Security in Cloud Computing
Indus Institute of Technology & Engineering Page 1
A DISSERTATION REPORT ON
Security in Cloud Computing
Security in Cloud Computing
Indus Institute of Technology & Engineering Page 2
SECURITY IN CLOUD COMPUTING By
Dhaval Dave (08MCA008)
M.C.A, Indus Institute of Technology & Engineering, Gujarat University, 2011
A Dissertation Submitted in Partial Fulfilment of the Requirements for the
degree of Master of Computer Application
In Computer Science.
Department of MCA, Indus Institute of Technology & Engineering,
January 2011
Security in Cloud Computing
Indus Institute of Technology & Engineering Page 3
ACKNOWLEDGEMENT
Thanks to my Prof. Vrutik Shah who thoroughly introduced me to research.
He was always anxious to provide me with a Study environment suitable for developing
myself and always there to keep me on the right track.
And, infinite thanks to Prof. H.K. Desai, Head of Department of I.I.T.E. & My
All Prof., who never had any doubts that I�would succeed.�
Also thanks to the colleagues for allowing me to feel at home at College
Campus due to the excellent educational culture.
Further thanks to my parents who always gave me support that allowed me to
pursue my self-fulfillment. I acknowledge all the help I have received from so many
people in accomplishing this project and wish to thank them.
Acknowledged By:-
Dhaval Dave
Security in Cloud Computing
Indus Institute of Technology & Engineering Page 4
PREFACE
“Security in Cloud Computing” was taken by us in Dissertation in our
Semester-V as our project for the partial fulfilment of MCA.
It is matter of pleasure for me to submit this documentation of the dissertation
work done during Semester-V of MCA.
By:-
Dhaval Dave �
�
�
�
�
�
�
�
�
�
�
�
�
�
Security in Cloud Computing
Indus Institute of Technology & Engineering Page 5
�
�
Table of Contents 1. Introduction of Cloud Computing 8
1.1 Abstract 9 1.2 Introduction 10 1.3 Cloud Evolution 11 1.4 Comparison 13
2. What is Cloud Computing 14 2.1 Cloud Architecture 15 2.2 Cloud Components 16
2.2.1 Clients 17 2.2.2 DataCenter 18 2.2.3 Distributed Servers 18
3. Cloud Computing Deployment Models 19 3.1 Public Clouds 19 3.2 Private Clouds 21 3.3 Hybrid Clouds 22 3.4 Community Clouds 23
4. Cloud Computing Service Model 24 4.1 Software as a Service(SaaS) 25 4.2 Platform as a Service(PaaS) 25 4.3 Infrastructure as a Service(IaaS) 26 4.4 Anything as a Service(XaaS) 26 4.5 Virtualization & Private Clouds 27
5. Advantages of Clouds 29 6. Cloud Computing Reference Model 31 7. Security for Cloud Computing 33
7.1 Defining Security in Cloud 33 7.2 Security Issues and Challenges 34 7.3 Security Advantages in Cloud Environment 34 7.4 Security Disadvantages in Cloud Environment 35 7.5 Security Issues in Virtualization 37 7.6 Survey of Cloud Computing 38 7.7 Traditional Datacenter Security 39
8. Virtualization - The Catalyst of the Cloud 40 8.1 Confidentiality 40 8.2 Integrity 40 8.3 Authentication 41 8.4 Availability 41 8.5 Accountability 41 8.6 Assurance 42 8.7 Resilience 42
9. Cloud Computing Security Issues 43 10. Cloud Security Challenges 47
10.1 Administrative Access to Servers Applications 47 10.2 Dynamic Virtual Machines : VM State and Sprawl 47 10.3 Vulnerability Exploits and VM to VM Attacks 48
Security in Cloud Computing
Indus Institute of Technology & Engineering Page 6
10.4 Encryption and Data Protection 48 10.5 Policy and Compliance 48 10.6 Patch Management 49 10.7 Perimeter Protection and Zoning 49 10.8 Rogue Corporate Resources 49
11. Data Protection, Identity Management, Security 50 11.1 Data Protection 50 11.2 Identity Management 50 11.3 Physical and Personnel Security 50
12. Availability 51 13. Application Securities, User Centric Access Control, Transparency 53
13.1 Application Securities 53 13.2 Centric Access Control 53 13.3 Transparency 54
14. New Opportunities 55 15. Conclusions 58 16. Vulnerabilities 60 17. References 61 18. Appendices 62
Security in Cloud Computing
Indus Institute of Technology & Engineering Page 7
List of Figures Figure 1:- Cloud Computing 14 Figure 2:- Cloud Architecture 15 Figure 3:- Cloud Components 16 Figure 4:- Public Cloud Model 20 Figure 5:- Private Cloud Model 21 Figure 6:- Hybrid Cloud Model 22 Figure 7:- Cloud Computing Reference Model 32 Figure 8:- Security Architecture Design 43 List of Tables Table 1:- Cloud Computing Service Model 24 Table 2:- Major Cloud Service Providers 38 Table 3:- Summary of Security Mechanisms by Major Clouds Service Providers 39
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
Security in Cloud Computing
Indus Institute of Technology & Engineering Page 8
1. Introduction of Cloud Computing According to Gartner’s Hype Cycle Special Report for 2009, “technologies at
the ‘Peak of Inflated Expectations’ during 2009 include cloud computing, e-books…
and Internet TV, while social software and micro blogging sites…have tipped over the
peak and will soon experience disillusionment among enterprise users”. Is cloud
computing also heading for the trough of disillusionment?
The Internet is often represented as a cloud and the term “cloud computing”
arises from that analogy. Accenture defines cloud computing as the dynamic
provisioning of IT capabilities (hardware, software, or services) from third parties over
a network. McKinsey says that clouds are hardware-based services offering compute,
network and storage capacity where: hardware management is highly abstracted from
the buyer; buyers incur infrastructure costs as variable OPEX [operating expenditures];
and infrastructure capacity is highly elastic (up or down). The cloud model differs from
traditional outsourcing in that customers do not hand over their own IT resources to be
managed. Instead they plug into the cloud, treating it as they would an internal data
center or computer providing the same functions.
Large companies can afford to build and expand their own data centers but
small- to medium-sized enterprises often choose to house their IT infrastructure in
someone else’s facility. A collocation center is a type of data center where multiple
customers locate network, server and storage assets, and interconnect to a variety of
telecommunications and other network service providers with a minimum of cost and
complexity.
Security in Cloud Computing
Indus Institute of Technology & Engineering Page 9
1.1Abstract
The Cloud Computing concept offers dynamically scalable resources
provisioned as a service over the Internet. Economic benefits are the main driver for the
Cloud, since it promises the reduction of capital expenditure and operational
expenditure. Organizations are increasingly looking to cloud computing to improve
operational efficiency and help with the bottom line. Cloud computing gets its name
from the drawings typically used to describe the Internet. Cloud computing comes in
many forms: There are Software-as-a-Service (SaaS) providers like salesforce.com;
platform-as-a-service (PaaS) like Amazon's, Infrastructure-as-a-Service (IaaS),
Software-plus-Service (SpS). Web services that offer application programming
interfaces (APIs) that enable developers to exploit functionality over the Internet.
Increasingly, businesses of all sizes are choosing to migrate their data, applications and
services to the cloud. The Advantages are clear-increased availability, Lightweight,
easy accessible applications, lower maintenance and administrative costs. But security
and privacy concerns present a strong barrier-to-entry. cloud computing to realise its
full potential and become mainstream member of IT portfolio & choices, a lot of
challenges are required to be tackled related to privacy & Security. This Dissertation is
concerned with discovery of the vulnerabilities in the landscape of clouds, discovery of
security solutions, and finding evidence that early-adopters or developers have grown
more concerned with security.
Security in Cloud Computing
Indus Institute of Technology & Engineering Page 10
1.2 Introduction
We are entering into a new era of computing, and it's all about the “cloud”.
This immediately brings up several important questions, which deserve thoughtful
answers: “What is cloud computing?” “Is it real, or just another buzzword?” And most
important, “How does it affect me?”
