Download presentation
Presentation is loading. Please wait.
Published byPreston O’Neal’ Modified over 9 years ago
2
Overview Abstract Vulnerability: An Overview Cloud Computing Cloud-Specific Vulnerabilities Architectural Components and Vulnerabilities Conclusion
3
Abstract Blog News Gmail Amazon Google Map Cloud Computing Plurk Facebook Twitter
4
Vulnerability: An Overview ISO 27005 defines risk as “the potential that a given threat will exploit vulnerabilities of an asset or group of assets and thereby cause harm to the organization” EX:DB Server SQL injection EX:Sony PSN
5
Vulnerability: An Overview Defining Vulnerability According to the Open Group’s risk taxonomy, Vulnerability is the probability that an asset will be unable to resist the actions of a threat agent. EX: Intranet V.S. Extranet
6
Cloud Computing Core Cloud Computing Technologies
7
Cloud Computing Essential Characteristics of Cloud Computing (NIST) description On-demand self-service. Ubiquitous network access. Resource pooling. Rapid elasticity. Measured service.
8
Cloud-Specific Vulnerabilities Core-Technology Vulnerabilities virtual machine escape EX:VM attack session riding and hijacking EX: Cross-site Request Forgery insecure or obsolete cryptography. EX:Password attack
9
Cloud-Specific Vulnerabilities Essential Cloud Characteristic Vulnerabilities Unauthorized access to management interface. EX: Azure management Internet protocol vulnerabilities. EX: Scan Host Protocol Data recovery vulnerability. EX: Natural disasters Metering and billing evasion. EX: Pay Money
10
Cloud-Specific Vulnerabilities Defects in Known Security Controls - IaaS virtualized networks offer insufficient network-based controls. EX: vulnerability scanning is invalid poor key management procedures. EX: many different kinds of keys security metrics aren’t adapted to cloud infrastructures. EX: cloud customers can’t monitor resources
11
Architectural Components and Vulnerabilities
12
Cloud Software Infrastructure and Environment - PaaS a development and runtime environment EX: more supported languages; storage services EX: database interface communication infrastructure EX: Azure AppFabric Service Bus
13
Architectural Components and Vulnerabilities Computational Resources concerns how virtual machine images are handled EX: VM is not a Free Resources EX: image can be taken from an untrustworthy source
14
Architectural Components and Vulnerabilities Storage obsolete cryptography and poor key management EX: physical disk destruction can’t be carried out
15
Architectural Components and Vulnerabilities Communication vulnerabilities of shared network infrastructure components
16
Architectural Components and Vulnerabilities Cloud Web Applications an application component operated somewhere in the cloud. a browser component running within the user’s browser. EX: session riding and hijacking vulnerabilities and injection vulnerabilities.
17
Architectural Components and Vulnerabilities Services and APIs application URL would only give the user a browser component
18
Architectural Components and Vulnerabilities Management Access management access is often realized using a Web application or service
19
Architectural Components and Vulnerabilities Identity, Authentication, Authorization, and Auditing Mechanisms Denial of service by account lockout. EX: Lock Account Weak credential-reset mechanisms. EX: not using federated authentication Insufficient or faulty authorization checks. EX: root cause of URL-guessing attacks Coarse authorization control. EX: duty separation Insufficient logging and monitoring possibilities. EX: no standards to logging and monitoring
20
Architectural Components and Vulnerabilities Provider users’ inability to control cloud infrastructure
21
Conclusion Cloud computing is in constant development
22
Any Question?
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.