtain, damage, or destroy an asset. • A threat is what we’re trying to protect against. • In computer security, a threat is a possible danger that might exploit a vulnerability to breach security and therefore cause possible harm. • A threat can be either "intentional" (i.e. hacking: an individual cracker or a criminal organization) or "accidental" (e.g. the possibility of a computer malfunctioning, or the possibility of a natural disaster such as an earthquake, a fire, or a tornado) or otherwise a circumstance, capability, action, or event.
  • 4. Vulnerability • Weaknesses or gaps in a security program that can be exploited by threats to gain unauthorized access to an asset. • A vulnerability is a weakness or gap in our protection efforts. • IT resource vulnerabilities can have a range of causes, including configuration deficiencies, security policy weaknesses, user errors, hardware or firmware flaws, software bugs, and poor security architecture.
  • 5. Risk • The potential for loss, damage or destruction of an asset as a result of a threat exploiting a vulnerability. • Risk is the intersection of assets, threats, and vulnerabilities. • Two metrics that can be used to determine risk for an IT resource are: • the probability of a threat occurring to exploit vulnerabilities in the ITresource • the expectation of loss upon the IT resource being compromised
  • 6. • The role a threat agent assumes in relation to • vulnerabilities • threats • risks • the safeguards established by security policies and security mechanisms.
  • 7.
  • 8. THREAT PROFILE • Threats consist of following properties: • Asset: Something of value to the organization. • Actor: who or what may violate the security requirements(CIA) • Motive: indication of whether the actor’s intentions are deliberate or accidental. • Access: how the asset will be accessed by the actor. • Outcome: the immediate result of violating the security requirements of an asset.
  • 9.
  • 10. Sources of risk • Human error: disclosure of confidential information. • Computer abuse or crime: when a person intends to be malicious and starts to steal information from sites. • Natural and political disasters: This can happen in the form of natural calamities and wars. • Failure of hardware or software: server malfunctioning, software errors etc.
  • 11. Three Pillars Of Information Security
  • 13. Confidentiality • When protecting information, we want to be able to restrict access to those who are allowed to see it; everyone else should be disallowed from learning anything about its contents. This is the essence of confidentiality. • Example: ID and passwords to authenticate authorized users. • Permitting someone to look over your shoulder at your computer screen while you have confidential data displayed on it could be a breach of confidentiality.
  • 14. Confidentiality • Within cloud environments, confidentiality primarily pertains to restricting access to data in transit and storage. • If a laptop computer containing sensitive information about a company's employees is stolen or sold, it could result in a breach of confidentiality. • Federal law requires that universities restrict access to private student information. The university must be sure that only those who are authorized have access to view the grade records.
  • 16. Integrity • Integrity is the assurance that the information being accessed has not been altered and truly represents what is intended. • An important issue that concerns data integrity in the cloud is whether a cloud consumer can be guaranteed that the data it transmits to a cloud service matches the data received by that cloud service. Integrity can extend to how data is stored, processed, and retrieved by cloud services and cloud-based IT resources.
  • 17. Integrity • Information integrity means information truly represents its intended meaning. Information can lose its integrity through malicious intent, such as when someone who is not authorized makes a change to intentionally misrepresent something • Integrity can also be lost unintentionally, such as when a computer power surge corrupts a file or someone authorized to make a change accidentally deletes a file or enters incorrect information. • Integrity is lost when a computer virus infects a computer • when an employee is able to modify his own salary in a payroll database • when an unauthorized user vandalizes a web site • when someone is able to cast a very large number of votes in an online poll • Example: Checksums for the verification of integrity.
  • 19. Availability • For any information system to serve its purpose, the information must be available when it is needed. • This means the computing systems used to store and process the information, the security controls used to protect it, and the communication channels used to access it must be functioning correctly. • High availability systems aim to remain available at all times, preventing service disruptions due to power outages, hardware failures, and system upgrades. • Ensuring availability also involves preventing denial of service attacks, such as a flood of incoming messages to the target system, essentially forcing it to shut down.
  • 20. Cloud Security Threats 1. Traffic Eavesdropping 2. Malicious Intermediary 3. Denial of Services 4. Insufficient Authorization 5. Virtualization Attack 6. Overlapping Trust Boundaries
  • 21. 1. Traffic Eavesdropping • Eavesdropping attack also referred to as sniffing or snooping attack is a major concern when comes to cyber security. Through these attacks, your information like passwords, card details, and other sensitive data is easily stolen while it is getting transferred from one device to another. • Traffic eavesdropping as the unauthorized interception of data transmitted over a network. • It can occur on wired and wireless networks.
