box/ds_cloud/term_papers/security issues... · web viewstorage network industry association (snia)...

Distributed and cloud computing CSC 557 Akhila Reddy

Security Issues and Challenges in Cloud Computing

Abstract

Cloud computing is an Internet-based computing, where all the shared resources,

software and information, are provided on demand to computers and devices through internet. It

allows the users to access large number of applications without the need for purchasing,

installing and downloading the applications. Through cloud computing people can share the

distributed resources and services that belong to different organizations. The users can access the

information from anywhere and anytime all they need is to connect to the internet. It refers to the

applications delivered as services over the Internet as well as the hardware and systems software

in the datacenters that provide all of those services. Since cloud computing uses distributed

resources in open environment, thus it is important to provide the security and trust to share the

data for developing cloud computing applications. This paper mainly describes the security

issues and their possible solutions.

Five main features of cloud computing:

• On-demand self-service: A consumer can acquire all the computing resources such as CPU

time, storage or software use, automatically as needed without any human interactions with

providers of these resources.

• Broad network access: All the computing resources such as software and information are

available over the network and accessed by various heterogeneous platforms such as laptops,

tablets and mobile phones etc.,

• Resource pooling: The provider’s computing resources are pooled to serve multiple consumers

using a multi-tenant model, with different physical and virtual resources dynamically assigned

and reassigned according to the demand . So the user do not have control or knowledge about

the location of these resources.

• Rapid elasticity: All the computing resources are elastic for the consumer ie., they are scaled

up to use whenever they are needed and scaled down to release whenever finished. To the

consumer, resources provisioning appears to be infinite and can be appropriated in any quantity

at any time.


• Measured Service: cloud system can use appropriate mechanisms to measure the usage of

these resources for each individual consumer through its metering capabilities, such as

monitoring, controlling, and reporting, which is transparent for both the provider.

Pricing :Cloud computing is completely based on usage and it does not have any upfront cost.

The user is usually billed based on the amount of resources they use. This will help the user to

track their usage and ultimately help them to reduce cost.

Cloud Architecture

Individual users connect to the cloud from their own personal computers or portable

devices, over the Internet. To these individual users, the cloud is seen as a single application,

device, or document. The hardware in the cloud (and the operating system that manages the

hardware connections) is invisible

Cloud computing can be divided according to deployment models and according to service

delivery models.

Cloud Deployments Models

In the cloud deployment model, networking, platform, storage, and software

infrastructure are provided as services that scale up or down depending on the demand . The

Cloud Computing model has four main deployment models which are:

Private cloud

It is set up within an organization’s internal enterprise datacenter and is manages or

operated by the organization or a third party regardless whether it exists on or off premise. In the


private cloud, all the resources and virtual applications provided by the cloud vendor are pooled

together and available for cloud users to share and use. A private cloud is designed to offer the

same features and benefits of public cloud systems, but removes a number of objections to the

cloud computing model including control over enterprise and customer data, worries about

security, and issues. Utilizing the resources on the private cloud can be much more secure than

that of the public cloud because of its specified internal exposure. Only the organization and

designated stakeholders may have access to operate on a specific Private cloud.

Public cloud

In public cloud the enterprise and storage service provider are separate and the data is

stored outside of the enterprise's data center. It is owned ,operated and managed by the public

cloud service provider. It is typically based on a pay-per-use model, similar to a prepaid

electricity metering system which is flexible enough to cater for spikes in demand for cloud

optimization. Public clouds are less secure than the other cloud models because of its open

structure and also it places an additional burden of ensuring all applications and data accessed on

the public cloud are not subjected to malicious attacks.

Community cloud:

It is constructed and shared by several organizations based on similar requirements and

interests, which may reduce utilization cost on every side.

Hybrid cloud

It is a combination of public cloud storage and private cloud storage where some critical

data resides in the enterprise's private cloud while other data is stored and accessible from a

public cloud storage provider. It provides more secure control of the data and applications and

also allows various parties to access information and resources over the Internet. It also has an

open architecture that allows interfaces with other management systems. Hybrid cloud storage

combines the advantages of scalability, reliability, rapid deployment and potential cost savings of

public cloud storage with the security and full control of private cloud storage.