Cloud computing as the dynamic provisioning of IT capabilities (hardware,
software, or services) from third parties over a network. The term cloud computing
refers to the delivery of scalable IT resources over the Internet, as opposed to hosting
and operating those resources locally, such as on a college or university network. Those
resources can include applications and services, as well as the infrastructure on which
they operate. By deploying IT infrastructure and services over the network, an
organization can purchase these resources on an as-needed basis and avoid the capital
costs of software and hardware
The coming shift to cloud computing is a major change in our industry. One of
the most important parts of that shift is the advent (The coming or arrival, especially of
something extremely important) of cloud platforms. As its name suggests, this kind of
platform lets developers write applications that run in the cloud, or use services
provided from the cloud, or both. Different names are used for this kind of platform
today, including on-demand platform and platform as a service (PaaS). Whatever it’s
called, this new way of supporting applications has great potential.
To see why, think about how application platforms are used today. When a
development team creates an on-premises application (i.e., one that will run within an
organization), much of what that application needs already exists. An operating system
provides basic support for executing the application, interacting with storage, and
more, while other computers in the environment offer services such as remote storage.
If the creators of every on-premises application first had to build all of these basics,
we’d have many fewer applications today.
Security in Cloud Computing
Indus Institute of Technology & Engineering Page 11
The cloud is growing at a time when climate change and reducing emissions
from energy use is of paramount concern. With the growth of the cloud, however,
comes an increasing demand for energy. For all of this content to be delivered to us in
real time, virtual mountains of video, pictures and other data must be stored somewhere
and be available for almost instantaneous access. That ‘somewhere’ is data centres -
massive storage facilities that consume incredible amounts of energy.
1.3 Cloud Evolution
The evolution of cloud computing can be traced to grid computing. The concept
of “The Grid” exploded in popularity “The Grid: Blueprint for a new Computing
Infrastructure” by Ian Foster and Carl Kesselman was published in 1998. The basis of
the grid is the electric utility grid that provides electric power to your home and
business. Using the same concept, hardware and software would be provided from the
grid on-demand much like electricity to run lights and everything else that plugs into
the wall. What is interesting is that many of the same issues that plagued the grid also
plague cloud computing. Defining the grid, vendor lock-in, and forming standards were
just some of the issues. Cloud computing expands upon the grid, but still suffers from
some of the same issues.
The main focus of cloud computing from the provider's view as extraneous
hardware connected to support downtime on any device in the network, without a
change in the users' perspective. Also, the users' software image should be easily
transferable from one cloud to another. It proposes that a layering mechanism should
occur between the front-end software, middle-ware networking and back-end servers
and storage, so that each part can be designed, implemented, tested and ran independent
from subsequent layers. with its development challenges and industry research efforts.
it describes cloud computing security problems and benefits and showcases a model of
secure architecture for cloud computing implementation.
Security in Cloud Computing
Indus Institute of Technology & Engineering Page 12
Critics argue that cloud computing is not secure enough because data leaves
companies' local area networks. It is up to the clients to decide the vendors, depending
on how willing they are to implement secure policies and be subject to 3rd party
verifications. Salesforce, Amazon and Google are currently providing such services,
charging clients using an on-demand policy.
Increasingly, businesses of all sizes are choosing to migrate their data,
applications and services to the cloud. The Advantages are clear-increased availability,
Lightweight, easy accessible applications, lower maintenance and administrative
costs—but so too are the risks.
Possible Benefits arising out of adopting cloud computing models have been
recently .well documented in literature and therefore these are not reproduced here.
However, for cloud computing to realise its full potential and become mainstream
member of IT portfolio & choices, a lot of challenges are required to be tackled related
to privacy & Security and associated regulation compliance, vendor Lock-in &
Standards, interoperability, latency, performance & Reliability Concerns.
Security in Cloud Computing
Indus Institute of Technology & Engineering Page 13
1.4 Comparisons
Cloud computing can be confused with:
1. Grid computing — "a form of distributed computing and parallel computing,
whereby a 'super and virtual computer' is composed of a cluster of networked, loosely
coupled computers acting in concert to perform very large tasks"
2. Utility computing — the "packaging of computing resources, such as computation
and storage, as a metered service similar to a traditional public utility, such as
electricity";
3. Autonomic computing — "computer systems capable of self-management".
Security in Cloud Computing
Indus Institute of Technology & Engineering
2.0 What is Cloud Computing?
As we said previously, the term
Internet and has become a familiar cliché. However, when “the cloud” is combined
with “computing,” it causes a lot of
sense, they contend that anything beyond the firewall perimeter is in the cloud. A more
tempered view of cloud computing considers it the delivery of computational resources
from a location other than the one from which you are computing.
Cloud computing is about mo
and business advantage
centralized facility or contractor. By making data available in the cloud, it can be more
easily and ubiquitously accessed, of
enabling opportunities for enhanced collaboration, integration, and analysis on a shared
common platform.
Cloud computing models that encompass a subscription
paradigm provide a service
existing capabilities. Many users have found that this approach provides a return on
investment that IT managers are more than willing to accept.
Figure 1 :- Cloud Computing
Security in Cloud Computing
Indus Institute of Technology & Engineering
What is Cloud Computing?
As we said previously, the term the cloud is often used as a metaphor for the
Internet and has become a familiar cliché. However, when “the cloud” is combined
” it causes a lot of confusion. To define the term using a very broad
contend that anything beyond the firewall perimeter is in the cloud. A more
tempered view of cloud computing considers it the delivery of computational resources
from a location other than the one from which you are computing.
Cloud computing is about moving services, computation and/or data
and business advantage—off-site to an internal or external, location
centralized facility or contractor. By making data available in the cloud, it can be more
easily and ubiquitously accessed, often at much lower cost, increasing its value by
enabling opportunities for enhanced collaboration, integration, and analysis on a shared
Cloud computing models that encompass a subscription-based or pay
paradigm provide a service that can be used over the Internet and extends an IT shop’s
existing capabilities. Many users have found that this approach provides a return on
investment that IT managers are more than willing to accept.
Cloud Computing
Page 14
is often used as a metaphor for the
Internet and has become a familiar cliché. However, when “the cloud” is combined
define the term using a very broad
contend that anything beyond the firewall perimeter is in the cloud. A more
tempered view of cloud computing considers it the delivery of computational resources
ving services, computation and/or data—for cost
site to an internal or external, location-transparent,
centralized facility or contractor. By making data available in the cloud, it can be more
ten at much lower cost, increasing its value by
enabling opportunities for enhanced collaboration, integration, and analysis on a shared
based or pay-per-use
that can be used over the Internet and extends an IT shop’s
existing capabilities. Many users have found that this approach provides a return on
Security in Cloud Computing
Indus Institute of Technology & Engineering Page 15
2.1 Cloud Architecture
In Cloud architecture, the systems architecture(A system architecture or
systems architecture is the conceptual model that defines the structure, behaviour, and
more views of a system. An architecture description is a formal description and
representation of a system) of the software systems(The term software system is often
used as a synonym of computer program or software.) involved in the delivery of cloud
computing, typically involves multiple cloud components communicating with each
other over application programming interfaces, usually web services. This resembles
the Unix philosophy of having multiple programs each doing one thing well and
working together over universal interfaces. Complexity is controlled and the resulting
systems are more manageable than their monolithic counterparts.
Figure 2 :- Cloud Architecture
Security in Cloud Computing
Indus Institute of Technology & Engineering Page 16
2.2 Cloud Components
Figure 3 :- Cloud Components
A cloud computing solution is made up of several elements: clients, the
datacentre, and distributed servers. As shown in Above Figure, these components make
up the three parts of a cloud computing solution.
Each element has a purpose and plays a specific role in delivering a functional
cloud-based application, so let’s take a closer look.
Security in Cloud Computing
Indus Institute of Technology & Engineering Page 17
2.2.1 Clients
Clients are, in a cloud computing architecture, the exact same things that they
are in a local area network (LAN). They are, typically, the computers that just sit on
your desk. But they might also be laptops, tablet computers, mobile phones, or PDAs
(Personal digital assistant or Palmtop Computer)—all big drivers for cloud computing
because of their mobility. Anyway, clients are the devices that the end users interact
with to manage their information on the cloud. Clients generally fall into three
categories:
• Mobile -Mobile devices include PDAs or Smartphone’s, like a Blackberry, Windows
Mobile Smartphone or an iPhone.
