A7660 - Cloud Security

(Professional Elective – IV)

Course Overview
➢ The course will describe the Cloud security architecture

➢ Explore the guiding security design principles, design patterns, industry standards, applied
technologies and addressing regulatory compliance requirements critical to design

➢ Implement, deliver and manage secure cloud based services.

➢ Secure cloud architectural aspects with regards to identifying and mitigating risks, protection
and isolation of physical & logical infrastructures including compute, network and storage,
comprehensive data protection at all OSI layers.

➢ End-to-end identity management & access control, monitoring and auditing processes and
meeting compliance with industry and regulatory mandates.
 Course Syllabus
Course Outcome(CO-1)
Identify the various cloud platforms and risk issues in cloud computing
Module-I-Cloud Security Introduction
➢Users perspective
➢Understanding security and privacy in Cloud Computing
➢Risk issues and Security challenges
➢Security requirements for the architecture,
➢Securing private and public clouds,
➢Security patterns
➢Cloud security architecture, and Infrastructure security
 Course Outcome(CO-2)
Select the cloud security architecture in different cloud environments

Module-II-Cloud Security Architecture

➢Architectural Considerations- General Issues

➢Trusted Cloud computing,

➢Secure Execution Environments and Communications,

➢Micro architectures; Identity management, Access control, Autonomic Security.

➢Virtualization security management, virtual threats, VM Security Recommendations,

VM-Specific Security techniques
 Course Outcome(CO-3)
Make use of cloud security management techniques for assessment.

Module-III-Cloud Security Management

➢Security management in the cloud: SaaS, PaaS, IaaS, and availability management,

➢Security as a service

➢Trust Management for Security: Vulnerability assessment tool for cloud Privacy and
Security in cloud

➢Identity Access Management in Cloud

 Course Outcome(CO-4)
Utilize the security protocols and standards in different levels

Module-IV-Security Protocols and Standards

➢Host security, Compromise response

➢Security standards,

➢Message Level Security (MLS),

➢Transport Level Security, OAuth, OpenID, eXtensible

➢Access Control Markup Language (XACML)

➢Security Assertion Markup Language (SAML).

 Course Outcome(CO-4)

Identify the insights of data using cloud security analytics

Module-V-Security Analytics
➢Techniques in Analytics

➢Challenges in Intrusion Detection System and Incident Identification

DDoS attacks Analytics

➢Analysis of Log file - Simulation and Security Process

 Books and Materials
Text Books:
1. Ronald L. Krutz , Russell Dean Vines., Cloud Security: A Comprehensive
Guide to Secure Cloud computing, Wiley, 2010.
Reference Books:
1. Vic (J.R) Winkler., Securing the Cloud: Cloud Computer Security Techniques
and Tactics, , Elsevier 2011.
2. Ben Halpert., Auditing Cloud Computing: A Security and Privacy Guide, John
Wiley Sons, 2011.
3. Ianlim, E.Coleen Coolidge, Paul Hourani., Securing Cloud and Mobility: A
Practitioners Guide, Auerbach Publications, 2013.
Topic : Cloud Security Introduction & User Perspective
Module no:1
Course Code : A7660
Course Name: Cloud Security
Semester : VII
Regulation:R20
Presented by
Dr.R.Karthikeyan
Professor
Dept. of CSE(AI&ML)
Vardhaman College of Engineering
Overview of Cloud Security
 Cloud Security Introduction
➢Users perspective
➢Understanding security and privacy in Cloud Computing
Developing software design for cloud infrastructure is a important way to provide the
security.

Developing secure software is based on applying the secure software design

principles that form the fundamental basis for software assurance.

The Data and Analysis Center for Software (DACS) Suggest three important
properties are required to ensure the security,

➢Dependability

➢Trustworthiness

➢Survivability (Resilience)
Dependability

Software that executes predictably and operates correctly under a variety of

conditions, including when under attack or running on a malicious host

Trustworthiness

Software that contains a minimum number of vulnerabilities or no vulnerabilities or

weaknesses that could interrupt the software’s dependability.

It must also be resistant to malicious logic

Survivability (Resilience)

Software that is resistant to or tolerant of attacks and has the ability to recover as
quickly as possible with as little harm as possible
Apart from the above three factors, the following seven principles that
support security assurance.

Those seven factors are classified into two major category, they are

1.Information Security factor

2.Cloud service security factor

 1.Information Security factor

➢Confidentiality
➢Integrity
➢Availability
 Confidentiality, Integrity, and Availability (CIA)
Confidentiality, integrity, and availability are sometimes known as the CIA triangle of
information system security, and are important pillars of cloud software assurance.
1. Confidentiality
Confidentiality refers to the prevention of intentional or unintentional unauthorized
disclosure of information.
Confidentiality in cloud systems is related to the areas of

➢Intellectual property rights,

➢Covert channels
➢ Traffic analysis
➢Encryption
➢Inference:
1.1 Intellectual property rights
➢Intellectual property (IP) includes inventions, designs, and creative, musical, and
literary works.

