Distributed and cloud computing CSC 557 Akhila Reddy
Security Issues and Challenges in Cloud Computing
Abstract
Cloud computing is an Internet-based computing, where all the shared resources, software and information, are provided on demand to computers and devices through internet. It allows the users to access large number of applications without the need for purchasing, installing and downloading the applications. Through cloud computing people can share the distributed resources and services that belong to different organizations. The users can access the information from anywhere and anytime all they need is to connect to the internet. It refers to the applications delivered as services over the Internet as well as the hardware and systems software in the datacenters that provide all of those services. Since cloud computing uses distributed resources in open environment, thus it is important to provide the security and trust to share the data for developing cloud computing applications. This paper mainly describes the security issues and their possible solutions.
Five main features of cloud computing:
• On-demand self-service: A consumer can acquire all the computing resources such as CPU time, storage or software use, automatically as needed without any human interactions with providers of these resources.
• Broad network access: All the computing resources such as software and information are available over the network and accessed by various heterogeneous platforms such as laptops, tablets and mobile phones etc.,
• Resource pooling: The provider’s computing resources are pooled to serve multiple consumers using a multi-tenant model, with different physical and virtual resources dynamically assigned and reassigned according to the demand . So the user do not have control or knowledge about the location of these resources.
• Rapid elasticity: All the computing resources are elastic for the consumer ie., they are scaled up to use whenever they are needed and scaled down to release whenever finished. To the consumer, resources provisioning appears to be infinite and can be appropriated in any quantity at any time.
• Measured Service: cloud system can use appropriate mechanisms to measure the usage of these resources for each individual consumer through its metering capabilities, such as monitoring, controlling, and reporting, which is transparent for both the provider.
Pricing :Cloud computing is completely based on usage and it does not have any upfront cost. The user is usually billed based on the amount of resources they use. This will help the user to track their usage and ultimately help them to reduce cost.
Cloud Architecture
Individual users connect to the cloud from their own personal computers or portable devices, over the Internet. To these individual users, the cloud is seen as a single application, device, or document. The hardware in the cloud (and the operating system that manages the hardware connections) is invisible
Cloud computing can be divided according to deployment models and according to servicedelivery models.
Cloud Deployments Models
In the cloud deployment model, networking, platform, storage, and software infrastructure areprovided as services that scale up or down depending on the demand . TheCloud Computing model has four main deployment models which are:
Private cloud
It is set up within an organization’s internalenterprise datacenter and is manages or operated by the organization or a third party regardless whether it exists on or off premise. In the private cloud, all the resources and virtual applications providedby the cloud vendor are pooled together and available for cloud users to share and use. A private cloud is designed to offer the same features and benefits of public cloud systems, but removes a number of objections to the cloud computing model including control over enterprise and customer data, worries about security, and issues. Utilizing the resources on the private cloud can be muchmore secure than that of the public cloud because of its specified internal exposure. Only theorganization and designated stakeholders may have access to operate on a specific Privatecloud.
Public cloud
In public cloud the enterprise and storage service provider are separate and the data is stored outside of the enterprise's data center. It is owned ,operated and managed by the public cloud service provider. It is typically based on a pay-per-use model, similar to aprepaid electricity metering system which is flexible enough to cater for spikes in demand forcloud optimization. Public clouds are less secure than the other cloud models because of its open structure and also itplaces an additional burden of ensuring all applications and data accessed on the public cloudare not subjected to malicious attacks.
Community cloud:
It is constructed and shared by several organizations based on similar requirements and interests, which may reduce utilization cost on every side.
Hybrid cloud
It is a combination of public cloud storage and private cloud storage where some critical data resides in the enterprise's private cloud while other data is stored and accessible from a public cloud storage provider. It provides more securecontrol of the data and applications and also allows various parties to access information and resources over the Internet. It also has an open architecture that allows interfaces with other management systems. Hybrid cloud storage combines the advantages of scalability, reliability, rapid deployment and potential cost savings of public cloud storage with the security and full control of private cloud storage.
Cloud computing service delivery models
There are three key cloud service models: Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS). These services can be used independently, but they can also work together.
