Elements of Cloud Computing Security

A Survey of Key Practicalities 1st

Edition Mohammed M. Alani (Auth.)
Visit to download the full and correct content document:
https://textbookfull.com/product/elements-of-cloud-computing-security-a-survey-of-ke
y-practicalities-1st-edition-mohammed-m-alani-auth/
More products digital (pdf, epub, mobi) instant
download maybe you interests ...

Guide to Cisco Routers Configuration Becoming a Router

Geek Mohammed M. Alani

https://textbookfull.com/product/guide-to-cisco-routers-
configuration-becoming-a-router-geek-mohammed-m-alani/

Essentials of Cloud Computing A Holistic Perspective

Surianarayanan

https://textbookfull.com/product/essentials-of-cloud-computing-a-
holistic-perspective-surianarayanan/

Mobile cloud computing models implementation and

security 1st Edition Keke Gai

https://textbookfull.com/product/mobile-cloud-computing-models-
implementation-and-security-1st-edition-keke-gai/

Cloud Technologies An Overview of Cloud Computing

Technologies for Managers 1st Edition Mchaney

https://textbookfull.com/product/cloud-technologies-an-overview-
of-cloud-computing-technologies-for-managers-1st-edition-mchaney/
Zen of Cloud Learning Cloud Computing by Examples on
Microsoft Azure 1st Edition Bai

https://textbookfull.com/product/zen-of-cloud-learning-cloud-
computing-by-examples-on-microsoft-azure-1st-edition-bai/

Cloud Computing and Big Data: Technologies,

Applications and Security Mostapha Zbakh

https://textbookfull.com/product/cloud-computing-and-big-data-
technologies-applications-and-security-mostapha-zbakh/

The elements of relativity First Edition David M.

Wittman

https://textbookfull.com/product/the-elements-of-relativity-
first-edition-david-m-wittman/

The Practice of Family Therapy Key Elements Across

Models Suzanne Midori Hanna (Editor)

https://textbookfull.com/product/the-practice-of-family-therapy-
key-elements-across-models-suzanne-midori-hanna-editor/

Privately and Publicly Verifiable Computing Techniques:

A Survey 1st Edition Denise Demirel

https://textbookfull.com/product/privately-and-publicly-
verifiable-computing-techniques-a-survey-1st-edition-denise-
demirel/
SPRINGER BRIEFS IN COMPUTER SCIENCE

Mohammed M. Alani

Elements of
Cloud Computing
Security
A Survey of Key
Practicalities

123
SpringerBriefs in Computer Science

Series editors
Stan Zdonik, Brown University, Providence, Rhode Island, USA
Shashi Shekhar, University of Minnesota, Minneapolis, Minnesota, USA
Jonathan Katz, University of Maryland, College Park, Maryland, USA
Xindong Wu, University of Vermont, Burlington, Vermont, USA
Lakhmi C. Jain, University of South Australia, Adelaide, South Australia, Australia
David Padua, University of Illinois Urbana-Champaign, Urbana, Illinois, USA
Xuemin (Sherman) Shen, University of Waterloo, Waterloo, Ontario, Canada
Borko Furht, Florida Atlantic University, Boca Raton, Florida, USA
V.S. Subrahmanian, University of Maryland, College Park, Maryland, USA
Martial Hebert, Carnegie Mellon University, Pittsburgh, Pennsylvania, USA
Katsushi Ikeuchi, University of Tokyo, Tokyo, Japan
Bruno Siciliano, Università di Napoli Federico II, Napoli, Italy
Sushil Jajodia, George Mason University, Fairfax, Virginia, USA
Newton Lee, Newton Lee Laboratories, LLC, Tujunga, California, USA
More information about this series at http://www.springer.com/series/10028
Mohammed M. Alani

Elements of Cloud
Computing Security
A Survey of Key Practicalities

123
Mohammed M. Alani
Department of Information Technology
Al-Khawarizmi International College
Abu Dhabi
United Arab Emirates

ISSN 2191-5768 ISSN 2191-5776 (electronic)

SpringerBriefs in Computer Science
ISBN 978-3-319-41410-2 ISBN 978-3-319-41411-9 (eBook)
DOI 10.1007/978-3-319-41411-9

Library of Congress Control Number: 2016944339

© The Author(s) 2016

This work is subject to copyright. All rights are reserved by the Publisher, whether the whole or part
of the material is concerned, specifically the rights of translation, reprinting, reuse of illustrations,
recitation, broadcasting, reproduction on microfilms or in any other physical way, and transmission
or information storage and retrieval, electronic adaptation, computer software, or by similar or dissimilar
methodology now known or hereafter developed.
The use of general descriptive names, registered names, trademarks, service marks, etc. in this
publication does not imply, even in the absence of a specific statement, that such names are exempt from
the relevant protective laws and regulations and therefore free for general use.
The publisher, the authors and the editors are safe to assume that the advice and information in this
book are believed to be true and accurate at the date of publication. Neither the publisher nor the
authors or the editors give a warranty, express or implied, with respect to the material contained herein or
for any errors or omissions that may have been made.

Printed on acid-free paper

This Springer imprint is published by Springer Nature

The registered company is Springer International Publishing AG Switzerland
Foreword

Cloud computing has begun to revolutionize people lives, business, and services.
The concept of cloud computing has emerged from virtualization and software
design concepts. The emergence of service computing has revolutionized the
software development methodologies. Cloud computing also offers different ser-
vices (SaaS, PaaS, and IaaS) and deployment paradigms (private, public, and
hybrid) that help business making relevant combinations that suit businesses and its
impact on the global economy. In addition, there are also a number of advance-
ments in the federation of clouds. However, challenges remain predominant to
make cloud computing as a successful technology that will reach people and
businesses. Such major challenges include cloud security, multitenancy, elasticity,
secure and scalable service development and business sustainability.
This book has taken a major step in providing a breadth of knowledge on cloud
security with elegance, examples, and comprehensive. This book has presented
cloud security concepts in a simplified manner and elegant. Firstly, this book
introduces the general concepts of cloud computing and then takes the reader very
deeply into general concepts of cloud security techniques. This book has been well
organized elegantly with five chapters.
Chapter 1 introduces the basic concepts and its underpinning technologies of
cloud computing with simple illustration for all types of readers to understand. This
chapter also explains the cloud’s different service models and different deployment
models. This chapter concludes with a discussion of cloud computing benefits to
organizations.
Chapter 2 provides a brief introduction to cloud security. This chapter also
discusses why cloud security is different from classical systems security.
Chapter 3 introduces to security threats in cloud computing very elegantly with
detailed definitions of nine security threats such as data breaches, data loss, account
or service hijacking, insecure interfaces and APIs, threats to availability, malicious
insiders, abuse of cloud services, insufficient due diligence, and shared-technology
vulnerabilities. In addition to the notorious nine, this chapter also explains

v
vi Foreword

additional threats such as lock-in, incomplete data deletion, and loss of governance
among other threats along with their mitigation techniques.
Chapter 4 provides examples of cloud security attacks. A group of the most
common attacks on the cloud was presented: denial-of-service attacks, hypervisor
attacks, resource-freeing attacks, side-channel attacks, and attacks on confiden-
tiality. This chapter also discusses mitigation techniques of those attacks.
Finally, Chap. 5 presents a short list of general security recommendations for the
cloud adoption with emphasis given to good practice guidelines.
I am sure this book will make a huge impact on research as well as teaching and
will add to a list of recommended books on cloud security. In light of the significant
and fast emerging challenges that cloud computing face today, the author of this
book has done an outstanding job in selecting the contents of this book. I am
confident that this book will provide an appreciated contribution to the cloud
computing and security community. It has the potential to become one of the main
reference points for the years to come.

