CS 4037

Introduction to Cloud Computing

Lecture 6
Danyal Farhat
FAST School of Computing
NUCES Lahore
Fundamental Cloud Security
Lecture’s Agenda
• Basic Terms and Concepts

• Threat Agents

• Cloud Security Threats

Information Security
• Information security is a complex ensemble of techniques,
technologies, regulations, and behaviors that collaboratively
protect the integrity of and access to computer systems and data.

• IT security measures aim to defend against threats and interference

that arise from both malicious intent and unintentional user error.

• Let’s discuss some IT security terms relevant to cloud computing.

Confidentiality
• Confidentiality is the characteristic of something being made
accessible only to authorized parties.

• Within cloud environments, confidentiality primarily pertains to

restricting access to data in transit and storage.
Confidentiality (Cont.)

Introduction: 1-6
Integrity
• Integrity is the characteristic of not having been altered by an
unauthorized party.
• An important issue that concerns data integrity in the cloud is
whether a cloud consumer can be guaranteed that the data it
transmits to a cloud service matches the data received by that
cloud service.
• Integrity can extend to how data is stored, processed, and retrieved
by cloud services and cloud-based IT resources.
Integrity (Cont.)
Authenticity
• Authenticity is the characteristic of something having been
provided by an authorized source.

• This concept encompasses non-repudiation, which is the inability of

a party to deny or challenge the authentication of an interaction.
Availability
• Availability is the characteristic of being accessible and usable
during a specified time period.

• In cloud environments, the availability of cloud services can be a

responsibility that is shared by the cloud provider and the cloud
carrier.

• The availability of a cloud-based solution that extends to cloud

service consumers is further shared by the cloud consumer.
Threat
• A threat is a potential security violation that can challenge defenses
in an attempt to breach privacy and/or cause harm.

• Both manually and automatically instigated threats are designed to

exploit known weaknesses, also referred to as vulnerabilities.

• A threat that is carried out results in an attack.

Risk
• Risk is the possibility of loss or harm arising from performing an
activity.

• Risk is measured according to its threat level and the number of

possible or known vulnerabilities.
Normally 5 different threat levels from critical to normal

• Metrics that can be used to determine risk for an IT resource are:

Probability of a threat occurring to exploit vulnerabilities in the IT resource
Expectation of loss upon the IT resource being compromised
Security Controls
• Security controls are countermeasures used to prevent or respond
to security threats and to reduce or avoid risk.

• Security controls are defined in the form of security policy, which

contains a set of rules and practices specifying how to implement a
system, service, or security plan for maximum protection of
sensitive and critical IT resources.
Security Related Terms
• Security controls are countermeasures used to prevent or respond
to security threats and to reduce or avoid risk.

• Security mechanisms are components comprising a defensive

framework that protects IT resources, information, and services.

• A security policy establishes a set of security rules and regulations.

Security policies define how the rules and regulations are implemented and
enforced.
Positioning and usage of security controls and mechanisms are determined
by security policies.
Basic Terms and Concepts – Key Points
• Confidentiality, integrity, authenticity, and availability are
characteristics that can be associated with measuring security.

• Threats, vulnerabilities, and risks are associated with measuring

and assessing insecurity, or the lack of security.

• Security controls, mechanisms, and policies are associated with

establishing countermeasures and safeguards in support of
improving security.
Lecture’s Agenda
• Basic Terms and Concepts

• Threat Agents

• Cloud Security Threats

Threat Agent
• A threat agent is an entity that poses a threat because it is capable
of carrying out an attack.

• Cloud security threats can originate either internally or externally,

from humans or software programs.
Threat Agent (Cont.)
Anonymous Attacker
• An anonymous attacker is a non-trusted cloud service consumer
without permissions in the cloud.
• It exists as an external software program that launches network-
level attacks through public networks.

• When anonymous attackers have limited information on security

policies and defenses, it can inhibit their ability to formulate
effective attacks.
Malicious Service Agent
• A malicious service agent is able to intercept and forward the
network traffic that flows within a cloud.
• Exists as a service agent (or a program pretending to be a service
agent) with compromised or malicious logic.

