UNIT V SECURITY IN THE CLOUD

Security Overview – Cloud Security

Challenges and Risks – Software-as-a-Service
Security – Security Governance – Risk
Management – Security Monitoring –
Security Architecture Design – DataSecurity
– Application Security – Virtual Machine
Security - Identity Management and Access
Control – Autonomic Security
 Security Overview
• Cloud is a boon to new generation technology. But if it fails to
ensure proper security protection, cloud services could
ultimately result in higher cost & potential loss of business
thus eliminating all the potential benefits of cloud technology.
• So the aim of the cloud security & its researchers to help
enterprise information technology and decision makers to
analyze the security implications of cloud computing in their
business.
• When a customer moves toward cloud computing, they have
a clear understanding of potential security & risk associated
with cloud computing.
 Security Overview
• It is a set of control-based technologies & policies adapted to stick to
regulatory compliances, rules & protect data application and cloud
technology infrastructure.
• Because of cloud's nature of sharing resources, cloud security gives
particular concern to identity management, privacy & access control.
• So the data in the cloud should have to be stored in an encrypted form.
• With the increase in the number of organizations using cloud
technology for a data operation, proper security and other potentially
vulnerable areas became a priority for organizations contracting with
cloud providers.
• Cloud computing security processes the security control in cloud &
provides customer data security, privacy & compliance with necessary
regulations.
 Security Planning for Cloud
• Analyze the sensitivity to risks of user's
resources.
• The cloud service models require the customer
to be responsible for security at various levels
of service.
• Understand the data storage and transfer
mechanism provided by the cloud service
provider.
• Consider proper cloud type to be used.
 Cloud Security Controls
• Cloud security becomes effective only if the defensive
implementation remains strong.
• There are many types of control for cloud security
architecture; the categories are listed below:
– Detective Control: are meant to detect and react instantly &
appropriately to any incident.
– Preventive Control: strengthen the system against any incident or
attack by actually eliminating the vulnerabilities.
– Deterrent Control is meant to reduce attack on cloud system; it
reduces the threat level by giving a warning sign.
– Corrective Control reduces the consequences of an incident by
controlling/limiting the damage. Restoring system backup is an
example of such type.
 Securing the Cloud

• Security Interaction Model

• Top Security Threats

• Cloud Provider Security Practices – Google

Case Study
Security Interaction Model
 Top Security Threats
• Abuse and nefarious use of cloud computing
• Insecure interfaces & API’s
• Unknown risk profile
• Malicious insiders
• Shared technology issues
• Data loss or leakage
• Account or service hijacking
 Threat Mitigation
Abuse and nefarious  Stricter initial registration and validation processes.
 Enhanced credit card fraud monitoring and
use of cloud coordination.
computing  Comprehensive introspection of customer network
traffic.
 Monitoring public blacklists for one’s own network
blocks.
Insecure interfaces &  Analyze the security model of cloud provider
interfaces.
API’s  Ensure strong authentication and access controls
are
implemented in concert with encrypted transmission.
 Understand the dependency chain associated with
the API.
Unknown risk profile  Disclosure of applicable logs and data.
Partial/full disclosure of infrastructure details
 Monitoring and alerting on necessary information.
 Threat Mitigation
Malicious insiders  Enforce strict supply chain management and conduct
a comprehensive supplier assessment.
 Specify human resource requirements as part of
legal contracts.
 Require transparency into overall information security
and management practices, as well as compliance
reporting.
 Determine security breach notification processes.

Shared technology  Implement security best practices for installation and

configuration.
issues  Monitor environment for unauthorized
changes/activity.
 Promote strong authentication and access control for
administrative access and operations.
 Enforce service level agreements for patching and
vulnerability remediation.
 Conduct vulnerability scanning and configuration
audits.
 Threat Mitigation
Data loss or  Implement strong API access control.
leakage  Encrypt and protect integrity of data in transit.
 Analyze data protection at both design and run time.
 Implement strong key generation, storage and
management, and destruction practices.
 Contractually demand providers wipe persistent
media before it is released into the pool.
 Contractually specify provider backup and retention
strategies.
Account or  Prohibit the sharing of account credentials between
users and services.
service  Leverage strong two-factor authentication
hijacking techniques where possible.
 Employ proactive monitoring to detect unauthorized
activity.
 Understand cloud provider security policies and
SLAs.
 Google Security Practices

• Organizational and Operational Security

• Data Security
• Threat Evasion
• Safe Access
• Privacy
 Google Organizational and Operational
Security

• Holistic approach to security

• Security team
• Develop with security in mind
• Regularly performs security audits and threat
assessments
• Employees screened, trained
• Works with security community and advisors
 Google Data Security

• Google Code of Conduct – “Don’t be evil.”

• Physical security
• Logical Security
• Accessibility
• Redundancy
 Google Threat Evasion

• Spam and virus protection built into products

• Protects against application & network attacks
 Google Safe Access

• Avoids local storage

• Access controls
• Encrypted connections
• Integrated security
 Google Privacy

• Privacy policy
• Does not access confidential user data
• Does not alter data
• Maintain own IP rights
• Indemnification, liability
• End of use
 Leveraging the Cloud

