Difference between revisions of "Journal:Multilevel classification of security concerns in cloud computing"
Shawndouglas (talk | contribs) m (Added ref section) |
Shawndouglas (talk | contribs) (Added more content. Saving and adding more.) |
||
| Line 29: | Line 29: | ||
'''Keywords''': Cloud computing, security, virtualization, SaaS, PaaS, IaaS | '''Keywords''': Cloud computing, security, virtualization, SaaS, PaaS, IaaS | ||
==Introduction== | ==1. Introduction== | ||
Cloud computing is a broad paradigm based on models for providing services of storage and platform software. Cloud computing concept has emerged from distributed and grid computing domains that are already in use for mail servers, web storage and hosting services. Cloud computing, as defined by NIST, is referred to as: A model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction.<ref name="MellTheNIST11">{{cite book |title=The NIST Definition of Cloud Computing |author=Mell, P.; Grance, T. |publisher=National Institute of Standards and Technology |pages=7 |year=2011 |doi=10.6028/NIST.SP.800-145}}</ref> | |||
In cloud computing, clouds can be described at different layers, i.e., SaaS ( | In cloud computing, clouds can be described at different layers, i.e., SaaS (Software as a Service), PaaS (Platform as a Service) and IaaS (Infrastructure as a Service). Although applications for clouds are in development phase, however security requirements for the data and services on the clouds are getting attention of researchers and it has become necessary to consider each layer of a cloud for possible attacks. It is worth noting that cloud computing systems have many advantages; however, large organizations are still hesitant to shift their setups on the cloud mainly due to security issues and risks. Thus, it is important to address the security issues and problems in cloud systems, and to find a solution for the widespread acceptance of these solutions. However, being a new domain, the research on the requirements and issues regarding security of clouds is still in its early stages. | ||
In the literature, there are different classifications of cloud security attacks<ref name="BhadauriaSurv12">{{cite journal |title=Survey on Security Issues in Cloud Computing and Associated Mitigation Techniques |journal=International Journal of Computer Applications |author=Bhadauria, R.; Sanyal, S. |volume=47 |issue=18 |pages=47–66 |year=2012 |doi=10.5120/7292-0578}}</ref><ref name="YeoSec13">{{cite book |chapter=Security Considerations in Cloud Computing Virtualization Environment |title=Grid and Pervasive Computing |author=Yeo, S.-S.; Park, J.H. |publisher=Springer Berlin Heidelberg |pages=208-215 |year=2013 |doi=10.1007/978-3-642-38027-3_22 |isbn=9783642380273}}</ref><ref name="YuCloud12">{{cite journal |title=Cloud computing and security challenges |journal=ACM-SE '12: Proceedings of the 50th Annual Southeast Regional Conference |author=Yu, H.; Powell, N.; Stembridge, D.; Yuan, X. |pages=298-302 |year=2012 |doi=10.1145/2184512.2184581}}</ref><ref name="HeiserAssess08">{{cite web |url=http://www.globalcloudbusiness.com/SharedFiles/Download.aspx?pageid=138&mid=220&fileid=12 |format=PDF |title=Assessing the Security Risks of Cloud Computing |author=Heiser, J.; Nicolett, M. |publisher=Gartner, Inc |pages=6 |date=03 June 2008}}</ref><ref name="GranceGuide11">{{cite book |title=Guidelines on Security and Privacy in Public Cloud Computing |author=Grance, T.; Jansen, W. |publisher=National Institute of Standards and Technology |pages=80 |year=2011 |doi=http://dx.doi.org/10.6028/NIST.SP.800-144}}</ref><ref name="MatherCloud09">{{cite book |title=Cloud Security and Privacy: An Enterprise Perspective on Risks and Compliance |author=Mather, T.; Kumaraswamy, S.; Latif, S. |publisher=O'Reilly Media |pages=338 |year=2009 |url=https://books.google.com/books?id=BHazecOuDLYC |isbn=9780596802769}}</ref> targeting a specific cloud service or a particular kind of the cloud system. Thus there is a need for a more comprehensive classification of security attacks across versatile cloud services at each layer. This paper proposes a multilevel classification of security attacks for different cloud services and their associated risks at cloud layers. It also discusses provision of dynamic security contract for each cloud layer that dynamically decides about security requirements for cloud consumer and provider. | In the literature, there are different classifications of cloud security attacks<ref name="BhadauriaSurv12">{{cite journal |title=Survey on Security Issues in Cloud Computing and Associated Mitigation Techniques |journal=International Journal of Computer Applications |author=Bhadauria, R.; Sanyal, S. |volume=47 |issue=18 |pages=47–66 |year=2012 |doi=10.5120/7292-0578}}</ref><ref name="YeoSec13">{{cite book |chapter=Security Considerations in Cloud Computing Virtualization Environment |title=Grid and Pervasive Computing |author=Yeo, S.