GR20A3118 -

CLOUD COMPUTING

UNIT – 5

Security in the Cloud

UNIT - 3 PROGRAMMING MODEL 1

UNIT V: Security in the Cloud
 Security Overview ,
 Cloud Security Challenges and Risks,
 Software- asa-Service Security ,
 Security Governance,
 Risk Management,
 Security Monitoring,
 Security Architecture Design,
 Data Security,
 Application Security,
 Virtual Machine Security,
 Identity Management and Access Control,
 Autonomic Security
 Cloud Security

 This unit identifies current security concerns about cloud computing environments
and describes the methodology for ensuring application and data security and
compliance integrity for those resources that are moving from on-premises to
public cloud environments.
 It focuses on why and how these resources should be protected in the Software-as-
a-Service (SaaS), Platform- as-a-Service (PaaS), and Infrastructure-as-a-Service
(IaaS) environments and offers security “best practices” for service providers and
enterprises.
 MAJOR CLOUD COMPUTING SERVICE PROVIDER MODELS.
1.Software-as-a-Service
It is a model of software deployment in which an application is licensed for use as a service
provided to customers on demand
2.Platform-as-a-Service
With the PaaS model, all of the facilities required to support the complete life cycle of building
and delivering web applications and services are available to developers, IT managers, and end
users entirely from the Internet, without software downloads or installation.
3.Infrastructure-as-a-Service
It is the delivery of computer infrastructure as a service. Rather than purchasing servers,
software, data centre space, or network equipment, clients buy these resources as a fully
outsourced service.
 Cloud Security- IT-as-a-Service (ITaaS)
 IT-as-a-Service (ITaaS) is being proposed to bring the service model right to the IT
infrastructure.
 Many organizations are in the process of transforming their IT departments into self-
sustaining cost-center operations, treating internal users as if they were customers.
 Many large IT organizations have adopted the Information Technology Infrastructure
Library (ITIL) framework to help with this transformation.
 The adoption of IT-as-a-Service can help enterprise IT functions focus on strategic
alignment with business goals.
Benefits of IT-as-a-Service (ITaaS)

 There are some key financial benefits in moving to an ITaaS model, such has not having
to incur capital costs; having a transparent, monthly pricing plan; scalability; and
reasonable costs of expansion.
 Operational benefits of ITaaS include increased reliability because of a centralized
infrastructure, which can ensure that critical services and applications are monitored
continually; software flexibility, with centrally maintained products that allow for quick
rollout of new functionalities and updates; and data security.
 Cloud Security Challenges
 With the cloud model, the control over physical security is lost.
 In a public cloud, computing resources are sharing with other companies.
 In a shared pool outside the enterprise, the owner don’t have any knowledge or
control of where the resources run. Simply because of sharing the entire
environment in the cloud, may put the data at risk of seizure.
 Storage services provided by one cloud vendor may be incompatible with another
vendor’s services.
 For instance, Amazon’s “Simple Storage Service” [S3] is incompatible with IBM’s Blue
Cloud, or Google, or Dell.
Cloud Security Challenges…..
 If information is encrypted while passing through the cloud, who controls the
encryption/decryption keys?
 Is it the customer or the cloud vendor?
 It should be ensured that the customer, control encryption/decryption keys, just as
if the data were still resident on the own servers.
 Data integrity means ensuring that data is identically maintained during any operation
(such as transfer, storage, or retrieval).
 Ensuring the integrity of the data really means that it changes only in response
to authorized transactions.
 Choice of development tool should have a security model embedded in it to guide
developers during the development phase and restrict users only to their authorized
data when the system is deployed into production
Cloud Security Challenges…..
 As more and more mission-critical processes are moved to the cloud, SaaS suppliers will
have to provide log data in a real-time, straightforward manner, probably for their
administrators as well as their customers’ personnel.
 Cloud applications undergo constant feature additions, and users must keep up to date
with application improvements to be sure they are protected.
 The speed at which applications will change in the cloud will affect both the SDLC and
security.
 Security needs to move to the data level, so that enterprises can be sure their data is
protected wherever it goes.
 Sensitive data is the domain of the enterprise, not the cloud computing provider.
 One of the key challenges in cloud computing is data-level security.
 Those who adopt cloud computing must remember that it is the responsibility of the data
owner, not the service provider, to secure valuable data.
Cloud Security Challenges…..
 Some countries have strict limits on what data about its citizens can be stored and for
how long, and some banking regulators require that customers’ financial data remain in
their home country.
 Government policy will need to change in response to both the opportunity and the
threats that cloud computing brings.
 This will likely focus on the off-shoring of personal data and protection of privacy,
whether it is data being controlled by a third party or off-shored to another country.
 Security managers will need to work with their company’s legal staff to ensure that
appropriate contract terms are in place to protect corporate data and provide for
acceptable service-level agreements.
 The dynamic and fluid nature of virtual machines will make it difficult to maintain the
consistency of security and ensure the auditability of records.
 Software-as-a-Service Security
 Software as a Service (SaaS) is one of the most widely used cloud service
model that allows the enterprise customers to access applications and data
on demand.
 In this model, enterprise data is stored at the SaaS provider's data center,
along with the data of other enterprises.
 Customers have strong concerns about data breaches, application
vulnerabilities and availability that can lead to financial and legal liabilities.
 There are seven security issues related with this model are most concern.
Software-as-a-Service Security….
There are seven security issues
Privileged user access :
Inquire about who has specialized access to data, and about the hiring and management
of such administrators.
Regulatory compliance :
Make sure that the vendor is willing to undergo external audits and/or security
certifications.
Data location :
Does the provider allow for any control over the location of data?
Data segregation:
Make sure that encryption is available at all stages, and that these encryption schemes
were designed and tested by experienced professionals.
Software-as-a-Service Security….
Recovery
Find out what will happen to data in the case of a disaster. Do they offer complete
restoration? If so, how long would that take?

