Security Issues in Cloud Computing

Outline
Cloud Computing
Security Major Concern
Physical Layer Security
Network Level Security
Virtualization level Security
Management level Security
General Issues
Cloud Computing
• Cloud computing providing unlimited infrastructure to
store and execute customer data and program. As
customers you do not need to own the infrastructure, they
are merely accessing or renting, they can forego capital
expenditure and consume resources as a service, paying
instead for what they use.
Benefits of Cloud Computing :
• Minimized Capital expenditure
• Location and Device independence
• Utilization and efficiency improvement
• Very high Scalability
• High Computing power
Security a major Concern
 Security concerns arising because both customer data and
program are residing in Provider Premises.

 Security is always a major concern in Open System

Architectures

Customer
Data

Customer
Customer
Code

Provider Premises
Security Is the Major Challenge
Dangers and Vulnerabilities
Security is to save data and program from danger and vulnerability

Dangers
 
• Disrupts Services.
• Theft of Information.
• Loss of Privacy.
• Damage information.
 
Vulnerabilities
 
• Hostile Program.
• Hostile people giving instructions to good programs.
• Bad guys corrupting or eavesdropping on communications
Common Security Requirements
Security at Different Levels
We need Security at following levels:

 Server access security

 Internet access security
 Database access security
 Data privacy security
 Program access Security
Dealing with Network and Physical
Layer!!!
Network
Layer2(Host To
Cloud)

Node X Node Y

Physical Layer 1 Physical Layer 2

Network Layer 1(Within

cloud)
Research Questions
At a Broad level,
Two major Questions are:

How much secure is the Data?

How much secure is the Code?

We need to answer following
Questions…
What is Data Security at Physical Layer?
What is Data Security at Network Layer?
What about investigation Support?
How much safe is data from Natural disaster?
How much trusted is Encryption scheme of Service
Provider?
How much safe is data from Natural
disaster?

Data can be redundantly store in multiple physical

location.

Physical location should be distributed across world.

Data centre Security?
• Professional Security staff utilizing video surveillance, state of
the art intrusion detection systems, and other electronic means.

• When an employee no longer has a business need to access

datacenter his privileges to access datacenter should be
immediately revoked.

• All physical and electronic access to data centers by employees

should be logged and audited routinely.

• Audit tools so that users can easily determine how their data is
stored, protected, used, and verify policy enforcement.
Data Location
 When user use the cloud, user probably won't know exactly where your
data is hosted, what country it will be stored in?
 Data should be stored and processed only in specific jurisdictions as
define by user.
 Provider should also make a contractual commitment to obey local
privacy requirements on behalf of their customers,
 Data-centered policies that are generated when a user provides personal
or sensitive information, that travels with that information throughout
its lifetime to ensure that the information is used only in accordance
with the policy

Data
Policies
Backups of Data
 Data store in database of provider should be redundantly
store in multiple physical location.

 Data that is generated during running of program on

instances is all customer data and therefore provider should
not perform backups.

 Control of Administrator on Databases.

Data Sanitization
 Sanitization is the process of removing sensitive
information from a storage device.
 What happens to data stored in a cloud computing
environment once it has passed its user’s “use by date”
 What data sanitization practices does the cloud computing
service provider propose to implement for redundant and
retiring data storage devices as and when these devices are
retired or taken out of service.
Host Security Issues
• The host running the job, the job may well be a virus or a worm which
can destroy the system
• From malicious users

• Solution: A trusted set of users is defined through the distribution of

digital certification, passwords, keys etc. and then access control
policies are defined to allow the trusted users to access the resources of
the hosts.
 Some virus and worm create--
 Job Starvation Issue : where one job takes up a huge
amount of resource resulting in a resource starvation for the
other jobs.

 Solutions:
 Advanced reservations of resources
 priority reduction
Information Security
 Security related to the information exchanged between different hosts
or between hosts and users.
 This issues pertaining to secure communication, authentication, and
issues concerning single sign on and delegation.
 Secure communication issues include those security concerns that arise
during the communication between two entities.
 These include confidentiality and integrity issues. Confidentiality
indicates that all data sent by users should be accessible to only
“legitimate” receivers, and integrity indicates that all data received
should only be sent/modified by “legitimate” senders.
 Solution: public key encryption, X.509 certificates, and the Secure
Sockets Layer (SSL) enables secure authentication and communication
over computer networks.
Network Security

