Professional Documents
Culture Documents
• Cloud computing has come to mean many things, but the following characteristics have
become part of the generally accepted definition:
o Broad network access means that there should never be network bandwidth
bottlenecks
▪ This is generally accomplished with the use of such technologies as
advanced routing techniques, load balancers, multisite hosting, and other
technologies.
o On-demand services refer to the model that allows customers to scale their
compute and/ or storage needs with little or no intervention from or prior
communication with the provider. The services happen in real time
o Resource pooling is the characteristic that allows the cloud provider to meet various
demands from customers while remaining financially viable
o Measured or metered service simply means that the customer is charged for only
what they use and nothing more
• Business needs of the organization drive security decisions, and not the other way around.
• Many organizations are currently considering moving their network operations to a cloud-
based motif. This is not a decision made lightly, and the business requirements must be
supported by this transition
• A full inventory of assets, processes, and requirements is necessary, and there are various
methods for collecting this data.
• The greatest driver pushing organizations toward cloud migration at the moment is cost
savings, and that is a significant and reasonable consideration
• One way an organization can use hosted cloud services is to augment internal, private
datacenter capabilities with managed services during times of increased demand. We refer
to this as “cloud bursting.”
• PII is a major component of regulatory compliance, whether the regulation comes in the
form of statutes or contractual obligation. Protection of PII will be a large part of our security
concern in the cloud
• Elasticity
o In the cloud environment, the organization is paying not for a device, but for the use
of a service, when it is being used
o The ability of the cloud vendor to offer this type of service (while remaining
profitable) is based on the elasticity and the flexibility offered by recent
enhancements in technology, including virtualization
o With virtualization, the cloud provider can allocate partial usage of each resource to
every user and customer, when those users and customers require it, and nothing
more, thereby avoiding wasted, underutilized resources and excess, nonproductive
costs
o In a virtualized environment, users can also access their data from almost any device
or platform, and almost any location. This allows portability, availability, and
accessibility that exceed previous enterprise environments.
• Simplicity
o Proper cloud implementations should not require constant or even frequent
interaction between the cloud provider and cloud customer.
• Scalability
o A cloud service can easily meet those needs, either temporarily or long-term, in a
much more cost-efficient manner than a traditional environment, because new
computing resources can be assigned and allocated without any significant
additional capital investment on the part of the cloud provider, and at an
incremental cost to the cloud customer.
• Infrastructure as a Service (IaaS)
o IaaS allows the customer to install all software, including operating systems (OSs) on
hardware housed and connected by the cloud vendor.
o In this model, the cloud provider has a datacenter with racks and machines and
cables and utilities, and administers all these things
o IaaS might be optimum for organizations that want enhanced control over the
security of their data, or are looking to the cloud for a limited purpose, such as
BC/DR or archiving.
o The cloud provider simply supplies the compute, storage, and networking functions.
o In Infrastructure as a Service (IaaS), the cloud customer has the most responsibility
and authority of all the possible cloud models
o The customer, however, is in charge of everything from the operating system and
up; all software will be installed and administered by the customer, and the
customer will supply and manage all the data.
o In IaaS, though, the cloud customer may still collect and review event logs from the
software, including the OS, which still lends a great deal of insight into the usage and
security of the data
• Platform as a Service (PaaS)
o PaaS contains everything included in IaaS, with the addition of Oss
o The cloud vendor usually offers a selection of OSs, so that the customer can use any
or all of the available choices.
o The vendor will be responsible for patching, administering, and updating the OS as
necessary, and the customer can install any software they deem useful
o The responsibilities for updating and maintaining the software will also be the
customer’s
o the cloud customer loses still more control of the environment, because the cloud
provider is now responsible for installing, maintaining, and administering the OS(s).
Roles
o .
• Private Cloud Benefits
o Increased control over data, underlying systems, and application
o Ownership and retention of governance controls.
o Assurance over data location, removal of multiple
o jurisdiction legal and compliance requirement.
• Public Cloud Benefits
o Easy and inexpensive setup because hardware, application, and bandwidth costs are
covered by the provider
o Streamlined and easy-to-provision resources
o Scalability to meet customer needs
o No wasted resources-pay as you consume.