• Decision Making Process

• Clan Wars Case Study

 Decision Making Process
• Identify the asset for cloud deployment
• Evaluate the asset requirements for
confidentiality, integrity, and availability
• Map the asset to potential cloud deployment
models
• Evaluate potential cloud service models and
providers
• Sketch the potential data flow
• Draw conclusions
 Cloud Security Challenges and Risks
• This emergent cloud technology is facing many
technological challenges in different aspects of
data & information handling & storage.
• Some of the challenges are as follows:
– Availability & reliability
– Security & Privacy
– Interoperability
– Performance
– Portability
Cloud Security Challenges in 2020
• The worldwide public cloud services market is
forecast to grow 17% in 2020 to total $266.4
billion, up from $227.8 billion in 2019
according to Gartner.
• As the cloud continues to be more and more
heavily adopted, it’s important to be aware of
the challenges organizations are faced with
when leveraging cloud computing
 Data Breaches
• Consequences of a data breach may include:
– Impact to reputation and trust of customers or
partners
– Loss of intellectual property (IP) to competitors,
which may impact products release
– Regulatory implications that may result in monetary
loss
– Brand impact which may cause a market value
decrease due to previously listed reasons
– Legal and contractual liabilities
– Financial expenses incurred due to incident response
and forensics
 Misconfiguration and Inadequate Change
Control
• This is one of the most common challenges of the
cloud.
• In 2017, a misconfigured AWS Simple Storage
Service (S3) cloud storage bucket exposed detailed
and private data of 123 million American
households.
• The data set belonged to Experian, a credit bureau,
which sold the data to an online marketing and data
analytics company called Alteryx. It was Alteryx that
exposed the file. Such instances can be disastrous.
 Lack of Cloud Security Architecture and
Strategy
• Worldwide, organizations are migrating portions of their IT
infrastructure to public clouds.
• One of the biggest challenges during this transition is the
implementation of appropriate security architecture to withstand
cyberattacks.
• Unfortunately, this process is still a mystery for many
organizations.
• Data are exposed to different threats when organizations assume
that cloud migration is a “lift-and-shift” endeavor of simply porting
their existing IT stack and security controls to a cloud environment.
• A lack of understanding of the shared security responsibility model
is also another contributing factor.
Insufficient Identity, Credential, Access and
Key Management
• Cloud computing introduces multiple changes to
traditional internal system management practices
related to identity and access management (IAM).
• It isn’t that these are necessarily new issues. Rather,
they are more significant issues when dealing with
the cloud because cloud computing profoundly
impacts identity, credential and access management.
• In both public and private cloud settings, CSPs and
cloud consumers are required to manage IAM
without compromising security.
 Account Hijacking
• Account hijacking is a threat in which malicious
attackers gain access to and abuse accounts
that are highly privileged or sensitive.
• In cloud environments, the accounts with the
highest risks are cloud service accounts or
subscriptions.
• Phishing attacks, exploitation of cloud-based
systems, or stolen credentials can compromise
these accounts.
 Insider Threat
• The Netwrix 2018 Cloud Security Report indicates that 58
percent of companies attribute security breaches to insiders.
• Insider negligence is the cause of most security incidents.
• Employee or contractor negligence was the root cause of 64
percent of the reported insider incidents, whereas 23
percent were related to criminal insiders and 13 percent to
credential theft, according to the Ponemon Institute’s 2018
Cost of Insider Threats study.
• Some common scenarios cited include: misconfigured cloud
servers, employees storing sensitive company data on their
own insecure personal devices and systems, and employees
or other insiders falling prey to phishing emails that led to
malicious attacks on company assets.
 Insecure Interfaces and APIs
• Cloud computing providers expose a set of software user interfaces
(UIs) and APIs to allow customers to manage and interact with
cloud services.
• The security and availability of general cloud services are
dependent on the security of these APIs.
• From authentication and access control to encryption and activity
monitoring, these interfaces must be designed to protect against
both accidental and malicious attempts to circumvent the security
policy.
• Poorly designed APIs could lead to misuse or—even worse—a data
breach. Broken, exposed, or hacked APIs have caused some major
data breaches.
• Organizations must understand the security requirements around
designing and presenting these interfaces on the internet.
 Weak Control Plane
• Moving from the data center to the cloud poses some challenges for
creating a sufficient data storage and protection program. The user
must now develop new processes for data duplication, migration and
storage and—if using multi-cloud—it gets even more complicated. A
control plane should be the solution for these problems, as it
enables the security and integrity that would complement the data
plane that provides stability and runtime of the data. A weak control
plane means the person in charge—either a system architect or a
DevOps engineer—is not in full control of the data infrastructure’s
logic, security and verification. In this scenario, controlling
stakeholders don’t know the security configuration, how data flows
and where architectural blind spots and weak points exist. These
limitations could result in data corruption, unavailability, or leakage.
Metastructure and Applistructure Failures
• Cloud service providers routinely reveal operations and
security protections that are necessary to implement and
protect their systems successfully.
• Typically, API calls disclose this information and the
protections are incorporated in the metastructure layer for
the CSP.
• The metastructure is considered the CSP/customer line of
demarcation—also known as the waterline.
• Failure possibilities exist at multiple levels in this model.
• For example, poor API implementation by the CSP offers
attackers an opportunity to disrupt cloud customers by
interrupting confidentiality, integrity, or availability of the
service.
 Limited Cloud Usage Visibility
• Limited cloud usage visibility occurs when an organization does not possess the
ability to visualize and analyze whether cloud service use within the organization
is safe or malicious.
• This concept is broken down into two key challenges.
• Un-sanctioned app use:
– This occurs when employees are using cloud applications and resources without the
specific permission and support of corporate IT and security.
– This scenario results in a self-support model called Shadow IT.
– When insecure cloud services activity does not meet corporate guidelines, this behavior
is risky— especially when paired with sensitive corporate data.
– Gartner predicts that by 2020, one-third of all successful security attacks on companies
will come through shadow IT systems and resources.
• Sanctioned app misuse:
– Organizations are often unable to analyze how their approved applications are being
leveraged by insiders who use a sanctioned app.
– Frequently, this use occurs without the explicit permission of the company, or by
external threat actors who target the service using methods such as credential theft,
Structured Query Language (SQL) injection, Domain Name System (DNS) attacks and
more.
Abuse and Nefarious Use of Cloud Services

• Malicious actors may leverage cloud computing

resources to target users, organizations or other cloud
providers.
• Malicious attackers can also host malware on cloud
services.
• Cloud services that host malware can seem more
legitimate because the malware uses the CSP’s domain.
• Furthermore, cloud-hosted malware can use cloud-
sharing tools as an attack vector to further propagate
itself.
CLOUD SECURITY CHALLENGES AND RISKS @ Application level