• Software as a Service (SaaS):In SaaS, cloud providers install and operate application software in the cloud and cloud users access the software from cloud clients. Cloud users do not manage the cloud infrastructure and platform where the application runs. This eliminates the need to install and run the application on cloud.Users usually rent the software instead of buying it, which brings more choices and economical expense.
• Platform as a Service (PaaS): In PaaS, the users can create their own cloud services and applications directly on a development environment or platform without the cost and complexity of buying and managing the underlying hardware and software layers with tools offered by the platform provider. They then can run and deploy these applications with full control.
• Infrastructure as a Service (IaaS): In IaaS, IT infrastructures, such as processing, storage, networks, and other fundamental computing resources, are delivered as a service to the consumer. The consumer can deploy and run arbitrary applications and operating systems. This model makes users pay only for what they use.IaaS-cloud providers supply these resources on-demand from their large pools installed in data centers.
These features and models make cloud computing an open public system due to which the data and applications are confronted to many security risks. Also users can access all the uniformly distributed resources on the internet on demand through cloud computing, which generates great interest in IT company. In cloud computing data is processed and stored in cloud instead of local computers, which introduces more security issues.
CLOUD COMPUTING SECURITY ISSUES
A. Data Security
In cloud computing , especially in public cloud, users data is stored and processed in cloud. Users cannot control cloud infrastructure managing their data, which causes threats to the users data. Shown below are some of the security issues about the users data:
1) Data breach:It mainly violates two security properties of data : Integrity and confidentiality. Integrity means protecting data from unauthorized deletion, modification . Confidentiality refers to only authorized parties or systems having the ability to access the protected data. In a SaaS model the user’s data is mainly stored and processed at the SaaS vendor end, so the data is at the riskof breach. The breach behavior may come either from the inside employee or from outside malicious hacker. Someof the common solutions to keep data integrity and confidentiality, are employing strong encryption mechanisms like AES and DES under themanagement of common PKI infrastructure. However, it introduces a heavy computation overhead on the data owner for data management and key distribution when desiring fine-grained data access control. This issue can be addressed by combining techniques of attribute-based encryption, proxy re-encryption, and lazy re-encryption.
2) Data lock-in:It means the user cannot well migrate from a SaaS or IaaS vendor to another vendor. It may lose users data, which prevents the users from adopting cloud computing. Coghead is one example of a cloud platform whose shutdown left customers scrambling to rewrite their applications to run on a different platform. The solution is to standardize cloud Application Programming Interface(API), for instance GoGrid API.
3)Data Remanence:It is the residual representation of data that have been nominally erased or removed in some way. In public cloud it can cause severe security security issues because of the open environment ,especially in an IaaS model but it may cause minimum security issues in private cloud. Storage network Industry Association (SNIA) proposes a set of mechanism for data remanence problem. One of thesolution is to encrypt the data and shred the key,making device management become an pivotal function.
4)Data recovery:Sometimes server may breakdown and cause damage or loss to users data. To avoidthis, data should be backed up to be recovered in future.Cloud users can keep a backup of important data on a localcomputer. For this purpose, the SaaS vendor may provide backup service forusers. For instance, Amazon’s S3 (Simple Storage Service) allows a user to specify the files that should be backedup as well as the appropriate level of data mirroring.
5)Data locality: In a SaaS model of a cloud environmentthe user does nothave any knowledge about the location of the data,which may be an issue. To avoid the leakage of the sensitive information, data privacy laws in many countriessuch as some European countries forbid some types of data toleave the country, which makes locality of data be anextremely important consideration in many enterprise architecture. The issuecan be solved by creating secure SaaS model which canprovide reliability to the customer on the location of the data of the user.
B. Application Related Security Issues
Application security refers to using system resources such as the software and hardware to ensure security of applications, which guards against intrusion from the malicious attackers.
1)Cloud browser security: In a SaaS model, the client's computation tasks are outsourced to the remote servers. The client system can only be used for IO, receiving and sending commands to the cloud. The web browser is an universal client application which satisfies this demand. In this context, the browser security is especially important in cloud computing. There exists many security issues when considering Transport Layer Security (TLS) protocolwhich is used for host authentication and data encryption. The reason is that current web browsers canonly use TLS Encryption and TLS Signature which are not secure enough to keep out malicious attacks. One solution is to use TLS, and at the same time XML based cryptography in the browser core.