• Community cloud
o The cloud infrastructure is provisioned for exclusive use by a specific community of
consumers from organizations that have shared concerns (e.g., mission, security
requirements, policy, and compliance considerations). It may be owned, managed,
and operated by one or more of the organizations in the community, a third party,
or some combination of them, and it may exist on or off premises.
o E.g. Indian Banking Community Cloud (IBCC), Cloud4C by CtrlS, AWS GovCloud (USA)
, Microsoft Azure Government (USA)
o Can offer a valuable and cost-effective manner for specified groups or entities with a
similar focus or with common compliance and requirements to operate in a multi-
tenant infrastructure. It will give the benefits of public cloud deployment.
o Cloud bursting is an application deployment model in which an application runs in a
private cloud or datacenter and bursts into a public cloud when the demand for
computing capacity spikes.(Hybrid Cloud)
• Cloud Cross-Cutting Aspects
o Interoperability: How easy it is move and reuse application regardless of platform
o Portablity : Move application and associated data between one cloud provider to
another cloud provider
o Resiliency:
▪ Continue operating in the event of a disruption, which may be equipment
failure, power outage, or a nature disaster.
o Governance : all talk about responsibilities and verifying performance
o Service Level Agreements (SLAs) :
▪ In the SLA,the minimum levels of service, availability, security, controls,
▪ processes, communication, support, and many other crucial business
elements will be stated and agreed upon by both parties.
o Regulatory Compliance
▪ Regulatory compliance is an organization’s requirement to adhere to
relevant laws, regulations, guidelines and specification relevant to its
business , specifically dictated by the nature, operation, and function it
provides or utilized to its customer.
o Importance of Key Management
▪ Key Management should be separated from the provider hosting the data,
and the data owner should be positioned to make decisions.
• Remote Key Management Service
o Required hybrid connectivity
• Client Side Key Management
o In CKMS, customer is in complete control of
encryption/decryption keys.
o Identity and Access Management (IAM) Phase Activity
▪ Provisioning and DE provisioning
• The ultimate goal of user provisioning is to standardize, streamline,
and create an efficient account creation process, while creating a
consistent, measurable, traceable, and auditable framework for
providing access to end users.
▪ Centralized Directory Service
• A directory service stores, processes, and facilitates a structured
repository of information stored, coupled with unique identifiers
and locations.
▪ Privileged User Management
• Privileged user management focuses on the process and ongoing
requirements to manage the lifecycle of user accounts with highest
privileges in a system.
▪ Authorization and Access Management
• Vendor Lock In
o Unfavorable contract , Proprietary data formats ,Insufficient bandwidth may result
in vendor lock in
• A Hypervisor also known as Virtual Machine Monitor (VMM) can be a piece of software,
firmware or hardware that gives an impression to the guest machines(virtual machines) as if
they were operating on a physical h/w.
• VM-based rootkits (VMBRs)
o Rootkit act by inserting a malicious hypervisor on the fly or modifying the installed
hypervisior to gain control over the host
o To cause a VMBR to run underneath an existing OS, the system's boot sequence
must be modified so that the VMBR loads first. Modifying the system boot sequence
requires a high level of privilege or an easily duped user.
• The virtual switch is vulnerable to a wide range of layer II attacks such as manipulation or
modification of the virtual switch’s configuration, VLANs and trust zones, and ARP tables.
• Colocation : Multiple VMs residing on a single server and sharing the same resources
increase the attack surface and the risk of VM-to-VM or VM-to-hypervisor compromise.
• PAAS tenant should not have shell access
• Important SLA Components
o Single Points of Failure should not exist
o Migration to alternate provider(s) should be possible within the agreed upon RTO
o Whether all components will be supported by alternate cloud providers in the event
of a failover.
o Automated controls should be enabled to allow customers to verify data integrity
• FIPS-140 =
o Security Level 4 provides the highest level of security, with mechanisms providing
complete protection around the cryptographic module with the intent of detecting
and responding to all unauthorized attempts at physical access.
▪ A CSP is data using a cryptography module to process encryption functions.
o It is also meant to protect against environmental factors.
o Level 3 also includes robust cryptographic protection and key management,
identity-based authentication
o Level 2: It also requires the ability to detect physical tampering by using physical
locks or tamper-evident seals.
o Level 1: The lowest level of security. requirements, basic cryptographic module
▪ requirements are specified for at least one approved security function or
approved algorithm.
• The organization needs to carefully weigh all the risks associated with a business decision
before engaging in an activity minimize the risk impact associated with an activity.
• Reputational risk can be defined as “the loss of value of a brand or the ability of an
organization to persuade (You cant measured) Exam Point
• The extensive use of automation within the cloud enables real-time monitoring and
reporting on security control points, allowing for the establishment of continuous security
monitoring regimes, enhancing the overall security posture of the organization consuming
the cloud services
Cloud computing should have large resource pools to enable swift scaling, rapid movement,
and flexibility to meet your needs at any given time within the bounds of your service
subscription.
o Without pooling and measured services, you cannot implement the cloud
computing economic model.
• Rapid Elasticity
o If the applications and systems are built in a way where they can be supported,
elasticity can be automatically implemented such that the cloud provider through
programmatic means and based on predetermined metrics can automatically scale
the system by adding additional resources and can bill the customer accordingly.