• Practically every aspect of cloud-based applications is affected -- not

just generic HTTP traffic going over ports 80 and 443.
• From user authentication to transaction processing to back-end data
access and even Web services exposures.
• There's a lot to consider and secure.
• Interestingly, this is not much different than the application security
concerns in our "old-school" data center configurations. Just don't
overlook the details involved.
• What about co-mingling? Is your sensitive data going to be mixed in
with other people's systems? Shared Web servers have always made
me nervous in the past.
• If one site is compromised it can put all of the other sites hosted on
that server in jeopardy as well.
• With cloud computing, practically every component of the OSI layers 1
through 7 is shared not just the application layer so the attack surface
can be exponentially increased.
 CLOUD SECURITY CHALLENGES AND RISKS
@ Application level
• Penetration testing and source code analysis is still going to be
required.
• Albeit, I could foresee some of the service providers offering "security
assessments as a service" at least at the OS and network levels looking
at everyone's systems across the board.
• Once you get to layer 7 though, every application is unique and so are
the security issues. No generic scans here.
• Forensics investigations and any e-discovery requests can be
complicated by the complexities of the cloud.
• This is especially true when servers are brought up and
decommissioned on the fly possibly without you even knowing about
it.
• Security audit logging and monitoring systems will need to be
enhanced, and incident response processes will undoubtedly have to
be updated.
CLOUD SECURITY CHALLENGES AND RISKS
@ Application level
• There's a common argument that things such as data
leakage and system monitoring are simplified when
everything's in one place in the cloud.
• I just don't see how that's really any different from the
average application environment today.
• Most applications have a front end, back end, and some
stuff in between.
• Unless you've got a really unique configuration that makes
calls to applications and databases around the Internet,
you still have everything in pretty much the same data
center location. Thus the same security issues apply.
 CLOUD SECURITY CHALLENGES AND RISKS
@ Application level
• Security in the cloud is often intangible.
• Unlike security controls within the perimeter, you often don't see it working
or even know if it's enabled.
• This can create both a false sense of security and anxiety about whether or
not things are actually locked down.
• I've seen certain cloud vendors tout their pre hardened secure virtualization
builds.
• This is no different than what hosting providers have been offering for years
so don't count on this being a "value add."
• Regardless of how much things are supposedly "locked down" in the cloud,
there are still client-side considerations and there always will be as long as
we're using clients in the current sense.
• You can't overlook endpoints and all the security complexities that go along
with them.
CLOUD SECURITY CHALLENGES AND RISKS
@ Application level
• Usability is still a concern. Are your service
provider's controls going to get in the way of your
users transacting business? Do they set things up
in a "deny all" fashion by default? Or, is everything
enabled from the get-go? What's it going to be like
dealing with them on these issues? Security vs.
convenience is a battle we'll fight until the end of
our days, but sometimes it's so obvious it gets
overlooked, much to the dismay of the people that
matter most.
CLOUD SECURITY CHALLENGES AND RISKS
@ Application level
• Given the downsides, I'm not saying don't buy into cloud
computing.
• Just don't take the vendor hype too seriously. SSL and VPNs
are not going to be the answer to security in the cloud.
• Nor is encrypting sensitive databases. Private clouds certainly
reduce the exposure that public clouds present, but not all
application traffic and transactions are Internet-bound.
• So you'll still have to consider internal threats.
• That takes us back to the fact that we have to approach this
with some good old-fashioned common sense and layer
security in everywhere it's feasible -- not just in the cloud.
 CLOUD SECURITY CHALLENGES AND RISKS
@ HOST LEVEL
• Host security describes how your server is set up for the following
tasks:
– Preventing attacks.
– Minimizing the impact of a successful attack on the overall system.
– Responding to attacks when they occur.
• It always helps to have software with no security holes.
• In the real world, the best approach for preventing attacks is to assume
your software has security holes.
• Each service you run on a host presents a distinct attack vector into the
host.
• The more attack vectors, the more likely an attacker will find one with
a security exploit.
• Therefore minimize the different kinds of software running on a server.
CLOUD SECURITY CHALLENGES AND RISKS
@ HOST LEVEL
• Given the assumption that services are vulnerable, most significant
tool in preventing attackers from exploiting a vulnerability once it
becomes known is the rapid rollout of security patches.
• Here’s where the dynamic nature of the cloud really alters what can
do from a security perspective.
• In a traditional data center, rolling out security patches across an
entire infrastructure is time-consuming and risky.
• In the cloud, rolling out a patch across the infrastructure takes
three simple steps:
– Patch your AMI with the new security fixes.
– Test the results.
– Relaunch your virtual servers.
 CLOUD SECURITY CHALLENGES AND RISKS
@ NETWORK SECURITY LEVEL
• A majority of enterprise organizations are embracing cloud
computing in one form or another.
• According to ESG research, 67% of enterprises use public or
private cloud infrastructure today, while 66% use one or
several SaaS applications
• So what about network security? It’s a bit of a struggle today
as many organizations move to cloud computing long before
they have the right infosec skills, processes, or tools in place.
• As proof of this deficit, ESG asked 145 cybersecurity
professionals working at enterprise organizations (i.e. more
than 1,000 employees) whether they agreed or disagreed
with a number of statements about cloud computing security.
 CLOUD SECURITY CHALLENGES AND RISKS
@ NETWORK SECURITY LEVEL
• 60% of cybersecurity professionals strongly agree or agree
with the statement: It is difficult to get the same level of
security visibility into cloud-based workloads as we have in
our physical network. You can’t manage (or secure) what
you can’t measure.
• 50% of cybersecurity professionals strongly agree or agree
with the statement: It is difficult to audit network security
controls associated with cloud computing infrastructure.
Similar point.
• 60% of cybersecurity professionals strongly agree or agree
with the statement: My organization is still learning how to
apply its security policies to cloud security infrastructure
 CLOUD SECURITY CHALLENGES AND RISKS
@ NETWORK SECURITY LEVEL
• 60% of cybersecurity professionals strongly agree or agree with the
statement: My organization’s current network security operations