-S.; Park, J.H. |publisher=Springer Berlin Heidelberg |pages=208-215 |year=2013 |doi=10.1007/978-3-642-38027-3_22 |isbn=9783642380273}}</ref><ref name="YuCloud12">{{cite journal |title=Cloud computing and security challenges |journal=ACM-SE '12: Proceedings of the 50th Annual Southeast Regional Conference |author=Yu, H.; Powell, N.; Stembridge, D.; Yuan, X. |pages=298-302 |year=2012 |doi=10.1145/2184512.2184581}}</ref><ref name="HeiserAssess08">{{cite web |url=http://www.globalcloudbusiness.com/SharedFiles/Download.aspx?pageid=138&mid=220&fileid=12 |format=PDF |title=Assessing the Security Risks of Cloud Computing |author=Heiser, J.; Nicolett, M. |publisher=Gartner, Inc |pages=6 |date=03 June 2008}}</ref><ref name="GranceGuide11">{{cite book |title=Guidelines on Security and Privacy in Public Cloud Computing |author=Grance, T.; Jansen, W. |publisher=National Institute of Standards and Technology |pages=80 |year=2011 |doi=http://dx.doi.org/10.6028/NIST.SP.800-144}}</ref><ref name="MatherCloud09">{{cite book |title=Cloud Security and Privacy: An Enterprise Perspective on Risks and Compliance |author=Mather, T.; Kumaraswamy, S.; Latif, S. |publisher=O'Reilly Media |pages=338 |year=2009 |url=https://books.google.com/books?id=BHazecOuDLYC |isbn=9780596802769}}</ref> targeting a specific cloud service or a particular kind of the cloud system. Thus there is a need for a more comprehensive classification of security attacks across versatile cloud services at each layer. This paper proposes a multilevel classification of security attacks for different cloud services and their associated risks at cloud layers. It also discusses provision of dynamic security contract for each cloud layer that dynamically decides about security requirements for cloud consumer and provider. | ||
The rest of paper is structured as follows: Section 2 consists of related work. Section 3 presents the proposed multilevel classification of security concerns in cloud computing. Section 4 is based on the dynamic security contract concept. Section 5 concludes the paper. | |||
==2. Related work== | |||
The application softwares at SaaS are provided with a specific license based subscription, pay-as-go.<ref name="AroraCloud12">{{cite journal |title=Cloud Computing Security Issues in Infrastructure as a Service |journal=International Journal of Advanced Research in Computer Science and Software Engineering |author=Arora, P.; Wadhawan, R.C.; Ahuja, E.S.P. |volume=2 |issue=1 |pages=1–7 |year=2012}}</ref> Platform as a Service (PaaS) caters services for operating system, network capacity, storage and multi-tenancy via the Internet. Infrastructure as a service (IaaS) provides utility computing, automation of administrative tasks, dynamic scaling, desktop virtualization, policy-based services, and Internet connectivity. IaaS provides virtual servers with unique IP address and storage pool as required by customers. The concept of infrastructure and hardware layer is mentioned by different researchers. Some authors have suggested that the infrastructure layer offers system software services and hardware layer provides hardware-based services. Infrastructure and hardware layers may be combined due to intrinsic relationship between hardware and software. | |||
In <ref name="BugielAmazon11">{{cite journal |title=AmazonIA: When elasticity snaps back |journal=CCS '11: Proceedings of the 18th ACM Conference on Computer and Communications Security |author=Bugiel, S.; Nurnberger, S.; Poppelmann, T. et al. |pages=389–400 |year=2011 |doi=10.1145/2046707.2046753}}</ref>, security aspects of one of the popular cloud Amazon Elastic Compute Cloud (EC2) have been discussed. It consists of systematic analysis of various crucial vulnerabilities in publicly available Amazon Machine Images (AMIs) and mechanisms to eliminate them. The proposed tool referred to as Amazon Image Attacks (AmazonIA) uses only publicly available interfaces regardless of the underlying cloud infrastructure. As a result of exploiting vulnerabilities and successful attacks, authors are able to extract sensitive information including passwords, and credentials from AMIs. The extracted information can be used to initiate botnets, or create back doors to launch impersonate attacks or access source code of a web service available on AMI. The authors have discussed effects of successful attacks and also the methods to mitigate those attacks. Some research groups have worked on the interfaces of both public and private clouds.<ref name="SomorovskyAllYour11">{{cite journal |title=All your clouds are belong to us: Security analysis of cloud management interfaces |journal=CCSW '11: Proceedings of the 3rd ACM Workshop on Cloud Computing Security Workshop |author=Somorovsky, J.; Heiderich, M.; Jensen, M. et al. |pages=3–14 |year=2011 |doi=10.1145/2046660.2046664}}</ref> The public cloud under their consideration is Amazon, while the private cloud is Eucalyptus. | |||