• Thin -Clients are computers that do not have internal hard drives, but rather let the
servers do all the work, but then display the information.
• Thick -This type of client is a regular computer, using a web browser like Firefox
or Internet Explorer to connect to the cloud.
Thin clients are becoming an increasingly popular solution, because of their price and
effect on the environment. Some benefits to using thin clients include
• Lower hardware costs -Thin clients are cheaper than thick clients because they do not
contain as much hardware. They also last longer before they need to be upgraded or
become obsolete.
• Lower IT costs -Thin clients are managed at the server and there are fewer points of
failure.
• Security -Since the processing takes place on the server and there is no hard drive,
there’s less chance of malware invading the device. Also, since thin clients don’t work
without a server, there’s less chance of them being physically stolen.
• Data security -Since data is stored on the server, there’s less chance for data to be lost
if the client computer crashes or is stolen.
Security in Cloud Computing
Indus Institute of Technology & Engineering Page 18
2.2.2 Datacenter
The datacenter is the collection of servers where the application to which you
subscribe is housed. It could be a large room in the basement of your building or a
room full of servers on the other side of the world that you access via the Internet.
A growing trend in the IT world is vitalizing servers. That is, software can be installed
allowing multiple instances of virtual servers to be used. In this way, you can have half
a dozen virtual servers running on one physical server.
The number of virtual servers that can exist on a physical server depends on the
size and speed of the physical server and what applications will be running on the
virtual server.
2.2.3 Distributed Servers
In Distributed Servers, the servers don’t all have to be housed in the same
location. Often, servers are in geographically disparate locations. But to you, the cloud
subscriber, these servers act as if they’re humming away right next to each other.
This gives the service provider more flexibility in options and security. For instance,
Amazon has their cloud solution in servers all over the world. If something were to
happen at one site, causing a failure, the service would still be accessed through
another site. Also, if the cloud needs more hardware, they need not throw more servers
in the safe room—they can add them at another site and simply make it part of the
cloud.
Security in Cloud Computing
Indus Institute of Technology & Engineering Page 19
3.0 Cloud Computing Deployment models
Cloud computing architects provides three basic service models • Public cloud
• Private cloud
• Hybrid cloud
• Community Cloud
IT organizations can choose to deploy applications on public, private, or hybrid
clouds, each of which has its trade-offs. The terms public, private, and hybrid do not
dictate location. While public clouds are typically “out there” on the Internet and
private clouds are typically located on premises, a private cloud might be hosted at a
Collocation (share or designate to share the same place) facility as well.
A number of considerations with regard to which cloud computing model they
choose to employ, and they might use more than one model to solve different
problems. An application needed on a temporary basis might be best suited for
deployment in a public cloud because it helps to avoid the need to purchase additional
equipment to solve a temporary need. Likewise, a permanent application, or one that
has specific requirements on quality of service or location of data, might best be
deployed in a private or hybrid cloud.
3.1 Public clouds
Public clouds are run by third parties, and applications from different
customers are likely to be mixed together on the cloud’s servers, storage systems, and
networks. Public clouds are most often hosted away from customer premises, and they
provide a way to reduce customer risk and cost by providing a flexible, even temporary
extension to enterprise infrastructure.
Security in Cloud Computing
Indus Institute of Technology & Engineering Page 20
If a public cloud is implemented with performance, security, and data locality
in mind, the existence of other applications running in the cloud should be transparent
to both cloud architects and end users.
Portions of a public cloud can be carved out for the exclusive use of a single
client, creating a virtual private datacenter. Rather than being limited to deploying
virtual machine images in a public cloud, a virtual private datacenter gives customers
greater visibility into its infrastructure. Now customers can manipulate not just virtual
machine images, but also servers, storage systems, network devices, and network
topology.
Figure 4: - Public Cloud Model
Security in Cloud Computing
Indus Institute of Technology & Engineering Page 21
3.2 Private clouds
Private clouds are built for the exclusive use of one client, providing the utmost
control over data, security, and quality of service . The company owns the
infrastructure and has control over how applications are deployed on it. Private clouds
may be deployed in an enterprise datacenter, and they also may be deployed
at a collocation facility.
Private clouds can be built and managed by a company’s own IT organization
or by a cloud provider. In this “hosted private” model, a company such as Sun can
install, configure, and operate the infrastructure to support a private cloud within a
company’s enterprise datacenter. This model gives companies a high level of control
over the use of cloud resources while bringing in the expertise needed to establish and
operate the environment.
Figure 5: - Private Cloud Model
Security in Cloud Computing
Indus Institute of Technology & Engineering Page 22
3.3 Hybrid clouds
Hybrid clouds combine both public and private cloud models. They can help to
provide on-demand, externally provisioned scale. The ability to augment a private
cloud with the resources of a public cloud can be used to maintain service levels in the
face of rapid workload fluctuations. This is most often seen with the use of storage
clouds to support Web 2.0 applications. A hybrid cloud also can be used to handle
planned workload spikes. Sometimes called “surge computing,” a public cloud can be
used to perform periodic tasks that can be deployed easily on a public cloud.
Hybrid clouds introduce the complexity of determining how to distribute
applications across both a public and private cloud. Among the issues that need to be
considered is the relationship between data and processing resources. If the data is
small, or the application is stateless, a hybrid cloud can be much more successful than
if large amounts of data must be transferred into a public cloud for a small amount of
processing.
Figure 6:- Hybrid Cloud Model
Security in Cloud Computing
Indus Institute of Technology & Engineering Page 23
3.4 Community clouds
In Community Cloud the cloud infrastructure is shared by several
organizations and supports a specific community that has shared concerns (e.g.,
mission, security requirements, policy, or compliance considerations). It may be
managed by the organizations or a third party and may exist on-premises or
off-premises.
Security in Cloud Computing
Indus Institute of Technology & Engineering Page 24
4.0 Cloud computing Service Model
In practice, cloud service providers tend to offer services that can be grouped
into three categories: software as a service, platform as a service, and infrastructure as
a service. These categories group together the various layers with some overlap.
Table 1: - Cloud Computing Service Model
Security in Cloud Computing
Indus Institute of Technology & Engineering Page 25
4.1 Software as a service (SaaS)
Software as a service features a complete application offered as a service on
demand. A single instance of the software runs on the cloud and services multiple end
users or client organizations.
The most widely known example of SaaS is salesforce.com, though many other
examples have come to market, including the Google Apps offering of basic business
services including email and word processing.
Although salesforce.com preceded the definition of cloud computing by a few
years, it now operates by leveraging its companion force.com, which can be defined as
a platform as a service.
4.2 Platform as a service (PaaS)
Platform as a service encapsulates a layer of software and provides it as a
service that can be used to build higher-level services. There are at least two
perspectives on PaaS depending on the perspective of the producer or consumer of the
services:
• Someone producing PaaS might produce a platform by integrating an OS,
middleware, application software, and even a development environment that is then
provided to a customer as a service. For example, someone developing a PaaS offering
might base it on a set of Sun™ xVM hypervisor virtual machines that include a
NetBeans™ integrated development environment, a Sun GlassFish™ Web stack and
support for additional programming languages such as Perl or Ruby.
• Someone using PaaS would see an encapsulated service that is presented to them
through an API. The customer interacts with the platform through the API, and the
platform does what is necessary to manage and scale itself to provide a given level of
service. Virtual appliances can be classified as instances of PaaS. A content switch
appliance, for example, would have all of its component software hidden from the
customer, and only an API or GUI for configuring and deploying the service provided
Security in Cloud Computing
Indus Institute of Technology & Engineering Page 26
to them.
PaaS offerings can provide for every phase of software development and
testing, or they can be specialized around a particular area such as content
management.
Commercial examples of PaaS include the Google Apps Engine, which serves
applications on Google’s infrastructure. PaaS services such as these can provide a
powerful basis on which to deploy applications, however they may be constrained by
the capabilities that the cloud provider chooses to deliver.