➢Rights to intellectual property are covered by copyright laws, which protect

creations of the mind, and patents, which are granted for new inventions.
1.2 Covert channels
➢A covert channel is an unauthorized and unintended communication path that
enables the exchange of information.

➢ Covert channels can be accomplished through timing of messages or inappropriate

use of storage mechanisms.
1.3 Traffic analysis
➢Traffic analysis is a form of confidentiality breach that can be accomplished by
analyzing the volume, rate, source, and destination of message traffic, even if it is
encrypted.
➢Increased message activity and high bursts of traffic can indicate a major event is
occurring.
➢Countermeasures to traffic analysis include maintaining a near-constant rate of
message traffic and hiding the source and destination locations of the traffic.
1.4 Encryption
➢Encryption involves scrambling messages so that they cannot be read by an
unauthorized entity, even if they are intercepted.
➢The amount of effort (work factor) required to decrypt the message is a function of the
strength of the encryption key and the robustness and quality of the encryption
algorithm.
1.5 Inference
Inference is usually associated with database security.

Inference is the ability of an entity to use and correlate information protected

at one level of security to uncover information that is protected at a higher
security level.
 2.Integrity

Integrity requires that the following three principles are met:

➢Modifications are not made to data by unauthorized personnel or processes.

➢Unauthorized modifications are not made to data by authorized personnel or

processes.

➢The data is internally and externally consistent in other words, the

internal information is consistent both among all sub-entities and with the real-world,
external situation
 3.Availability
➢Availability ensures the reliable and timely access to cloud data or
cloud computing resources by the appropriate personnel.

➢Availability guarantees that the systems are functioning properly when

needed.

➢A denial-of-service attack is an example of a threat against availability.

 2.Cloud Security Service Factor
Additional factors that directly affect cloud software assurance include

➢Authentication

➢Authorization

➢Auditing

➢Accountability
 1.Authentication
➢Authentication is the testing or understanding of evidence of a

user’s identity.

➢ It establishes the user’s identity and ensures that users are who they

claim to be.

➢For example, a user presents an identity (user ID) to a computer login

screen and then has to provide a password.

 2.Authorization
➢Authorization refers to rights and privileges granted to an individual
or process that enable access to computer resources and
information assets.

➢Once a user’s identity and authentication are established, authorization

levels determine the extent of system rights a user can hold.
 3.Auditing
To maintain operational assurance, organizations use two basic methods:
➢System audits
➢Monitoring.

These methods can be employed by the cloud customer, the cloud

provider, or both, depending on asset architecture and deployment.
➢ A system audit is a one-time or periodic event to evaluate security.

➢Monitoring refers to an ongoing activity that examines either the

system or the users, such as intrusion detection.
Information technology (IT) auditors are often divided into two types:
➢Internal
➢External
Internal auditors typically work for a given organization, whereas
external auditors do not.
IT auditors typically audit the following functions:
➢System and transaction controls
➢Systems development standards
➢Backup controls
➢Data library procedures
➢Data center security
➢ Contingency plans
Audit logs should record the following:
➢ The transaction’s date and time
➢ Who processed the transaction
➢At which terminal the transaction was processed
➢Various security events relating to the transaction

In addition, an auditor should examine the audit logs for the following:
➢Amendments to production jobs
➢Production job reruns
➢Computer operator practices
➢All commands directly initiated by the user
➢All identification and authentication attempts
➢Files and resources accessed
 4.Accountability
➢Accountability is the ability to determine the actions and behaviors
of a single individual within a cloud system and to identify that
particular individual.

➢Audit trails and logs support accountability and can be used to

conduct examination studies in order to analyze historical events and the
individuals or processes associated with those events.
Cloud security Risk and Challenges or threats
Some of the biggest threats to cloud-based operations are Illustrated
here,
➢External data breaches.
➢A data breach is an incident where information is stolen or taken from a system without
the knowledge or authorization of the system’s owner. A small company or large
organization may suffer a data breach.
➢These attacks may be due to the provider’s failure to properly secure its network or
the customer’s failure to properly patch its operating systems and applications,
which open the organization up to external attacks, such as DDoS and other malware.

➢Misconfiguration.
➢Cloud security is naturally complex, and the risk of configuring something
incorrectly is high, particularly when an organization engages with a new service
provider or expands their cloud user base.
➢Poor authentication controls.
➢ Controlling access to cloud resources is more complex than on an internal
network, creating more opportunities for misconfigurations.

➢Account hijacking via phishing.

➢The risk of data theft from a phishing attack targeted at stealing usernames and
passwords intensifies in cloud applications.

➢API insecurities.
➢ Insecure APIs used to access cloud resources are increasingly common avenues
for cyber attackers attempting to gain access.
External Sharing of Data
➢External data sharing is one of the leading cloud security challenges
businesses face.

➢This issue arises when data is shared with third-party providers who
have to be examined and approved by the organization.