Authors in <ref name="HussainSEC11">{{cite journal |title=SECaaS: Security as a service for cloud-based applications |journal=KCESS '11" Proceedings of the Second Kuwait Conference on e-Services and e-Systems |author=Hussain, M.; Abdulsalam, H. |pages=8 |year=2011 |doi=10.1145/2107556.2107564}}</ref> consider security as a service for cloud-based applications. The architecture considers the existing services at different levels. It considers user-centric security i.e., users have control over their security permitting them to use security solutions across different clouds. They can subscribe to any security solution provided by any cloud provider and use that particular security solution for their cloud and may also have multiple security solutions for a particular service depending upon its criticality. The multiple security solutions can also be used at different levels. | |||
Authors in <ref name="BugielAmazon11" /> address the security and privacy aspects of real-life cloud deployments, while ignoring the malicious cloud providers or customers. Here authors’ focus is Amazon Elastic Compute Cloud (EC2). They have analyzed the crucial vulnerabilities of Amazon Machine Images (AMIs) through an automated tool and as a result of attack information regarding API Keys, private keys and credentials of publishers were extracted.<ref name="BugielAmazon11" /> Vulnerabilities were discovered in Secure Shell. The extracted information can be further used to create multiple security threats resulting in botnet instances, access of backend services or code of the Web sites through back-doors content. | |||
In <ref name="LabordeToward13">{{cite journal |title=Toward authorization as a service: A study of the XACML standard |journal=CNS '13: Proceedings of the 16th Communications & Networking Symposium |author=Laborde, R.; Barrère, F.; Benzekri, A. |pages=9 |year=2013}}</ref> authors suggest that security should be provided as a service and propose a model for security as service. Security as a service implies that the security applications and services can be provided by a cloud vendor, or cloud consumer or even by a third trust-worthy party. The security service can be in the form of a cloud-based infrastructure or software. The authors have proposed a component based software model in which authorization components can be developed by any party regardless of being a service provider. An eXtensible access control markup language (XACML) decision engine that is composed of a context handler, a policy decision point and a policy administration point, can be furnished by reusable components to augment the security service. By XACML standard attributes of subjects, resources and environments and authorization rules can be defined as Boolean expressions. Thus, these types of security services, which can be managed and altered by cloud customers, are helpful to build trust of cloud customers on cloud systems. | |||
In <ref name="YeoSec13" /> Cloud Computing Open Architecture (CCOA) concept is discussed for clouds in virtual environments. The role and functions of the architecture are discussed according to different infrastructures for IT and business systems. Different types of architectures complicate security management for cloud systems. This architecture provides a solution for different security aspects regarding virtual environments. The authors suggest physical and logical isolation of data instances for each customer to enhance the data privacy and expeditious replication and recovery system. Authorized users based on the role-based access control can access the sensitive data on platforms. To prevent intrusion attacks, cloud service provider blocks the malicious and un-trusted codes enabling digital forensic applications. | |||
Research in <ref name="PearceVirt13">{{cite journal |title=Virtualization: Issues, security threats, and solutions |journal=ACM Computing Surveys |author=Pearce, M.; Zeadally, S.; Hunt, R. |volume=45 |issue=2 |pages=17 |year=2013 |doi=10.1145/2431211.2431216}}</ref> suggests a trusted computing and attestation system for virtual environments. In virtual environments systems are more prone to threats due to the poor computer communication architectures and hidden network channels. These hidden channels can be a risk since many virtualized network channels can be easily observed and hacked. | |||
==3. A multilevel classification of security concerns in cloud computing== | |||
Cloud systems have a layered architecture of different services and control levels for users. Fig. 1 illustrates the classification model of security problems at each layer of the cloud system. SaaS, PaaS and IaaS layers are considered for associated security risks and problems. | |||
[[File:Fig1 Hussain AppliedCompInfo2016.jpg|400px]] | |||
{{clear}} | |||
{| | |||
| STYLE="vertical-align:top;"| | |||
{| border="0" cellpadding="5" cellspacing="0" width="400px" | |||
|- | |||
| style="background-color:white; padding-left:10px; padding-right:10px;"| <blockquote>Figure 1. Classification model of attacks at each layer of the cloud system.</blockquote> | |||
|- | |||
|} | |||
|} | |||
===3.1 Security concerns for Software as a Service (SaaS)=== | |||