  • 22.
  • 23. The motivations of attackers who engage in traffic eavesdropping:  Stealing sensitive information (e.g., login credentials, financial data).  Gaining a competitive advantage.  Espionage and surveillance. The common methods used by attackers to eavesdrop on network traffic: Packet sniffing. Man-in-the-Middle (MitM) attacks. Data interception at network endpoints
  • 24. Risks and consequences of traffic eavesdropping:  Data breaches.  Privacy violations.  Financial losses.  Damage to reputation. Vulnerable Communication Protocols • HTTP vs. HTTPS. • Unsecured Wi-Fi networks. • Legacy encryption standards. Countermeasures and Best Practices • Present strategies to mitigate traffic eavesdropping: • Encryption (e.g., TLS/SSL). • VPN (Virtual Private Network) usage. • Regular software updates. • Secure Wi-Fi practices.
  • 25. Malicious Intermediary • Malicious Intermediary threat arises when messages are intercepted and altered by a malicious service agent, thereby potentially compromising the message’s confidentiality and/or integrity. • It may also insert harmful data into the message before forwarding it to its destination.
  • 26.
  • 27. Insufficient Authorization • This attack occurs when access is granted to an attacker erroneously or too broadly, resulting in the attacker getting access to IT resources that are normally protected. • This is often a result of the attacker gaining direct access to IT resources that were implemented under the assumption that they would only be accessed by trusted consumer programs. • IT is also known as weak authentication.
  • 28.
  • 29. Virtualization Attack • Virtualization provides multiple cloud consumers with access to IT resources that share underlying hardware but are logically isolated from each other. • Once cloud providers grant cloud consumers administrative access to virtualized IT resources, there is an inherent risk that cloud consumers could abuse this access to attack the underlying physical IT resources.
  • 30.
  • 31. Overlapping Trust Boundaries • If physical IT resources within a cloud are shared by different users, these cloud service consumers have overlapping trust boundaries. • Malicious user can target shared IT resources with the intention of compromising cloud consumers or other It resources that share the same trust boundary.
  • 32.
  • 33. Cloud Risk • Policy and organizational risks • Technical risks • Legal risks • Other risks
  • 34. Policy and Organizational Risks 1. Lock-in: SaaS lock-in, PaaS lock-in, IaaS lock-in, It occurs due to high customization of services according to user demand. 2. Loss of control and governance: it can lead-fulfilment of the security requirement, lack of CIA, reduction in performance and QoS. 3. Compliances challenges 4. Cloud service termination or failure 5. Supply chain failure
  • 35. Technical Risks • Isolation Failure: Computing capacity, storage, network shared among multiple users. This multi-tenancy may leads toward some threats such as (failure of logical or physical separation between memory stacks, storage and routing table) Possible attacks: SQL injection and guest-hopping attacks • Resource Exhaustions: Many resource allocation algorithms are used for allocating all resources to cloud users. So, insufficient resource provisioning and investments in infrastructure may lead to service unavailability problem or degradation in performance.
  • 36. • Cloud provider malicious insider: The malicious actions of an insider could possibly have an impact on the CIA of all kind of data, IP, all kind of services and indirectly reputation of organization, customer expectation and experiences of employees. Technology can help detect insider threats through: • User activity monitoring • Incident investigations • Access management • User and behavior analytics
  • 37. • Loss of encryption Keys: • Intercepting data in transit: transmission of data takes place across multiple physical machines. Data at risk during transmission from to on-premises cloud or cloud to on-premises. • Attacks: Spoofing, man-in-the-middle attacks • Insecure or ineffective deletion of data • Conflicts between customer hardening procedures and cloud environment • Malicious probes or scams • Compromise service engine
  • 38. Legal Risks • Risk from changes of jurisdiction • Licensing risks • Data protection
  • 39. Other Risks • Backup lost or stolen • Unauthorized access to premises • Theft of computer equipment • Natural disasters
  • 40. Cloud Computing Security Architecture • Data center layer • VM layer • Service provider layer • User layer
  • 41.