➢As a result, external data sharing can lead to the loss of critical business
information and theft and fraud.

➢To prevent these risks, companies must implement robust security measures,
➢Encryption
➢Data management practices.
Unsecure Third-party Resources
➢Third-party resources are applications, websites, and services outside the
cloud provider’s control.

➢These resources may have security vulnerabilities, and unauthorized

access to your data is possible.

➢Additionally, unsecured third-party resources may allow hackers to access

your cloud data.

➢These vulnerabilities can put your security at risk.

➢Therefore, it is essential to ensure that only trusted, and secure resources

are used for cloud computing.
Requirements of Cloud Security Architecture

Some of the elements to keep in mind when designing cloud infrastructure or

as you navigate the cloud as a whole are:

➢Security at Each Layer

➢Centralized Management of Components

➢Design for Redundancy in Case of Failures

➢Design for Elasticity & Scalability

➢Choose the Right Storage for Your Deployments

➢Plan for Alerts & Notifications

➢Centralization, Standardization & Automation

Security at Each Layer:
➢Ensure that each layer of the cloud’s security stack is “self-defending.”

➢There may be multiple components in each layer, so having defense-in-depth is

critical.

➢This goes into having things like automatic updates on operating systems, secure
coding and monitoring logs.

Centralized Management of Components:

➢This is taking the concept of multiple components in each layer and managing each
— especially security — from one place, making sure to incorporate efficiency
opportunities.
Design for Redundancy in Case of Failures:
➢Even though most of us hate the concept of failure, we have to design our cloud
infrastructure for the possibility that it will happen.
➢This means building out disaster recovery plans and having backups on hand to
re-establish operations.
➢Another aspect of this is making sure you have resiliency built into all
components, or at least the ones that continuously need to be online.
Design for Elasticity & Scalability:
➢When it comes to elasticity, we have to keep in mind specific design options.
➢When scaling, should it be a horizontal or vertical scale? In other words, can you
make the server bigger or add more servers/services? You need to keep in mind
what images you will use to deploy new systems or services.
➢What are the thresholds that dictate the scaling up or down? What is the location
or region that the new components will operate in? All of these need to be
answered before you build out your architecture.
Choose the Right Storage for Your Deployments:
➢When choosing storage, it comes down to your organization’s use cases and needs.
➢Take time to look at the options available as they are not created equal. Each has
its security controls and different performance specifications.
➢This is a time to revisit data security strategies and make sure you are following
the company’s guidelines.
Plan for Alerts & Notifications :
➢This is one of the most critical aspects of security architecture design. While
designing how the components will talk to each other and how users interact with
those components.
➢you need to ensure that you are being alerted and notified.
➢ This keeps you in the loop on what is happening in your cloud infrastructure.
➢Your primary source of information are the logs created, so it is vital to enable
logging wherever you can, such as instance, network, identity, access and service
activity.
Centralization, Standardization & Automation:
➢Centralization, Standardization and Automation (CSA) is something that needs to
be thought about during design.

➢Centralization is using services and tools that can be integrated into a single
dashboard for viewing.

➢Standardization is creating consistent architectural security models across the

vast amount of services offered in the cloud, reducing the burden of
implementation of those new services.

➢Finally, Automation, the more you can automate your infrastructure, the quicker
you can scale and respond to incidents and issues.
Cloud Security Architecture
 What is Cloud Security Architecture?
A cloud security architecture is defined by the
➢Security layers
➢Design, and
➢Structure of the platform,
➢Tools,
➢Software
➢ infrastructure, and
➢Best practices that exist within a Cloud Security Architecture

A cloud security architecture provides the written and visual model to define how
to configure and secure activities and operations within the cloud.
Security Planning
Before deploying a particular resource to the cloud, one should need to
analyze several aspects of the resource, such as:

➢A select resource needs to move to the cloud and analyze its sensitivity
to risk.
➢Consider cloud service models such as IaaS, PaaS,and These models
require the customer to be responsible for Security at different service
levels.
➢Consider the cloud type, such as public, private, community, or
➢Understand the cloud service provider's system regarding data storage
and its transfer into and out of the cloud.
➢The risk in cloud deployment mainly depends upon the service models
and cloud types.
 Understanding Security of Cloud
Security Boundaries
The Cloud Security Alliance (CSA) stack model defines the boundaries between each
service model and shows how different functional units relate.
 Understanding data security

Since all data is transferred using the Internet, data security in the cloud is a
major concern.

Here are the key mechanisms to protect the data.

➢access control
➢audit trail
➢certification
➢authority

The service model should include security mechanisms working in all of the
above areas.
 Separate access to data
Since the data stored in the cloud can be accessed from anywhere, we need to
have a mechanism to isolate the data and protect it from the client's direct
access.
Broker cloud storage is a way of separating storage in the Access Cloud.
In this approach, two services are created:
A broker has full access to the storage but does not have access to the client.
A proxy does not have access to storage but has access to both the client and the
broker.
1. When the client issues a request to access data:
2. The client data request goes to the external service interface of the proxy.
3. The proxy forwards the request to the broker.
4. The broker requests the data from the cloud storage system.
5. The cloud storage system returns the data to the broker.
6. The broker returns the data to the proxy.
7. Finally, the proxy sends the data to the client.
 Cloud Infrastructure Security
➢Cloud infrastructure security is the practice of securing resources
deployed in a cloud environment and supporting systems.