Cloud computing service delivery modelsThere are three key cloud service models: Infrastructure as a Service (IaaS), Platform as a

Service (PaaS), and Software as a Service (SaaS). These services can be used independently, but

they can also work together.

• Software as a Service (SaaS):In SaaS, cloud providers install and operate application software

in the cloud and cloud users access the software from cloud clients. Cloud users do not manage

the cloud infrastructure and platform where the application runs. This eliminates the need to

install and run the application on cloud. Users usually rent the software instead of buying it,

which brings more choices and economical expense.

• Platform as a Service (PaaS): In PaaS, the users can create their own cloud services and

applications directly on a development environment or platform without the cost and complexity

of buying and managing the underlying hardware and software layers with tools offered by the

platform provider. They then can run and deploy these applications with full control.

• Infrastructure as a Service (IaaS): In IaaS, IT infrastructures, such as processing, storage,

networks, and other fundamental computing resources, are delivered as a service to the

consumer. The consumer can deploy and run arbitrary applications and operating systems. This


model makes users pay only for what they use. IaaS-cloud providers supply these resources on-

demand from their large pools installed in data centers.

These features and models make cloud computing an open public system due to which

the data and applications are confronted to many security risks. Also users can access all the

uniformly distributed resources on the internet on demand through cloud computing, which

generates great interest in IT company. In cloud computing data is processed and stored in cloud

instead of local computers, which introduces more security issues.

CLOUD COMPUTING SECURITY ISSUES

A. Data Security

In cloud computing , especially in public cloud, users data is stored and processed in

cloud. Users cannot control cloud infrastructure managing their data, which causes threats to the

users data. Shown below are some of the security issues about the users data:

1) Data breach: It mainly violates two security properties of data : Integrity and confidentiality.

Integrity means protecting data from unauthorized deletion, modification . Confidentiality refers

to only authorized parties or systems having the ability to access the protected data. In a SaaS

model the user’s data is mainly stored and processed at the SaaS vendor end, so the data is at the

risk of breach. The breach behavior may come either from the inside employee or from outside

malicious hacker. Some of the common solutions to keep data integrity and confidentiality, are

employing strong encryption mechanisms like AES and DES under the management of common

PKI infrastructure. However, it introduces a heavy computation overhead on the data owner for

data management and key distribution when desiring fine-grained data access control. This issue

can be addressed by combining techniques of attribute-based encryption, proxy re-encryption,

and lazy re-encryption.

2) Data lock-in: It means the user cannot well migrate from a SaaS or IaaS vendor to another

vendor. It may lose users data, which prevents the users from adopting cloud computing.

Coghead is one example of a cloud platform whose shutdown left customers scrambling to

rewrite their applications to run on a different platform. The solution is to standardize cloud

Application Programming Interface (API), for instance GoGrid API.

3) Data Remanence: It is the residual representation of data that have been nominally erased or

removed in some way. In public cloud it can cause severe security security issues because of the

open environment ,especially in an IaaS model but it may cause minimum security issues in


private cloud. Storage network Industry Association (SNIA) proposes a set of mechanism for

data remanence problem. One of the solution is to encrypt the data and shred the key, making

device management become an pivotal function.

4) Data recovery: Sometimes server may break down and cause damage or loss to users data.

To avoid this, data should be backed up to be recovered in future. Cloud users can keep a backup

of important data on a local computer. For this purpose, the SaaS vendor may provide backup

service for users. For instance, Amazon’s S3 (Simple Storage Service) allows a user to specify

the files that should be backed up as well as the appropriate level of data mirroring.

5) Data locality: In a SaaS model of a cloud environment the user does not have any knowledge

about the location of the data, which may be an issue. To avoid the leakage of the sensitive

information, data privacy laws in many countries such as some European countries forbid some

types of data to leave the country, which makes locality of data be an extremely important

consideration in many enterprise architecture. The issue can be solved by creating secure SaaS

model which can provide reliability to the customer on the location of the data of the user.

