Cloud Security: Security Issues, Case Studies, and Threats Analysis

Verified

Added on 2023/04/20

AI Summary

This report comprehensively examines cloud security, addressing various critical aspects. It begins by defining cloud security and its importance, emphasizing policies, procedures, and technologies used to protect cloud-based systems, data, and infrastructure. The report explores the core security issues in cloud computing, including confidentiality, integrity, availability, and privacy, detailing the threats associated with each. It provides practical solutions for mitigating these threats, such as using trusted computing platforms, implementing auditing, and managing denial-of-service attacks. A significant portion of the report is dedicated to a case study on malware injection attacks, illustrating real-world vulnerabilities and the measures needed to prevent such intrusions. Furthermore, it discusses the dimensions of security threats in cloud computing, categorizing them as technical and business-related, and includes a threat matrix to visualize the overlap and specificity of different threats. The report concludes by providing a list of references to support the information presented.

Running head: CLOUD SECURITY
Cloud Security
Name of Student-
Name of University-
Author’s Note-

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

1CLOUD SECURITY
Cloud Security
The cloud security mainly consists of many policies, procedures, technologies, as well as
controls that are used together for providing protection to the systems, data and the infrastructure
that are based on clouds (Almorsy, Grundy & Müller, 2016). The security measures that are
configured for protecting the data, supporting the regulatory compliance, as well as protecting
the privacy of the customers and setting the authentication rules for the individuals users and for
all the devices. Starting from the authentication access to the filtering traffic, the security of the
cloud can be configured for extracting the needs of a particular business. The rules can also be
configured as well as managed only at one place, the overheads of the administration teams and
the IT departments can then focus on other business activities of the organization.
The way of delivering the cloud security mainly depends on a particular cloud provider or
on some solutions of cloud security (Jouini & Rabai, 2016). Implementing the cloud security
mainly that are possessed by a cloud computing are responsibility of the business owners and the
cloud solution provider.
The cloud security mainly provides different control levels in a network infrastructure for
providing continuity as well as protection for the assets such as websites or the web applications
that are based on the cloud. Irrespective of cloud being private or public, it is the responsibility
of the business to provide protection to the data involved in the organization (Hashem et al.,
2016). Cloud security is necessary for DDoS protection, data security, regulatory compliance, as
well as high availability by provider of cloud security.
Security Issues and Trends in Cloud Computing
The main issues that are involved in the cloud computing security are explained below:

2CLOUD SECURITY
Confidentiality
Confidentiality is considered as the topmost security of protection. The word
confidentiality itself means securing the data from the cloud providers and from the other
customers (Jones et al., 2017). Customer who stores their data on the servers of cloud can be
managed by many untrustworthy providers of clouds or may be some hackers. Outsourcing the
data of customer means losing the physical control over their personal data.
Integrity
The word integrity means data should remain in its original form. They are not to be
modified. The data are given to the providers with a trust that the data will not be altered neither
will be modified.
Availability
The data that are stored on the cloud should be available and should be present when
needed. If customer does not get the data when needed, they will not believe on the cloud service
provider any more.
Privacy
Another most important security issues is privacy. Keeping the data private is a difficult
job for the customers. The data that are given by the customer with trust should be shared with
other customers. The data are distributed on the servers of cloud and are then managed by the
cloud providers. All the individuals want to keep their data safe on the cloud servers and the data
should be kept confidentially in the cloud.
Solution for the Issues

3CLOUD SECURITY
Threats with Confidentiality:
In IaaS service, some of the attacks arises in the Amazon EC2 (Elastic Compute Cloud).
The attacks might be data tampering, as well as attacks that are on side channels as well as on
network eavesdropping (Sen, 2017). It is needed to add virtual machines on server machine for
protecting the attacks of side channels.
Confidentiality attack solutions:
 Using a platform of cloud computing that can be trusted.
 Giving the control of data back to the customer.
Threats with Integrity:
Some of the threats that are can be related with integrity are data modification, wrong
computation on the cloud servers, and connection pooling as well as open direct.
Integrity attack solutions:
 Using Trusted Computing
 Auditing should be involved which includes all the activities that are stored in the log
file.
Threats with Availability
Some of the threats that are can be related with availability are denial of service,
dictionary attack, and spoofing.
Availability attack solutions:
 Manage the DOS attack.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

