Presentation is loading. Please wait.

Presentation is loading. Please wait.

Lecture 20: Cloud Security

Published byBriana Atkinson Modified over 6 years ago

Similar presentations

Presentation on theme: "Lecture 20: Cloud Security"— Presentation transcript:

1 Lecture 20: Cloud Security
COSC6376 Cloud Computing Lecture 20: Cloud Security Instructor: Weidong Shi (Larry), PhD Computer Science Department University of Houston

2 Outline Cloud security Customer’s fears Threat model

3 Reading Assignment

4 Cloud security The cloud acts as a big black box, nothing inside is visible to the clients Clients have no idea or control over what happens inside a cloud Even if the cloud provider is honest, it can have malicious system admins who can tamper with the VMs violate confidentiality and integrity Clouds are still subject to traditional data confidentiality, integrity, availability, and privacy issues, plus some additional attacks

5 High-level cloud security concerns
Less Control Many companies and governments are uncomfortable with the idea of their information located on systems they do not control. Providers must offer a high degree of security transparency to help put customers at ease. Data Security Migrating workloads to a shared network and compute infrastructure increases the potential for unauthorized exposure. Authentication and access technologies become increasingly important. Reliability High availability will be a key concern. IT departments will worry about a loss of service should outages occur. Mission critical applications may not run in the cloud without strong availability guarantees. Security Management Providers must supply easy, visual controls to manage firewall and security settings for applications and runtime environments in the cloud. Compliance Complying with HIPPA and other regulations may prohibit the use of clouds for some applications. Comprehensive auditing capabilities are essential. 5 5 5

6 Customer concerns “I am nervous about someone else controlling my data” “My data is on the same disks as data from other users. If another customer’s data is raided by FBI, could mine go with it?” “I am not willing to say that the copy of the data in the cloud is the only copy I’ve got” “I am fearful of vendor lock-in” “I am still responsible for demonstrating compliance” “I don’t know where my data is stored – in which country?” “I don’t understand how my data is kept separate from others” “I don’t see how I recover my data in case of a disaster” “I want to investigate any illegal activity over my data” “I want to ensure my data is available when I need it”

7 Cloud security breach examples
Google Doc allowed shared permission without user knowledge id=2ef115be2ce4fd0e&hl=en Salesforce.com phishing attack led to leak of a customer list; subsequent attacks com_acknowledges_dat.html Vasrev.com Webhost hack wipes out data for 100,000 sites Twitter company files leaked in Cloud Computing security failure files-leaked-in-cloud-computing-security-failure/ DDoS attack that downed Twitter also hit Facebook

8 Companies are still afraid to use clouds
[Chow09ccsw]

9 Causes of problems associated with cloud computing
Most security problems stem from: Loss of control Lack of trust (mechanisms) Multi-tenancy These problems exist mainly in 3rd party management models Self-managed clouds still have security issues, but not related to above 9

10 Loss of control in the cloud
Consumer’s loss of control Data, applications, resources are located with provider User identity management is handled by the cloud User access control rules, security policies and enforcement are managed by the cloud provider Consumer relies on provider to ensure Data security and privacy Resource availability Monitoring and repairing of services/resources

11 Lack of trust in the cloud
Trusting a third party requires taking risks Defining trust and risk Opposite sides of the same coin (J. Camp) People only trust when it pays (Economist’s view) Need for trust arises only in risky situations Defunct third party management schemes Hard to balance trust and risk

12 Multi-tenancy issues in the cloud
Conflict between tenants’ opposing goals Tenants share a pool of resources and have opposing goals How to provide separation between tenants? Cloud Computing brings new threats Multiple independent users share the same physical infrastructure Thus an attacker can legitimately be in the same physical machine as the target

13 Taxonomy of fear Confidentiality Integrity
Fear of loss of control over data Will the sensitive data stored on a cloud remain confidential? Will cloud compromises leak confidential client data Will the cloud provider itself be honest and won’t peek into the data? Integrity How do I know that the cloud provider is doing the computations correctly? How do I ensure that the cloud provider really stored my data without tampering with it? From [5]

