The Suggested Approach Strengths Limitations

Published Date: 02 Nov 2017

as "The Linkup" when due to system administration error, active customer data was deleted, leading to the data loss.

SLA’s with the Cloud Service providers should contain all the points that may cause data loss either due to some human

or system generated error. Hence, it must be ensured that redundant copies of the user data should be stored in order to

handle any sort of adverse situation leading to data loss.

Virtualization in general increases the security of a cloud environment. With virtualization, a single machine can be

divided into many virtual machines, thus providing better data isolation and safety against denial of service attacks [10].

The VMs provide a security test-bed for execution of untested code from un-trusted users. A hierarchical reputation

system has been proposed in the paper [10] for managing trust in a cloud environment.

5 ENSURING SECURITY AGAINST THE VARIOUS TYPES OF ATTACKS

In order to secure the cloud against the various security threats and attacks like: SQL injection, Cross Site Scripting

(XSS) attacks, DoS and DDoS attacks, Google Hacking and Forced Hacking, different cloud service providers adopt

different techniques. A few standard techniques in order to detect the above mentioned attacks are as: Avoiding the

usage of dynamically generated SQL in the code, finding the meta-structures used in the code, validating all user

entered parameters, disallowing and removal of unwanted data and characters, etc. A generic security framework needs

to be worked out for an optimized cost performance ratio. The main criterion to be filled up by the generic security

framework are to interface with any type of cloud environment, and to be able to handle and detect predefined as well

as customized security policies.

A similar approach is being used by Symantec Message Labs Web Security cloud that blocks the security threats

originating from internet and filters the data before they reach the network. Web security cloud’s security architecture

rests on two components:

a. Multi layer security: In order to ensure that data security and block possible malwares, it consists of multi-layer

security and hence a strong security platform.

b. URL filtering: It is being observed that the attacks are launched through various web pages and internet sites and

hence filtering of the web-pages, ensures that no such harmful or threat carrying web page gets accessible. Also,

content from undesirable sites can be blocked.

With its adaptable technology, it provides security even in highly conflicting environments and ensures protection

against new and converging malware threats.

A Google hacking database identifies the various types of information such as: login passwords, pages containing logon

portals, session usage information etc. Various software solutions such as Web Vulnerability Scanner can be used to

detect the possibility of a Google hack. In order to prevent Google hack, the user needs to ensure that only those

information that does not affect him should be shared with the Google. This would prevent sharing of any sensitive

information that may result in adverse conditions.

The symptoms to a DoS or DDoS attack are: system speed gets reduced and programs run very slowly, large number of

connection requests from a large number of users, less number of available resources. Although when launched in full

strength DDoS attacks are very harmful as they exhaust all the network resources, still a careful monitoring of the

network can help in keeping these attacks in control.

In case of IP spoofing an attacker tries to spoof the users that the packets are coming from reliable sources. Thus the

attacker takes control over the client’s data or system showing himself as the trusted party. Spoofing attacks can be

checked by using encryption techniques and performing user authentication based on Key exchange. Techniques like

IPSec do help in mitigating the risks of spoofing. By enabling encryption sessions and performing filtering at the

incoming and outgoing entrances spoofing attacks can be reduced.

Table 1 Comparative Analysis for Strengths and Limitations of Some of the Existing Security Schemes

Every cloud service provider has installed various security measures depending on its cloud offering and the

architecture. Their security model largely depends upon the customer section being served, type of cloud offering they

provide and the deployment models they basically implement as discussed in [68].

Security

Scheme

Suggested Approach Strengths Limitations

Data Storage

security [21]

Uses homomorphic token with

distributed verification of erasure-coded

data towards ensuring data storage

security and locating the server being

attacked.

1. Supports dynamic operations on

data blocks such as: update, delete

and append without data corruption

and loss.

2. Efficient against data

modification and server colluding

attacks as well as against byzantine

failures.

The security in case of dynamic

data storage has been considered.

However, the issues with finegrained

data error location

remain to be addressed.

User identity

safety in cloud

computing

Uses active bundles scheme, whereby

predicates are compared over encrypted

data and multiparty computing.

Does not need trusted third party

(TTP) for the verification or

approval of user identity. Thus the

user’s identity is not disclosed. The

TTP remains free and could be used

for other purposes such as

decryption.

Active bundle may not be

executed at all at the host of the

requested service. It would leave

the system vulnerable. The

identity remains a secret and the

user is not granted permission to

his requests.

Trust model

for

interoperability

and security in

cross cloud

[35]

1. Separate domains for providers and

users, each with a special trust agent.

2. Different trust strategies for service

providers and customers.

3. Time and transaction factors are

taken into account for trust assignment.

1. Helps the customers to avoid

malicious suppliers.

2. Helps the providers to avoid cooperating/

serving malicious users.

Security in a very large scale

cross cloud environment. This

scheme is able to handle only a

limited number of security

threats in a fairly small

environment.

Virtualized

defence and

reputation

based trust

management

1. Uses a hierarchy of DHT-based

overlay networks, with specific tasks to

be performed by each layer.

2. Lowest layer deals with reputation

aggregation and probing colluders. The

highest layer deals with various attacks.

Extensive use of virtualization for

securing clouds

The proposed model is in its

early developmental stage and

needs further simulations to

verify the performance.

Secure

virtualization

[61]

1. Idea of an Advanced Cloud

Protection system (ACPS) to ensure the

security of guest virtual machines and

of distributed computing middleware is

proposed.