4.3 Infrastructure as a service (IaaS)
Infrastructure as a service delivers basic storage and compute capabilities as
standardized services over the network. Servers, storage systems, switches, routers,
and other systems are pooled and made available to handle workloads that range from
application components to high-performance computing applications. Commercial
examples of IaaS include Joyent, whose main product is a line of virtualized servers
that provide a highly available on-demand infrastructure.
4.4 Anything-as-a-Service (XaaS)
Which is also a subset of cloud computing? XaaS broadly encompasses a
process of activating reusable software components over the network. The most
common and successful example is Software-as-a-Service. The growth of
“as-a-service” offerings has been facilitated by extremely low barriers to entry (they are
often accessible for free or available as recurring charges on a personal credit card). As
a result, such offerings have been adopted by consumers and small businesses well
before pushing into the enterprise space. All “as-a-service” offerings share a number of
common attributes, including little or no capital expenditure since the required
infrastructure is owned by the service provider, massive scalability, multitenancy, and
device and location independence allowing consumers remote access to systems using
nearly any current available technology.
Security in Cloud Computing
Indus Institute of Technology & Engineering Page 27
On the surface, it appears that XaaS is a potentially game-changing technology
that could reshape IT. However, most CIOs still depend on internal infrastructures
because they are not convinced that cloud computing is ready for prime time. Many
contend that if you want real reliability, you must write more reliable applications.
Regardless of one’s view on the readiness of cloud computing to meet corporate IT
requirements, it cannot be ignored. The concept of pay-as-you-go applications,
development platforms, processing power, storage, or any other cloud-enabled services
has emerged and can be expected to reshape IT over the next decade.
4.5 Virtualization and Private Clouds
Virtualization of computers or operating systems hides the physical
characteristics of a computing platform from users; instead it shows another abstract
computing platform. A hypervisor is a piece of virtualization software that allows
multiple operating systems to run on a host computer concurrently. Virtualization
providers include VMware, Microsoft, and Citrix Systems. Virtualization is an enabler
of cloud computing.
Recently some vendors have described solutions that emulate cloud computing
on private networks, referring to these as “private” or “internal” clouds (where “public”
or “external” cloud describes cloud computing in the traditional mainstream sense).
Private cloud products claim to deliver some of the benefits of cloud computing without
the pitfalls. Hybrid solutions are also possible: building internal clouds and connecting
customer data centers to those of external cloud providers. It has been reported that Eli
Lilly wants to benefit from both internal and external clouds3 and that Amylin6 is
looking at private cloud VMware as a complement to EC2. Other experts, however, are
skeptical: one has even gone as far as to describe private clouds as absolute rubbish.7
Platform Computing has recently launched a cloud management system, Platform ISF,
enabling customers to manage workload across both virtual and physical environments
and support multiple hypervisors and operating systems from a single interface.
VMware, the market leader in virtualization technology, is moving into cloud
technologies in a big way, with vSphere 4. The company is building a huge partner
network of service providers and is also releasing a “vCloud API”. VMware wants
Security in Cloud Computing
Indus Institute of Technology & Engineering Page 28
customers to build a series of “virtual data centers”, each tailored to meet different
requirements, and then have the ability to move workloads in the virtual data centers to
the infrastructure provided by cloud vendors.
Cisco, EMC and VMware have formed a new venture called Acadia. Its
strategy for private cloud computing is based on Cisco’s servers and networking,
VMware’s server virtualization and EMC’s storage. (Note, by the way, that EMC owns
nearly 85% of VMware.) Other vendors, such as Google, disagree with VMware’s
emphasis on private clouds; in return VMware says Google’s online applications are
not ready for the enterprise.
Security in Cloud Computing
Indus Institute of Technology & Engineering Page 29
5.0 Advantages of Cloud
• Agility improves with users' ability to rapidly and inexpensively re-provision
technological infrastructure resources
• Cost is claimed to be greatly reduced and capital expenditure is converted to
operational expenditure. This ostensibly lowers barriers to entry, as
infrastructure is typically provided by a third-party and does not need to be
purchased for one-time or infrequent intensive computing tasks.
• Device and location independence enable users to access systems using a
web browser regardless of their location or what device they are using (e.g.,
PC, mobile). As infrastructure is off-site (typically provided by a third-party)
and accessed via the Internet, users can connect from anywhere.
• Multi-tenancy enables sharing of resources and costs across a large pool of
users
• Reliability is improved if multiple redundant sites are used, which makes well
designed cloud computing suitable for business continuity and disaster
recovery.
• Scalability via dynamic ("on-demand") provisioning of resources on a
fine-grained, self-service basis near real-time, without users having to engineer
for peak loads. Performance is monitored, and consistent and loosely coupled
architectures are constructed using web services as the system interface
• Maintenance cloud computing applications are easier to maintain, since they
don't have to be installed on each user's computer.
Security in Cloud Computing
Indus Institute of Technology & Engineering Page 30
• Metering cloud computing resources usage should be measurable and should
be metered per client and application on daily, weekly, monthly, and annual
basis. This will enable clients on choosing the vendor cloud on cost and
reliability
• Security could improve due to centralization of data, increased
security-focused resources, etc., but concerns can persist about loss of control
over certain sensitive data, and the lack of security for stored kernels. Security
is often as good as or better than under traditional systems, in part because
providers are able to devote resources to solving security issues that many
customers cannot afford. Furthermore, the complexity of security is greatly
increased when data is distributed over a wider area and / or number of devices.
Security in Cloud Computing
Indus Institute of Technology & Engineering Page 31
6.0 Cloud Computing Reference Model
Understanding the relationships and dependencies between Cloud Computing
models is critical to understanding Cloud Computing security risks.
IaaS is the foundation of all cloud services, with PaaS building upon IaaS, and
SaaS in turn building upon PaaS as described in the Cloud Reference Model diagram.
In this way, just as capabilities are inherited, so are information security issues and risk.
It is important to note that commercial cloud providers may not neatly fit into the
layered service models. Nevertheless, the reference model is important for relating
real-world services to an architectural framework and understanding the resources and
services requiring security analysis. IaaS includes the entire infrastructure resource
stack from the facilities to the hardware platforms that reside in them. It incorporates
the capability to abstract resources (or not), as well as deliver physical and logical
connectivity to those resources. Ultimately, IaaS provides a set of APIs which allow
management and other forms of interaction with the infrastructure by consumers.
PaaS sits atop IaaS and adds an additional layer of integration with application
development frameworks; middleware capabilities; and functions such as database,
messaging, and queuing; which allow developers to build applications upon to the
platform; and whose programming languages and tools are supported by the stack.
SaaS in turn is built upon the underlying IaaS and PaaS stacks; and provides a
self-contained operating environment used to deliver the entire user experience
including the content, its presentation, the application(s), and management capabilities.
Security in Cloud Computing
Indus Institute of Technology & Engineering Page 32
Figure 7:- Cloud Computing Reference Model
Security in Cloud Computing
Indus Institute of Technology & Engineering Page 33
7.0 Security for Cloud Computing
There is a number of security issues associated with cloud computing but these
issues fall into two broad categories: Security issues faced by cloud providers
(organizations providing Software-, Platform-, or Infrastructure-as-a-Service via the
cloud) and security issues faced by their customers. In most cases, the provider must
ensure that their infrastructure is secure and that their clients’ data and applications are
protected while the customer must ensure that the provider has taken the proper security
measures to protect their information.
Security controls in cloud computing are, for the most part, no different than
security controls in any IT environment. Cloud computing may present different risks
to an organization than traditional IT solutions. Cloud computing is about gracefully
losing control while maintaining accountability even if the operational responsibility
falls upon one or more third parties.
While cloud security concerns can be grouped into any number of dimensions
these dimensions have been aggregated into three general areas Security and Privacy,
Compliance, and Legal or Contractual Issues.
7.1 Defining Security in the Cloud
If we wish to enable cloud-driven growth and innovation through security, we
must have a clear framing on what is meant by security. Security has been notoriously
hard to define in the general case. The canonical goals of information security are
Confidentiality, Integrity, and Availability. We borrow from NIST to include
Accountability and Assurance, and then add a sixth category of Resilience. We define
these terms below and map them to the cloud context, with a few examples of how they
can be supported by both technical and non-technical mechanisms.