Leeds Muthu Ramachandran

June 2016 www.soft-research.com
Preface

Network security is an ongoing effort full of challenges. It has become an integral

part of any network service. With the rapidly increasing number of transactions
happening on the Internet, security became a vital part of everyday life.
Network security becomes much more difficult to control when the environment
becomes as dynamic and demanding as cloud computing.
Cloud computing aims at reducing costs. This reduction is not only in terms of
computing resource, but also in terms of helping its users to focus on the business
instead of the information technology enabling this business. Cloud computing has
evolved from many different technologies such as virtualization, autonomic com-
puting, grid computing, and many other technologies.
With every new technology, new challenges arise. A very important challenge is
to provide adequate security to that cloud to perform as aimed.
This brief focuses on presenting cloud security concepts in a simplified way.
After introducing the general concepts of cloud computing, the brief introduces the
general concepts of cloud security by going through threats, attacks, and their
mitigation techniques.
This brief starts by introducing the concepts and technologies underlying the
cloud in Chap. 1. This chapter also explains the cloud's different service models and
different deployment models. This chapter concludes with a discussion of cloud
computing benefits to organizations.
Chapter 2 gives a brief introduction to cloud security. This chapter discusses
why cloud security is different from classical systems security. This chapter also
discusses the most famous cloud security incidents in the past few years.
Chapter 3 is devoted to security threats in cloud computing. This chapter dis-
cusses the nine most common security threats, referred to as the notorious nine: data
breaches, data loss, account or service hijacking, insecure interfaces and APIs,
threats to availability, malicious insiders, abuse of cloud services, insufficient due
diligence, and shared-technology vulnerabilities. In addition to the notorious nine,
this chapter also explains additional threats such as lock-in, incomplete data

vii
viii Preface

deletion, and loss of governance among other threats along with their mitigation
techniques.
Security attacks on the cloud are discussed in Chap. 4. A group of the most
common attacks on cloud was presented: denial-of-service attacks, hypervisor
attacks, resource-freeing attacks, side-channel attacks, and attacks on confiden-
tiality. This chapter also discusses mitigation techniques of those attacks.
Chapter 5 presents a short list of general security recommendations for the cloud.

Intended Audience of the Brief

• Researchers working in the cloud security field.
• Professionals in charge or involved in cloud computing.
• Graduate students.
• IT managers aiming to get basic understanding of cloud security challenges.

How to Use This Brief

If you are familiar with the general concepts of the cloud, its service models, and
the underlying technologies, you can skip Chap. 1. If you have general knowledge
about cloud security and how it is different from classic information security, you
can skip Chap. 2 as well.
If you are new to the field of cloud computing, it is suggested that you start from
Chap. 1 and go all the way up to Chap. 5.

Acknowledgments

Finally, I would like to thank my editors in Springer. You have made this project
easy and simple. Thank you for believing in me. My final thanks go to my family,
Marwa, little Aya and Mustafa, and mom and dad. Thank you all for enduring me
during the time of working on this brief and all my life. I could not have been
blessed more.

Abu Dhabi Mohammed M. Alani

April 2016
Contents

1 What is the Cloud? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1

1.1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1
1.2 History of Cloud Computing . . . . . . . . . . . . . . . . . . . . . . . . . . 2
1.3 How Does the Cloud Work? . . . . . . . . . . . . . . . . . . . . . . . . . . 3
1.3.1 Virtualization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
1.3.2 Clustering. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
1.3.3 Grid Computing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
1.3.4 Cloud Architecture . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
1.3.5 Cloud Operation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
1.4 Cloud Service Models . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
1.4.1 Infrastructure-as-a-Service. . . . . . . . . . . . . . . . . . . . . . . 9
1.4.2 Platform-as-a-Service . . . . . . . . . . . . . . . . . . . . . . . . . . 10
1.4.3 Software-as-a-Service. . . . . . . . . . . . . . . . . . . . . . . . . . 10
1.5 Cloud Deployment Models . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
1.6 Why Choose the Cloud?. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
2 About Cloud Security . . . . . . . . . . . . . . . . . . . .......... . . . . . 15
2.1 Introduction . . . . . . . . . . . . . . . . . . . . . . .......... . . . . . 15
2.2 Why Is Cloud Security Different? . . . . . . . .......... . . . . . 17
2.3 Famous Attacks on Cloud. . . . . . . . . . . . . .......... . . . . . 18
2.3.1 History of Denial of Service Attacks on the Cloud . . . . . 18
2.3.2 Other Attacks . . . . . . . . . . . . . . . . .......... . . . . . 20
References . . . . . . . . . . . . . . . . . . . . . . . . . . . . .......... . . . . . 22
3 Security Threats in Cloud Computing . . . . . . . . . . . . . . . . . . . . . . 25
3.1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25
3.2 Data Breaches . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25
3.3 Data Loss . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27
3.4 Account or Service Hijacking . . . . . . . . . . . . . . . . . . . . . . . . . 28
3.5 Insecure Interfaces and APIs . . . . . . . . . . . . . . . . . . . . . . . . . . 29
3.6 Threats to Availability . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30

ix
x Contents

3.7 Malicious Insiders . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31

3.8 Abuse of Cloud Service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32
3.9 Insufficient Due Diligence. . . . . . . . . . . . . . . . . . . . . . . . . . . . 33
3.10 Shared Technology Vulnerabilities . . . . . . . . . . . . . . . . . . . . . . 34
3.11 Other Threats . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35
References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37
4 Security Attacks in Cloud Computing. . . . . . . . . . . . . . . . . . . . . . . 41
4.1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41
4.2 Denial of Service Attacks . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41
4.3 Attacks on Hypervisor . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44
4.4 Resource Freeing Attacks . . . . . . . . . . . . . . . . . . . . . . . . . . . . 45
4.5 Side-Channel Attacks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 46
4.6 Attacks on Confidentiality. . . . . . . . . . . . . . . . . . . . . . . . . . . . 47
4.7 Other Attacks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 48
References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 48
5 General Cloud Security Recommendations . . . . . . . . . . . . . . . . . . . 51
5.1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51
5.2 General Security Recommendations . . . . . . . . . . . . . . . . . . . . . 52
References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 54

Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 55
Acronyms

ABE Attribute-based encryption

API Application programming interface
AWS Amazon Web Services
DDoS Distributed denial of service
DoS Denial of service
EC2 Elastic Cloud Compute
FTP File Transfer Protocol
HSVM Hierarchical secure virtualization model
IaaS Infrastructure-as-a-Service
IEEE Institute of Electrical and Electronics Engineers
IP Internet Protocol
LSM Linux Security Module
MANET Mobile ad hoc networks
NTP Network Time Protocol
PaaS Platform-as-a-Service
RFA Resource-freeing attack
SaaS Software-as-a-Service
SDN Software-defined network
SETA Security Educations, Training, and Awareness
SLA Service Level Agreement
URL Uniform Resource Locator
VM Virtual machine
VPS Virtual private server
VoIP Voice-over Internet Protocol
WWW World Wide Web

xi
Chapter 1
What is the Cloud?

Abstract This chapter provides a simplified introduction to cloud computing.

This chapter starts by introducing the history of cloud computing and moves
on to describe the cloud architecture and operation. This chapter also discusses
briefly cloud service models: Infrastructure-as-a-Service, Platform-as-a-Service, and
Software-as-a-Service. Clouds are also categorized based on their ownership to pri-
vate and public clouds. This chapter concludes by explaining the reasons for choosing
cloud computing over other technologies by exploring the economic and technolog-
ical benefits of the cloud.

Keywords Cloud computing · IaaS · PaaS · SaaS · Private cloud · Public cloud

1.1 Introduction

The main purpose of creating networks is, simply, sharing resources. These resources
can be files, photographs, printers, space on a hard disk, or a music file we would like
to listen together. Networks have helped us become more connected with everything
and everyone around us. Currently, networks provide us with many services including
the World Wide Web (WWW), electronic mail, voice over-internet-protocol (VoIP),
instant messaging, and many other services.
Network services usually fall into one of two models: peer to peer and client–
server. In a peer-to-peer network service, computers can communicate directly with-
out the need to be connected all the time nor the need to have an always-on server to
supervise the process. In client–server model, one device acts as a client that requests
a service from another device called the server. The server needs to be always on and
always connected and waits for client requests.
So many services on the Internet, and even on local networks, operate based on a
client–server model. For example, to view a webpage using WWW service, a client
sends a request to view a specific webpage identified by a Uniform Resource Locator
(URL) to a server, namely a web server. The server is just sitting there waiting for
client requests. When you check your e-mail, the software that you use, like Outlook,
or Thunderbird, acts as a client and asks the e-mail server to send information about

© The Author(s) 2016 1

M.M. Alani, Elements of Cloud Computing Security,
SpringerBriefs in Computer Science, DOI 10.1007/978-3-319-41411-9_1
2 1 What is the Cloud?

new messages. Even services that operates on the peer-to-peer model, like voice chat,
rely partially on client–server model. Most voice chat services work in the following
sequence:
1. Your client software connects to a server and registers your IP address.
2. The other side’s client software connects to the same server to register its IP
address.
3. When you want to make a voice call to the other side, your client software contacts
the server to check whether the other side is online, and if it is online, what is its
IP address.
4. Your client software initiates a voice call to the other client directly.
As you can see, the actual peer-to-peer communication occurred only at Step 4, while
the first three steps were all client–server activities. What we want to conclude from
this explanation is that client–server model is essential in most network services we
use in our daily life. Servers are an essential part of the client–server model. That is
basically why we are studying cloud computing.
When an organization works on setting up a network service, an essential part of
the preparation is to select a suitable server. The organization chooses the hardware
specifications based on the application requirements. In addition to the server hard-
ware, there are other components that need to be provided to host the network service
successfully including security, Internet connectivity, and backup electricity. The IT
manager, wanting to get rid of all of this responsibility of keeping the service up
and running all the time, suggests that the organization should outsource hosting the
network service. This would push the burden of managing the server availability and
security to another organization. Three possible scenarios are available now: shared
hosting, Virtual Private Server (VPS), and dedicated servers.
Shared hosting is out of the question if the network service requires any server
control and it is more than just a simple website with a limited number of visitors. The
second solution is which is renting a dedicated server. Dedicated servers are physical
servers with specifications selected by the client (most of the time). These servers
are hosted by a service provider that provides all the necessary support like Internet
connection, firewall, and sometimes off-line backup. Usually, these dedicated servers
are very costly as compared to VPSs. VPS can be an economic solution where a
service provider uses a physical server with high specifications to host a group of
logical servers and rent those servers (for a monthly or annual fee) to client individuals
or organizations. This can be a suitable solution if your network service does not
require a lot of processing power and the number of users is limited.

1.2 History of Cloud Computing

The general concept of cloud computing, although it was holding a different name,
goes back to 1961 [1]. A well-known computer scientist named John McCarthy
stated, at the MIT Centennial
1.2 History of Cloud Computing 3

“computers of the kind I have advocated become the computers of the future, then
computing may someday be organized as a public utility just as the telephone system is
a public utility... The computer utility could become the basis of a new and important
industry.”
The term utility computing refers to a computer-on-demand service that can be
used by the public with a pay-for-what-you-use financial model. The term has been
evolving since then.
The idea was slightly matured before the end of the 1990s when Salesforce.com
introduced the first remotely provisioned service to the enterprise. Afterward, the
concept started being different near the end of the 1990s. The concepts then focused
on an abstraction layer used to facilitate data delivery methods in packet-switched
heterogeneous networks.
In 2002, Amazon.com introduced Amazon Web Services (AWS) platform. The
platform, back then, provided remotely provisioned computing resources and storage.
Commercially, the term “cloud computing” emerged in 2006 when Amazon
launched its Elastic Compute Cloud (EC2) services. The service model was based
on “leasing” elastic computing processing power and storage where enterprises can
run their apps. Later that year, Google also started providing Google Apps.
Cloud computing was identified by NIST in [2] as
“a model for enabling ubiquitous, convenient, on-demand network access to a shared
pool of configurable computing resources (e.g., networks, servers, storage, appli-
cations, and services) that can be rapidly provisioned and released with minimal
management effort or service provider interaction.”
We can identify the Internet as a network of networks from all around the world.
Since, in the broad sense, the cloud uses the Internet as a provisioning medium, the
term “cloud” comes as a metaphor for the Internet itself. A better understanding of
the history of cloud computing can be understood by knowing the combination of
technologies that had evolved into the cloud. The next section will discuss those
technologies briefly.