Investigative support
Does the vendor have the ability to investigate any inappropriate or illegal activity?

Long-term viability
What will happen to data if the company goes out of business? How will data be
returned, and in what format?
Software-as-a-Service Security….

To address the security issues listed above, SaaS providers will need to
incorporate and enhance security practices used by the managed
service providers and develop new ones as the cloud computing
environment evolves.
Security components of the SaaS Model
 Security Governance
 Security governance is the mechanism through which organizations can ensure
effective management of security in the Cloud.
 To address governance, the level of risk and complexity of each cloud deployment
must be taken into consideration.
 Public Cloud has highest risk due to lack of security control, multi-tenancy, data
management, limited SLA and lack of common regulatory controls.
 Private Cloud has least risk due to single ownership and strong shared mission goals
and legal/regulatory requirements.
 Risks in hybrid cloud dependent upon combined models.
 Combination of private/community is lowest risk, while combination of public is
greatest risk.
Security Governance….
 Security Governance Framework can be established with standard quality
management cycle of continuous improvement.
 The outcome of the effective framework would be strategic alignment, value
delivery, risk management and performance measurement.
 A security steering committee should be developed whose objective is to focus on
providing guidance about security initiatives and alignment with business and IT
strategies.
 A charter for the security team is typically one of the first deliverables from the
steering committee.
 This charter must clearly define the roles and responsibilities of the security team
and other groups involved in performing information security functions
Security Governance Framework
By following guidelines, a security governance framework is expected to be
established in the cloud provider’s organization.
a. Start with your people: Awareness must be created among all employees about
significance of security, how it can affect the goodwill of organization and what
they can and must do.
b. Audit compliance: It is required to make a horizontal audit compliance framework
that provides a view across all business units and combines the respective
information streams.
c. Identity and access management (IAM): Insider threats can be overcome by a
strict Identity and Access Management solution that will allow IT managers to track
privileged access to sensitive data and also allow them to assign or revoke these
privileges.
Security Governance Framework