B. Application Related Security Issues

Application security refers to using system resources such as the software and hardware

to ensure security of applications, which guards against intrusion from the malicious attackers.

1) Cloud browser security: In a SaaS model, the client's computation tasks are outsourced to

the remote servers. The client system can only be used for IO, receiving and sending commands

to the cloud. The web browser is an universal client application which satisfies this demand. In

this context, the browser security is especially important in cloud computing. There exists many

security issues when considering Transport Layer Security (TLS) protocol which is used for host

authentication and data encryption. The reason is that current web browsers can only use TLS

Encryption and TLS Signature which are not secure enough to keep out malicious attacks. One

solution is to use TLS, and at the same time XML based cryptography in the browser core.

2) Cloud malware injection attack: In this type of attack a malicious virtual machine or service

implementation is injected into the cloud system, the purpose of which varies extensively,

ranging from blockings or wiretapping by subtle data modification to entire functionality

changes.

The attacker creates a malicious VM instance or service implementation module such as SaaS or

IaaS and try to add it to the cloud system. Then he tries to trick the cloud system, making it to


believe the new instance is a valid instance. If succeeding, valid user requests will be redirected

automatically to the new instance and the malicious code in it will be executed. One solution to

prevent this is to perform a integrity check to the service instance before using it for incoming

requests in the cloud system.

3) Cookie poisoning: It is to make an unauthorized access into an application or to a webpage

by modifying the contents of cookie. In a SaaS model, Cookies maintain information that allows

the applications to authenticate the user identity and once these cookies are accessible, they

could be forged to impersonate an authorized user. The solution is to clean up the cookie or

encrypt the cookie data.

4) Backdoor and debug option: Developers often write code with a backdoor intentionally or

unintentionally. They also may leave some debug options for examining or revising the website

again . In a SaaS or PaaS model of a cloud environment, although these backdoors or debug

options facilitate the work of developers but also provide some entry points through which a

hacker can easily enter the website and access the sensitive information. These issues can be

solved at the development level.

C)Cloud Service Provider CSP level attacks

The increased demand on shared resource of the cloud and the shared nature of the cloud

computing could be an attractive target to attackers. End users should take into consideration the

vulnerabilities of cloud computing before migrating to it. Some of the examples of shared

resources are computing capacity, storage, and network. This shared nature exposes the cloud to

many security breaches that are listed below:

1) Guest-hopping attack

An attacker will try get access to one virtual machine by penetrating another virtual machine

hosted in the same hardware. One of the possible solution of guest hopping attack is the

Forensics and VM debugging tools to observe any attempt to compromise VM. Another possible

solution is using High Assurance Platform (HAP) which provides a high

degree of isolation between virtual machines.

2) SQL injection:

It is often used to attack websites. It can be done by injecting SQL commands into a database of

an application from the web to dump or crash that database. To mitigate SQL injection attack;

it is necessary to remove all stored procedures that are rarely used. Also, assign the least possible


privileges to users who have permissions to access the database.

3) Side channel attack:

It occurs when the an attacker places a malicious virtual machine on the same physical machine

as the victim machine; in that way the attacker can access all the confidential information on the

victim machine.

It is preferable to ensure that none of the legitimate user VMs resides on the same hardware of

other users in order to prevent this. This completely eliminates the risk of side-channel attacks in

a virtualized cloud environment.

4)Malicious Insider

One of the cloud computing challenges located at the data centers of the service providers is

when its employee is granted access to sensitive data of some or all customers administrators.

Such system privileges can expose these information to security threats. Strict privileges

planning, security auditing can minimize this security threat.

5)Data storage security

In cloud computing, user’s data is stored in the Cloud Service Provider (CSP) set of servers,

which are running in a simultaneous and distributed manner. Ensuring data integrity and

confidently is an important task. There are some means to ensure integrity and

confidently of the data stored in the cloud.

1. CSP employees must be provided with the limited access to the data.

2. Strong authentication mechanisms must be provided which allows only legitimate employees

to gain access and control CSP servers.

3. The CSP should use well defined Data backup and redundant data storage to make data

recovery possible.