2. Behaviour of cloud components can

be monitored by logging and periodic

checking of executable system files.

A virtualized network is prone to

different types of security attacks

that can be launched by a guest VM,

an ACPS system monitors the guest

VM without being noticed and

hence any suspicious activity can be

blocked and system’s security

system notified.

System performance gets

marginally degraded and a small

performance penalty is

encountered. This acts as a

limitation towards the acceptance

of an ACPS system.

Safe, virtual

network in

cloud

environment

[35]

Cloud Providers have been suggested to

obscure the internal structure of their

services and placement policy in the

cloud and also to focus on side-channel

risks in order to reduce the chances of

information leakage.

Ensures the identification of

adversary or the attacking party and

helping us find a far off place for an

attacking party from its target and

hence ensuring a more secure

environment for the other VMs.

If the adversary gets to know the

location of the other VMs, it may

try to attack them. This may

harm the other VMs in between.

Border

Gateway

Protocol

(BGP) [37]

A pretty good BGP (PGBGP)

architecture has been suggested to

check the cases where an Autonomous

system may announce itself wrongly as

the destination for all the data that is

being transferred over that network..

Checks the autonomous systems

(ASs) and performs anomaly

detection with a response system to

ensure that the data doesn’t get

routed to the wrong AS. It also

gives us the flexibility to run the

PGBGP protocol on some of the

ASs towards protecting the entire

network.

Vulnerable to Denial of Service

(DoS) attacks. This approach

only takes care of the routing

control messages but doesn’t

verify the path that actual traffic

follows.

One of the security measures implemented by SalesForce.com to avoid unauthorized access to its platform is sending a

security code to the registered customer every-time, the same account is accessed from a different IP-address and the

user needs to provide the security code at the time of logging in, in order to prove its identity [56].

It is equally important to secure the data in transit and security of transmitted data can be achieved through various

encryption and decryption schemes. In such a scenario, even if the data gets into the hands of a hacker, he won’t be able

to make any unauthorized use until he knows how to decrypt it. A few of the encryption-decryption techniques include

private and public key encryption. In a symmetric key (private key) encryption such as: DES, Triple DES, RC2, RC4

etc, the same key is used for encryption and decryption. Before the data is transferred, the key is shared between both

the receiver and the sender. Sender then sends the data after having encrypted it using the key and the receiver decrypts

it using the same key.

Fig 3.1 Private key Encryption (Step 1)

Fig 3.2 Private Key encryption (Step 2)

In case of an asymmetric key algorithm (RSA, DSA, PGP etc), there are two sets of keys known as public key and

private key. The keys occur in pairs which means that a specific public key can only be decrypted using the private key

linked to it. In such an encryption technique the sender encrypts the data using the public key and then sends it to the

receiver which at the receiving end makes use of corresponding private key to decrypt the same.

Fig 4.1 Public key Encryption (Step 1)

Hence, we can see that although Public key encryption may take a bit more processing time in comparison to the private

key encryption, but in cases where security is more of a concern rather than the speed, public-key encryption provides

more secure data transmission in comparison to private-key encryption. Security issues in a virtualized environment

wherein a malicious virtual machine tries to take control of the hypervisor and access the data belonging to other VMs

have been observed and since traffic passing between VMs doesn’t travel out into the rest of the data-centre network

and hence cannot be seen by regular network based security platforms [46].

Fig 4.2 Public key Encryption (Step 2)

Fig 4.3 Public key Encryption (Step 3)

Hence, there is a need to ensure that security against the virtual threats should also be maintained by adopting the

methodologies such as: keeping in check the virtual machines connected to the host system and constantly monitoring

their activity, securing the host computers to avoid tampering or file modification when the virtual machines are offline,

preventing attacks directed towards taking control of the host system or other virtual machines on the network etc.

A security model wherein a dedicated monitoring system taking care of the data coming in and out of a virtual

machine/machines functional in a virtualized environment on a hypervisor can be presented as shown below:

Fig. 5 Security Model in a Virtualized Environment

As can be seen from the above shown security model, a Virtual machine monitor can be placed in a virtual environment

which will keep track of all the traffic flowing in and out of a virtual machine network. And in case if there is any

suspicious activity observed, the corresponding virtual machine may be de-linked or blocked and hence maintaining the

security of the virtualized network.

The security breach of Twitter and Vaserv.com (via a zero-day vulnerability) last year and the data breach at Sony

Corporation and Go-Grid [47], this year, compromising 100 million customers’ [38], data have made it quite clear that

stringent security measures are needed to be taken in order to ensure security and proper data control in the cloud.

Thus we see that the security model adopted by a Cloud service provider should safeguard the cloud against all the

possible threats and ensure that the data residing in the cloud doesn’t get lost due to some unauthorized control over the

network by some third party intruder.

6 CONCLUSION

Cloud Computing, envisioned as the next generation architecture of IT Enterprise is a talk of the town these days.

Although it has revolutionized the computing world, it is prone to manifold security threats varying from network level

threats to application level threats. In order to keep the Cloud secure, these security threats need to be controlled.

Moreover data residing in the cloud is also prone to a number of threats and various issues like confidentiality and

integrity of data should be considered while buying storage services from a cloud service provider. Auditing of the

cloud at regular intervals needs to be done to safeguard the cloud against external threats. In addition to this, cloud

service providers must ensure that all the SLA’s are met and human errors on their part should be minimized, enabling

smooth functioning. In this paper various security concerns for Cloud computing environment from multiple

perspective and the solutions to prevent them have been presented compared and classified.