d. Security information and event management (SIEM): Combines security incident

and security event management to ensure a complete view of the organization’s
security posture.
e. Look for guidance but ensure your own security: Cloud Security Alliance (CSA)
provides good security guidance for cloud computing. Use standards as guidance
and develop your own security policies to build security governance framework
f. Governance framework solution: Build a framework by using Business Service
Management (BSM) solution that has drill-down functionality to all IT governance,
risk and compliance (GRC) and security elements.
 Risk Management
 Effective risk management entails identification of technology assets; identification
of data and its links to business processes, applications, and data stores; and
assignment of ownership and custodial responsibilities.
 Actions should also include maintaining a repository of information assets.
 Owners have authority and accountability for information assets including
protection requirements, and custodians implement confidentiality, integrity,
availability, and privacy controls.
 A formal risk assessment process should be created that allocates security
resources linked to business continuity.
 Risk Management
 A formal information security risk management process should proactively assess
information security risks as well as plan and manage them on a periodic or as-
needed basis.
 More detailed and technical security risk assessments in the form of threat
modeling should also be applied to applications and infrastructure.
 It can help the product management and engineering groups to be more proactive
in designing and testing the security of applications and systems and to
collaborate more closely with the internal security team.
 Threat modeling requires both IT and business process knowledge, as well as
technical knowledge of how the applications or systems under review work.
 Security Monitoring
 Centralized security information management systems should be used to provide
notification of security vulnerabilities and to monitor systems continuously
through automated technologies to identify potential issues.
 They should be integrated with network and other systems monitoring processes
(e.g., security information management, security event management, security
information and event management, and security operations centers that use
these systems for dedicated 24/7/365 monitoring).
 Management of periodic, independent third-party security testing should also be
included.
 Security Monitoring
 The types and sophistication of threats and attacks for a SaaS organization require a
different approach to security monitoring than traditional infrastructure and
perimeter monitoring.
 The organization may thus need to expand its security monitoring capabilities to
include application- and data-level activities.
 This may also require subject-matter experts in applications security and the unique
aspects of maintaining privacy in the cloud.
 Without this capability and expertise, a company may be unable to detect and
prevent security threats and attacks to its customer data and service stability.
 Security Architecture Design
 To establish a security architecture framework, we need to consider processes,
operational procedures, technology specifications, people and organizational
management, security governance, security program compliance and reporting.
 A architecture document should be prepared that defines security and privacy
principles to meet business objectives.
 Documentation is required for management controls and metrics specific to asset
classification and control, physical security, system access controls, network and
computer management, application development and maintenance, business
continuity, and compliance.
Security Architecture Design…
 A design and implementation program should also be integrated with the formal system
development life cycle to include a business case, requirements definition, design, and
implementation plans.
 Technology and design methods should be included, as well as the security processes necessary
to provide the following services across all technology layers:
 Authentication
 Authorization
 Availability
 Confidentiality
 Integrity
 Accountability
 Privacy
Security Architecture Design…
 The creation of a secure architecture provides the engineers, data center operations personnel,
and network operations personnel a common blueprint to design, build, and test the security
of the applications and systems.
 Design reviews of new changes can be better assessed against this architecture to assure that
they conform to the principles described in the architecture, allowing for more consistent and
effective design reviews.
 Recently, NIST introduced the security architecture reference model which contains the
responsibilities of security controls throughout the cloud life cycle.
 The level of involvement for each actor in implementing security components is considered for
each environment (service deployment model).
 Architectural Components and Sub-Components are deployed with security characteristics and
technical brokers are assisting to get secure Cloud Service Management.
 Data Security
 Security will need to move to the data level so that enterprises can be sure their data is
protected wherever it goes.
 It can also force encryption of certain types of data, and permit only specified users to access
the data. It can provide compliance with the Payment Card Industry Data Security Standard
(PCIDSS).
 Traditional models of data security have focused on network-centric and perimeter security,
frequently with devices such as firewalls and intrusion detection systems.
 But this approach does not provide sufficient protection against APTs, privileged users, or
other insidious types of security attacks.
 Any data-centric approach must incorporate encryption, key management, strong access
controls, and security intelligence to protect data in the cloud and provide the requisite level of
security.
 Complex Data Security Challenges
There are complex data security challenges in the cloud:
1. The need to protect confidential business, government, or regulatory data Cloud
service models with multiple tenants sharing the same infrastructure
2. Data mobility and legal issues relative to such government rules as the EU Data Privacy
Directive
3. Lack of standards about how cloud service providers securely recycle disk space and
erase existing data
4. Auditing, reporting, and compliance concerns.
5. Loss of visibility to key security and operational intelligence that no longer is available to
feed enterprise IT security intelligence and risk management
 Data Security Implementation