6)Address Resolution Protocol (ARP) Cache Poisoning

Address Resolution Protocol (ARP) is used in the TCP/IP stack to resolve an IP address (logical)

at the sender side into MAC address (physical) address at the receiver side. The ARP cache

stores a table that maps all the IP address of the networked devices and their corresponding MAC

addresses. An attacker can exploit some weakness in the ARP protocol to map an IP address of

the network to one malicious MAC, and then update the ARP cache with this malicious MAC

address. To mitigate this attack it is possible to use static ARP entries, this technique can work

for small networks like private clouds; but on large scale clouds it is better to use other


techniques such as port security features that locks a specific port on the switch ( or network

device) to a specific IP address .

D)Network Level Security attacks

Cloud computing depends mainly on the existing networks infrastructure such as LAN, MAN

and WAN; that is the reason cloud computing is exposed to the same security attacks. These

attacks may be originated from users outside the cloud or a malicious insider residing between

the user and the CSP and trying to corrupt the data to/from the cloud.

1) Domain Name System (DNS) attacks

In the Internet, hosts are defined by names that are easy to remember by humans, while

computers deal with numbers. Each connected computer to the Internet has a globally unique

Internet Protocol (IP). The Domain Name System (DNS) converts host names into corresponding

Internet Protocol (IP) addresses using a distributed database scheme. Internet DNS servers are

subject to different types of attacks such as: ARP cache poisoning domain hijacking, and man-in-

the-middle attacks.

1) Domain hijacking

Domain hijacking is defined as changing the name of a domain without the knowledge or

permission from the domain’s owner or creator. Domain hijacking enables intruders to access

sensitive corporate information and perform illegal activity such as phishing, where a website is

replaced by an identical website that records private information. One of the possible ways to

make domain hijacking very difficult is proposed by Internet Corporation for Assigned Names

and Numbers (ICANN) which forces a 60-day waiting period between a change in registration

information and a transfer to another registrar; most likely that the domain creator will discover

any change in that period. Another solution is using Extensible Provisioning Protocol (EPP) that

is used by many domain registries. EPP uses an authorization code issued exclusively to the

domain registrant as a security measure to prevent unauthorized name changing.

2) IP Spoofing

IP spoofing is where the attacker gains unauthorized access to a computer by pretending that the

traffic has originated form a legitimate computer. IP spoofing is utilized to make other attacks

such as Denial of Service attack and Man in The Middle attack:


a)Denial of service attacks (DoS):

The main purpose of these attacks is to make the target network/computer resources unavailable.

In DoS attack the attacker floods the victim host with a huge number of packets in a short

amount of time, DoS is concerned only with consuming bandwidth and resources of the target

network/computer. The attacker uses a spoofed IP address as the source IP address to make

tracking and stopping of Dos very difficult. Also it is possible to the attacker to use multiple

compromised machines which he has already hijacked to attack the victim machine at the same

time (this attack is known as Distributed DoS) and it is very difficult to track and stop. TCP SYN

flooding: it is an example of DoS attack; the attacker floods the victim machine with a stream of

spoofed TCP SYN packets. This attack exploits the limitations of the three way handshake in

maintaining half-open connections.

b)Man In The Middle Attack (MITM):

An attacker gains access to the network traffic using network packet sniffer, routing and

transport protocols flaws, these attacks could be used for theft of confidential information. IP

spoofing can be reduced using packet filtering by firewall, strong encryption and origin

authentication techniques.

D) End users’ attacks

Most of the cloud users attacks are phishing, fraud, and exploitation of software vulnerabilities

still work and can threaten the cloud service infrastructure. Phishing and fraud are attempts to

steal the identity of a legitimate user such as usernames, passwords, and credit card details.

Phishing is typically carried out by sending the user an email that contains a link to a fraud

website that looks like a legitimate one, when the user goes to that fake website, his user name

and password will be sent to the attacker who can use them to attack the cloud. Another form of

phishing and fraud is to send the user an email that pretends to become from the cloud service

provider and asking the user to supply his username and password for maintenance purposes for

example; but indeed that spoofed email came from an attacker to gain the user credentials then

using them to attack the cloud. Countermeasures of phishing are the use of Spam-filters, using

plug-in spam blocker in the Internet browsers and finally train the users not to respond to any

spoofed email and not to give their credentials to any website.