➢Cloud infrastructure is made up of at least 7 basic components, including

user accounts, servers, storage systems, and networks.

➢Cloud environments are dynamic, with short-lived resources created

and terminated many times per day.

➢This means each of these building blocks must be secured in an

automated and systematic manner.
 Securing 7 Key Components of Your Cloud Infrastructure
Here are key best practices to securing the key components of a typical cloud
environment.
1.Accounts
➢Service accounts in the cloud are typically privileged accounts, which may
have access to critical infrastructure.
➢Once compromised, attackers have access to cloud networks and can
access sensitive resources and data.
➢Use identity and access management (IAM) to set policies controlling
access and authentication to service accounts.
➢Use a cloud configuration monitoring tool to automatically detect and
remediate non-secured accounts.
➢Finally, monitor usage of sensitive accounts to detect suspicious activity
and respond.
 2.Servers
➢ While a cloud environment is virtualized, behind the scenes it is made up of physical hardware deployed at
multiple geographical locations.

➢ This includes physical servers, storage devices, load balancers, and network equipment like switches and
routers.

➢ Here are a few ways to secure a cloud server, typically deployed using a compute service like Amazon EC2:

➢ Control inbound and outbound communication—your server should only be allowed to connect to networks, and
specific IP ranges needed for its operations.

➢ For example, a database server should not have access to the public internet, or any other IP, except those of the
application instances it serves.

➢ Encrypt communications—whether communications go over public networks or within a secure private network,
they should be encrypted to avoid man in the middle (MiTM) attacks. Never use unsecured protocols like Telnet or
FTP. Transmit all data over HTTPS, or other secure protocols like SCP (Secure Copy) or SFTP (Secure FTP).
Use SSH keys—avoid accessing cloud servers using passwords, because they are vulnerable to
brute force attacks and can easily be compromised.

Use SSH(Shell or Secure Socket Shell) keys, which leverage public/private key cryptography for
more secure access.

Minimize privileges—only users or service roles that absolutely need access to a server should
be granted access.

Carefully control the access level of each account to ensure it can only access the specific files
and folders, and perform specific operations, needed for their role.

Avoid using the root user—any operation should be performed using identified user accounts.
 3.Hypervisors
A hypervisor runs on physical hardware, and makes it possible to run several virtual machines
(VMs), each with a separate operating system.

All cloud systems are based on hypervisors.

Therefore, hypervisors are a key security concern, because compromise of the hypervisor (an
attack known as hyperjacking) gives the attacker access to all hosts and virtual machines
running on it.

Here are a few ways to ensure your hypervisor is secure:

➢Ensure machines running hypervisors are hardened, patched, isolated from public
networks, and physically secured in your data center

➢Assign least privileges to local user accounts, carefully controlling access to the hypervisor
➢Harden, secure, and closely monitor machines running the virtual machine
monitor (VMM) and virtualization management software, such as VMware
vSphere

➢Secure and monitor shared hardware caches and networks used by the hypervisor

➢Pay special attention to hypervisors in development and testing environments—

ensure appropriate security measures are applied when a new hypervisor is deployed
to production
 4.Storage
In cloud systems, virtualization is used to abstract storage from hardware systems.
Storage systems become elastic pools of storage, or virtualized resources that can
be provisioned and scaled automatically.
Here are a few ways to secure your cloud storage services:
➢Identify which devices or applications connect to cloud storage, which cloud
storage services are used throughout the organization, and map data flows.
➢Block access to cloud storage for internal users who don’t need it
➢Classify data into sensitivity levels—a variety of automated tools are available. This
can help you focus on data stored in cloud storage that has security or compliance
implications.
➢Remove unused data—cloud storage can easily scale and it is common to retain
unnecessary data, or entire data volumes or snapshots that are no longer used.
➢Carefully control access to data using identity and access management (IAM) systems,
and applying consistent security policies for cloud and on-premises systems.
➢Use cloud data loss prevention (DLP) tools to detect and block suspicious data
transfers
 5.Databases
Databases in the cloud can easily be exposed to public networks, and almost
always contain sensitive data, making them an imminent security risk.
Here are a few ways to improve security of databases in the cloud:
➢Hardening configuration and instances—if you deploy a database
yourself in a compute instance, it is your responsibility to harden the
instance and securely configure the database.
If you use a managed database service, these concerns are typically handled by the
cloud provider.
➢Database security policies—ensure database settings are in line with
your organization’s security and compliance policies. Map your security
requirements and compliance obligations to specific settings on cloud
database systems.
Network access—as a general rule, databases should never be exposed to
public networks and should be isolated from unrelated infrastructure.