• Measured Service
o Within the terms of the contract and agreements, these metrics can be used for a
variety of uses, such as monitoring and reporting, placing limitations on resource
utilization, and setting thresholds for automatic elasticity.
o These metrics also will be used to some degree in determining the provider’s
adherence to the requirements set forth in the service level agreement (SLA)
o With the metering and reporting metrics that cloud providers are able to offer, this
becomes much more simplistic for companies and offers a significantly greater
degree of flexibility, with granularity of systems and expansion.
Public Cloud
Private Cloud
It may be owned, managed, and operated by the organization, a third party, or some combination of
them, and it may exist on or off premises.
• Key management
o Encryption and segregation of duties should always go hand in hand
o Key management should be separated from the provider hosting the data, and the
data owners should be positioned to make decisions but ultimately should be in a
position to apply encryption, control, and manage key management processes,
select the storage location for the encryption keys (on-premises in an isolated
location is typically the best security option), and retain ownership and
responsibilities for key management.
o Remote Key Management Service (KMS):
▪ Customer maintains the KMS on-premises
▪ customer will own, operate, and maintain the KMS.
▪ CSP can focus on the hosting, processing, and availability of services
▪ Note that hybrid connectivity is required between the CSP and the cloud
customer for the encryption and decryption to function
o Client-Side Key Management
▪ The main difference here is that most of the processing and control is done
on the customer side
▪ The CSP provides the KMS; however, the KMS resides on the customer’s
premises, where the customer generates, holds, and retains the keys
• SAAS Used this
o
Cryptographic erasure
• Where possible (this may not apply to all cloud-based environments), erase each
block, overwrite all with a known pattern, and erase them again.
• When done correctly, a complete erasure of the storage media eliminates risks
related to key recovery (where stored locally—yes, this is a common mistake), side-
channel attacks on controller to recover information about the destroyed key, and
future attacks on the cryptosystem.
• Key destruction on its own is not a comprehensive approach because the key may
be recovered using forensic techniques.
Virtualization security
• Virtualization technologies enable cloud computing to become a real and scalable service
offering due to the savings, sharing, and allocations of resources across multiple tenants and
environments
• In the world of cloud computing, virtualization represents one of the key targets for the
attackers
• security types
o Type 1 security: Type 1 hypervisors significantly reduce the attack surface over Type
2 hypervisors.
▪ The limited access and strong control over the embedded OS greatly
increase the reliability and robustness of Type 1 hypervisors
o Type 2 security: Because Type 2 hypervisors are OS based, they are more attractive
to attackers, given that there are far more vulnerabilities associated
▪ Where technology, hardware, and software standardization can be used
effectively, this can significantly reduce the risk landscape and increase the
security posture.
Common Threat
• Data Breach
o The risk of data breach is not unique to cloud computing, but it consistently ranks as
a top concern for cloud customers
o Cloud providers are highly accessible and the vast amount of data they host makes
them an attractive target.
o The best protection against data breach is an effective security program. Two
important security measures that can help companies stay secure in the cloud are
multifactor authentication and encryption.
• Data Loss
o Data loss refers to the loss of information, deletion, overwriting, corruption, or
integrity related to the information stored, processed, or transmitted within cloud
environments.
o Note that when the customer uploads encrypted information to the cloud
environment, the encryption keys become a critical component to ensure data is not
lost and remains available. The loss of the relevant encryption keys constitutes data
loss because the information will no longer be available for use in the absence of the
keys
o Cloud consumers should review the contracted data loss provisions, ask about the
redundancy of a provider’s solution, and understand which entity is responsible for
data loss and under what conditions
• Account or service traffic Hijacking
o The key component of these attack methods, when successful, allows for the
attackers to monitor and eavesdrop on communications, sniff and track traffic,
capture relevant credentials, and access and alter account and user profile
characteristics (changing passwords and more).
o All accounts and account activities should be monitored and traceable to a human
owner, even service accounts
• Insecure interfaces and API
o Key functions of the APIs, including the provisioning, management, and monitoring,
are performed utilizing the provider interfaces
o APIs is required to prevent against deliberate and accidental attempts to circumvent
policies and controls.
o Threat modeling applications and systems, including data flows and
architecture/design, become important regular parts of the development lifecycle.
In addition to security-specific code reviews, rigorous penetration testing becomes a
requirement.
• Denial of service
o This can be done using any number of attack vectors available but typically look to
target buffers, memory, network bandwidth, or processor power.
• Abuse and Nefarious Use of Cloud Services
o Malicious use of cloud service resources can reduce available capacity for legitimate
customers hosted by cloud service providers. Responding to malicious use can also
reduce the availability of response resources for addressing other customer support
issues. Fraudulent payment instrument use can result in passing increased costs
along to innocent parties such as financial institutions or cloud providers and
ultimately to customers and others.