SECURITY REQUIREMENTS FOR CLOUD COMPUTING

A secure cloud computing should satisfy some security requirements.

Identification & Authentication: Depending on the cloud deployment and service models,

specified users must firstly be established and predefined access priorities and permissions

should be granted accordingly. This process is aimed at verifying and validating individual cloud

user by using a username and password which can protect the profiles of the cloud user.

• Authorization: Authorization is important to maintain referential integrity. It wields control

and privileges over process flows within Cloud computing. In a private cloud the authorization is

controlled by the system administrator.

• Non-Repudiation: In cloud computing, non-Repudiation can be obtained by traditional

technologies such as digital signatures, timestamps, token passing, and confirmation receipts

services.

• Availability: Availability is a key decision factor when deciding which deployment model and

delivery model to be used. The service level agreement (SLA) is a very important document

which describes availability in cloud services and resources between the cloud provider and

client.

CLOUD COMPUTING CHALLENGES

The following are the major challenges that prevent Cloud Computing from being adopted are:

1. Security: Security issue plays the most important role in hindering Cloud computing

acceptance. Putting data, and running software on someone else's hard disk using someone else's

CPU appears daunting to many users. Well-known security issues such as data loss, phishing,

pose serious threats to the data and software. Moreover, the multi-tenancy model and the pooled

computing resources in cloud computing has introduced new security challenges that require

novel techniques to tackle with.

2.Costing Model: Cloud consumers must consider the tradeoffs amongst computation,

communication, and integration. Migrating to the Cloud can significantly reduce the

infrastructure cost, which increases the cost of data communication. This problem is particularly

prominent if the consumer uses the hybrid cloud deployment model where the organization's data

is distributed amongst a number of public/private (in-house IT infrastructure)/community.

3. Charging Model: The elastic resource pool has made the cost analysis a lot more complicated


than regular data centers, which often calculates their cost based on consumptions of static

computing. Moreover, an instantiated virtual machine has become the unit of cost analysis rather

than the underlying physical server. For SaaS cloud providers, the cost of developing

multitenancy within their offering can be very substantial. These include: re-design and

redevelopment of the software that was originally used for single-tenancy, cost of providing new

features that allow for intensive customization, performance and security enhancement for

concurrent user access, and dealing with complexities induced by the above changes.

4. Service Level Agreement (SLA): Although cloud consumers do not have control over the

underlying computing resources, they need to ensure the quality, availability, reliability, and

performance of these resources when consumers have migrated their core business functions

onto their entrusted cloud. It is important for consumers to obtain guarantees from providers on

service delivery. Typically, these are provided through Service Level Agreements (SLAs)

negotiated between the providers and consumers.

5. Cloud Interoperability Issue: Currently, each cloud offering has its own way on how cloud

clients/applications/users interact with the cloud, leading to the "Hazy Cloud" phenomenon. This

hinders the development of cloud ecosystems by forcing vendor locking, which prohibits the

ability of users to choose from alternative vendors/offering simultaneously in order to optimize

resources at different levels within an organization. Proprietary cloud APIs makes it very

difficult to integrate cloud services with an organization's own existing legacy systems.

The primary goal of interoperability is to realize the seamless fluid data across clouds and

between cloud and local applications. Standardization is the good solution to address the

interoperability problem. However, as cloud computing just starts to take off, the interoperability

problem has not appeared on the pressing agenda of major industry cloud vendors.

References1. http://www.slideshare.net/xoai/cloud-computing-security-2153773

2. http://www.cse.wustl.edu/~jain/cse571-09/ftp/cloud/

3. http://www.ijarcsse.com/docs/papers/9_September2012/Volume_2_issue_9/V2I900174.pdf

4. http://www.moorestephens.com/cloud_computing_benefits_challenges.aspx

5. http://www.computerweekly.com/news/2240089111/Top-five-cloud-computing-security-

issues

box/ds_cloud/term_papers/security issues... · web viewstorage network industry association (snia)...

Documents