Security in Cloud Computing
Indus Institute of Technology & Engineering Page 34
To begin to answer these questions, let’s quickly look at the security of the
traditional datacenter and the impact of virtualization technology, which is enabling the
cloud computing revolution.
7.2 Security Issues and Challenges
IaaS (Infrastructure as a Service), PaaS (Platform as a Service), and SaaS
(Software as a Service) are three general models of cloud computing. Each of these
models possess a different impact on application security. However, in a typical
scenario where an application is hosted in a cloud, two broad security questions that
arises are:
•••• How secure is the Data?
•••• How secure is the Code?
Cloud computing environment is generally assumed as a potential cost saver as well
as provider of higher service quality. Security, Availability, and Reliability is the major
quality concerns of cloud service users. Gens et. al., suggests that security in one of the
prominent challenge among all other quality challenges.
7.3 Security Advantages in Cloud Environments
Current cloud service providers operate very large systems. They have
sophisticated processes and expert personnel for maintaining their systems, which
small enterprises may not have access to. As a result, there are many direct and indirect
security advantages for the cloud users. Here we present some of the key security
advantages of a cloud computing environment:
• Data Centralization: In a cloud environment, the service provider takes care of
storage issues and small business need not spend a lot of money on physical
storage devices. Also, cloud based storage provides a way to centralize the data
faster and potentially cheaper. This is particularly useful for small businesses,
Security in Cloud Computing
Indus Institute of Technology & Engineering Page 35
which cannot spend additional money on security professionals to monitor the
data.
• Incident Response: IaaS providers can put up a dedicated forensic server that
can be used on demand basis. Whenever a security violation takes place, the
server can be brought online. In some investigation cases, a backup of the
environment can be easily made and put onto the cloud without affecting the
normal course of business.
• Forensic Image Verification Time: Some cloud storage implementations
expose a cryptographic check sum or hash. For example, Amazon S3 generates
MD5 (Message-Digest algorithm 5) hash automatically when you store an
object. Therefore in theory, the need to generate time consuming MD5
checksums using external tools is eliminated.
• Logging: In a traditional computing paradigm by and large, logging is often an
afterthought. In general, insufficient disk space is allocated that makes logging
either non-existent or minimal. However, in a cloud, storage need for standard
logs is automatically solved.
7.4 Security Disadvantages in Cloud Environments
In spite of security advantages, cloud computing paradigm also introduces some
key security challenges. Here we discuss some of these key security challenges:
• Data Location: In general, cloud users are not aware of the exact location of
the datacenter and also they do not have any control over the physical access
mechanisms to that data. Most well-known cloud service providers have
datacenters around the globe. Some service providers also take advantage of
their global datacenters. However, in some cases applications and data might be
stored in countries, which can judiciary concerns. For example, if the user data
is stored in X country then service providers will be subjected to the security
Security in Cloud Computing
Indus Institute of Technology & Engineering Page 36
requirements and legal obligations of X country. This may also happen that a
user does not have the information of these issues.
• Investigation: Investigating an illegitimate activity may be impossible in cloud
environments. Cloud services are especially hard to investigate, because data
for multiple customers may be co-located and may also be spread across
multiple datacenters. Users have little knowledge about the network topology of
the underlying environment. Service provider may also impose restrictions on
the network security of the service users.
• Data Segregation: Data in the cloud is typically in a shared environment
together with data from other customers. Encryption cannot be assumed as the
single solution for data segregation problems. In some situations, customers
may not want to encrypt data because there may be a case when encryption
accident can destroy the data.
• Long-term Viability: Service providers must ensure the data safety in
changing business situations such as mergers and acquisitions. Customers must
ensure data availability in these situations. Service provider must also make
sure data security in negative business conditions like prolonged outage etc.
• Compromised Servers: In a cloud computing environment, users do not even
have a choice of using physical acquisition toolkit. In a situation, where a server
is compromised; they need to shut their servers down until they get a previous
backup of the data. This will further cause availability concerns.
• Regulatory Compliance: Traditional service providers are subjected to
external audits and security certifications. If a cloud service provider does not
adhere to these security audits, then it leads to a obvious decrease in customer
trust.
• Recovery: Cloud service providers must ensure the data security in natural and
man-made disasters. Generally, data is replicated across multiple sites.
Security in Cloud Computing
Indus Institute of Technology & Engineering Page 37
However, in the case of any such unwanted event, provider must do a complete
and quick restoration.
7.5 Security Issues in Virtualization
Full Virtualization and Para Virtualization is two kinds of virtualization in a
cloud computing paradigm. In full virtualization, entire hardware architecture is
replicated virtually. However, in para virtualization, an operating system Towards
Analyzing Data Security Risks in Cloud Computing Environments 259 is modified so
that it can be run concurrently with other operating systems.
VMM (Virtual Machine Monitor), is a software layer that abstracts the physical
resources used by the multiple virtual machines. The VMM provides a virtual processor
and other virtualized versions of system devices such as I/O devices, storage, memory,
etc.
VMM Instance Isolation ensures that different instances running on the same
physical machine are isolated from each other. However, current VMMs do not offer
perfect isolation. Many bugs have been found in all popular VMMs that allow escaping
from VM (Virtual machine). Vulnerabilities have been found in all virtualization
software’s, which can be exploited by malicious users to bypass certain security
restrictions or/and gain escalated privileges. Below are few examples for this:
• Vulnerability in Microsoft Virtual PC and Microsoft Virtual Server could allow
a guest operating system user to run code on the host or another guest operating
system.
• Vulnerability was found in VMware’s shared folders mechanism that grants
users of a guest system read and write access to any portion of the host’s file
system including the system folder and other security-sensitive files.
Security in Cloud Computing
Indus Institute of Technology & Engineering Page 38
• Vulnerability in Xen can be exploited by “root” users of a guest domain to
execute arbitrary commands.
7.6 Survey of Cloud Computing
We carry out a small survey of major cloud service providers to investigate the
security mechanisms to overcome the security issues discussed in this paper. We
consider ten major cloud service providers. These providers provide their services in all
major areas of cloud computing, including SaaS, PaaS and IaaS.
Table 1 shows the list of service providers that we studied in this survey. In
order to analyze the complete state of art of security in cloud computing, the survey
needs to be more exhaustive. However, due to the fact that the scope of our work is not
just to explore the state of art but to look at the major factors that affect security in cloud
computing. Therefore we have intentionally not considered other cloud service
providers in this survey.
Table 2:- Major Cloud Service Providers
Service Provider Type Names
IaaS Amazon EC2, Amazon S3, GoGrid
PaaS Google App Engine, Microsoft Azure Services,
Amazon
Elastic Map Reduce
SaaS Salesforce, Google Docs
In table 2, we present the results of the survey that depicts the current state of
security mechanisms. Information given in table 2 is based on the information available
online at the official websites of these providers
Security in Cloud Computing
Indus Institute of Technology & Engineering Page 39
Table 3:- Summary of Security Mechanisms by Major Cloud Service Providers
Security Issue Results
Password Recovery 90% are using standard methods like other common
services,
while 10% are using sophisticated techniques.
Encryption Mechanism 40% are using standard SSL encryption, while 20% are
using encryption mechanism but at an extra cost. 40%
are using advance methods like HTTPS access also.
Data Location 70% have their datacenters located in more than one
country, while 10% are located at a single location.
20%
are not open about this issue.
Availability History In 40% there is a reported downtime alongwith a result
in data loss, while in 60% cases data availability is
good.
Proprietary/Open Only 10% providers have open mechanism.
Monitoring Services 70% are providing extra monitoring services, while
10%
are using automatic techniques. 20 % are not open
about
this issue.
7.7 Traditional Datacenter Security
The word ‘datacenter’ has long evoked images of massive server farms behind
locked doors, where electricity and cooling were as important as network security to
maintain reliability and availability of data. Perimeter security controls are the most
common approach taken for traditional datacenter security. This approach typically
includes perimeter firewall, demilitarized zones (DMZ), network segmentation,
network intrusion detection and prevention systems (IDS/IPS) and network monitoring
tools.