and processes lacks the right level of orchestration and automation
needed for cloud computing. In other words, the security team
can’t keep up with cloud self-service and DevOps.
• 47% of cybersecurity professionals strongly agree or agree with the
statement: The security team does not have the appropriate staff
level to manage network security operations for cloud computing.
• 46% of cybersecurity professionals strongly agree or agree with the
statement: The security organization does not have the right level
of cloud computing skills to provide the same types of network
security controls and oversight as it does on the physical network.
The cybersecurity skills shortage seems to be a big factor with
cloud computing.
 Software-as-a-Service Security
• Software as a service (SaaS) is a software licensing and delivery model in
which software is licensed on a subscription basis and is centrally hosted.
• It is sometimes referred to as "on-demand software", and was formerly
referred to as "software plus services" by Microsoft.
• SaaS is typically accessed by users using a thin client, e.g. via a web
browser.
• SaaS has become a common delivery model for many business
applications, including office software, messaging software, payroll
processing software, DBMS software, management software, CAD
software, development software, gamification, virtualization, accounting,
collaboration, customer relationship management (CRM), Management
Information Systems (MIS), enterprise resource planning (ERP), invoicing,
human resource management (HRM), talent acquisition, learning
management systems, content management (CM), Geographic
Information Systems (GIS), and service desk management.
• SaaS has been incorporated into the strategy of nearly all leading
enterprise software companies.
 Software-as-a-Service Security
• According to a Gartner estimate, SaaS sales in 2018 were
expected to grow 23% to $72 billion.SaaS applications are
also known as Web-based software, on-demand software
and hosted software.
• The term "Software as a Service" (SaaS) is considered to
be part of the nomenclature of cloud computing, along
with Infrastructure as a Service (IaaS), Platform as a
Service (PaaS), Desktop as a Service (DaaS),managed
software as a service (MSaaS), mobile backend as a
service (MBaaS), and information technology
management as a service (ITMaaS).
 Software-as-a-Service Security
• The vast majority of SaaS solutions are based on a multitenant
architecture.
• With this model, a single version of the application, with a single
configuration (hardware, network, operating system), is used for all
customers ("tenants").
• To support scalability, the application is installed on multiple machines
(called horizontal scaling).
• In some cases, a second version of the application is set up to offer a
select group of customers access to pre-release versions of the
applications (e.g., a beta version) for testing purposes.
• This is contrasted with traditional software, where multiple physical
copies of the software each potentially of a different version, with a
potentially different configuration, and often customized are installed
across various customer sites In this traditional model, each version of
the application is based on a unique code.
 Software-as-a-Service Security
• Although an exception rather than the norm, some SaaS
solutions do not use multitenancy, or use other
mechanisms such as virtualization to cost-effectively
manage a large number of customers in place of
multitenancy.
• Whether multitenancy is a necessary component for
software as a service is a topic of controversy.
• There are two main varieties of SaaS:
– Vertical SaaS -Software which answers the needs of a specific
industry (e.g., software for the healthcare, agriculture, real
estate, finance industries).
– Horizontal SaaS - The products which focus on a software
category (marketing, sales, developer tools, HR) but are industry
agnostic
 Security Governance
• When considering the recent trends and studies on cloud
computing, it’s clear that after the Internet, it’s the turn of
cloud computing to shape the future of computing.
• The question is no longer “To cloud or not to cloud”, but
more of “when will the shift happen” and “what processes
will shift to the cloud”.
• As part of a risk management exercise for cloud
computing, it’s important to rank the positive information
security benefits from utilizing cloud infrastructure.
• Since the largest risks lie on public cloud fronts (unless
mentioned otherwise), all references are only to public
cloud infrastructure.
 Security Governance Translation
• Specialized personnel:
– Since the entire business model is based on providing IT resources, cloud
providers can afford to hire and retain the industry’s finest skillsets.
– This is a huge boon for many organizations, since they are unable to attract
and retain highly skilled resources.
– It’s not rare to see organizations which are able to spend large sums on IT
Infrastructure, but unable to derive due benefits due to lack of skilled
resources.
• Opex, NOT capex:
– In many countries, organizations purchasing IT equipments for internal
consumption – “capex - capital expenditure” cannot take immediate tax
benefits by writing off expenditure, but get staggered benefits spread over
five years.
– By employing a cloud provider’s resources, investments in cloud resources
get classified as operational expense (opex), which results in immediate tax
benefits.
 Security Governance Translation
• Platform support:
– Many organizations are unable to rollout patches on time, or even
identify the applicable patches due to various reasons like lack of
adequate knowledge base, time, or adequate testing infrastructure.
– These shortcomings are not there for most cloud providers,
ensuring that the platforms and applications that you use on those
cloud setups are adequately up to date.
– This is a two edged sword, since this very point has also been
observed as a weakness in certain cloud providers whom we have
audited.
– Organizations which have fairly mature processes in place ensure
aspects like timely internal system updates and adequate testing.
– The same cannot be said in a guaranteed manner for cloud
providers due to lack of visibility and transparency.
 Security Governance Translation
• Backup and recovery:
– Almost all the organizations that I have worked with in the past 20 years take
regular backups.
– However, very few organizations ever perform regular restoration to check the
working and adequacy of backups, which lead to last minute unpleasant
surprises.
– Cloud providers have this step pat in place, since the repercussions of a mess-up
will be fatal for their existence.
– Again, this is a two edged sword dependent on the policies of the cloud provider,
which may or may not be sufficient for your organizational requirements.
• Disaster recovery:
– This is critical for most organizations, but regularly side-stepped or watered
down.
– Redundancy and disaster recovery capabilities are built into cloud computing
environments.
– This is a two edged sword dependent on the cloud provider’s policies and
implementation strategy, which may not be sufficient for your organizational
requirements
 Security Governance Translation
• Thin clients:
– Since applications and data (in most cases) will reside on the cloud
infrastructure, not required powerful laptops and desktops to run
applications.
– Not much confidential data will reside on internal systems, thus cutting
down on information risk factors.
– This is again based on the cloud provider’s policies and your
implementation topology.
• Power savings:
– Last year, Pike Research found that cloud computing could lead to a 38
percent reduction in worldwide data center energy use by 2020, compared
to what the growth of data center energy consumption would be without
cloud computing.
– Another study from Microsoft, Accenture and WSP Environment and
Energy in 2011 found that moving business applications to the cloud could
cut the associated per-user carbon footprint by 30 percent for large,
already-efficient companies..
 SECURITY MONITORING
• Monitoring is a critical component of cloud
security and management.
• Typically relying on automated solutions, cloud
security monitoring supervises virtual and
physical servers to continuously assess and
measure data, application, or infrastructure
behaviors for potential security threats.
• This assures that the cloud infrastructure and
platform function optimally while minimizing
the risk of costly data breaches
 Benefits of Cloud Security Monitoring
• Cloud monitoring provides an easier way to identify patterns and
pinpoint potential security vulnerabilities in cloud infrastructure.
• As there’s a general perception of a loss of control when valuable data
is stored in the cloud, effective cloud monitoring can put companies
more at ease with making use of the cloud for transferring and storing
data.
• When customer data is stored in the cloud, cloud monitoring can
prevent loss of business and frustrations for customers by ensuring
that their personal data is safe.
• The use of web services can increase security risks, yet cloud
computing offers many benefits for businesses, from accessibility to a
better customer experience.
• Cloud monitoring is one initiative that enables companies to find the
balance between the ability to mitigate risks and taking advantage of
the benefits of the cloud and it should do so without hindering
business processes.
 Challenges of Cloud Security Monitoring
• As Ed Moyle notes in this article for SearchCloudSecurity, “the same forces
that make cloud possible can have a negative impact on monitoring controls
and erode an organization's ability to take action in response to events.”
• Virtualization poses challenges for monitoring in the cloud, and traditional
configurations involving log management, log correlation, and event
management (SIEM) tools aren’t routinely configured to adapt to dynamic
environments where virtual machines may come and go in response to sharp
increases or decreases in demand.
• Visibility can also be a concern when it comes to cloud monitoring.
• Many companies rely on third-party cloud services providers and may not
have access to every layer in the cloud computing stack, and therefore can’t
gain full visibility to monitor for potential security flaws and vulnerabilities.
• Finally, shifts in scope are another common challenge when dealing with
cloud environments, as assets and applications may move between systems
which may not necessarily have the same level of security monitoring.
 Security Monitoring Working
• There are several approaches to cloud security monitoring.
• Cloud monitoring can be done in the cloud platform itself, on premises
using an enterprise’s existing security management tools, or via a third
party service provider.
• Some of the key capabilities of cloud security monitoring software
include:
– Scalability: tools must be able to monitor large volumes of data across many
distributed locations
– Visibility: the more visibility into application, user, and file behavior that a
cloud monitoring solution provides, the better it can identify potential attacks
or compromises
– Timeliness: the best cloud security monitoring solutions will provide constant
monitoring, ensuring that new or modified files are scanned in real time
– Integration: monitoring tools must integrate with a wide range of cloud
storage providers to ensure full monitoring of an organization’s cloud usage
– Auditing and Reporting: cloud monitoring software should provide auditing
and reporting capabilities to manage compliance requirements for cloud
security
 SECURITY ARCHITECTURE DESIGN
• Securing the cloud starts with the cloud architecture.
• The critical piece to building the cloud computing security architecture is planning
the visibility portion, aka the performance management strategy, of the cloud
network.
• Visibility provides insight into potential flaws, traffic blockages, or locates
suspicious activities in the network.
• SAN Org states it best: “Visibility is the key takeaway here, because you cannot
protect systems you cannot see.”
• Cloud security falls into a shared cloud responsibility model, meaning that both
the provider and the consumer possess responsibility in securing the cloud.
• The best practice is for enterprises to carefully review the cloud service provider’s
(CSP) service level agreement (SLA) to understand the enterprise’s responsibility of
enforcing security measures.
• For all cloud service models, Research Gate recommends these items for a secure
cloud architecture:
– Apply Single Sign-On for multiple accounts with various service providers to make it easier
on the IT administration staff to monitor the cloud.
– Use virtual firewalls instead of first-generation firewalls
– Incorporate data loss prevention tools
 SECURITY ARCHITECTURE DESIGN
• In addition to the advice from ResearchGate, enterprises should
further protect the cloud by implementing a Security Information
and Event Management (SIEM), a Denial-of-Service (DDoS) Attack
Protection, and Anti-Virus Software.
• While all cloud architecture models require performance
management tools and strategy, the security architecture varies
based on the type of cloud model — software-as-a-service (SaaS),
infrastructure-as-a-service (IaaS), or platform-as-a-service model
(PaaS).
• It’s important to distinguish the different service models, as The
Cloud Security Alliance notes: “IaaS is the foundation of all cloud
services, with PaaS building upon IaaS, and SaaS in turn building
upon PaaS.”
IaaS Cloud Computing Security Architecture
• This infrastructure provides the storage and networking components to cloud
networking.
• It relies heavily on application programming interfaces (APIs) to allow
enterprises to manage and interact with the cloud.
• However, cloud APIs tend to be insecure as they’re open and readily accessible
on the network.
• The CSP handles the security of the infrastructure and the abstraction layers.
• The enterprise’s security obligations include the rest of the stack, including the
applications.
• Deploying network packet brokers (NPB) in an IaaS environment provides the
visibility into security issues within a cloud network.
• NPB’s direct traffic and data to the appropriate network performance
management (NPM) and security tools.
• Along with deploying NPB to gather wire data, enterprises should log wires to
view issues occurring at the endpoints in a network.
IaaS Cloud Computing Security Architecture