SaaS is exposed by attacks on API’s, publishers, web portals and interfaces. The attacks on the SaaS are categorized into two broad groups: attacks on development tools and attacks on management tools. Most popular services on SaaS are web services, web portals and APIs. Intruders’ attempt un-authorized access and gain of services by attacking web portals and APIs. These attacks affect data privacy. Intruders try to extract the sensitive information of API Keys, private keys, and credentials of publishers via different kinds of attacks and automated tools. Another possibility of attack on this layer is exposure of secure shell for extracting key credentials. | |||
====3.1.1. Data protection==== | |||
In cloud computing applications are deployed in shared resource environments; therefore, data privacy is an important aspect. Data privacy has three major challenges: integrity, authorized access and availability (backup/ replication). Data integrity ensures that the data are not corrupted or tampered during communication. Authorized access prevents data from intrusion attacks while backups and replicas allow data access efficiently even in case of a technical fault or disaster at some cloud location. Data are shared and communicated at the common network backbone. Hence malicious attackers or intruders can deploy hidden proxy applications between the cloud provider and consumer to scavenge information of login credentials and session details.<ref name="YuCloud12" /> An intruder can also perform packet sniffing or IP-spoofing as a middle-party and can access and/or alter the restricted or sensitive information. One possible solution for the data privacy in cloud computing is Cisco Secure Data Center Framework that provides multi-layer security mechanism.<ref name="YuCloud12" /> | |||
====3.1.2. Attacks on interfaces==== | |||
A successful attack on the cloud interfaces can result in a root level access of a machine without initiating a direct attack on the cloud infrastructure. Two different kinds of attacks are launched on authentication mechanism of clouds. The control interfaces are vulnerable to signature wrapping and advanced cross site scripting (XSS) techniques. First kind of attack is referred to as signature wrapping attack or XML Signature Wrapping attacks. Single signed SOAP message or X.509 certificate can be used to compromise security of customers? accounts through operations on virtual machines or resetting of passwords. Second type of attacks exploits the vulnerability in XSS. The particular vulnerability attack steals username and password pair information. | |||
====3.1.3. Attacks on SSH (Secure Shell)==== | |||
Attacks on Secure Shell (SSH), the basic mechanism used to establish trust and connection with cloud services, are the most alarming threat that compromises control trust. According to Ponemon 2014 SSH security Vulnerability Report<ref name="PonemonPone14">{{cite web |url=https://www.venafi.com/collateral/wp/ponemon-2014-ssh-security-vulnerability-report |title=Ponemon 2014 SSH Security Vulnerability Report |author=Ponemon, L. |publisher=Venafi |date=2014}}</ref>, 74 percent organizations have no control to provision, rotate, track and remove SSH keys. Cybercriminals take full advantage of these vulnerabilities and use cloud computing to launch different attacks. An organizationś cloud workload can be used host botnets if SSH access has been compromised. Attackers have hosted the Zeus botnet and control infrastructure on Amazon EC2 instances.<ref name="Zeus09">{{cite web |url=https://aws.amazon.com/security/security-bulletins/zeus-botnet-controller/ |title=Zeus Botnet Controller |publisher=Amazon Web Services, Inc |date=12 December 2009}}</ref> The different types of attack on SSH include attacks on API keys, attacks on user credentials, and attacks on publisher credentials. | |||
===3.2. Security concerns for Infrastructure as a Service (IaaS) and Platform as a Service (PaaS)=== | |||
IaaS and PaaS layers are overlapped in the model due to their interdependency on each other. The attacks on these layers are grouped into three types: attacks on cloud services, attacks on virtualization, and attacks on utility computing. The security concerns for IaaS and PaaS are discussed below. | |||
====3.2.1. Hardware virtualization==== | |||
The VMs interconnectivity is the biggest security concern in the designing of cloud computing platform. VMs are linked using bridge and route virtual network configuration modes. The bridge mode works as a virtual hub shared among all the VMs, which may result in sniffing the virtual network by a compromised VM. In the route mode, where route works as a virtual switch, each VM is connected using a dedicated virtual interface. Any network intruder in a LAN segment of a network can access virtual environments by address resolution protocol (ARP) spoofing and MAC spoofing. ARP spoofing alters the ARP tables and management interfaces and systems. On the other hand, an intruder can mimic another host through MAC spoofing and also change address of host or guest Virtual Machine (VM) to gain access of restricted resources.<ref name="PékASurv13">{{cite journal |title=A survey of security issues in hardware virtualization |journal=ACM Computing Surveys |author=Pék, G.; Buttyán, L.; Bencsáth, B. |volume=45 |issue=3 |pages=40 |year=2013 |doi=10.1145/2480741.2480757}}</ref> The attacks and exploitation of virtual environments are very diversified and they will increase in future since platforms are growing in number and complexity. Therefore, a mechanism for detecting attacks along with preventions is necessary. | |||