14 Taxonomy of fear Availability
Will critical systems go down at the client, if the provider is attacked in a Denial of Service attack? What happens if cloud provider goes out of business? Would cloud scale well-enough? Often-voiced concern Although cloud providers argue their downtime compares well with cloud user’s own data centers From [5]

15 Taxonomy of fear Privacy issues raised via massive data mining
Cloud now stores data from a lot of clients, and can run data mining algorithms to get large amounts of information on clients Increased attack surface Entity outside the organization now stores and computes data, and so Attackers can now target the communication link between cloud provider and client Cloud provider employees can be phished From [5]

16 Taxonomy of fear Auditability and forensics (out of control of data)
Difficult to audit data held outside organization in a cloud Forensics also made difficult since now clients don’t maintain data locally Legal quagmire and transitive trust issues Who is responsible for complying with regulations? e.g., SOX, HIPAA? If cloud provider subcontracts to third party clouds, will the data still be secure? From [5]

17 Taxonomy of fear Cloud Computing is a security nightmare and it can't be handled in traditional ways. John Chambers CISCO CEO Security is one of the most difficult task to implement in cloud computing. Different forms of attacks in the application side and in the hardware components Attacks with catastrophic effects only needs one security flaw (

18 Threats, vulnerabilities, and enemies
Objective Learn the cloud computing threat model by examining the assets, vulnerabilities, entry points, and actors in a cloud Technique Apply different threat modeling schemes

19 Threat model A threat model helps in analyzing a security problem, design mitigation strategies, and evaluate solutions Steps: Identify attackers, assets, threats and other components Rank the threats Choose mitigation strategies Build solutions based on the strategies

20 Threat model Basic components Attacker modeling
Choose what attacker to consider Attacker motivation and capabilities Assets / potentially attacked targets Vulnerabilities / threats

21 Recall: cloud computing stack

22 Recall: Cloud Architecture
SaaS / PaaS Provider Client Cloud Provider (IaaS)

23 Attackers

24 Who is the attacker? Insider? Outsider? Malicious employees at client
Malicious employees at Cloud provider Cloud provider itself Outsider? Intruders Network attackers?

25 Attacker capability: malicious insiders
At client Learn passwords/authentication information Gain control of the VMs At cloud provider Log client communication

26 Attacker capability: cloud provider
What can the attacker do? Can read unencrypted data Can possibly peek into VMs, or make copies of VMs Can monitor network communication, application patterns

27 Attacker motivation: cloud provider
Why? Gain information about client data Gain information on client behavior Use the information to improve services Sell the information to gain financial benefits

28 Attacker capability: outside attacker
What can the attacker do? Listen to network traffic (passive) Insert malicious traffic (active) Probe cloud structure (active) Launch DoS

29 Attacker goals: outside attackers
Intrusion Network analysis (network security) Man in the middle: public key example

30 Assets – targets under attack

31 Assets Confidentiality: Data stored in the cloud
Configuration of VMs running on the cloud Identity of the cloud users Location of the VMs running client code

32 Assets Integrity Data stored in the cloud
Computations performed on the cloud

33 Assets Availability Cloud infrastructure SaaS / PaaS

34 Threats – methods doing attacks

35 Organizing the threats using STRIDE
Spoofing identity Tampering with data Repudiation (refuse to do with, dispute) Information disclosure Denial of service Escalation of privilege

36 Spoofing identity Illegally obtaining access and use of another person’s authentication information Man in the middle URL phishing address spoofing ( spam)

37 Tampering with data Malicious modification of the data
Often hard and costly to detect you might not find the modified data until some time has passed; once you find one tampered item, you’ll have to thoroughly check all the other data on your systems

38 Repudiation A legitimate transaction will be disowned by one of the participants You sign a document first; and refused to confirm the signature Need a trusted third party to mitigate

39 Information/data disclosure
An attacker can gain access, without permission, to data that the owner doesn’t want him or her to have.

40 Denial of service An explicit attempt to prevent legitimate users from using a service or system. It involves the overuse of legitimate resources. You can stop all such attacks by removing the resource used by the attacker, but then real users can’t use the resource either.