 By implementing a layered approach that includes these critical elements,

organizations can improve their security posture more effectively and
efficiently.
 The strategy should incorporate a blueprint approach that addresses
compliance requirements and actual security threats.
 Best practices should include securing sensitive data, establishing appropriate
separation of duties between IT operations and IT security, ensuring that the
use of cloud data conforms to existing enterprise policies, as well as strong key
management and strict access policies.
 Protecting the data
Protecting the data in the cloud is also done by implementing:
1. Access control lists to define the permissions attached to the data objects
2. Storage encryption to protect against unauthorized access at the data center
(especially by malicious IT staff)
3. Transport level encryption to protect data when it is transmitted
4. Firewalls to include web application firewalls to protect against outside attacks
launched against the data center
5. Hardening of the servers to protect against known, and unknown, vulnerabilities
in the operating system and software
6. Physical security to protect against unauthorized physical access to data
 Application Security
 Cloud providers ensure that applications available as a service via the cloud (SaaS) are
secure by specifying, designing, implementing, testing and maintaining appropriate
application security measures in the production environment.
 This is where the security features and requirements are defined and application security
test results are reviewed.
 Application security processes, secure coding guidelines, training, and testing scripts and
tools are typically a collaborative effort between the security and the development team.
 External penetration testers are used for application source code reviews, and attack and
penetration tests provide an objective review of the security of the application as well as
assurance to customers that attack and penetration tests are performed regularly.
.
Application Security…

 Since many connections between companies and their SaaS providers are through the
web, providers should secure their web applications by following Open Web
Application Security Project (OWASP) guidelines for secure application development
and locking down ports and unnecessary commands on Linux, Apache, MySQL, and
PHP (LAMP) stacks in the cloud, just as you would on- premises
 LAMP is an open-source web development platform, also called a web stack that uses
Linux as the operating system, Apache as the web server, MySQL as the relational
database management system RDBMS, and PHP as the object-oriented scripting
language.
 Perl or Python is often substituted for PHP.
Application Security Risks…
The following security risks within the application and business environment is critical for
addressing the full scope of security and privacy issues
Loss of governance :– Because the organization may not have direct control of the infrastructure,
trust in the provider and its own ability to provide proper security is paramount
Compliance risk :– The cloud provider impacts the organization's ability to comply with regulations,
privacy expectations and industry standards, because data and systems may exist outside the
organization's direct control.
Isolation failure :– Multi-tenancy and resource sharing are defining characteristics of the cloud. It is
entirely possible for competing companies to be using the same cloud services, in effect running
their workloads shoulder-to-shoulder. Keeping memory, storage and network access separate is
essential.
Data protection:– Because the organization relinquishes direct control over data, it relies on the
provider to keep that data secure, and when it is deleted, ensure that it is permanently destroyed.
Management interface and role-based access:– Cloud applications are accessed and managed
through the Internet, and involve deep and extensive control. The risk associated with a security
breach is therefore increased and proper access authorization must be carefully considered.
 Virtual Machine Security
 Firewalls, intrusion detection and prevention, integrity monitoring, and log inspection can all be
deployed as software on virtual machines to increase protection and maintain compliance integrity of
servers and applications as virtual resources move from on-premises to public cloud environments.
 To facilitate the centralized management of a server firewall policy, the security software loaded onto
a virtual machine should include a bidirectional stateful firewall that enables virtual machine isolation
and location awareness, thereby enabling a tightened policy and the flexibility to move the virtual
machine from on-premises to cloud resources.
 Integrity monitoring and log inspection software must be applied at the virtual machine level.
 The security issues related with
 managing images,
 virtual machine monitoring,
 networking,
 integrity, confidentiality, privacy and availability
Virtual Machine Security : Managing images
 VMs images contain information of files, processes and memory blocks of the guest OS.
 Images are kept in offline at an image repository.
 Even in offline, they are vulnerable to the theft and code injection.
 The administrator of image repository risks hosting and distributing malicious images.
 Images should converge to a steady state by performing scans for worms and other
virus.
 Otherwise infected VMs can sporadically disseminate malware. Another issue is VM
sprawl, it is the possibility of having the number of VMs continuously growing while
most of them are idle or never back sleep in turn wasting resources.
 A cloud user risks running vulnerable, malicious, out-of-date/unlicensed images stored
at insecure, un administrated repository.
Virtual Machine Security : Monitoring VMs
 One of the VMM vulnerability is, VM escape refers to the case of gaining access of
VMM through a VM, which is capable of attacking VMs monitored by the same VMM.
 In the virtualization environment, one could be capable of gaining access to VMMs or
VMs.
 Hyper VM was once exploited without the knowledge of the provider, resulting in the
destruction of many websites.
 The ease of cloning and distributing VMs throughout cloud servers can propagate
errors and make raise to other vulnerabilities.
Virtual Machine Security : Networking
 Vulnerabilities in the DNS servers affect cloud.
 Incorrect virtualization may allow the user to access the sensitive portions of the
underlying infrastructure, disclosing sensitive knowledge of the real network or
resources from other users.
 Virtualization software may also have vulnerabilities that enable network based VM
attacks.
 VMs are likely to be copied or moved to other servers via network links, enabling quick
deployments, but also quick spread of vulnerable configurations and images theft.
 A template image may retain original owner information may leak sensitive information
like secret key cryptographic salt values.
Virtual Machine Security : Integrity, Confidentiality and
Privacy