• Denial of Service: where servers and networks are brought

down by a huge amount of network traffic and users are denied
the access to a certain Internet based service.
• Like DNS Hacking, Routing Table “Poisoning”, XDoS attacks
• QoS Violation : through congestion, delaying or dropping
packets, or through resource hacking.
• Man in the Middle Attack: To overcome it always use SSL

• IP Spoofing: Spoofing is the creation of TCP/IP packets using

somebody else's IP address.
• Solution: Infrastructure will not permit an instance to send
traffic with a source IP or MAC address other than its own.
 Port Scanning:
 If the customer configures the security group to allow traffic
from any source to a specific port, then that specific port will be
vulnerable to a port scan.
 When Port scanning is detected it should be stopped and
blocked.
 ARP Cache Attack: To find out the MAC address associated
with a particular IP address, a computer simply sends an ARP
request broadcast.
 an attacker sitting on the same Ethernet network (i.e., LAN), can
easily sniff the network traffic of a victim on his Ethernet
network by sending spoofed ARP messages to the victim.
Security Issues from Virtualization
• Type of virtualization provider is using- ParaVirtualization
or full system virtualization.

• Instance Isolation: ensuring that Different instances running

on the same physical machine are isolated from each other.
• Control of Administrator on Host O/s and Guest o/s.
• Current VMMs do not offer perfect isolation: Many bugs
have been found in all popular VMMs that allow to escape
from VM!
• Virtual machine monitor should be ‘root secure’, meaning
that no level of privilege within the virtualized guest
environment permits interference with the host system.
Vulnerability in Virtualization
Some vulnerabilities have been found in all virtualization software, which
can be exploited by malicious, local users to bypass certain security
restrictions or gain escalated privileges. For ex.

• The vulnerability in Microsoft Virtual PC and Microsoft Virtual Server

could allow a guest operating system user to run code on the host or
another guest operating system.(Vulnerability in Virtual PC and
Virtual Server Could Allow Elevation of Privilege )
• A vulnerability was found in VMware's shared folders mechanism that
grants users of a Guest system read and write access to any portion of
the Host's file system including the system folder and other security-
sensitive files.
• A vulnerability in Xen is caused due to an input validation error in
tools/pygrub/src/GrubConf.py. This can be exploited by "root" users of
a guest domain to execute arbitrary commands in domain 0 via
specially crafted entries in grub.conf when the guest system is booted.
Risk Prevention In VMM
VMM Should support following properties:

• Isolation :Software running in a virtual machine cannot access or

modify the software running in the VMM or in a separate VM.
• Inspection: The VMM has access to all the state of a virtual
machine: CPU state (e.g. registers), all memory, and all I/O device
state such as the contents of storage devices and register state of
I/O controllers. So that VMM can monitor VM.
• Interposition: Fundamentally, VMMs need to interpose on
certain virtual machine operations (e.g. executing privileged
instructions). For ex. if the code running in the VM attempts to
modify a given register.
We need Anti –Virus layer to help control
and protect:

- Memory and CPU

- Networking
- Process execution
control
- Storage
• Management Related Issues:
Management is important as the cloud is heterogeneous
in nature and may consist of multiple entities,
components, users, domains, policies, and stake holders.
• Credential Management:Credential management
systems store and manage the credentials for a variety of
systems and users can access them according to their
needs.
• Secure and safe storage of credentials is equally
important.
How secure is encryption Scheme
 Is it possible for all of my data to be fully encrypted?
 What algorithms are used?
 Who holds, maintains and issues the keys?
Problem:
 Encryption accidents can make data totally unusable.
 Encryption can complicate availability
Solution
 The cloud provider should provide evidence that encryption
schemes were designed and tested by experienced
specialists.
Investigative Support
 Investigating inappropriate or illegal activity may be
difficult in cloud computing because
-- logging and data for multiple customers may be co-located
-- may also be geographically spread across an ever-changing
set of hosts and data centers.
Solution: get a contractual commitment to support specific
forms of investigation, along with evidence that the vendor
has already successfully supported such activities.
How to ensure Users that both
Data and Code are safe?
 Very hard for the customer to actually verify the currently
implemented security practices and initiatives of a cloud
computing service provider because the customer generally
has no access to the provider’s facility which can be
comprised of multiple facilities spread around the globe.

Solution:
 Provider should get some standard certificate from some
governing or standardized institution that ensure users that
provider has established adequate internal control and these
control are operating efficiently.
Questions???