1.3 How Does the Cloud Work?

Cloud computing is the result of interaction between many disciplines in computer

science. Before we explain how cloud computing works, we will go through some
basic definitions of underlying technologies.

1.3.1 Virtualization

As an important enabling technology to cloud computing, we need to explain

the concept of virtualization before we proceed. A virtual computer, as identified
in [3], is
4 1 What is the Cloud?

Fig. 1.1 Comparison of traditional server architecture and virtual server architecture

“a logical representation of a computer in software. By decoupling the physical hard-

ware from the operating system, virtualization provides more operational flexibility
and increases the utilization rate of the underlying physical hardware.”
Figure 1.1 shows a comparison between a traditional server model and a virtual
server model. In this figure, you can see that the traditional server has one operating
system and multiple applications installed on it. On the other side, you see the virtu-
alized server model where the physical server holds a host operating system that is
hosting multiple virtual machines. Each virtual machine has its own guest operating
system and application(s).
Virtualization was previously supported by software only. However, currently,
most new processors support virtualization in hardware. There can be many dis-
cussions of how deep virtualization can go and whether full isolation of the guest
operating system is done or there might be a degree of kernel sharing between the
host operating system and the guest operating system. However, these details are
beyond the scope of this book. To understand how virtualization helps in improving
utilization of resource, we will look at an example. In the example, four different
organizations, namely A, B, C, and D, are using their own servers hosted within
their premises. The servers are designed to provide a certain network service, like
web hosting of the organization’s website. These organizations are medium-sized
and their servers are not fully loaded. In fact, some of those servers are lightly loaded
most of the time. In Fig. 1.2a, you can see how those servers are underutilized.
Figure 1.2b shows how using one hardware server with higher processing power as a
1.3 How Does the Cloud Work? 5

Fig. 1.2 Individual physical server utilization versus virtualized server utilization

virtualization host can result in the creation of one virtual machine for each organi-
zation. This will result in cost saving, both in capital expenditures and in operational
expenditures, and much better resource utilization.

1.3.2 Clustering

Clustering is the grouping of interconnected independent resources working as a

single system. Clustering provides high reliability and availability due to the existence
of other resources that can cover the need. In order to create a properly working
cluster, it is advised that servers that form the cluster have identical hardware [1].
This would guarantee identical performance levels among the servers forming the
cluster.
As shown in Fig. 1.3, clustering techniques are based on having a front-end dis-
patcher that receives the requests from clients and forwards it to the cluster servers.
The dispatcher holds an IP address that is usually referred to as the cluster address.
Beyond that cluster address, there is a group of servers operating at the back-end to
provide the actual service. The client sees only the cluster address and does not see
the rest of the cluster. This is how client transparency is achieved. On the other hand,
in many cases, you set up the servers inside the cluster as independent servers oper-
ating a certain network service and the dispatcher distributing jobs between them.
This is how you can achieve server transparency as well. This setup will save a lot
of time and effort trying to maintain servers’ consistency if the clustering was not
server transparent [4].
2.2 Why Is Cloud Security Different? 17

2.2 Why Is Cloud Security Different?

As with any other system, cloud computing includes vulnerabilities. These vulner-
abilities, when exploited by attackers, can cause service disruptions, data loss, data
theft, etc. Given the nature of dynamic resource sharing that take place in the cloud, it
is possible that classical attacks and vulnerabilities can cause more harm on a cloud
system if it is not protected properly.
The context in which network security can be discussed can identify a long list
of threats and attacks. However, the dynamic and unique nature of the cloud can
require additional measures and this nature also opens the door for a whole new list
of attacks that can be used against the cloud.
Nothing explains this better than an example. One of the unique characteristics of
the cloud is availability. The cloud is designed to be available all the time. Whether
it is a private or a public cloud, availability is an undeniable feature that many
organizations seek. What if attackers target availability of the cloud?
One of the major reasons why organizations decide to switch to a cloud envi-
ronment is the you-pay-for-what-you-use business model. No one likes paying for
resource that are not very well utilized. Hence, when an attack such as Denial-of-
Service (DoS) attack happens, not only availability is targeted.
Denial of Service (DoS) attacks aim at making a certain network service unavail-
able to its legitimate users. In its basic form, these attacks keep the resources busy
such that these resources become unavailable to the users this service was aimed to
serve.
Using DoS attacks on the cloud, the attacker can cause huge financial implications
by consuming high resources in the trial of making the service unavailable. So, for
the organization using the cloud, it is a doubled loss.
The organization will be paying a lot of money for the resources consumed by
the attack and, after a while, the organization’s service will be unavailable due to the
DoS attack. This type of attacks is referred to as Fraudulent Resource Consumption
(FRC) [3].
The previous example shows us how the same attack can have different effect
on different technology. For example, DoS attack on a classic server would render
the service unavailable. If the same attack happens on a mobile ad hoc network, it
would make the service unavailable and consume valuable battery life [4]. On the
other hand, DoS on the cloud would render the service unavailable and cost the
organization a lot of money for the consumed resources. This is why the uniqueness
of the cloud technology open the door for unique attacks or at least unique effects of
old common attacks.
Having the multiple layers discussed in Chap. 1, cloud computing can be target
for attacks at any of these levels. We will see in the coming chapters that threats
exist at virtually any lever of the cloud computing system. As you will see, there are
threats at the hypervisor level, threats at the platform level, threats at the software
level, etc. All of these attacks are unique to cloud computing alone and cannot be
used on classical network security model.
Another random document with
no related content on Scribd:
poor Galilean, and even their gravest and most puzzling attacks
upon his wisdom and prudence, turned into an absolute jest against
them,――it was quite clear that the amused and delighted multitude
would soon cease to regard the authority and opinions of their
venerable religious and legal rulers, whose subtleties were so easily
foiled by one of the common, uneducated mass. But the very
circumstances which effected and constituted the evil, were also the
grand obstacles to the removal of it. Jesus was by these means
seated firmly in the love and reverence of the people,――and of the
vast numbers of strangers then in Jerusalem at the feast, there were
very many who would have their feelings strongly excited in his
favor, by the circumstance that they, as well as he, were Galileans,
and would therefore be very apt to make common cause with him in
case of any violent attack. All these obstacles required management;
and after having been very many times foiled in their attempts to
seize him, by the resolute determination of the thousands by whom
he was always encircled, to defend him, they found that they must
contrive some way to get hold of him when he was without the
defenses of this admiring host. This could be done, of course, only
by following him to his secret haunts, and coming quietly upon him
before the multitude could assemble to his aid. But his movements
were altogether beyond their notice. No armed band could follow him
about, as he went from the city to the country in his daily and nightly
walks. They needed some spy who could watch his private
movements when unattended, save by the little band of the twelve,
and give notice of the favorable moment for a seizure, when the
time, the place, and the circumstances, would all conspire to prevent
a rescue. Thus taken, he might be safely lodged in some of the
impregnable fortresses of the temple and city, so as to defy the
momentary burst of popular rage, on finding that their idol had been
taken away. They knew too, the fickle character of the commonalty,
well enough to feel certain, that when the tide of condemnation was
once strongly set against the Nazarene, the lip-worship of
“Hosannas” could be easily turned, by a little management, into the
ferocious yell of deadly denunciation. The mass of the people are
always essentially the same in their modes of action. Mobs were
then managed by the same rules as now, and demagogues were
equally well versed in the tricks of their trade. Besides, when Jesus
had once been formally indicted and presented before the secular
tribunal of the Roman governor, as a rioter and seditious person, no
thought of a rescue from the military force could be thought of; and
however unwilling Pilate might be to minister to the wishes of the
Jews, in an act of unnecessary cruelty, he could not resist a call thus
solemnly made to him, in the character of preserver of the Roman
sway, though he would probably have rejected entirely any
proposition to seize Jesus by a military force, in open day, in the
midst of the multitude, so as to create a troublesome and bloody
tumult, by such an imprudent act. In the full consideration of all these
difficulties, the Jewish dignitaries were sitting in conclave, contriving
means to effect the settlement of their troubles, by the complete
removal of him who was unquestionably the cause of all. At once
their anxious deliberations were happily interrupted by the entrance
of the trusted steward of the company of Jesus, who changed all
their doubts and distant hopes into absolute certainty, by offering, for
a reasonable consideration, to give up Jesus into their hands, a
prisoner, without any disturbance or riot. How much delay and
debate there was about terms, it would be hard to say; but after all,
the bargain made, does not seem to have been greatly to the credit
of the liberality of the Sanhedrim, or the sharpness of Judas. Thirty
of the largest pieces of silver then coined, would make but a poor
price for such an extraordinary service, even making all allowance
for a scarcity of money in those times. And taking into account the
wealth and rank of those concerned, as well as the importance of the
object, it is fair to pronounce them a very mean set of fellows. But
Judas especially seems to forfeit almost all right to the character
given him of acuteness in money matters; and it is only by supposing
him to be quite carried out of his usual prudence, by his woful
abandonment to crime, that so poor a bargain can be made
consistent with the otherwise reasonable view of his character.