4CLOUD SECURITY
 Maintaining the agreement of service level.
Threats with Privacy
The thereat to privacy is losing physical control over the data.
Privacy attack Solutions
 Better authentication for the provider of cloud.
 Have trusted cloud provider.
Cloud Computing Security Case Studies
In an attack of malware injection is an attempt for injecting malicious code in the system.
This particular appears in form of code, active content, scripts as well as other software
(Varghese & Buyya, 2018). When legitimate user runs a cloud server, the service that is
connected with it mainly accepts the example of computation in cloud. The checking is done
mainly for determining if example matches the legitimate existing service.
The case described here occurred May 2009. The USTD (United States Treasury
Department) stopped four websites that were public permanently for Bureau of Engraving as
well as printing. They have discovered many dangerous codes that are added to parent side. The
provider of cloud server on the third party hosting the website of the company was considered as
the victim of the intrusion attack. Because of this attack many number of websites such as BEP
websites and non-BEP websites got affected (Puthal et al., 2018). The chief research officer
Roger Thompson for the technologies for Anti-Virus Guard (AVG) discovered some malicious
code in the affected pages of the websites. The hackers who hacked the websites added some
snippet of virtually iFrame Code that were undetectable. This redirected visitors to the Ukrainian

5CLOUD SECURITY
website. iFrame commonly known as Inline Frame which is an HTML document that is
embedded in the HTML document on the website. There are different types of web based attacks
that were launched using that is easy in purchasing the malicious toolkit that is known as the
Eleonore Exploit Pack. For preventing this type on the operators of the server needs to check as
well as exploit the iFrame code. The user of Firefox should also install the NoScript and then set
the Plugins. The user of Windows should make sure that all the security updates are installed and
thus have active anti malware that guards the system.
Dimensions of Security Threats in Cloud Computing
The threat for IS security in the cloud can come from both the business end and the
technical end. The threats that are technical in nature is viewed from the perspective of a
business (Zibouh, Dalli & Drissi, 2016). The common treats are IS and the other threats are
particular only to the cloud computing. Threats can be overlapped with each of the two
dimensions. Threats can be technical as well as business related threats.
Figure 1: Cloud Computing Threat matrix
(Source: Zibouh, Dalli & Drissi, 2016)

6CLOUD SECURITY
From the above picture, it can be stated that threats that are in common in one scenario is
mostly specific to some other scenario. The above diagram shows two dimensions of threats for
denoting the relative weight for each of the four quadrants.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

7CLOUD SECURITY
References
Almorsy, M., Grundy, J., & Müller, I. (2016). An analysis of the cloud computing security
problem. arXiv preprint arXiv:1609.01107.
Jouini, M., & Rabai, L. B. A. (2016). A security framework for secure cloud computing
environments. International Journal of Cloud Applications and Computing (IJCAC), 6(3), 32-44.
Hashem, I. A. T., Yaqoob, I., Anuar, N. B., Mokhtar, S., Gani, A., & Khan, S. U. (2015). The
rise of “big data” on cloud computing: Review and open research issues. Information
systems, 47, 98-115.
Jones, S., Irani, Z., Sivarajah, U., & Love, P. E. (2017). Risks and rewards of cloud computing in
the UK public sector: A reflection on three Organisational case studies. Information Systems
Frontiers, 1-24.
Sen, J. (2015). Security and privacy issues in cloud computing. In Cloud Technology: Concepts,
Methodologies, Tools, and Applications (pp. 1585-1630). IGI Global.
Varghese, B., & Buyya, R. (2018). Next generation cloud computing: New trends and research
directions. Future Generation Computer Systems, 79, 849-861.
Puthal, D., Sahoo, B. P. S., Mishra, S., & Swain, S. (2015, January). Cloud computing features,
issues, and challenges: a big picture. In Computational Intelligence and Networks (CINE), 2015
International Conference on (pp. 116-123). IEEE.
Zibouh, O., Dalli, A., & Drissi, H. (2016). CLOUD COMPUTING SECURITY THROUGH
PARALLELIZING FULLY HOMOMORPHIC ENCRYPTION APPLIED TO MULTI-CLOUD
APPROACH. Journal of Theoretical & Applied Information Technology, 87(2).