• Also exist as an external program able to remotely intercept and

potentially corrupt message contents.
Trusted Attacker
• A trusted attacker shares IT resources in the same cloud
environment as the cloud consumer and attempts to exploit
legitimate credentials to target cloud providers and the cloud
tenants with whom they share IT resources.

• Trusted attackers can perform for a wide range of exploitations like:

Hacking of weak authentication processes
Breaking of encryption
Spamming of e-mail accounts
Launch denial of service campaigns
Malicious Insider
• Malicious insiders are human threat agents acting on behalf of or in
relation to the cloud provider.
• They are typically current or former employees or third parties with
access to the cloud provider’s premises.

• This type of threat agent carries tremendous damage potential, as

the malicious insider may have administrative privileges for
accessing cloud consumer IT resources.
Threat Agents – Key Points
• An anonymous attacker is a non-trusted threat agent that attempts
attacks from outside of a cloud’s boundary.
• A malicious service agent intercepts network communication in an
attempt to maliciously use or augment the data.
• A trusted attacker exists as an authorized cloud service consumer
with legitimate credentials that it uses to exploit access to cloud-
based IT resources.
• A malicious insider is a human that attempts to abuse access
privileges to cloud premises.
Lecture’s Agenda
• Basic Terms and Concepts

• Threat Agents

• Cloud Security Threats

Traffic Eavesdropping
• Traffic eavesdropping occurs when data being transferred to or
within a cloud is passively intercepted by a malicious service agent
for illegitimate information gathering purposes.

• The aim of this attack is to directly compromise the confidentiality

of the data and, possibly, the confidentiality of the relationship
between the cloud consumer and cloud provider.

• Because of the passive nature of the attack, it can more easily go

undetected for extended periods of time.
Traffic Eavesdropping (Cont.)
Malicious Intermediary
• The malicious intermediary threat arises when messages are
intercepted and altered by a malicious service agent, thereby
potentially compromising the message’s confidentiality and/or
integrity.

• It may insert harmful data into the message before forwarding it to

its destination.
Malicious Intermediary (Cont.)
Denial of Service
• The objective of the denial of service (DoS) attack is to overload IT
resources to the point where they cannot function properly.

• This form of attack is launched in one of the following ways:

The workload on cloud services is artificially increased with imitation
messages or repeated communication requests.
The network is overloaded with traffic to reduce its responsiveness and
cripple its performance.
Multiple cloud service requests are sent, each of which is designed to
consume excessive memory and processing resources.
Denial of Service (Cont.)
Insufficient Authorization
• The insufficient authorization attack occurs when access is granted
to an attacker erroneously or too broadly, resulting in the attacker
getting access to IT resources that are normally protected.

• A variation of this attack, known as weak authentication, can result

when weak passwords or shared accounts are used to protect IT
resources.

• Within cloud environments, these types of attacks can lead to

significant impacts depending on the range of IT resources and the
range of access to those IT resources the attacker gains.
Insufficient Authorization (Cont.)
Insufficient Authorization (Cont.)
Virtualization Attack
• Because Cloud providers grant cloud consumers administrative
access to virtualized IT resources, there is an inherent risk that
cloud consumers could abuse this access to attack the underlying
physical IT resources.

• A virtualization attack exploits vulnerabilities in the virtualization

platform to jeopardize its confidentiality, integrity, and/or
availability.
Virtualization Attack (Cont.)
Cloud Security Threats – Key Points
• Traffic eavesdropping and malicious intermediary attacks are
carried out by malicious service agents that intercept network
traffic.
• A denial of service attack occurs when a targeted IT resource is
overloaded with requests in an attempt to cripple or render it
unavailable.
• The insufficient authorization attack occurs when access is granted
to an attacker erroneously or too broadly, or when weak passwords
are used.
• A virtualization attack exploits vulnerabilities within virtualized
environments to gain unauthorized access to underlying physical
hardware.
Additional Resources
• Cloud Computing – Concepts, Technology, and Architecture
by Thomas Erl, Zaigham Mahmood, and Ricardo Puttini
Chapter 6: Fundamental Cloud Security
Questions?