Permissions—grant only the minimal level of permissions to users,

applications and service roles. Avoid “super users” and administrative users
with blanket permissions. Each administrator should have access to the
specific databases they work on.

End user device security—security is not confined to the cloud

environment. You should be aware what endpoint devices administrators
are using to connect to your database.
 6.Network
Here are a few ways you can secure cloud networks:
➢Use security groups to define rules that define what traffic can flow between cloud
resources.

➢Use Network Access Control Lists (ACL) to control access to virtual private
networks. ACLs provide both allow and deny rules.

➢Use additional security solutions such as firewalls as a service (FWaaS) and web
application firewalls (WAF) to actively detect and block malicious traffic.

➢Deploy Cloud Security Posture Management (CSPM) tools to automatically

review cloud networks, detect non-secure or vulnerable configurations and
remediate them.
 7.Kubernetes
• Code—ensuring code in containers is not malicious and uses secure
coding practices
• Containers—scanning container images for vulnerabilities, and
protecting containers at runtime to ensure they are configured securely
according to best practices
• Clusters—protecting Kubernetes master nodes and ensuring cluster
configuration is in line with security best practices
• Cloud—using cloud provider tools to secure the underlying
infrastructure, including compute instances and virtual private clouds
(VPC)
 Course Outcome(CO-2)
Select the cloud security architecture in different cloud environments

Module-II-Cloud Security Architecture

➢Architectural Considerations- General Issues

➢Trusted Cloud computing,

➢Secure Execution Environments and Communications,

➢Micro architectures; Identity management, Access control, Autonomic Security.

➢Virtualization security management, virtual threats, VM Security Recommendations,

VM-Specific Security techniques
Cloud Security Architectural Considerations
and Issues
 Cloud Security Architectural Considerations

A well-designed cloud security architecture should be based on the

following key principles
Identification
➢ Knowledge of the users, assets, business environment, policies, vulnerabilities
and threats, and risk management strategies that exist within your cloud
environment.
Security Controls
➢ Defines parameters and policies implemented across users, data, and
infrastructure to help manage the overall security position.
Security by Design

➢Defines the control responsibilities, security configurations, and

security baseline automations.

➢Usually standardized and repeatable for deployment across common

use cases, with security standards, and in audit requirements.

Compliance

➢Integrates industry standards and regulatory components into the

architecture and

➢Ensures standards and regulatory responsibilities are met.

Perimeter Security

➢Protects and secures traffic in and out of organization’s.

➢cloud-based resources, including connection points between

corporate network and public internet.

Segmentation

Partitions the architecture into isolated component sections to prevent

lateral movement in the case of a breach. Often includes principles of
‘least privilege’.
User Identity and Access Management

➢Ensures understanding, visibility, and control into all users (people,

devices, and systems) that access corporate assets.

➢ Enables enforcement of access, permissions, and protocols.

Data encryption

➢Ensures data at rest and traveling between internal and external cloud
connection points is encrypted to minimize breach impact.
Automation
➢ Facilitates rapid security and configuration provisioning and updates as well
as quick threat detection.

Logging and Monitoring

➢ Captures activities and constant observation (often automated) of all activity
on connected systems

➢ Cloud-based services to ensure compliance, visibility into operations, and

awareness of threats.
Visibility
Incorporates tools and processes to maintain visibility across an
organization’s multiple cloud deployments.

Flexible Design
Ensuring architecture design is sufficiently agile to develop and
incorporate new components and solutions without sacrificing
inherent security.
 Cloud Security Architecture Issues
IaaS Cloud Security Threats

Availability disruption through denial-of-service attacks

A Denial-of-Service (DoS) attack is an attack meant to shut down a machine

or network, making it inaccessible to its intended users.

DoS attacks accomplish this by flooding the target with traffic, or sending it

information that triggers a crash.

Injection flaws
Injection flaws are a security vulnerability that allows a user to gain access to the
backend database, shell command, or operating system call if the web app takes user
input.

Hackers append additional information within these input boxes and can create, read,
update, or delete data.

Broken authentication

If a hacker successfully logs with stolen credentials, they can misuse your privileges and
impact your company's sustainability.

Authentication protects a consumer's identity by allowing only a verified user to enter into
the system.
Security misconfigurations
Security misconfigurations are security controls that are inaccurately configured
or left insecure, putting your systems and data at risk.
Basically, any poorly documented configuration changes, default settings, or a
technical issue across any component in your endpoints could lead to a
misconfiguration.