Security in Cloud Computing
Indus Institute of Technology & Engineering Page 40
8.0 Virtualization – The Catalyst of the Cloud
Advancements in virtualization technologies enable enterprises to get more
computing power from the underutilized capacity of physical servers. The traditional
datacenter footprint is shrinking to enable cost savings and “greener” IT through server
consolidation. Enterprises and service providers are using virtualization to enable
multi-tenant uses of what used to be single-tenant or single-purpose physical servers.
Extending virtual machines to public clouds causes the enterprise network
perimeter to evaporate and the lowest-common denominator to impact the security of
all. The inability of physical segregation and hardware-based security to deal with
attacks between virtual machines on the same server highlights the need for
mechanisms to be deployed directly on the server, or virtual machines.
Deploying this line of defense at the virtual machine itself enables critical
applications and data to be moved to cloud environments.
8.1 Confidentiality
Confidentiality refers to keeping data private. Privacy is of tent amount
importance as data leaves the borders of the organization. Not only must internal
secrets and sensitive personal data be safeguarded, but metadata and transactional data
can also leak important details about firms or individuals. Confidentiality is supported
by, among other things, technical tools such as encryption and access control, as well as
legal protections.
8.2 Integrity
Integrity is a degree confidence that the data in the cloud is what is supposed to
be there, and is protected against accidental or intentional alteration without
authorization. It also extends to the hurdles of synchronizing multiple databases.
Security in Cloud Computing
Indus Institute of Technology & Engineering Page 41
Integrity is supported by well audited code, well-designed distributed systems, and
robust access control mechanisms.
8.3 Authentication
User authentication is often the primary basis for access control, keeping the bad guys
out while allowing authorized users in with a minimum of fuss. In the cloud
environment, authentication and access control are more important than ever since the
cloud and all of its data are accessible to anyone over the Internet. The TPM can easily
provide stronger authentication than username and passwords. TCG’s IF-MAP
standard allows for real-time communication between the cloud provider and the
customer about authorized users and other security issues. When a user is fired or
reassigned, the customer’s identity management system can notify the cloud provider
in real-time so that the user’s cloud access can be modified or revoked within seconds.
If the fired user is logged into the cloud, they can be immediately disconnected. Trusted
Computing enables authentication of client PCs and other devices, which also is critical
to ensuring security in cloud computing.
8.4 Availability
Availability means being able to use the system as anticipated. Cloud
technologies can increase availability through widespread internet-enabled access, but
the client is dependent on the timely and robust provision of resources. Availability is
supported by capacity building and good architecture by the provider, as well as
well-defined contracts and terms of agreement.
8.5 Accountability
Accountability maps actions in the system to responsible parties. Inside the
cloud, actions must be traced uniquely back to an entity, allowing for integration into
organizational processes, conflict resolution and deterrence of bad behavior.
Security in Cloud Computing
Indus Institute of Technology & Engineering Page 42
Accountability is supported by robust identity, authentication and access control, as
well as the ability to log transactions and then, critically, audit these logs.
8.6 Assurance
Assurance refers to the need for a system to behave as expected. In the cloud
context, it is important that the cloud provider provides what the client has specified.
This is not simply a matter of the software and hardware behaving as the client expects
but that the needs of the organization are understood, and that these needs are
accurately translated into information architecture requirements, which are then
faithfully implemented in the cloud system. Assurance is supported by a trusted
computing architecture in the cloud, and a by careful processes mapping from business
case to technical details to legal agreements.
8.7 Resilience
Resilience in a system allows it to cope with security threats, rather than failing
critically. Cloud technology can increase resilience, with a broader base, backup data
and systems, and the potential identify threats and dynamically counteract. However,
by shifting critical systems and functions to an outside party, organizations can
aggravate resilience by introducing a single point of failure. Resilience is supported by
redundancy, diversification and real-time forensic capacity.
Security in Cloud Computing
Indus Institute of Technology & Engineering Page 43
9.0 Cloud Computing Security Issues
In order to ensure that data is secure (that it cannot be accessed by unauthorized
users or simply lost) and that data privacy is maintained, cloud providers attend to the
following areas in Security and Privacy issues.
Figure 8: - Security Architecture Design
Security in Cloud Computing
Indus Institute of Technology & Engineering Page 44
A security architecture framework should be established with consideration of
processes (enterprise authentication and authorization, access control, confidentiality,
integrity, no repudiation, security management, etc.), operational procedures,
technology specifications, people and organizational management, and security
program compliance and reporting. A security architecture document should be
developed that defines security and privacy principles to meet business objectives.
Documentation is required for management controls and metrics specific to asset
classification and control, physical security, system access controls, network and
computer management, application development and maintenance, business continuity,
and compliance. A design and implementation program should also be integrated with
the formal system development life cycle to include a business case, requirements
definition, design, and implementation plans. Technology and design methods should
be included, as well as the security processes necessary to provide the following
services across all technology layers:
9.1 Authentication
9.2 Authorization
9.3 Availability
9.4 Confidentiality
9.5 Integrity
9.6 Accountability
9.7 Privacy
The creation of a secure architecture provides the engineers, data center operations
personnel, and network operations personnel a common blueprint to design, build, and
test the security of the applications and systems.
Design reviews of new changes can be better assessed against this architecture to
assure that they conform to the principles described in the architecture, allowing for
more consistent and effective design reviews.
Security in Cloud Computing
Indus Institute of Technology & Engineering Page 45
• Secure Software Development Life Cycle (SecSDLC)
The SecSDLC involves identifying specific threats and the risks they represent,
followed by design and implementation of specific controls to counter those threats and
assist in managing the risks they pose to the organization and/or its customers. The
SecSDLC must provide consistency, repeatability, and conformance. The SDLC
consists of six phases, and there are steps unique to the SecSDLC in each of phases:
o Investigation: Define project processes and goals, and document them
in the program security policy.
o Analysis: Analyze existing security policies and programs, analyze
current threats and controls, examine legal issues, and perform risk
analysis.
o Logical design: Develop a security blueprint, plan incident response
actions, plan business responses to disaster, and determine the
feasibility of continuing and/or outsourcing the project.
o Physical design: Select technologies to support the security blueprint,
develop a definition of a successful solution, design physical security
measures to support technological solutions, and review and approve
plans.
o Implementation: Buy or develop security solutions. At the end of this
phase, present a tested package to management for approval.
o Maintenance: Constantly monitor, test, modify, update, and repair to
respond to changing threats.
Security in Cloud Computing
Indus Institute of Technology & Engineering Page 46
In the SecSDLC, application code is written in a consistent manner that can
easily be audited and enhanced; core application services are provided in a common,
structured, and repeatable manner; and framework modules are thoroughly tested for
security issues before implementation and continuously retested for conformance
through the software regression test cycle. Additional security processes are developed
to support application development projects such as external and internal penetration
testing and standard security requirements based on data classification. Formal training
and communications should also be developed to raise awareness of process
enhancements.
Security in Cloud Computing
Indus Institute of Technology & Engineering Page 47
10 Cloud Security Challenges
At first glance, the security requirements for cloud computing providers would
appear to be the same as traditional datacenters — apply a strong network security
perimeter and keep the bad guys out. However, as previously stated, physical
segregation and hardware-based security cannot protect against attacks between virtual
machines on the same server. The following outlines some of the primary concerns that
enterprises should be aware of when planning their cloud computing deployments.
10.1 Administrative Access to Servers and
Applications
One of the most important characteristics of cloud computing is that it offers
“self-service” access to computing power, most likely via the Internet. In traditional
datacenters, administrative access to servers is controlled and restricted to direct or
on-premise connections. In cloud computing, this administrative access must now be
conducted via the Internet, increasing exposure and risk. It is extremely important to
restrict administrative access and monitor this access to maintain visibility of changes
in system control.
10.2 Dynamic Virtual Machines: VM State and
Sprawl
Virtual machines are dynamic. They can quickly be reverted to previous
instances, paused and restarted, relatively easily. They can also be readily cloned and
seamlessly moved between physical servers. This dynamic nature and potential for VM
sprawl makes it difficult to achieve and maintain consistent security. Vulnerabilities or
configuration errors may be unknowingly propagated. Also, it is difficult to maintain an
auditable record of the security state of a virtual machine at any given point in time. In
cloud computing environments, it will be necessary to be able to prove the security state
Security in Cloud Computing
Indus Institute of Technology & Engineering Page 48
of a system, regardless of its location or proximity to other, potentially insecure virtual
machines.