==References== | ==References== | ||
| Line 40: | Line 89: | ||
==Notes== | ==Notes== | ||
This | This version is faithful to the original, with only a few minor changes to presentation and nothing more, per the "No Derivatives" portion of the original license. However, this means the presentation is not optimal; it contains its original grammar mistakes and original citation method, which fails to reference author names in a traditional manner. (It uses "Authors in [11] consider" instead of "Hussain and Abdulsalam [11] consider", for example.) | ||
However, one unavoidable change comes from the ordering of citations. Unfortunately the original puts citations 14–16 before citation 13 and citation 21 before citations 17–20 for some reason. Because the MediaWiki software automatically puts citations in order of appearance, we can not avoid the differing of citation numbers. (13 is 14 in the original; 14 is 15; 15 is 16; and 16 is 13.) We apologize in advance for this unavoidable change. | |||
<!--Place all category tags here--> | <!--Place all category tags here--> | ||
Revision as of 16:58, 19 July 2016
| Full article title | Multilevel classification of security concerns in cloud computing |
|---|---|
| Journal | Applied Computing and Informatics |
| Author(s) | Hussain, Syed Asad; Fatima, Mehwish; Saeed, Atif; Raza, Imran; Shahzad, Raja Khurram |
| Author affiliation(s) | COMSATS Institute of Information Technology, Lancaster University, Blekinge Institute of Technology |
| Primary contact | Email: asadhussain at ciitlahore dot edu dot pk |
| Year published | 2016 |
| Volume and issue | TBD(TBD) (In Press) |
| Page(s) | TBD (In Press) |
| DOI | 10.1016/j.aci.2016.03.001 |
| ISSN | 2210-8327 |
| Distribution license | Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International |
| Website | http://ojphi.org/ojs/index.php/ojphi/article/view/6096 |
| Download | http://ojphi.org/ojs/index.php/ojphi/article/download/6096/5181 (PDF) |
 |
This article should not be considered complete until this message box has been removed. This is a work in progress. |
Abstract
Threats jeopardize some basic security requirements in a cloud. These threats generally constitute privacy breach, data leakage and unauthorized data access at different cloud layers. This paper presents a novel multilevel classification model of different security attacks across different cloud services at each layer. It also identifies attack types and risk levels associated with different cloud services at these layers. The risks are ranked as low, medium and high. The intensity of these risk levels depends upon the position of cloud layers. The attacks get more severe for lower layers where infrastructure and platform are involved. The intensity of these risk levels is also associated with security requirements of data encryption, multi-tenancy, data privacy, authentication and authorization for different cloud services. The multilevel classification model leads to the provision of dynamic security contract for each cloud layer that dynamically decides about security requirements for cloud consumer and provider.
Keywords: Cloud computing, security, virtualization, SaaS, PaaS, IaaS
1. Introduction
Cloud computing is a broad paradigm based on models for providing services of storage and platform software. Cloud computing concept has emerged from distributed and grid computing domains that are already in use for mail servers, web storage and hosting services. Cloud computing, as defined by NIST, is referred to as: A model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction.[1]
In cloud computing, clouds can be described at different layers, i.e., SaaS (Software as a Service), PaaS (Platform as a Service) and IaaS (Infrastructure as a Service). Although applications for clouds are in development phase, however security requirements for the data and services on the clouds are getting attention of researchers and it has become necessary to consider each layer of a cloud for possible attacks. It is worth noting that cloud computing systems have many advantages; however, large organizations are still hesitant to shift their setups on the cloud mainly due to security issues and risks. Thus, it is important to address the security issues and problems in cloud systems, and to find a solution for the widespread acceptance of these solutions. However, being a new domain, the research on the requirements and issues regarding security of clouds is still in its early stages.