41 Escalation of privilege
An unprivileged user gains privileged access. E.g. unprivileged user who contrives a way to be added to the Administrators group

42 Typical threats Mitigation technique Threat type Spoofing identity
Authentication Protect secrets Do not store secrets Tampering with data Authorization Hashes Message authentication codes Digital signatures Tamper-resistant protocols Repudiation Audit trails [STRIDE]

43 Typical threats (contd.)
Threat type Mitigation technique Information disclosure Authorization Privacy-enhanced protocols Encryption Protect secrets Do not store secrets Denial of service Authentication Filtering Throttling Quality of service Escalation of privilege Run with least privilege [STRIDE]

44 Threat tree

45 References Doc Shankar. Security Implications of Cloud Computing
Bharat Bhargava, Anya Kim, YounSun Cho. Research in Cloud Security and Privacy

Download ppt "Lecture 20: Cloud Security"

Similar presentations

Security by Design A Prequel for COMPSCI 702. Perspective “Any fool can know. The point is to understand.” - Albert Einstein “Sometimes it's not enough.

Security by Design A Prequel for COMPSCI 702. Perspective “Any fool can know. The point is to understand.” - Albert Einstein “Sometimes it's not enough.
Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.

Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.
Ragib Hasan University of Alabama at Birmingham CS 491/691/791 Fall 2012 Lecture 2 08/21/2012 Security and Privacy in Cloud Computing.

Ragib Hasan University of Alabama at Birmingham CS 491/691/791 Fall 2012 Lecture 2 08/21/2012 Security and Privacy in Cloud Computing.
Ragib Hasan Johns Hopkins University en.600.412 Spring 2011 Lecture 3 02/14/2010 Security and Privacy in Cloud Computing.

Ragib Hasan Johns Hopkins University en Spring 2011 Lecture 3 02/14/2010 Security and Privacy in Cloud Computing.
Ragib Hasan Johns Hopkins University en.600.412 Spring 2010 Lecture 1 01/25/2010 Security and Privacy in Cloud Computing.

Ragib Hasan Johns Hopkins University en Spring 2010 Lecture 1 01/25/2010 Security and Privacy in Cloud Computing.
Security Issues and Challenges in Cloud Computing

Security Issues and Challenges in Cloud Computing
CSA 223 network and web security Chapter one

CSA 223 network and web security Chapter one
Security+ Guide to Network Security Fundamentals

Security+ Guide to Network Security Fundamentals
1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.

1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.
Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.

Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.
Bharat Bhargava Computer Science Purdue University Research in Cloud Computing YounSun Cho Computer Science Purdue.

Bharat Bhargava Computer Science Purdue University Research in Cloud Computing YounSun Cho Computer Science Purdue.
Ragib Hasan Johns Hopkins University en.600.412 Spring 2010 Lecture 5 03/08/2010 Security and Privacy in Cloud Computing.

Ragib Hasan Johns Hopkins University en Spring 2010 Lecture 5 03/08/2010 Security and Privacy in Cloud Computing.
Ragib Hasan Johns Hopkins University en.600.412 Spring 2011 Lecture 1 01/31/2011 Security and Privacy in Cloud Computing.

Ragib Hasan Johns Hopkins University en Spring 2011 Lecture 1 01/31/2011 Security and Privacy in Cloud Computing.
1 An Overview of Computer Security computer security.

1 An Overview of Computer Security computer security.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
CLOUD PRIVACY AND SECURITY CS 595 LECTURE 15 4/15/2015.

CLOUD PRIVACY AND SECURITY CS 595 LECTURE 15 4/15/2015.
Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.

Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.
Cloud Computing Stuart Dillon-Roberts. “In the simplest terms, cloud computing means storing & accessing data & programs over the Internet instead of.

Cloud Computing Stuart Dillon-Roberts. “In the simplest terms, cloud computing means storing & accessing data & programs over the Internet instead of.
Threat Modeling for Cloud Computing (some slides are borrowed from Dr. Ragib Hasan) Keke Chen 1.

Threat Modeling for Cloud Computing (some slides are borrowed from Dr. Ragib Hasan) Keke Chen 1.

Similar presentations

Ads by Google