Thirty pieces of silver.――The value of these pieces is seemingly as vaguely expressed

in the original as in the translation; but a reference to Hebrew usages throws some light on
the question of definition. The common Hebrew coin thus expressed was the
shekel,――equivalent to the Greek didrachmon, and worth about sixteen cents. In Hebrew
the expression, thirty “shekels of silver,” was not always written out in full; but the name of
the coin being omitted, the expression was always equally definite, because no other coin
was ever left thus to be implied. Just so in English, the phrase, “a million of money,” is
perfectly well understood here, to mean “a million of dollars;” while in England, the current
coin of that country would make the expression mean so many pounds. In the same
manner, to say, in this country, that any thing or any man is worth “thousands,” always
conveys, with perfect definiteness, the idea of “dollars;” and in every other country the same
expression would imply a particular coin. Thirty pieces of silver, each of which was worth
sixteen cents, would amount only to four dollars and eighty cents, which are just one pound
sterling. A small price for the great Jewish Sanhedrim to pay for the ruin of their most
dangerous foe! Yet for this little sum, the Savior of the world was bought and sold!

Having thus settled this business, the cheaply-purchased traitor

returned to the unsuspecting fellowship of the apostles, mingling with
them, as he supposed, without the slightest suspicion on the part of
any one, respecting the horrible treachery which he had contrived for
the bloody ruin of his Lord. But there was an eye, whose power he
had never learned, though dwelling beneath its gaze for
years,――an eye, which saw the vainly hidden results of his
treachery, even as for years it had scanned the base motives which
governed him. Yet no word of reproach or denunciation broke forth
from the lips of the betrayed One; the progress of crime was suffered
unresistedly to bear him onward to the mournfully necessary
fulfilment of his destiny. Judas meanwhile, from day to day, waited
and watched for the most desirable opportunity of meeting his
engagements with his priestly employers. The first day of the feast of
unleavened bread having arrived, Jesus sat down at evening to eat
the Paschal lamb with his twelve disciples, alone. The whole twelve
were there without one exception,――and among those who
reclined around the table, sharing in the social delights of the
entertainment which celebrated the beginning of the grand national
festival, was the dark-souled accuser also, like Satan among the
sons of God. Even here, amid the general joyous hilarity, his great
scheme of villainy formed the grand theme of his
meditations,――and while the rest were entering fully into the natural
enjoyments of the occasion, he was brooding over the best means of
executing his plans. During the supper, after the performance of the
impressive ceremony of washing their feet, Jesus made a sudden
transition from the comments with which he was illustrating it; and, in
a tone of deep and sorrowful emotion, suddenly exclaimed, “I
solemnly assure you, that one of you will betray me.” This surprising
assertion, so emphatically made, excited the most distressful
sensations among the little assembly;――all enjoyment was at an
end; and grieved by the imputation, in which all seemed included
until the individual was pointed out, they each earnestly inquired,
“Lord, is it I?” As they sat thus looking in the most painful doubt
around their lately cheerful circle, the disciple who held the place of
honor and affection at the table, at the request of Peter, whose
position gave him less advantage for familiar and private
conversation,――plainly asked of Jesus, “Who is it, Lord?” Jesus, to
make his reply as deliberate and impressive as possible, said, “It is
he to whom I shall give a sop when I have dipped it.” The design of
all this circumlocution in pointing out the criminal, was, to mark the
enormity of the offense. “He that eateth bread with me, hath lifted up
his heel against me.” It was his familiar friend, his chosen
companion, enjoying with him at that moment the most intimate
social pleasures of the entertainment, and occupying one of the
places nearest to him, at the board. As he promised, after dipping
the sop, he gave it to Judas Iscariot, who, receiving it, was moved to
no change in his dark purpose; but with a new Satanic spirit,
resolved immediately to execute his plan, in spite of this open
exposure, which, he might think, was meant to shame him from his
baseness. Jesus, with an eye still fixed on his most secret inward
movements, said to him, “What thou doest, do quickly.” Judas, utterly
lost to repentance and to shame, coolly obeyed the direction, as if it
had been an ordinary command, in the way of his official duty, and
went out at the words of Jesus. All this, however, was perfectly
without meaning, to the wondering disciples, who, not yet recovered
from their surprise at the very extraordinary announcement which
they had just heard of the expected treachery, could not suppose
that this quiet movement could have anything to do with the
occurrence which preceded it; but concluded that Judas was going
about the business necessary for the preparation of the next day’s
festal entertainment,――or that he was following the directions of
Jesus about the charity to be administered to the poor out of the
funds in his keeping, in accordance with the commendable Hebrew
usage of remembering the poor on great occasions of
enjoyment,――a custom to which, perhaps, the previous words of
Judas, when he rebuked the waste of the ointment by Mary, had
some especial reference, since at that particular time, money was
actually needed for bestowment in alms to the poor. Judas, after
leaving the place where the declaration of Jesus had made him an
object of such suspicion and dislike, went, under the influence of that
evil spirit, to whose direction he was now abandoned, directly to the
chief priests, (who were anxiously waiting the fulfilment of his
promise,) and made known to them that the time was now come.
The band of watchmen and servants, with their swords and cudgels,
were accordingly mustered and put under the guidance of Judas,
who, well knowing the place to which Jesus would of course go from
the feast, conducted his band of low assistants across the brook
Kedron, to the garden of Gethsemane. On the way he arranged with
them the sign by which they should recognize, in spite of the
darkness and confusion, the person whose capture was the grand
object of this expedition. “The man whom I shall kiss is he: seize
him.” Entering the garden, at length, he led them straight to the spot
which his intimate familiarity with Jesus enabled him to know, as his
favorite retreat. Going up to him with the air of friendly confidence,
he saluted him, as if rejoiced to find him, even after this brief
absence,――another instance of the very close intimacy which had
existed between the traitor and the betrayed. Jesus submitted to this
hollow show, without any attempt to repulse the movement which
marked him for destruction, only saying, in mild but expressive
reproach,――“Judas! Betrayest thou the Son of Man with a kiss?”
Without more delay he announced himself in plain terms, to those
who came to seize him; thus showing how little need there was of
artful contrivance in taking one who did not seek to escape. “If ye
seek Jesus of Nazareth, I am he.” The simple majesty with which
these words were uttered, was such as to overawe even the low
officials; and it was not till he himself had again distinctly reminded
them of their object, that they could execute their errand. So vain
was the arrangement of signals, which had been studiously made by
the careful traitor.