• IaaS cloud computing service models require

these additional security features:
– Virtual web application firewalls placed in front of a
website to protect against malware.
– Virtual network-based firewalls located at the cloud
network’s edge that guards the perimeter.
– Virtual routers
– Intrusion Detection Systems and Intrusion
Prevention Systems (IDS/IPS)
– Network segmentation
 SaaS Cloud Computing Security
Architecture
• SaaS centrally hosts software and data that are accessible via a
browser.
• The enterprise normally negotiates with the CSP the terms of
security ownership in a legal contract.
• Cloud Access Security Brokers (CASB) play a central role in
discovering security issues within a SaaS cloud service model as
it logs, audits, provides access control, and oftentimes includes
encryption capabilities.
• Other security features for the SaaS cloud environment include:
– Logging
– IP restrictions
– API gateways
 PaaS Cloud Computing Security
Architecture
• CSA defines PaaS as the “deployment of applications
without the cost and complexity of buying and managing the
underlying hardware and software and provisioning hosting
capabilities.”
• The CSP secures a majority of a PaaS cloud service model.
However, the security of applications rests with the
enterprise. The essential components to secure the PaaS
cloud include:
– Logging
– IP restrictions
– API gateways
– CASB
 DATA SECURITY
• There are a number of security threats associated
with cloud data services, not only covering
traditional security threats
• E.g., network eavesdropping, illegal invasion, and
denial of service attacks, but also including specific
cloud computing threats
• E.g., side channel attacks, virtualization
vulnerabilities, and abuse of cloud services.
• To throttle the threats the following security
requirements are to be met in a cloud data service.
 Data Confidentiality
• Data confidentiality is the property that data contents
are not made available or disclosed to illegal users.
• Outsourced data is stored in a cloud and out of the
owners' direct control.
• Only authorized users can access the sensitive data while
others, including CSPs, should not gain any information
of the data.
• Meanwhile, data owners expect to fully utilize cloud
data services, e.g., data search, data computation, and
data sharing, without the leakage of the data contents to
CSPs or other adversaries.
 Data Access Controllability
• Access controllability means that a data owner can
perform the selective restriction of access to his data
outsourced to cloud.
• Legal users can be authorized by the owner to access the
data, while others can not access it without permissions.
• Further, it is desirable to enforce fine-grained access
control to the outsourced data, i.e., different users should
be granted different access privileges with regard to
different data pieces.
• The access authorization must be controlled only by the
owner in untrusted cloud environments
 Data Integrity
• Data integrity demands maintaining and assuring the
accuracy and completeness of data.
• A data owner always expects that his data in a cloud can
be stored correctly and trustworthily.
• It means that the data should not be illegally tampered,
improperly modified, deliberately deleted, or maliciously
fabricated.
• If any undesirable operations corrupt or delete the data,
the owner should be able to detect the corruption or
loss.
• Further, when a portion of the outsourced data is
corrupted or lost, it can still be retrieved by the data
users.
 APPICATION SECURITY
• Identity And User Access Management Software Services and
Solutions & Access Management Service
– In today’s business scenario, organizations are more and more
evolving to increase their accessibility to customers, partners,
vendors, suppliers and employees.
– To keep the pace with the requirement, Enterprises are deploying an
ever-increasing number of applications with incompatible security
models, inconsistent management of identities and different auditing
mechanisms— resulting in inefficiencies, increased risk of identity
theft and unauthorized access, and failure to meet regulatory
compliance.
– HCL’s Identity and Access Management Practice provides increased
focus to secure the organization and protect confidential and
personal data with a comprehensive and focused approach
combined with robust solutions and services.
Identity and Access Management Offerings