2)Cloud malware injection attack:In this type of attack a malicious virtual machine or service implementation is injected into the cloud system, the purpose of which varies extensively, ranging from blockings or wiretapping by subtle data modification to entire functionality changes.
The attacker creates a malicious VM instance or service implementation module such as SaaS or IaaS and try to add it to the cloud system. Then he tries to trick the cloud system, making it to believe the new instance is a valid instance. If succeeding, valid user requests will be redirected automatically to the new instance and the malicious code in it will be executed. One solution to prevent this is to perform a integrity check to the service instance before using it for incoming requests in the cloud system.
3) Cookie poisoning: It is to make an unauthorized access into an application or to a webpage by modifying the contents of cookie. In a SaaS model, Cookies maintain information that allows the applications to authenticate the user identity and once these cookies are accessible, they could be forged to impersonate an authorized user. The solution is to clean up the cookie or encrypt the cookie data.
4)Backdoor and debug option: Developers often write code with a backdoor intentionally or unintentionally. They also may leave some debug options for examining or revising the website again . In a SaaS or PaaS model of a cloud environment, although these backdoors or debug options facilitate the work of developers but also provide some entry points through which a hacker can easily enter the website and access the sensitive information. These issues can be solved at the development level.
C)Cloud Service Provider CSP level attacks
The increased demand on shared resource of the cloud and the shared nature of the cloudcomputing could be an attractive target to attackers. End users should take into consideration the
vulnerabilities of cloud computing before migrating to it. Some of the examples of shared resources arecomputing capacity, storage, and network. This shared nature exposes the cloud to many security breaches that are listed below:
1) Guest-hopping attack
An attacker will try get accessto one virtual machine by penetrating another virtual machine hosted in the same hardware. Oneof the possible solution of guest hopping attack is the Forensics and VM debugging tools toobserve any attempt to compromise VM.Another possible solution is using High Assurance Platform (HAP) which provides a high
degree of isolation between virtual machines.
2) SQL injection:
It is often used to attack websites. It can be done by injecting SQL commands into a databaseof an application from the web to dump or crash that database. To mitigate SQL injection attack;
it is necessary to remove all stored procedures that are rarely used. Also, assign the least possible
privileges to users who have permissions to access the database.
3) Side channel attack:
It occurs when the an attacker places a malicious virtual machine on the same physical machine as thevictim machine; in that way the attacker can access all the confidential information on the victimmachine.
It is preferable to ensure that none of the legitimate user VMsresides on the same hardware of other users in order to prevent this. This completely eliminates the risk of side-channelattacks in a virtualized cloud environment.
4)Malicious Insider
One of the cloud computing challenges located at the data centers of the service providers is whenits employee is granted access to sensitive data of some or all customers administrators. Suchsystem privileges can expose these information to security threats. Strict privileges planning,security auditing can minimize this security threat.
5)Data storage security
In cloud computing, user’s data is stored in the Cloud Service Provider (CSP) set of servers,
which are running in a simultaneous and distributed manner. Ensuring data integrity and
confidently is an important task. There are some means to ensure integrity and
confidently of the data stored in the cloud.
1. CSP employees must be provided with the limited access to the data.
2. Strong authentication mechanisms must be provided which allows only legitimate employees to gain accessand control CSP servers.
3. The CSP should use well defined Data backup and redundant data storage to make data
recovery possible.
6)Address Resolution Protocol (ARP) Cache Poisoning
Address Resolution Protocol (ARP) is used in the TCP/IP stack to resolve an IP address (logical)
at the sender side into MAC address (physical) address at the receiver side. The ARP cache storesa table that maps all the IP address of the networked devices and their corresponding MAC
addresses. An attacker can exploit some weakness in the ARP protocol to map an IP address ofthe network to one malicious MAC, and then update the ARP cache with this malicious MACaddress. To mitigate this attack it is possible to use static ARP entries, this technique can work forsmall networks like private clouds; but on large scale clouds it is better to use other techniquessuch as port security features that locks a specific port on the switch ( or network device) to a specific IP address .
D)Network Level Security attacks