No further mention is made of Iscariot after the scene of his

treachery, until the next morning, when Jesus had been condemned
by the high court of the Sanhedrim, and dragged away to undergo
punishment from the secular power. The sun of another day had
risen on his crime; and after a very brief interval, he now had time for
cool meditation on the nature and consequences of his act. Spite
and avarice had both now received their full gratification. The thirty
pieces of silver were his, and the Master whose instructions he had
hated for their purity and spirituality, because they had made known
to him the vileness of his own character and motives, was now in the
hands of those who were impelled, by the darkest passions, to
secure his destruction. But after all, now came the thought, and
inquiry, ‘what had the pure and holy Jesus done, to deserve this
reward at his hands?’ He had called him from the sordid pursuits of a
common life, to the high task of aiding in the regeneration of Israel.
He had taught him, labored with him, prayed for him, trusted him as
a near and worthy friend, making him the steward of all the earthly
possessions of his apostolic family, and the organ of his ministrations
of charity to the poor. All this he had done without the prospect of a
reward, surely. And why? To make him an instrument, not of the
base purposes of a low ambition;――not to acquire by this means
the sordid and bloody honors of a conqueror,――but to effect the
moral and spiritual emancipation of a people, suffering far less under
the evils of a foreign sway, than under the debasing dominion of folly
and sin. And was this an occasion to arm against him the darker
feelings of his trusted and loved companions?――to turn the
instruments of his mercy into weapons of death? Ought the mere
disappointment of a worldly-minded spirit, that was ever clinging to
the love of material things, and that would not learn the solemn truth
of the spiritual character of the Messiah’s reign, now to cause it to
vent its regrets at its own errors, in a traitorous attack upon the life of
him who had called it to a purpose whose glories and rewards it
could not appreciate? These and other mournful thoughts would
naturally rise to the repentant traitor’s mind, in the awful revulsion of
feeling which that morning brought with it. But repentance is not
atonement; nor can any change of feeling in the mind of the sinner,
after the perpetration of the sinful act, avail anything for the removal
or expiation of the evil consequences of it. So vain and unprofitable,
both to the injurer and the injured, are the tears of remorse! And
herein lay the difference between the repentance of Judas and of
Peter. The sin of Peter affected no one but himself, and was criminal
only as the manifestation of a base, selfish spirit of deceit, that fell
from truth through a vain-glorious confidence,――and the effusion of
his gushing tears might prove the means of washing away the
pollution of such an offense from his soul. But the sin of Judas had
wrought a work of crime whose evil could not be affected by any
tardy change of feeling in him. Peter’s repentance came too late
indeed, to exonerate him from guilt; because all repentance is too
late for such a purpose, when it comes after the commission of the
sin. The repentance of an evil purpose, coming in time to prevent the
execution of the act, is indeed available for good; but both Peter and
Judas came to the sense of the heinousness of sin, only after its
commission. Peter however, had no evil to repair for
others,――while Judas saw the bloody sequel of his guilt, coming
with most irrevocable certainty upon the blameless One whom he
had betrayed. Overwhelmed with vain regrets, he took the now
hateful, though once-desired price of his villainy, and seeking the
presence of his purchasers, held out to them the money, with the
useless confession of the guilt, which was too accordant with their
schemes and hopes, for them to think of redeeming him from its
consequences. The words of his confession were, “I have sinned, in
betraying innocent blood.” This late protestation was received by the
proud priests, with as much regard as might have been expected
from exulting tyranny, when in the enjoyment of the grand object of
its efforts. With a cold sneer they replied, “What is that to us? See
thou to that!” Maddened with the immovable and remorseless
determination of the haughty condemners of the just, he flung down
the price of his infamy and woe, upon the floor of the temple, and
rushed out of their presence, to seal his crimes and eternal misery
by the act that put him for ever beyond the power of redemption.
Seeking a place removed from the observation of men, he hurried
out of the city, and contriving the fatal means of death for himself,
before the bloody doom of him whom he betrayed had been fulfilled,
the wretched man saved his eyes the renewed horrors of the sight of
the crucifixion, by closing them in the sleep which earthly sights can
not disturb. But even in the mode of his death, new circumstances of
horror occurred. Swinging himself into the air, by falling from a
highth, as the cord tightened around his neck, checking his descent,
the weight of his body produced the rupture of his abdomen, and his
bowels bursting through, made him, as he swung stiffening and
convulsed in the agonies of this doubly horrid death, a disgusting
and appalling spectacle,――a monument of the vengeance of God
on the traitor, and a shocking witness of his own remorse and self-
condemnation.