• After a detailed analysis of customer’s

requirements and expectations, HCL has aligned
its Identity and Access Management Service
offerings in Horizontal and Vertical layers as
shown below.
• The intention of this model is to bind together the
horizontal and vertical layers (each offering its
own specialized services) seamlessly to drive an
end to end Identity and Access Management
program.
 Business Value and Benefit Statement
• HCL’s Identity and Access Management solutions and
services provide the following business value for an
organization.
• User Experience, Productivity and Empowerment
– Enhance personalization of content and delivery of services
through self-service processes
– Simplifies user sign-on across various applications
• IT & Information Management efficiency
– Streamlines the efforts required to keep the Identity data
consistent and up to date
– Leverages existing infrastructure to reduce unnecessary
replication of information across various sites
 Business Value and Benefit Statement
• Accountability & User Privacy
– Establishes common grounds for business & technology standards, trust & non-
repudiation amongst participating organizations, thereby helping identify
accountability.
– Maintains user privacy regarding the information passed between the participating
agencies.
• Application Development Agility
– Accelerates application development cycles through reusable integration and security
components.
– Improving business competitiveness by helping organizations build new services and
expose existing applications more quickly.
• Achieving ROI
– Reducing time and resources required to administer user IDs passwords & at the
helpdesk for security access issues by providing self service features
– Minimizing the productivity time lag incurred when new employees are brought
onboard and must be provided with specific resources in order to perform their jobs.
– Eliminating or reducing the possibility of a major breach of security due to
insufficient user access controls.
 VIRTUAL MACHINE SECURITY
• A virtual machine (VM) is an operating system (OS) or application
environment that is installed on software, which imitates dedicated
hardware.
• The end user has the same experience on a virtual machine as they would
have on dedicated hardware.
• Each virtual machine contains its own virtual, or software-based, hardware,
including a virtual CPU, memory, hard disk, and network interface card.
• Software called the hypervisor is installed on the physical hardware in a
virtualized data centre, and acts as a platform for virtual machines.
• ESXi is the hypervisor in a vSphere environment.
• The hypervisor provides physical hardware resources dynamically to virtual
machines as needed to support the operation of the virtual machines.
• The hypervisor allows virtual machines to operate with a degree of
independence from the underlying physical hardware.
• For example, a virtual machine can be moved from one physical host to
another, or its virtual disks can be moved from one type of storage to
another, without affecting the functioning of the virtual machine.
 VIRTUAL MACHINE SECURITY
• A process VM, sometimes called an application virtual machine, or
Managed Runtime Environment (MRE), runs as a normal application
inside a host OS and supports a single process.
• It is created when that process is started and destroyed when it exits.
• Its purpose is to provide a platform-independent programming
environment that abstracts away details of the underlying hardware or
operating system, and allows a program to execute in the same way on
any platform.
• A process VM provides a high-level abstraction – that of a high-level
programming language (compared to the low-level ISA abstraction of the
system VM).
• Process VMs are implemented using an interpreter; performance
comparable to compiled programming languages can be achieved by the
use of just-in-time compilation.
 IDENTITY MANAGEMENT AND ACCESS
CONTROL
• The benefits of cloud-based services are manifold.
• They enable organizations not only to offset costs but also to achieve greater
business agility and to reach new markets and customers.
• Cloud services are essential for embracing many of the technology trends being
seen today.
• Today’s businesses must operate in a world without boundaries.
• A wide variety of constituents, including customers, business partners, vendors
and others, need to access enterprise networks to make purchases, find
information and use applications.
• Gartner estimates that, by 2020, 60 percent of all digital identities interacting
with enterprises will come from external identity providers, up from less than 10
percent today.
• Yet ceding control over internal infrastructure and applications has been cited as
a barrier to cloud adoption among 47 percent of firms.
• IDC also found that 45 percent had, in the past 12 months, at least one known
incident of intellectual property being uploaded to cloud computing services
when it should not have been.
 IDENTITY MANAGEMENT AND ACCESS
CONTROL
• But are there still barriers to adoption? For one thing, the jury
still seems to be out regarding security in cloud services models.
• Along with compliance and sensitivity, security was still cited as
one of the three major barriers to adoption of private and hybrid
clouds, according to one recent report by Cisco.
• However, 76 percent of security leaders interviewed for another
recent report are using some form of cloud security services.
• Furthermore, IDC recently found that 57 percent of enterprises
agree that the benefits of using cloud services outweigh the
security risks despite the fact that 40 percent have experienced
cloud-related security incidents or breaches in the past 12
months
 Greater Need for Identity Management
• In terms of security, identity management in cloud
computing is one area that will require increased
attention if those benefits are to be fully realized. In order
to grant safe access to sensitive information and resources
to all those who need it, organizations must carefully
monitor which users are accessing what resources to
ensure that they are accessing the resources that they
need in an appropriate manner. Because of this, Gartner is
predicting that identity and access management in the
cloud will be one of the top three most sought after
services moving forward for cloud-based models.
 IDENTITY MANAGEMENT AND ACCESS
CONTROL
• The need to centrally control access to data and
applications is becoming ever more vital to
organizations owing to escalating security and
privacy concerns.
• Alarms continue to be raised over data breaches,
with the recent breach of 70 million customer
records at U.S. retail chain Target currently keeping
breaches in the headlines and spurring more
organizations to take a keener interest in adding
security controls to prevent unauthorized access to
customer information.
 IDENTITY MANAGEMENT AND ACCESS
CONTROL
• Attackers are using increasingly sophisticated and
complex techniques to target organizations, not
only looking for one-off hits in terms of the initial
data stolen, but also looking to penetrate deep into
the network and to stay under the radar while
waiting for the chance to seize even more valuable
information over time.
• In almost all such advanced attacks, criminals target
specific individuals, often looking to harvest their
access credentials.
 IDENTITY MANAGEMENT AND ACCESS
CONTROL
• Such concerns are also exacerbated by more
prescriptive regulatory mandates and industry
standards and guidelines that require increasingly
stringent corporate oversight.
• Since many such standards and mandates require
that strong security safeguards be placed around
sensitive information, organizations must be able to
prove that they have strong and consistent identity
and access controls in place both for those
resources housed within the walls of the enterprise
and for those accessed remotely via the cloud.
 Considerations for Identity Management
in Cloud Computing
• How do organizations achieve effective
identity management in cloud computing
without losing control over internally
provisioned applications and resources?
Context is king. Who is doing what, what is
their role and what are they trying to access?
This requires the use of threat-aware identity
and access management capabilities in order
to secure their extended enterprise.
 IDENTITY MANAGEMENT AND ACCESS
CONTROL
• Tying user identities to back-end directories is a must,
even for external identities.
• For this, systems should be used to provide cloud-
based bridges to directories.
• Special attention should be paid to privileged users,
which cost US businesses $348 billion per year in
corporate losses, according to SC Magazine.
• Single sign-on capabilities are also a must since having
too many passwords tends to lead to insecure
password management practices
 IDENTITY MANAGEMENT AND ACCESS
CONTROL
• Recent research reported by Dark Reading shows
that 61 percent of people use the same password for
multiple accounts and applications.
• Deprovisioning of access when it is no longer
required is another absolute necessity since orphan
accounts caused by poor deprovisioning leaves
organizations open to fraud and other security
incidents.
• According to recent research by GroupID, 19 percent
of employees change job responsibilities each year,
and on average, 5 percent of users in Active Directory
are no longer employed by the organization.
 IDENTITY MANAGEMENT AND ACCESS
CONTROL
• But how do you prove that everything is working
correctly?
• For compliance and corporate oversight purposes, all