Insufficient logging and monitoring

Insufficient logging and monitoring is, missing security critical

information logs or lack of proper log format, context, storage,
security and timely response to detect an incident or breach.
 IaaS Cloud Security Threats
➢Sensitive data exposure
➢Broken access control
➢Security misconfigurations
➢Using components with known vulnerabilities
➢Insufficient logging and monitoring
➢Data leakage
➢Privilege acceleration through misconfiguration
➢DoS attack via API
➢Weak privileged key protection
➢Virtual machine (VM) weaknesses
 PaaS Cloud Security Threats
➢ Authorization weaknesses in platform services
➢ Run-time engine vulnerabilities
➢ Availability disruption through denial-of-service attacks
➢ Broken authentication
➢ Sensitive data exposure
➢ Broken access control
➢ Security misconfigurations
➢ Using components with known vulnerabilities
➢ Insufficient logging and monitoring
➢ Privilege acceleration through misconfiguration
➢ Weak privileged key protection
➢ Virtual machine (VM) weaknesses
 SaaS Cloud Security Threats
➢Weak or immature identity and access management
➢Weak cloud security standards
➢Shadow IT/unsanctioned cloud applications/software
➢Service disruption through denial-of-service attacks
➢Phishing
➢Credential stuffing attacks
➢Weak compliance and auditing oversight
➢Stolen or compromised credentials
➢Weak vulnerability monitoring
Trusted Cloud Computing
 Trusted Computing
➢Trusted computing is a broad term that refers to technologies and proposals
for resolving computer security problems through hardware enhancements
and associated software modifications.

➢Several major hardware manufacturers and software vendors, collectively

known as the Trusted Computing Group (TCG), are cooperating in this
venture and have come up with specific plans.

➢The TCG develops and promotes specifications for the protection of computer
resources from threats posed by malicious.
Microsoft defines trusted computing by breaking it down into four technologies, all of
which require the use of new or improved hardware at the personal computer (PC) level:

➢Memory curtaining -- prevents programs from inappropriately reading from or writing

to each other's memory.

➢Secure input/output (I/O) -- addresses threats from spyware such as keyloggers and
programs that capture the contents of a display.

➢Sealed storage -- allows computers to securely store encryption keys and other critical
data.

➢Remote attestation -- detects unauthorized changes to software by generating

encrypted certificates for all applications on a PC.
 Trusted Cloud Computing
➢The goal of trusted cloud computing is to make the computation of
virtual machines confidential which is deployed by the service
provider.

➢Customers can verify that the computation is confidential and prevent

inspection of computation state at the service provider site.
Identity and Access Management in Cloud
 Identity and Access Management in Cloud

➢Identity and access management (IAM) is a framework of business

processes, policies and technologies that makes it easier for
organizations to manage electronic or digital identities.

➢ IAM frameworks enable IT managers to control user access to

critical information within their companies.
IAM tools offer role-based access control to allow system administrators
to regulate access to systems or networks based on the roles of
individual users within the organization.

Creating effective IAM policies, such as a

➢ Privacy policy,

➢Protects data privacy by limiting user access to resources and

➢Protects against unauthorized access.

IAM technologies include
➢Password-management tools,
➢Single sign-on systems (SSO),
➢Two-factor authentication,
➢Multifactor authentication (MFA),
➢privileged access management (PAM) and
➢Privileged identity management (PIM).
These tools let organizations securely store identity and profile data, as well as
data governance functions, to ensure that only necessary and relevant data is
shared.
 How Does IAM Work?

Identity management solutions generally perform two tasks:

1.IAM confirms(Authentication) that the user, software, or hardware is

who they say they are by authenticating their credentials against a
database.

2.Identity access management(Authorization) systems grant only the

appropriate level of access, IAM allows for narrow slices of access to be
portioned out, i.e. editor, viewer, and commenter in a content management
system.
 BENEFITS OF IDENTITY AND ACCESS MANAGEMENT

IAM enhances security

➢By controlling user access, companies can eliminate instances of data breaches, identity
theft, and illegal access to confidential information.
➢ IAM can prevent the spread of compromised login credentials, avoid unauthorized entry
to the organization’s network, and provide protection against ransomware, hacking,
phishing, and other kinds of cyber attacks.

IAM streamlines IT workload

➢Whenever a security policy gets updated, all access privileges across the organization can
be changed in one sweep.
➢IAM can also reduce the number of tickets sent to the IT helpdesk regarding password
resets. Some systems even have automation set for tedious IT tasks.
Reduces Human Error

➢With an identity and access management tool in place, companies can

eliminate manual account and permission errors

➢The IT department no longer has to manually manage access rights to

data. In addition, IT no longer has to deal with careless employees who
may make mistakes that can result in costly fines.
More Effective Access to Resources

➢Users who receive access through a centralized platform benefit from

using SSO(Single Sign On) technology as it limits the number of
interactions they have with security systems