In the literature, there are different classifications of cloud security attacks[2][3][4][5][6][7] targeting a specific cloud service or a particular kind of the cloud system. Thus there is a need for a more comprehensive classification of security attacks across versatile cloud services at each layer. This paper proposes a multilevel classification of security attacks for different cloud services and their associated risks at cloud layers. It also discusses provision of dynamic security contract for each cloud layer that dynamically decides about security requirements for cloud consumer and provider.
The rest of paper is structured as follows: Section 2 consists of related work. Section 3 presents the proposed multilevel classification of security concerns in cloud computing. Section 4 is based on the dynamic security contract concept. Section 5 concludes the paper.
2. Related work
The application softwares at SaaS are provided with a specific license based subscription, pay-as-go.[8] Platform as a Service (PaaS) caters services for operating system, network capacity, storage and multi-tenancy via the Internet. Infrastructure as a service (IaaS) provides utility computing, automation of administrative tasks, dynamic scaling, desktop virtualization, policy-based services, and Internet connectivity. IaaS provides virtual servers with unique IP address and storage pool as required by customers. The concept of infrastructure and hardware layer is mentioned by different researchers. Some authors have suggested that the infrastructure layer offers system software services and hardware layer provides hardware-based services. Infrastructure and hardware layers may be combined due to intrinsic relationship between hardware and software.
In [9], security aspects of one of the popular cloud Amazon Elastic Compute Cloud (EC2) have been discussed. It consists of systematic analysis of various crucial vulnerabilities in publicly available Amazon Machine Images (AMIs) and mechanisms to eliminate them. The proposed tool referred to as Amazon Image Attacks (AmazonIA) uses only publicly available interfaces regardless of the underlying cloud infrastructure. As a result of exploiting vulnerabilities and successful attacks, authors are able to extract sensitive information including passwords, and credentials from AMIs. The extracted information can be used to initiate botnets, or create back doors to launch impersonate attacks or access source code of a web service available on AMI. The authors have discussed effects of successful attacks and also the methods to mitigate those attacks. Some research groups have worked on the interfaces of both public and private clouds.[10] The public cloud under their consideration is Amazon, while the private cloud is Eucalyptus.
Authors in [11] consider security as a service for cloud-based applications. The architecture considers the existing services at different levels. It considers user-centric security i.e., users have control over their security permitting them to use security solutions across different clouds. They can subscribe to any security solution provided by any cloud provider and use that particular security solution for their cloud and may also have multiple security solutions for a particular service depending upon its criticality. The multiple security solutions can also be used at different levels.
Authors in [9] address the security and privacy aspects of real-life cloud deployments, while ignoring the malicious cloud providers or customers. Here authors’ focus is Amazon Elastic Compute Cloud (EC2). They have analyzed the crucial vulnerabilities of Amazon Machine Images (AMIs) through an automated tool and as a result of attack information regarding API Keys, private keys and credentials of publishers were extracted.[9] Vulnerabilities were discovered in Secure Shell. The extracted information can be further used to create multiple security threats resulting in botnet instances, access of backend services or code of the Web sites through back-doors content.
In [12] authors suggest that security should be provided as a service and propose a model for security as service. Security as a service implies that the security applications and services can be provided by a cloud vendor, or cloud consumer or even by a third trust-worthy party. The security service can be in the form of a cloud-based infrastructure or software. The authors have proposed a component based software model in which authorization components can be developed by any party regardless of being a service provider. An eXtensible access control markup language (XACML) decision engine that is composed of a context handler, a policy decision point and a policy administration point, can be furnished by reusable components to augment the security service. By XACML standard attributes of subjects, resources and environments and authorization rules can be defined as Boolean expressions. Thus, these types of security services, which can be managed and altered by cloud customers, are helpful to build trust of cloud customers on cloud systems.
In [3] Cloud Computing Open Architecture (CCOA) concept is discussed for clouds in virtual environments. The role and functions of the architecture are discussed according to different infrastructures for IT and business systems. Different types of architectures complicate security management for cloud systems. This architecture provides a solution for different security aspects regarding virtual environments. The authors suggest physical and logical isolation of data instances for each customer to enhance the data privacy and expeditious replication and recovery system. Authorized users based on the role-based access control can access the sensitive data on platforms. To prevent intrusion attacks, cloud service provider blocks the malicious and un-trusted codes enabling digital forensic applications.
Research in [13] suggests a trusted computing and attestation system for virtual environments. In virtual environments systems are more prone to threats due to the poor computer communication architectures and hidden network channels. These hidden channels can be a risk since many virtualized network channels can be easily observed and hacked.