A very striking difference is noticeable between the account given by Matthew of the
death of Judas, and that given by Luke in the speech of Peter, Acts i. 18, 19. The various
modes of reconciling these difficulties are found in the ordinary commentaries. In respect to
a single expression in Acts i. 18, there is an ingenious conjecture offered by Granville Penn,
in a very interesting and learned article in the first volume of the transactions of the Royal
Society of Literature, which may very properly be mentioned here, on account of its
originality and plausibility, and because it is found only in an expensive work, hardly ever
seen in this country. Mr. Penn’s view is, that “the word ελακησε (elakese,) in Acts i. 18, is
only an inflection of the Latin verb, laqueo, (to halter or strangle,) rendered insititious in the
Hellenistic Greek, under the form λακεω.” He enters into a very elaborate argument, which
can not be given here, but an extract may be transcribed, in order to enable the learned to
apprehend the nature and force of his views. (Translated by R. S. Lit. Vol. I. P. 2, pp. 51,
52.)

“Those who have been in the southern countries of Europe know, that the operation in
question, as exercised on a criminal, is performed with a great length of cord, with which the
criminal is precipitated from a high beam, and is thus violently laqueated, or snared in a
noose, mid-way――medius or in medio; μεσος, and medius, referring to place as well as to
person; as, μεσος ὑμων ἑστηκεν. (John i. 26.) ‘Considit scopulo medius――――’ (Virgil,
Georgics, iv. 436.) ‘―――― medius prorumpit in hostes.’ (Aeneid, x. 379.)

“Erasmus distinctly perceived this sense in the words πρηνης γενομενος, although he did
not discern it in the word ελακησε, which confirms it: ‘πρηνης Graecis dicitur, qui vultu est in
terram dejecto: expressit autem gestum et habitum laqueo praefocati; alioquin, ex hoc
sane loco non poterat intelligi, quod Judas suspenderit se,’ (in loc.) And so Augustine also
had understood those words, as he shows in his Recit. in Act. Apostol. l. i. col. 474. ‘et
collem sibi alligavit, et dejectus in faciem,’ &c. Hence one MS., cited by Sabatier, for πρηνης
γενομενος, reads αποκρεμαμένος; and Jerom, in his new vulgate, has substituted suspensus
for the pronus factus of the old Latin version, which our old English version of 1542
accordingly renders, and when he was hanged.

“That which follows, and which evidently determined the vulgar interpretation of
ελακησε――εξεχυνθη παντα τα σπλαγχνα αυτου, all his bowels gushed out――states a natural
and probable effect produced, by the sudden interruption in the fall and violent capture in
the noose, in a frame of great corpulency and distension, such as Christian antiquity has
recorded that of the traitor to have been; so that a term to express rupture would have been
altogether unnecessary, and it is therefore equally unnecessary to seek for it in the verb
ελακησε. Had the historian intended to express disruption, we may justly presume that he
would have said, as he had already said in his gospel, v. 6, διερρηγνυτο, or xxiii. 45, εσχισθη
μεσος: it is difficult to conceive, that he would here have traveled into the language of
ancient Greek poetry for a word to express a common idea, when he had common terms at
hand and in practice; but he used the Roman laqueo, λακεω, to mark the infamy of the
death.

“(Πρησθεις επι τοσουτον την σαρκα, ὡστε μη δυνασθαι δειλθειν. Papias, from Routh's
Reliquiæ Sacræ tom. I. p. 9. and Oecumenius, thus rendered by Zegers, Critici Sacri, Acts i.
18, in tantum enim corpore inflatus est ut progredi non posset. The tale transmitted by those
writers of the first and tenth centuries, that Judas was crushed to death by a chariot
proceeding rapidly, from which his unwieldiness rendered him unable to escape, merits no
further attention, after the authenticated descriptions of the traitor’s death which we have
here investigated, than to suggest a possibility that the place where the suicide was
committed might have overhung a public way, and that the body falling by its weight might
have been traversed, after death, by a passing chariot;――from whence might have arisen
the tales transmitted successively by those writers; the first of whom, being an inhabitant of
Asia Minor, and therefore far removed from the theater of Jerusalem, and being also (as
Eusebius witnesses, iii. 39,) a man of a very weak mind――σφοδρα μκρος τον νουν――was
liable to be deceived by false accounts.)

“The words of St. Peter, in the Hellenistic version of St. Luke, will therefore import,
praeceps in ora fusus, laqueavit (i. e. implicuit se laqueo) medius; (i. e. in medio, inter
trabem et terram;) et effusa sunt omnia viscera ejus――throwing himself headlong, he
caught mid-way in the noose, and all his bowels gushed out. And thus the two reporters of
the suicide, from whose respective relations charges of disagreement, and even of
contradiction, have been drawn in consequence of mistaking an insititious Latin word for a
genuine Greek word of corresponding elements, are found, by tracing that insititious word to
its true origin, to report identically the same fact; the one by a single term, the other by a
periphrasis.”