➢Increases the probability that they will succeed in their legitimate

attempts to access resources.
Confidentiality of Data
➢By restricting access for those who don't need to use certain apps or files.
➢Organizations can better secure sensitive data as well as enable project
managers to have a clearer picture of which users are associated with which
projects.
Helps Manage Access Across Browsers and Devices
➢One benefit of cloud applications is that users can access them from any
device that's connected to the internet.
➢ However, the downside is that more applications means more URLs and
passwords.
➢In addition, the increase in mobile devices means that IT administrators
must manage and support another access point.
➢Cloud-based IAM tools can provide browser-based SSO to all user application
as well as enable access to those same services from users' mobile devices.
Virtualization Security Management
VMware Infrastructure users may have different roles and responsibilities, but
some functional overlap may occur.
The roles assumed by administrators are
Virtual Server Administrator — This role is responsible for installing and configuring
the ESX Server hardware, storage, physical and virtual networks, service console, and
management applications.
Virtual Machine Administrator — This role is responsible for creating and configuring
virtual machines, virtual networks, virtual machine resources,
and security policies. The Virtual Machine Administrator creates, maintains, and
provisions virtual machines.
Guest Administrator — This role is responsible for managing a guest virtual machine or
machines. Tasks typically performed by Guest Administrators include connecting virtual
devices, adding system updates, and managing applications that may reside on the
operating system.
Virtualization Security Issues and Risks
 Virtualization Security Issues and Risks

➢VM Sprawl

➢Malware & Ransomware Attacks

➢Network Configuration

➢Security of Offline Virtual Machines

➢Workloads with Different Trust Levels

➢Hypervisor Security Controls

➢Cloud Service Provider APIs

 VM Sprawl
➢Virtual machine sprawl is the uncontrolled spread of VMs created for
specific workloads and then abandoned after serving their purpose.

➢This unchecked propagation can lead to VMs with sensitive

information being compromised because they are not being actively
managed and updated.
 Malware & Ransomware Attacks
➢Virtual machines are also at risk to viruses, malware, and ransomware
attacks.

➢These attacks can come from infected VM images or from users

without proper security training.

➢Once a VM is infected, it can spread malware across the entire virtual

infrastructure without adequate isolation and security controls.
 Network Configuration
➢There is a lot of work involved in managing multiple virtual machines,
even with a VM management solution like VMware vSphere.

➢Making poor configuration choices, like allowing file sharing between

VMs, or leaving unused firewall ports open could be all that's needed for a
hacker to gain access to your virtual infrastructure.

➢ This misconfiguration can also include the physical servers, which can
become a security risk without the latest security patches and firmware.
 Access Controls
➢An attacker gaining access to your virtual infrastructure, whether via
physically accessing host servers or via a compromised user account on
your management platform, can cause a lot of damage to your systems.
Security of Offline Virtual Machines
➢Offline or offsite backups are an essential part of disaster
recovery planning.
➢However, any VMs you back up offline are stuck with their security
updates and configurations from when they were last online.
➢This lack of updates will make such a VM a security risk to the rest of
your virtual environment when it is time to come back online.
 Workloads with Different Trust Levels

➢Without proper security controls, it's easy to create a test server that should be
in a low trust zone, on the same physical hardware as a live production server
with sensitive information that requires a high trust zone.

Hypervisor Security Controls

➢The hypervisor is the platform that makes it possible to run virtual machines.

➢Therefore, it can become a single point of failure for your entire virtual
infrastructure without proper security measures to mitigate the risk of attacks.
 Cloud Service Provider APIs
➢For organizations that run a hybrid implementation involving public
and private cloud infrastructure, intrusion attempts via APIs from your
cloud service providers are a potential risk.

➢These APIs are meant for effective communication between your virtual
environment and the cloud-hosted one, and if they are not adequately
secured, a data breach may occur.
Virtual Machine Security Recommendations
 VM Security Recommendations
➢Before we entering into technical details of securing VMs, it's important to consider the
potential security vulnerabilities that are relevant to a particular host and guest OS.

➢Particular questions to ask include:

• Does the guest of host contain sensitive information, such as logon details or sensitive
data? If so, how is this information protected?

• Does the VM have access to the Internet?

• Can the VM access other production computers?

• Is the guest OS running a supported operating system version?

• Are host and guest OSes updated automatically?

Implement minimal permissions
➢A fundamental aspect of maintaining security is to provide users and systems
administrators with the minimal permissions they need to complete their jobs.

➢Following Figure provides an overview of the types of permissions that should be

configured.
 Managing moving targets
➢The process of moving virtual machines between host servers is usually as simple as
performing file copy operations.

➢When a VM is moved, it is important for all relevant security settings and options to
move with it.

➢For example, permissions set on virtual hard disk files, and network access details,
should be recreated on the target platform. Following Figure provides some
examples of relevant configuration settings to consider.
 Virtual machines are still "machines"
Whether an operating system (OS) is running on a physical machine or within a virtual
one, it still should be regularly updated. With virtualization, there are a couple of
additional challenges:

➢First, IT departments must be aware of all VMs that are deployed in the
environment.

➢Secondly, each guest OS must be either protected by the update management

solution, or must be kept up-to-date manually. Regardless of the approach, systems
administrators should keep in mind the time and effort required.
 Enforce consistency and quality
➢Whenever possible, IT departments should create a base library of
reference virtual machines from which users and systems administrators
should start.

