10-08-2012, 02:07 PM
cloud security problem statement
Cloud Computing Security – Reputation Fate Sharing
In cloud computing the multi-tenancy model has at least created two new security issues. First, shared resources (hard disk, data, VM) on the same physical machine invites unexpected side channels between a malicious resource and a regular resource. Second, the issue of "reputation fate-sharing" will severely damage the reputation of many good Cloud "citizens" who happen to, unfortunately, share the computing resources with their fellow tenant - a notorious user with a criminal mind. Since they may share the same network address, any bad conduct will be attributed to all the users without differentiating real subverters from normal users.
2. Insecure Application Programming Interfaces Analysis
Customers use a set of software Interfaces or APIs to interact with cloud services. The provisioning, management, orchestration and monitoring of the cloud service are generally done using these interfaces .If the weak set of interfaces and APIs are used, this may expose organizations to various security threats, such as unidentified access, reusable tokens or password, clear-text authentication or transmission of content, inflexible access controls or improper authorizations, limited monitoring, and logging capabilities.
Cloud Computing – Isolation Failure
The services are delivered in cloud computing by sharing infrastructure .The components that are used to build Disk partitions, CPU cache, graphics processing units etc are not designed to offer strong isolation properties or compartmentalization. The hypervisors (Virtual Machine Manager), that are basic building blocks for cloud computing, have exhibited flaws that enable guest operating system to gain unauthorized control .Due to this isolation failure, the attackers focus on to impact the operations of other cloud customers to gain unauthorized access to data.
Cloud Computing Account or Service Hijacking
The Data loss or leakage threat occurs due to phishing, fraud and software vulnerabilities. In cloud computing account or service hijacking threat will occur when attackers can steal credentials and gain access to critical areas of deployed cloud computing services, resulting in compromise of the confidentiality, integrity and availability of these services.
Intrusion Detection System Analysis at VM Level
The cloud computing is based on VM technology. For implementation of cloud, a hypervisor such as VMWare vSphere, Microsoft Virtual PC, Xen etc. are used. This threat arises because of the vulnerabilities appearing in these hypervisors due to some facts being overlooked by developers during the coding of these hypervisors.