 VM hopping is a term used to refer malicious gain of access to another VM belonging to

a different cloud user, which may happen due to VMM isolation failure.
 Thus integrity, confidentiality and privacy properties are compromised by such attacks.
By exploiting VM relocation, one can gain the access to get plain text passwords in
memory dumps of VM.
 The availability is also compromised because attacker can stop the services or ruin boot
configurations so that VMs fixed.
 Identity management and access control
 Most of the organizations are advancing towards the cloud-based
environment.
 They are transferring their work either on the private or public cloud platforms
through various vendors.
 But sometimes it is a challenging task for all the companies to keep the data
safe and secure in the cloud.
 In the current scenario, the customer needs to face each program anywhere
either on-premises or in the cloud.
What is Identity Access Management in Cloud
Computing
 The concept of identity in the cloud can refer to many things, but for the
purpose of this discussion, we will focus on two main entities:
1.users
2.cloud resources.
 IAM policies are sets of permission policies that can be attached to either
users or cloud resources to authorize what they access and what they can
do with it.
 Roles of Identity Access Management (IAM) in Cloud
Security
 IAM is crucial to protecting sensitive enterprise systems, assets, and information from
unauthorized access or use.
 This represents the systematic management of any single identity and provides
authentication, authorization, privileges, and roles of the enterprise boundaries.
 The primary goal is to upgrade security and productivity by decreasing the total cost,
repetitive tasks, and system downtime.
 Identity access management in cloud computing covers all types of users who can work
with defined devices under unlike circumstances.
 In a cloud system, the storage and processing of data are performed by organizations or
with the help of third-party vendors.
Roles of Identity Access Management (IAM) in Cloud
Security
 The service provider has to ensure that data and applications stored in the cloud are
protected as well as the infrastructure is an insecure environment.
 Further, users need to verify that their credentials for authentication are secure.
 There are many security issues that compromise data in the process of data access and
storage in the cloud environment, especially in the case of data storage with the help of
third-party vendors who themselves may be a malicious attacker.
 Though standards and best practices are available for overcoming such security
problems, cloud service providers are reluctant in securing their network with the
updated set of security standards
Roles of Identity Access Management (IAM) in Cloud
Security
 Identity and access management is one of the best practices to measure cloud services.
 Presently, Identity and Access Management (IAM) provides effective security for cloud
systems.
 IAM systems perform different operations for providing security in the cloud environment
that includes authentication, authorization, and provisioning of storage and verification.
 IAM system guarantees the security of identities and attributes of cloud users by ensuring
that the right persons are allowed in the cloud systems.
 IAM systems also help to manage access rights by checking if the right person with the
right privileges is accessing information that is stored in cloud systems.
 Currently, many organizations use Identity and Access Management systems to provide
more security for sensitive information that is stored in the cloud environment.
 Autonomic security
 It refers to the self-managing characteristics of distributed computing resources.
 The autonomic system framework is composed of autonomic components (AC) interacting
with each other AC can be modeled in terms of two main control loops (local and global) with
sensors (for self- monitoring), effectors (for self-adjustment), knowledge and planner/adapter
for exploiting policies based on self- and environment awareness.
 Autonomic security incorporates about its security vulnerabilities in the system consideration
for better security system.
 It uses security policies/guidelines in the database programming, software and hardware.
 Immutable Service Containers (ISC) is introduced by Sun Solaris which is a architectural
deployment pattern used to describe a foundation for highly secure service delivery.
 One services per container is to configured and deployed.