➢These base images should be verified to meet the IT department's policies

and must be kept up-to-date.

➢Of course, it's likely that some workloads require deviations from standard
deployments. In those cases, IT departments must remain involved in the
deployment of all new virtual machines (or, at least those that will have
access to production resources).
 Security through education
➢Even though the basic concept of virtualization technology is well-planted in
most peoples' minds, users and systems administrators are often confused
about the potential use (and misuse) of virtual machines.

➢ IT departments, therefore, should verify that their staff is aware of the potential
security risks related to deploying new VMs.

➢ For most practical purposes, deploying a new VM is similar to deploying a new

physical server (though it's often quicker, cheaper and easier).
 Using third-party solutions
➢It's no secret that virtualization technology creates additional burdens
related to security.

➢Numerous third-party vendors understand this and have either updated

their existing enterprise management tools to include virtualization, or
have created totally new solutions with innovative approaches to limited
vulnerabilities.
VM-Specific Security techniques
 Containerization
➢Containerization is the latest way of virtualization.
➢In this process, the operating system creates separate and completely isolated
spaces for each and every application.
➢So, all the applications will behave as if they are the only applications running
on the system.
➢From the security point of view, applications cannot see each other and hence
they are protected.
➢There are many platforms available, including Apache
Mesos and Kubernetes,Docker is one of the most popular software to provide
containerization.
 Sandboxing
➢The mechanism of sandboxing is a popular and widely used feature in virtualization.

➢The idea behind sandboxing is that it allows for the isolation of the application, in order to
guard it against the external malware, viruses or any threats.

➢Isolating this way keeps the system safe from untested code or applications.

➢Sandboxing can have two different contexts.

➢ One is OS level, where the OS provides an environment to run your application and they
cannot get any access to other applications.
➢ On the other hand, sandbox is used to run your application and analyze the security
threats, thus ensuring that any malicious activity does not affect your production
network.
 Network Virtualization
➢Isolation and segmentation are two basic constituents of network
virtualization.
➢Isolation allows the co-existence of several isolated virtual networks which
are known to provide end-to-end services over the cloud. The network
resources are provided by infrastructure providers, which allow several
services to be used on virtual networks by sharing.
➢Segmentation sub-divides the network into sub-networks to minimize the
traffic through them and giving a boost to performance. It also hides the
internal network structure from the outside, making it very secure.
 Desktop Virtualization
➢It allows for the separation of the desktop environment

➢ Administrators find the usage of desktop virtualization very helpful as it

allows them to manage the computers of employees easily.

➢It also helps them to upgrade the resources on time, or even remove
unnecessary applications no longer required.

➢As a result, there is no chance of unauthorized access or the possibility of

introducing any type of malware, as long as the correct permissions,
protections, and configurations are adopted.
 Hypervisor Security
Here are certain recommendations for hypervisor security, namely –

➢Hypervisors usually update automatically when they are released by the vendor.
However, it is a good practice to manually check for updates from time to time.

➢However, in a secure, locked-down protected environment, any updates to the

hypervisor are thoroughly examined and tested prior to deployment into
production.

➢The use of thin hypervisors allows for easy deployment and less overhead in
computing terms. This also has an added advantage in case there is a malicious
attack, where the malware code is unlikely to reach the hypervisor.
➢The use of network interface cards (NICs) or unused physical hardware to the
host system must be avoided.

➢Any disks that are used for backing up data should be disconnected when not
in use.

➢Disable any services that aren’t required. This is especially applicable in

the case of file sharing services between guest and host OS.

➢Guest OSes must have security between them when they are communicating.

➢ Environments that are non-virtualized must have security control systems in

places, such as firewalls
 Virtual and Physical Switches
➢The use of a virtual switch provides security between virtual machines
by isolation and control inspection.
➢It is essentially a software program and prevents inter-switch link
attacks.
➢It permits network connectivity for communication with virtual
machines and applications within the virtual network and the physical
network.
➢In this context, high end physical switches are also capable of protecting
the system.
➢It can disable sniffing of traffic addresses or other connected systems.
➢ Physical switches provide the same level of protection as the virtual
switches.
 Infrastructure & Guest OS Security

➢The use of a virtualized information infrastructure helps in

restricting access to resources and also in proper information
handling due to visibility.

➢The infrastructure must be such that all information can be tracked

in the environment.
 Server Isolation & Virtual Hard Disk (HD) Encryption
➢Virtual hard disk encryption is another good way to protect your data.

➢This is more applicable, when the hard disk it travelling from one
location to another location.

➢ If the virtual HD is encrypted, the data cannot be read with present day
technology as it is, even if a copy of HD is stolen by the attacker.
 Availability and Disaster Recovery
➢Data preservation and service availability are of primary importance
these days.
➢The use of virtualizations permits the backup of data in the form of a
large and unique file.
➢This helps in the quick reinstallation of OS and restoration of data, thus
reducing cost and time required to mitigate failures