10.3 Vulnerability Exploits and VM-TO-VM Attacks
Cloud computing servers use the same operating systems, enterprise and web
applications as localized virtual machines and physical servers. The ability for an
attacker or malware to remotely exploit vulnerabilities in these systems and
applications is a significant threat to virtualized cloud computing environments. In
addition, co-location of multiple virtual machines increases the attack surface and risk
of VM-to-VM compromise. Intrusion detection and prevention systems need to be able
to detect malicious activity at the virtual-machine level, regardless of the location of the
VM within the virtualized cloud environment.
10.4 Encryption and Data Protection
Many regulations and standards such as the PCI DSS and HIPAA include
requirements for the use of encryption to protect critical information—such as
cardholder data and personally identifiable information (PII)—to achieve compliance
or safe harbor in the event of a breach. The multi-tenant nature of the cloud amplifies
these requirements and creates unique challenges with the accessibility and protection
of encryption credentials used to ensure data protection.
10.5 Policy and Compliance
Enterprises are experiencing significant pressure to comply with a wide range
of regulations and standards such as PCI, HIPAA, and GLBA in addition to auditing
practices such as SAS70 and ISO. Enterprises need to prove compliance with security
standards, regardless of the location of the systems required to be in scope of
regulation, be that on-premise physical servers, on-premise virtual machines or
off-premise virtual machines running on cloud computing resources.
Security in Cloud Computing
Indus Institute of Technology & Engineering Page 49
10.6 Patch Management
The self-service nature of cloud computing may create confusion for patch
management efforts. Once an enterprises subscribes to a cloud computing
resource—for example by creating a Web server from templates offered by the cloud
computing service provider—the patch management for that server is no longer in the
hands of the cloud computing vendor, but is now the responsibility of the subscriber.
Keeping in mind that according to the previously mentioned Verizon 2008 Data Breach
Investigations Report, 90% of known vulnerabilities that were exploited had patches
available for at least six months prior to the breach, organizations leveraging cloud
computing need to keep vigilant to maintain cloud resources with the most recent
vendor supplied patches. If patching is impossible or unmanageable, compensating
controls such as “virtual patching” need to be considered.
10.7 Perimeter Protection and Zoning
In cloud computing, the enterprise perimeter evaporates and the
lowest-common denominator impacts the security of all. The enterprise firewall, the
foundation for establishing security policy and zoning for networks, can either no
longer reach cloud computing servers, or its policies are no longer in the control of the
resource owner, but the responsibility of the cloud computing provider. To establish
zones of trust in the cloud, the virtual machines must be self-defending, effectively
moving the perimeter to the virtual machine itself.
10.8 Rogue Corporate Resources
Eager for immediate computing resources and results, non-IT savvy individuals
and groups are jumping at cloud computing. Important corporate data and applications
are being deployed in the cloud, possibly oblivious to the security implications.
Security in Cloud Computing
Indus Institute of Technology & Engineering Page 50
11 Data Protection, Identity Management, Security
11.1 Data Protection
To be considered protected, data from one customer must be properly
segregated from that of another; it must be stored securely when “at rest” and it must be
able to move securely from one location to another. Cloud providers have systems in
place to prevent data leaks or access by third parties. Proper separation of duties should
ensure that auditing and/or monitoring cannot be defeated, even by privileged users at
the cloud provider.
11.2 Identity Management
Every enterprise will have its own identity management system to control
access to information and computing resources. Cloud providers either integrate the
customer’s identity management system into their own infrastructure, using federation
or SSO technology, or provide an identity management solution of their own.
11.3 Physical and Personnel Security
Providers ensure that physical machines are adequately secure and that access
to these machines as well as all relevant customer data is not only restricted but that
access is documented. Finally, providers ensure that all critical data (credit card
numbers, for example) are masked and that only authorized users have access to data in
its entirety. Moreover, digital identities and credentials must be protected as should any
data that the provider collects or produces about customer activity in the cloud.
Security in Cloud Computing
Indus Institute of Technology & Engineering
12 AvailabilityCloud providers assure customers that they will have regular and predictable access
to their data and applications.
For example, consider some of the cloud
outages which have been widely reported…
Bit bucket, DDoS'd Off The Air
Security in Cloud Computing
Indus Institute of Technology & Engineering
12 Availability Cloud providers assure customers that they will have regular and predictable access
to their data and applications.
example, consider some of the cloud
outages which have been widely reported…
, DDoS'd Off The Air
Page 51
Cloud providers assure customers that they will have regular and predictable access
example, consider some of the cloud-related
Security in Cloud Computing
Indus Institute of Technology & Engineering
Maintenance Induced Cascading Failures
Security in Cloud Computing
Indus Institute of Technology & Engineering
Maintenance Induced Cascading Failures
Page 52
Security in Cloud Computing
Indus Institute of Technology & Engineering Page 53
13 Application Securities, User Centric Access
Control, Transparency
13.1 Application Securities
Cloud providers ensure that applications available as a service via the cloud are
secure. Securing application software that is running on being developed in the cloud.
This includes items such as whether it’s appropriate to migrate or design an application
to run in the cloud, and if so, what type of cloud platform is most appropriate (SaaS,
PaaS, or IaaS). Some specific security issues related to the cloud are also discussed.
13.2 User Centric Access Control
The traditional model of application-centric access control, where each
application keeps track of its collection of users and manages them, is not feasible in
cloud based architectures. This is more so, because the user space maybe shared across
applications that can lead to data replication, making mapping of users and their
privileges a herculean task. Also, it requires the user to remember multiple
accounts/passwords and maintain them. Cloud requires a user centric access control
where every user request to any service provider is bundled with the user identity and
entitlement information. User identity will have identifiers or attributes that identity
and define the user. The identity is tied to a domain, but is portable. User centric
approach leaves the user with the ultimate control of their digital identities. User centric
approach also implies that the system maintains a context of information for every user,
in order to find how best to react to in a given situation to a given user request. It should
support pseudonyms and multiple and discrete identities to protect user privacy. This
can be achieved easily by using one of the open standards like OpenID or SAML.
Security in Cloud Computing
Indus Institute of Technology & Engineering Page 54
13.3 Transparency
Security measures assumed in the cloud must be made available to the
customers to gain their trust. There is always a possibility that the cloud infrastructure is
secured with respect to some requirements and the customers are looking for a different
set of security. The important aspect is to see that the cloud provider meets the security
requirements of the application and this can be achieved only through 100%
transparency. Open Cloud Manifesto exerts stress on transparency in clouds, due the
consumer’s apprehensions to host their applications on a shared infrastructure, on
which they do not have any control. Transparency can be achieved by complete audit
logging and control.
Security in Cloud Computing
Indus Institute of Technology & Engineering Page 55
14 New Opportunities
Combining the contemporary and historical viewpoints, we arrive at the
position that many cloud computing security problems are not in fact new, but often
will still require new solutions in terms of specific mechanisms. Existing contemporary
works already explore many pertinent topics; we highlight here several areas that
deserve more attention.
First, cloud providers should offer a choice of security primitives with
well-considered defaults. Cloud users know more about their applications, but cloud
providers potentially know more about the relevant security issues due to a higher
concentration of security expertise. The cloud user would ideally choose from a
spectrum of security levels and security subsystem boundaries. We believe this
flexibility could prove to be a major improvement if done well. One possible approach
would be to formulate the security primitives around defending different stakeholders
against different particular threat models. An additional feature might support “plug
and-play" services readily compliant with common standards such as those of HIPAA
or Payment Card Industry.
Another important research area concerns determining apt granularities for
isolation. Several are possible: isolate by virtual or physical machines, LANs, clouds,
or datacenters. We at present lack a good understanding of the tradeoffs between
security and performance for each of these options, but it would appear likely that cloud
providers can fruitfully offer different granularities of isolation as a part of their
spectrum of security.