activities related to application access and authorization
should be monitored, with comprehensive audit and
reporting capabilities provided at a granular level so that
all activities can be attributed to specific individuals.
• The security measures provided are another important
consideration to reduce risks associated with fraud, theft
or loss of customer data or sensitive, valuable information
such as intellectual property.
 Benefiting from the Extended Enterprise
• Organizations that effectively manage and control their cloud
services by providing efficient identity management services
will be able to improve their service levels and overall
reputation.
• Implementing effective identity management is more urgent
than ever as organizations open up their networks so that they
can more securely extend their services to an ever wider range
of external constituents and be able to take advantage of new
technological developments such as social media and mobile
technologies to better engage their customers.
• As consumer-oriented technologies continue to rise in
importance, organizations must embrace more consumer-
conscious approaches for granting and controlling access to
their resources, especially to those based in the cloud.
 Planning for HA in IaaS
• IaaS involves Virtual Machines – so in effect, an HA
strategy here takes on many of the same
characteristics as it would on-premises.
• The primary difference is that the vendor controls the
hardware, so you need to verify what they do for
things like local redundancy and so on from the
hardware perspective.
• As far as what you can control and plan for, the
primary factors fall into three areas:
– multiple instances
– geographical dispersion and
– task-switching.
 Planning for HA in IaaS
• In almost every cloud vendor, application will be
protected by any level of HA, will have at least two of
the Instances (VM’s) running.
• This makes sense, but you might assume that the
vendor just takes care of that – they don’t.
• If a single VM goes down (for whatever reason) then
the access to it is lost.
• Depending on multiple factors, it might be able to
recover the data, but assume that it can’t.
• keep a sync to another location (perhaps the vendor’s
storage system in another geographic datacenter or to a
local location) to ensure a continues to serve to clients.
 Planning for HA in IaaS
• need to host the same VM’s in another geographical location.
• Everything from a vendor outage to a network path problem could prevent
users from reaching the system, so need to have multiple locations to handle
this.
• This means that all have to figure out how to manage state between the geo’s.
• If the system goes down in the middle of a transaction, need to figure out
what part of the process the system was in, and then re-create or transfer that
state to the second set of systems.
• If didn’t write the software, this is non-trivial.
• need a manual or automatic process to detect the failure and re-route the
traffic to secondary location. It could flip a DNS entry or invoke another
process to alias the first system to the second, such as load-balancing and so
on.
• There are many options, but all of them involve coding the state into the
application layer.
• If simply moved a state-ful application to VM’s, it may not be able to easily
implement an HA solution.
 Planning for HA in PaaS
• Implementing HA in PaaS is a bit simpler, since it’s built on the
concept of stateless applications deployment.
• Once again, it need at least two copies of each element in the
solution (web roles, worker roles, etc.) to remain available in a
single datacenter.
• Also, it need to deploy the application again in a separate geo, but
the advantage here is that it could work out a “shared storage”
model such that state is auto-balanced across the world.
• In fact, it don’t have to maintain a “DR” site, the alternate
location can be live and serving clients, and only take on extra
load if the other site is not available.
• In Windows Azure, you can use the Traffic Manager service top
route the requests as a type of auto balancer.
 Planning for HA in SaaS
• In Software-as-a-Service (such as Office 365, or Hadoop in Windows
Azure) have far less control over the HA solution, although it still
maintain the responsibility to ensure have it.
• Since each SaaS is different, check with the vendor on the solution for
HA – and make sure it understand what they do and what are
responsible for.
• They may have no HA for that solution, or pin it to a particular geo, or
perhaps they have a massive HA built in with automatic load balancing
(which is often the case).
• All of these options (with the exception of SaaS) involve higher costs for
the design.
• Do not sacrifice reliability for cost – that will always cost more in the
end.
• Build in the redundancy and HA at the very outset of the project – if try
to tack it on later in the process the business will push back and
potentially not implement HA.
 KEY PRIVACY ISSUES IN THE CLOUD
• The benefits of cloud adoption are numerous, including improved efficiency,
reduced costs and greater accessibility and flexibility.
• Cloud computing is one of the fasted growing segments of the IT industry.
However, as more information on individuals and companies is placed in the
cloud, companies must address cloud computing security issues.
• As with other major business decisions, an enterprise must evaluate the benefits
and be prepared to address any risks and challenges cloud adoption brings.
• Moving applications to the cloud and accessing the benefits means first
evaluating specific data security issues and cloud security issues.
• When enterprises move applications from on-premise to cloud-based, challenges
arise from data residency, industry compliance requirements, privacy and third
party obligations concerning the treatment of sensitive data.
• Corporate policies or the regulations of the governing jurisdictions impact the
way sensitive data is managed including where it is located, what types of data
can be collected and stored and who has access to it.
• These issues can determine the degree to which organizations can realize the
value of cloud computing.
 KEY PRIVACY ISSUES IN THE CLOUD
• Cloud security issues fall primarily into three areas:
• Data Residency
– Many companies face legislation by their country of origin or the local country that
the business entity is operating in, requiring certain types of data to be kept within
defined geographic borders.
– There are specific regulations that must be followed, centered around data access,
management and control.
• Data Privacy
– Business data often needs to be guarded and protected more stringently than non-
sensitive data.
– The enterprise is responsible for any breaches to data and must be able ensure strict
cloud security in order to protect sensitive information.
• Industry & Regulation Compliance
– Organizations often have access to and are responsible for data that is highly
regulated and restricted.
– Many industry-specific regulations such as GLBA, CJIS, ITAR and PCI DSS, require an
enterprise to follow defined standards to safeguard private and business data and to
comply with applicable laws.
 Cloud Data Protection Platform
• Solutions for Cloud Security Concerns
– Cloud computing security issues include preserving confidentiality and privacy of
data.
– The primary solutions for these problems include encryption or tokenization of
data stored in the cloud.
– New solutions have emerged for improving cloud security and protecting
sensitive data and important applications.
– One solution is the cloud encryption gateway, which helps enterprises address
cloud security issues.
– The gateway can serve as a proxy “entry” to a cloud application, replacing
sensitive data with encrypted or tokenized values for transmission and storage in
the cloud.
– Since the sensitive information remains under corporate control at all times,
organizations can confidently make the move to the cloud without the associated
privacy, security and regulatory concerns of placing sensitive data with external
cloud service providers.
 AUTONOMIC SECURITY
• Delivering network resources (typically from a
data center) to a user as a service.
• Users log into the service (website) to gain
access
– Trust Feedback Sharing Layer - Different parties
giving trust feedback to each other
– Trust Assessment Layer - Determining the level of
trust for each party, potentially using multiple
metrics
– Trust Results Distribution Layer - Different parties
requesting the trust level for other parties
 Trust Results Distribution Layer
• Response time - How long it takes trust system to respond to request
• Redundancy - How much redundancy is used to handle load
• Accuracy - The degree of correctness of trust results
• Security - Protection of trust results have from being tampered
• Bootstrapping and Prediction of Trust - Skopik et al. 2009
• Negotiation Scheme for Access Rights Establishment - Koshutanski and Massacci 2007
• Trust Management Framework for Service Oriented Environments (TMS)
– Conner et al. 2009
– Reputation Assessment for Trust Establishment among Web Services (RATEWeb)
Malik and Bouguettaya 2009
• Identification - Of both users and providers
– Evaluate Credibility
– Protect integrity of trust management data
• Privacy - Preventing the accidental leakage of user personal data
• Personalization - Have control over all aspects of trust feedback system
• Integration- Ability to use multiple trust systems together
• Security - Protection against attacks and malicious users
• Scalability