  • 42. VM Security Challenges 1. Communication between VMs or VMs and Host 2. VM escape 3. VM monitoring from the host 4. VM monitoring from another VM 5. Denial of services 6. External modification of a VM 7. External modification of the hypervisor 8. Mixed trust level VM 9. Resource contention
  • 43. 1. Communication between VMs or VMs and Host: • Communication between VMs: This refers to the exchange of data or information between virtual machines (VMs) running on the same physical host. VMs can communicate with each other using various methods, such as virtual networks or inter-process communication (IPC). • Communication between VMs and Host: This involves interactions between virtual machines and the underlying hypervisor (host). It can include actions like VM creation, shutdown, or resource allocation. Security Challenge: The challenge here is to ensure the confidentiality and integrity of data transmitted between VMs and between VMs and the host. Unauthorized access or interception of communication can lead to data breaches or malicious attacks.
  • 44. 2. VM escape • VM escape, also known as a "hypervisor escape" or "guest-to-host escape," is a security vulnerability that occurs when a process or a virtual machine breaks out of its isolated environment (VM) and gains unauthorized access to the host operating system or the hypervisor. It's a significant security risk, as it can lead to the compromise of the entire virtualization infrastructure. • Security Challenge: VM escape poses a significant security challenge as it allows an attacker to break out of the isolated VM environment and gain access to the host or other VMs. Mitigating VM escape vulnerabilities is critical to prevent unauthorized access to sensitive resources.
  • 45. 3. VM Monitoring from the Host: • VM monitoring from the host involves the hypervisor or host system monitoring the activity and performance of virtual machines it manages. This monitoring can include tracking resource usage, checking for security threats, and ensuring that VMs are running efficiently. • Security Challenge: While monitoring VMs from the host is essential for management and security purposes, it can also be a challenge as it requires robust security measures to prevent unauthorized access to VM data and configurations. Unauthorized monitoring can lead to privacy breaches.
  • 46. 4. VM Monitoring from Another VM: • In this context, VM monitoring from another VM refers to one virtual machine monitoring the activities or resources of another virtual machine running on the same host. This can be for various reasons, such as security monitoring, performance optimization, or resource allocation. • Security Challenge: Allowing one VM to monitor another can create security challenges, particularly regarding privacy and data leakage. Ensuring that monitoring permissions are properly configured and monitored is crucial to prevent unauthorized surveillance.
  • 47. 5. Denial of Services (DoS): • Denial of Service is a cyberattack in which an attacker attempts to disrupt or make a computer system or network unavailable to its intended users by overwhelming it with a flood of illegitimate requests or traffic. The goal is to exhaust system resources, causing services to become slow or unavailable. • Security Challenge: DoS attacks can overwhelm VMs or the host with traffic, causing services to become unavailable. Security measures like intrusion detection systems (IDS), load balancing, and firewalls are needed to detect and mitigate DoS attacks.
  • 48. 6. External Modification of a VM: • This refers to any unauthorized or unintended changes made to the configuration, data, or state of a virtual machine from outside sources. It could be due to malicious actions or misconfigurations that impact the VM's integrity or operation. • Security Challenge: External modification of a VM can lead to unauthorized changes in configurations, data, or applications. Protecting VMs from external tampering requires strong access controls, secure boot processes, and regular security updates.
  • 49. 7. External Modification of the Hypervisor: • Similar to external modification of a VM, this term describes unauthorized changes made to the hypervisor (the software managing virtual machines) from outside sources. Modifying the hypervisor can have severe security implications for all VMs running on that host. • Security Challenge: Modifying the hypervisor externally can compromise the security of all VMs on a host. Ensuring the integrity of the hypervisor through secure boot, access controls, and regular security patches is essential to prevent this.
  • 50. 8. Mixed Trust Level VM: • A mixed trust level VM refers to a virtual machine environment in which different VMs have varying levels of trust or security requirements. Some VMs may be considered more sensitive and require stronger security measures, while others may be less critical and have more relaxed security configurations. • Security Challenge: Managing VMs with varying trust levels can be challenging. Ensuring that high-trust VMs are isolated from low-trust VMs and applying appropriate security policies to each trust level is crucial to prevent breaches and data leakage.
  • 51. 9. Resource Contention: • Resource contention occurs when multiple virtual machines or processes running on a host compete for the same finite resources, such as CPU, memory, or storage. This competition can lead to performance degradation for the VMs involved, potentially causing slowdowns or resource allocation issues. • Security Challenge: Resource contention can impact the performance and availability of VMs. Managing resource allocation to prevent one VM from monopolizing resources or causing others to suffer is vital for security and reliability.