3. A multilevel classification of security concerns in cloud computing
Cloud systems have a layered architecture of different services and control levels for users. Fig. 1 illustrates the classification model of security problems at each layer of the cloud system. SaaS, PaaS and IaaS layers are considered for associated security risks and problems.
|
3.1 Security concerns for Software as a Service (SaaS)
SaaS is exposed by attacks on API’s, publishers, web portals and interfaces. The attacks on the SaaS are categorized into two broad groups: attacks on development tools and attacks on management tools. Most popular services on SaaS are web services, web portals and APIs. Intruders’ attempt un-authorized access and gain of services by attacking web portals and APIs. These attacks affect data privacy. Intruders try to extract the sensitive information of API Keys, private keys, and credentials of publishers via different kinds of attacks and automated tools. Another possibility of attack on this layer is exposure of secure shell for extracting key credentials.
3.1.1. Data protection
In cloud computing applications are deployed in shared resource environments; therefore, data privacy is an important aspect. Data privacy has three major challenges: integrity, authorized access and availability (backup/ replication). Data integrity ensures that the data are not corrupted or tampered during communication. Authorized access prevents data from intrusion attacks while backups and replicas allow data access efficiently even in case of a technical fault or disaster at some cloud location. Data are shared and communicated at the common network backbone. Hence malicious attackers or intruders can deploy hidden proxy applications between the cloud provider and consumer to scavenge information of login credentials and session details.[4] An intruder can also perform packet sniffing or IP-spoofing as a middle-party and can access and/or alter the restricted or sensitive information. One possible solution for the data privacy in cloud computing is Cisco Secure Data Center Framework that provides multi-layer security mechanism.[4]
3.1.2. Attacks on interfaces
A successful attack on the cloud interfaces can result in a root level access of a machine without initiating a direct attack on the cloud infrastructure. Two different kinds of attacks are launched on authentication mechanism of clouds. The control interfaces are vulnerable to signature wrapping and advanced cross site scripting (XSS) techniques. First kind of attack is referred to as signature wrapping attack or XML Signature Wrapping attacks. Single signed SOAP message or X.509 certificate can be used to compromise security of customers? accounts through operations on virtual machines or resetting of passwords. Second type of attacks exploits the vulnerability in XSS. The particular vulnerability attack steals username and password pair information.
3.1.3. Attacks on SSH (Secure Shell)
Attacks on Secure Shell (SSH), the basic mechanism used to establish trust and connection with cloud services, are the most alarming threat that compromises control trust. According to Ponemon 2014 SSH security Vulnerability Report[14], 74 percent organizations have no control to provision, rotate, track and remove SSH keys. Cybercriminals take full advantage of these vulnerabilities and use cloud computing to launch different attacks. An organizationś cloud workload can be used host botnets if SSH access has been compromised. Attackers have hosted the Zeus botnet and control infrastructure on Amazon EC2 instances.[15] The different types of attack on SSH include attacks on API keys, attacks on user credentials, and attacks on publisher credentials.
3.2. Security concerns for Infrastructure as a Service (IaaS) and Platform as a Service (PaaS)
IaaS and PaaS layers are overlapped in the model due to their interdependency on each other. The attacks on these layers are grouped into three types: attacks on cloud services, attacks on virtualization, and attacks on utility computing. The security concerns for IaaS and PaaS are discussed below.
3.2.1. Hardware virtualization
The VMs interconnectivity is the biggest security concern in the designing of cloud computing platform. VMs are linked using bridge and route virtual network configuration modes. The bridge mode works as a virtual hub shared among all the VMs, which may result in sniffing the virtual network by a compromised VM. In the route mode, where route works as a virtual switch, each VM is connected using a dedicated virtual interface. Any network intruder in a LAN segment of a network can access virtual environments by address resolution protocol (ARP) spoofing and MAC spoofing. ARP spoofing alters the ARP tables and management interfaces and systems. On the other hand, an intruder can mimic another host through MAC spoofing and also change address of host or guest Virtual Machine (VM) to gain access of restricted resources.[16] The attacks and exploitation of virtual environments are very diversified and they will increase in future since platforms are growing in number and complexity. Therefore, a mechanism for detecting attacks along with preventions is necessary.
References
- ↑ Mell, P.; Grance, T. (2011). The NIST Definition of Cloud Computing. National Institute of Standards and Technology. pp. 7. doi:10.6028/NIST.SP.800-145.