Side channels and covert channels pose another fundamental threat, one which
interplays with the granularities of isolation discussed above. While not a panacea (e.g.,
it takes very few bits to steal a password), a helpful analysis could include when
appropriate a quantification of channel bit rates, coupled with an assessment of the bit
rate required to do harm.
Security in Cloud Computing
Indus Institute of Technology & Engineering Page 56
One important area that has yet to receive much attention is mutual audit ability.
The auditing capabilities of most existing systems focus on one-way audit ability. In
cloud computing, providers and users may need to demonstrate mutual trustworthiness,
in a bilateral or multilateral fashion. As discussed above, such audit ability can have
major benefits with regard to fate-sharing, such as enabling cloud providers in search
and seizure incidents to demonstrate to law enforcement that they have turned over all
relevant evidence, and prove to users that they turned over only the necessary evidence
and nothing more. Recent work notes that implementing thorough auditing is not a
simple matter even for straightforward web services. In cloud computing, it remains an
open challenge to achieve thorough auditing without impairing performance. To
complicate matters even further, the auditor fundamentally needs to be an independent
third party, and a third-party auditor requires a setup quite different than today’s
practice, in which cloud providers record and maintain all the audit logs. In short,
mutual audit ability needs significant work. On the plus side, achieving it robustly
would constitute an important security feature.
More broadly, we see a need for research that seeks to understand the ecosystem
of threats. Current work in the literature generally focuses only single aspects of the
cloud security problem. As we begin to understand problems in isolation, we should
also start to put together an understanding of how different issues and threats combine.
For example, in web security we understand security problems at a high-level as an
ecosystem involving the interplay between worms, bots, scams, spam, phishing, active
content, browsers, usability, and other human factors. We argue that future work on
cloud security needs to similarly bridge established topic boundaries.
Lastly, we would highlight that breaking real clouds makes them stronger. Such
studies involve obvious ethical issues, but provide much more compelling results than
breaking hypothetical clouds. For example, the EC2 information leak study in triggered
a highly visible security effort by Amazon Web Services, and serves as a model for
similar future work in academia. Similarly, the Air Force Mastics security
enhancements originated from a companion effort to find security exploits. Such
coupled attack and defense approaches serve as a model for potential government cloud
security projects today, and cloud providers should sponsor internal adversarial efforts
to discover vulnerabilities before they become exposed in the wild. Needless to say,
Security in Cloud Computing
Indus Institute of Technology & Engineering Page 57
stakeholders also need to continue to track black-hat perspectives. Finally, research
partnerships between different types of stakeholders will likely prove very beneficial to
advancing the field.
Security in Cloud Computing
Indus Institute of Technology & Engineering Page 58
15 Conclusions
In cloud computing, end-to-end security is critical. Building blocks from TCG
and commercial products built on these principles will help make the cloud
environment more secure. Ongoing research from TCG and operating system or device
security vendors will take advantage of the TPM using additional software to enhance
its capability for cloud computing. Other research on cloud computing security is under
way at several companies. Today, the good news is that most cloud security issues can
be addressed with well-known, existing techniques.
The TPM can be an independent entity that works on behalf of cloud computing
customers. Inside every server in the cloud, the TPM and associated software can check
what is installed on each machine and verify the machine’s health and proper
performance. When it detects a problem, TNC technology can immediately restrict
access to a device or server. For securing data at rest in the cloud or in clients that
access cloud data, self-encrypting drives based on Trusted Storage provide the
ultimately secure solution.
Organizations that have already implemented TCG-based solutions can
leverage their corporate investment in hardware, software and policies and re-use them
for cloud computing. If cloud computing represents an organization’s initial
implementation of TCG-based technology (used by the cloud provider), the rest of the
organization should be re-evaluated for areas where TCG technology can provide
improved internal security, including: activating TPMs, use of self-encrypting drives
and network access control through TNC.
In an emerging discipline, like cloud computing, security needs to be analyzed
more frequently. With advancement in cloud technologies and increasing number of
cloud users, data security dimensions will continuously increase. In this paper, we have
analyzed the data security risks and vulnerabilities which are present in current cloud
computing environments.
Security in Cloud Computing
Indus Institute of Technology & Engineering Page 59
The most obvious finding to emerge from this study is that, there is a need of
better trust management. We have built a risk analysis approach based on the prominent
security issues. The security analysis and risk analysis approach will help service
providers to ensure their customers about the data security. Similarly, the approach can
also be used by cloud service users to perform risk analysis before putting their critical
data in a security sensitive cloud.
At present, there is a lack of structured analysis approaches that can be used for
risk analysis in cloud computing environments. The approach suggested in this paper is
a first step towards analyzing data security risks. This approach is easily adaptable for
automation of risk analysis.
Security in Cloud Computing
Indus Institute of Technology & Engineering Page 60
16 Vulnerabilities
Cloud computing shares in common with other network-based application, storage
and communication platforms certain vulnerabilities in several broad areas:
• Web application vulnerabilities, such as cross-site scripting and SQL injection
(which are symptomatic of poor field input validation, buffer overflow; as well
as default configurations or miss-configured applications.
• Accessibility vulnerabilities, which are vulnerabilities inherent to the TCP/IP
stack and the operating systems, such as denial of service and distributed denial
of services
• Authentication of the respondent device or devices. IP spoofing RIP attacks,
ARP poisoning (spoofing), and DNS poisoning are all too common on the
Internet. TCP/IP has some “unfixable flaws” such as “trusted machine” status
of machines that have been in contact with each other, and tacit assumption that
routing tables on routers will not be maliciously altered.
• Data Verification, tampering, loss and theft, while on a local machine, while in
transit, while at rest at the unknown third-party device, or devices, and during
remote back-ups.
• Physical access issues, both the issue of an organization’s staff not having
physical access to the machines storing and processing a data, and the issue of
unknown third parties having physical access to the machines
• Privacy and control issues stemming from third parties having physical control
of a data is an issue for all outsourced networked applications and storage, but
cloud architectures have some specific issues that are distinct from the usual
issues.
Security in Cloud Computing
Indus Institute of Technology & Engineering Page 61
17 References
URL: http://en.wikipedia.org/wiki/Cloud_Computing
http://www.cloudsecurityalliance.org
http://cloudcomputing.sys-con.com/node/1330353
http://www.parc.com/content/attachments/ControllingDataInTheCloud-CCSW-09.pdf
http://www.trustedcomputinggroup.org
http://cloudsecurityalliance.org
http://cloudcomputing.sys-con.com/node/1203943
http://cloudcomputing.sys-con.com/node/1330353
Books:
• Amazon elastic computer cloud (2008), http://aws.amazon.com/ec2/
• Twenty Experts Define Cloud Computing (2008),
http://cloudcomputing.syscon.com/read/612375_p.htm
• Andert, D., Wakefield, R., Weise, J.: Trust Modeling for Security Architecture
Development (2002), http://www.sun.com/blueprints
• John, H.: Security Guidance for Critical Areas of Focus in Cloud Computing
(2009), http://www.cloudsecurityalliance.org/guidance/ (Accessed 2 July 2009)
• Two Factor Authentication, http://en.wikipedia.org/wiki/
• Public Key, http://en.wikipedia.org/wiki/Public_key_certificate
• Buyya, R., Yeo, C.S., Venugopal, S., Broberg, J., Brandic, I.: Cloud Computing
and Emerging IT Platforms: Vision, Hype, and Reality for delivering
Computing as the 5th Utility. Future Generation Computer Systems 25,
599–616
• Cachin, C., Keider, I., Shraer, A.: Trusting The Cloud. IBM Research, Zurich
Research laboratory (2009)
• Google App Engine (2008), http://appengine.google.com
• Microsoft Live Mesh (2008), http://www.mesh.com
• Brodkin, J.: Seven Cloud Computing Security Risks (2008),
http://www.gartner.com/DisplayDocument?id=685308
Security in Cloud Computing
Indus Institute of Technology & Engineering Page 62
18 Appendices TCG – Trusted Computing Group
LAN – Local Area Network
API – Application Programming Interface
TPI – Trusted Platform Module
DMZ - Demilitarized Zones
ID -Intrusion Detection
IPS- Intrusion Prevention Systems
Top Related