Migrating into the Clouds : Is Cloud Computing Secure?

Migrating into the Clouds : Is Cloud Computing Secure?

Hello, World

What if i tells you there is no Cloud, it’s just someone else’s Computer.

techie-scoops-meme-1

Nothing will be more shocking than this at the same instance you hear it.But this cannot have happened, yes it could take place but can be tackled How?  Here it all Starts with the term ‘Secure’ i.e Cloud Security and the main question arises is that,

Is Cloud Computing Secure?

Because, if we think ‘Migrating into the Clouds’ very importantly it should be secure if not then its value is exactly same as the demonetized currency in India i.e of no use. Nobody will go for it ever.

pic2

So first, let’s understand some terms related to security

What do you mean by Vulnerability & Threat?

 Vulnerability:

It is a weakness that can be exploited by the attacker for his own personal gain. A weakness can be present in the software, environments, systems, network, etc.

pic3

Threat:

It is an actor who wants to attack assets in the cloud at a particular time with a particular goal in mind, usually to inflict his own financial gain and consequentially financial loss of a customer.

pic4

While migrating your services to the cloud, we have to consider the following cloud vulnerabilities.

Cloud Computing Vulnerabilities-

Session Riding:

Session riding happens when an attacker steals a user’s cookie to use the application in the name of the user.

pic5

Virtual Machine Escape: 

An attacker can exploit a hypervisor remotely by using vulnerability present in the hypervisor itself – such vulnerabilities are quite rare, but they do exist.

pic6

Reliability and Availability of Service

The CSPs have uninterrupted power supplies, but even those can sometimes fail, so we can’t rely on cloud services to be up and running 100% of the time.

pic7

Insecure Cryptography:

If the random number generators are providing only a small entropy pool, the numbers can be brute forced.

pic8

Data Protection and Portability:

The old CSP has to delete all the data we stored in its data center to not leave the data lying around.

Alternatively, the CSP that goes out of the business needs to provide the data to the customers, so they can move to an alternate CSP after which the data needs to be deleted.

pic9

CSP Lock-in:

We don’t want to choose a CSP that will force us to use his own services because sometimes we would like to use one CSP for one thing and the other CSP for something else.

pic10Internet Dependency:

By using the cloud services, we’re dependent on the Internet connection, so if the Internet temporarily fails due to a lightning strike or ISP maintenance, the clients won’t be able to connect to the cloud services.

pic11

But these Vulnerabilities will not stop organizations from migrating their services to the cloud.

There are techniques available to mitigate these Cloud Computing Vulnerabilities.

 Mitigation Techniques-

  • Monitoring Tools for monitoring cookies, sessions, cache (ex.- Stream Armour)

 

pic12

  • Intel TXT & TPM for avoiding VMEscape attacks
  • Redundant power supplies.
  • Strong Encryption Techniques (RSA, DES, AES)
  • Proper SLA
  • Review and study of Cloud services regarding portability
  • High Speed and Redundant Internet connections.

 

 

pic13

What is the Challenge, in one word we can say ‘TRUST’. Cannot trust this active online World of internet. So be secure and keep your data more secure.

Concluding the article here, hope you all like it. Next will be on the ‘Big Data’ again. This was the ‘2nd Guest Blog’

Written by Prof. Abhijit Powar 
HOD (B.Tech & BCA Specialization)
@ Ajeenkya DY Patil University
iNurture Education Solution Pvt Ltd.

Edited By - Saurabh Sharma

 


Leave a Reply