- ↑ Bhadauria, R.; Sanyal, S. (2012). "Survey on Security Issues in Cloud Computing and Associated Mitigation Techniques". International Journal of Computer Applications 47 (18): 47–66. doi:10.5120/7292-0578.
- ↑ 3.0 3.1 Yeo, S.-S.; Park, J.H. (2013). "Security Considerations in Cloud Computing Virtualization Environment". Grid and Pervasive Computing. Springer Berlin Heidelberg. pp. 208-215. doi:10.1007/978-3-642-38027-3_22. ISBN 9783642380273.
- ↑ 4.0 4.1 4.2 Yu, H.; Powell, N.; Stembridge, D.; Yuan, X. (2012). "Cloud computing and security challenges". ACM-SE '12: Proceedings of the 50th Annual Southeast Regional Conference: 298-302. doi:10.1145/2184512.2184581.
- ↑ Heiser, J.; Nicolett, M. (3 June 2008). "Assessing the Security Risks of Cloud Computing" (PDF). Gartner, Inc. pp. 6. http://www.globalcloudbusiness.com/SharedFiles/Download.aspx?pageid=138&mid=220&fileid=12.
- ↑ Grance, T.; Jansen, W. (2011). Guidelines on Security and Privacy in Public Cloud Computing. National Institute of Standards and Technology. pp. 80. doi:http://dx.doi.org/10.6028/NIST.SP.800-144.
- ↑ Mather, T.; Kumaraswamy, S.; Latif, S. (2009). Cloud Security and Privacy: An Enterprise Perspective on Risks and Compliance. O'Reilly Media. pp. 338. ISBN 9780596802769. https://books.google.com/books?id=BHazecOuDLYC.
- ↑ Arora, P.; Wadhawan, R.C.; Ahuja, E.S.P. (2012). "Cloud Computing Security Issues in Infrastructure as a Service". International Journal of Advanced Research in Computer Science and Software Engineering 2 (1): 1–7.
- ↑ 9.0 9.1 9.2 Bugiel, S.; Nurnberger, S.; Poppelmann, T. et al. (2011). "AmazonIA: When elasticity snaps back". CCS '11: Proceedings of the 18th ACM Conference on Computer and Communications Security: 389–400. doi:10.1145/2046707.2046753.
- ↑ Somorovsky, J.; Heiderich, M.; Jensen, M. et al. (2011). "All your clouds are belong to us: Security analysis of cloud management interfaces". CCSW '11: Proceedings of the 3rd ACM Workshop on Cloud Computing Security Workshop: 3–14. doi:10.1145/2046660.2046664.
- ↑ Hussain, M.; Abdulsalam, H. (2011). "SECaaS: Security as a service for cloud-based applications". KCESS '11" Proceedings of the Second Kuwait Conference on e-Services and e-Systems: 8. doi:10.1145/2107556.2107564.
- ↑ Laborde, R.; Barrère, F.; Benzekri, A. (2013). "Toward authorization as a service: A study of the XACML standard". CNS '13: Proceedings of the 16th Communications & Networking Symposium: 9.
- ↑ Pearce, M.; Zeadally, S.; Hunt, R. (2013). "Virtualization: Issues, security threats, and solutions". ACM Computing Surveys 45 (2): 17. doi:10.1145/2431211.2431216.
- ↑ Ponemon, L. (2014). "Ponemon 2014 SSH Security Vulnerability Report". Venafi. https://www.venafi.com/collateral/wp/ponemon-2014-ssh-security-vulnerability-report.
- ↑ "Zeus Botnet Controller". Amazon Web Services, Inc. 12 December 2009. https://aws.amazon.com/security/security-bulletins/zeus-botnet-controller/.
- ↑ Pék, G.; Buttyán, L.; Bencsáth, B. (2013). "A survey of security issues in hardware virtualization". ACM Computing Surveys 45 (3): 40. doi:10.1145/2480741.2480757.
Notes
This version is faithful to the original, with only a few minor changes to presentation and nothing more, per the "No Derivatives" portion of the original license. However, this means the presentation is not optimal; it contains its original grammar mistakes and original citation method, which fails to reference author names in a traditional manner. (It uses "Authors in [11] consider" instead of "Hussain and Abdulsalam [11] consider", for example.)
However, one unavoidable change comes from the ordering of citations. Unfortunately the original puts citations 14–16 before citation 13 and citation 21 before citations 17–20 for some reason. Because the MediaWiki software automatically puts citations in order of appearance, we can not avoid the differing of citation numbers. (13 is 14 in the original; 14 is 15; 15 is 16; and 16 is 13.) We apologize in advance for this unavoidable change.