Such was the end of the twelfth of Jesus Christ’s chosen ones. To
such an end was the intimate friend, the trusted steward, the festal
companion of the Savior, brought by the impulse of some not very
unnatural feelings, excited by occasion, into extraordinary action.
The universal and intense horror which the relation of his crime now
invariably awakens, is by no means favorable to a just and fair
appreciation of his sin and its motives, nor to such an honest
consideration of his course from rectitude to guilt, as is most
desirable for the application of the whole story to the moral
improvement of its readers. Originally not an infamous man, he was
numbered among the twelve as a person of respectable character,
and long held among his fellow-disciples a responsible station, which
is itself a testimony of his unblemished reputation. He was sent forth
with them, as one of the heralds of salvation to the lost sheep of the
house of Israel. He shared with them the counsels, the instructions,
and the prayers of Jesus. If he was stupid in apprehending, and
unspiritual in conceiving the truths of the gospel, so were they. If he
was an unbeliever in the resurrection of Jesus, so were they; and
had he survived till the accomplishment of that prophecy, he could
not have been slower in receiving the evidence of the event, than
they. As it was, he died in his unbelief; while they lived to feel the
glorious removal of all their doubts, the purification of all their gross
conceptions, and the effusion of that spirit of truth, through which, by
the grace of God alone, they afterwards were what they were.
Without a merit, in faith, beyond Judas, they maintained their dim
and doubtful adherence to the truth, only by their nearer
approximation to moral perfection; and by their nobler freedom from
the pollution of sordid and spiteful feeling. Through passion alone he
fell, a victim, not to a want of faith merely,――for therein, the rest
could hardly claim a superiority,――but to the radical deficiency of
true love for Jesus, of that “charity which never faileth,” but “endureth
to the end.” It was their simple, devoted affection, which, through all
their ignorance, their grossness of conception, and their
faithlessness in his word, made them still cling to his name and his
grave, till the full revelations of his resurrection and ascension had
displaced their doubts by the most glorious certainties, and given
their faith an eternal assurance. The great cause of the awful ruin of
Judas Iscariot, then, was the fact, that he did not love Jesus. Herein
was his grand distinction from all the rest; for though their regard
was mingled with so much that was base, there was plainly, in all of
them, a solid foundation of true, deep affection. The most ambitious
and skeptical of them, gave the most unquestionable proofs of this.
Peter, John, both the Jameses, and others, are instances of the
mode in which these seemingly opposite feelings were combined.
But Judas was without this great refining and elevating principle,
which so redeemed the most sordid feelings of his fellows. It was not
merely for the love of money that he was led into this horrid crime.
The love of four dollars and eighty cents! Who can believe that this
was the sole motive? It was rather that his sordidness and
selfishness, and ambition, if he had any, lacked this single, purifying
emotion, which redeemed their characters. Is there not, in this
reflection, a moral which each Christian reader can improve to his
own use? For the lack of the love of Jesus alone, Judas fell from his
high estate, to an infamy as immortal as their fame. Wherever,
through all ages, the high heroic energy of Peter, the ready faith of
Andrew, the martyr-fire of James Boanerges, the soul-absorbing love
of John, the willing obedience of Philip, the guileless purity of
Nathanael, the recorded truth of Matthew, the slow but deep
devotion of Thomas, the blameless righteousness of James the Just,
the appellative zeal of Simon, and the earnest warning eloquence of
Jude, are all commemorated in honor and bright renown,――the
murderous, sordid spite of Iscariot, will insure him an equally lasting
proverbial shame. Truly, “the sin of judas is written with a pen
of iron on a tablet of marble.”
 MATTHIAS.
The events which concern this person’s connection with the
apostolic company, are briefly these. Soon after the ascension of
Jesus, the eleven disciples being assembled in their “upper room,”
with a large company of believers, making in all, together, a meeting
of one hundred and twenty, Peter arose and presented to their
consideration, the propriety and importance of filling, in the apostolic
college, the vacancy caused by the sad defection of Judas Iscariot.
Beginning with what seems to be an apt allusion to the words of
David concerning Ahithophel,――(a quotation very naturally
suggested by the striking similarity between the fate of that ancient
traitor, and that of the base Iscariot,) he referred to the peculiarly
horrid circumstances of the death of this revolted apostle, and also
applied to these occurrences the words of the same Psalmist
concerning those upon whom he invoked the wrath of God, in words
which might with remarkable emphasis be made descriptive of the
ruin of Judas. “Let his habitation be desolate,” and “let another take
his office.” Applying this last quotation more particularly to the
exigency of their circumstances, he pronounced it to be in
accordance with the will of God that they should immediately
proceed to select a person to “take the office” of Judas. He declared
it an essential requisite for this office, moreover, that the person
should be one of those who, though not numbered with the select
twelve, had been among the intimate companions of Jesus, and had
enjoyed the honors and privileges of a familiar discipleship, so that
they could always testify of his great miracles and divine instructions,
from their own personal knowledge as eye-witnesses of his actions,
from the beginning of his divine career at his baptism by John, to the
time of his ascension.
 Agreeably to this counsel of the apostolic chief, the whole
company of the disciples selected two persons from those who had
been witnesses of the great actions of Christ, and nominated them to
the apostles, as equally well qualified for the vacant office. To decide
the question with perfect impartiality, it was resolved, in conformity
with the common ancient practice in such cases, to leave the point
between these two candidates to be settled by lot; and to give this
mode of decision a solemnity proportioned to the importance of the
occasion, they first invoked, in prayer, the aid of God in the
appointment of a person best qualified for his service. They then
drew the lots of the two candidates, and Matthias being thus
selected, was thenceforth enrolled with the eleven apostles.

Of his previous history nothing whatever is known, except that,

according to what is implied in the address of Peter, he must have
been, from the beginning of Christ’s career to his ascension, one of
his constant attendants and hearers. Some have conjectured that he
was one of the seventy, sent forth by Jesus as apostles, in the same
manner as the twelve had gone; and there is nothing unreasonable
in the supposition; but still it is a conjecture merely, without any fact
to support it. The New Testament is perfectly silent with respect to
both his previous and his subsequent life, and not a fact can be
recorded respecting him. Yet the productive imaginations of the
martyrologists of the Roman and Greek churches, have carried him
through a protracted series of adventures, during his alleged
preaching of the gospel, first in Judea, and then in Ethiopia. They
also pretend that he was martyred, though as to the precise mode
there is some difference in the stories,――some relating that he was
crucified, and others, that he was first stoned and then dispatched by
a blow on the head with an axe. But all these are condemned by the
discreet writers even of the Romish church, and the whole life of
Matthias must be included among those many mysteries which can
never be in any way brought to light by the most devoted and
untiring researches of the Apostolic historian; and this dim and
unsatisfactory trace of his life may well conclude the first grand
division of a work, in which the reader will expect to find so much
curious detail of matters commonly unknown, but which no research
nor learning can furnish, for the prevention of his disappointment.
 II. THE HELLENIST APOSTLES.

SAUL,
AFTERWARDS NAMED PAUL.
his country.

On the farthest north-eastern part of the Mediterranean sea,

where its waters are bounded by the great angle made by the
meeting of the Syrian coast with the Asian, there is a peculiarity in
the course of the mountain ranges, which deserves notice in a view
of the countries of that region, modifying as it does, all their most
prominent characteristics. The great chain of Taurus, which can be
traced far eastward in the branching ranges of Singara, Masius and
Niphates, running connectedly also into the distant peaks of mighty
Ararat, here sends off a spur to the shore of the Mediterranean,
which under the name of Mount Amanus meets its waters, just at
their great north-eastern angle in the ancient gulf of Issus, now
called the gulf of Scanderoon. Besides this connection with the
mountain chains of Mesopotamia and Armenia on the northeast,
from the south the great Syrian Lebanon, running very nearly parallel
with the eastern shore of the Mediterranean, at the Issic angle, joins
this common center of convergence, so insensibly losing its
individual character in the Asian ridge, that by many writers, Mount
Amanus itself is considered only a regular continuation of Lebanon.
These, however, are as distinct as any of the chains here uniting,
and the true Libanic mountains cease just at this grand natural
division of Syria from the northern coast of the Mediterranean. A
characteristic of the Syrian mountains is nevertheless prominent in
the northern chain. They all take a general course parallel with the
coast and very near it, occasionally sending out lateral ridges which
mark the projections of the shore with high promontories. Of these,
however, there are much fewer on the southern coast of Asia Minor;
and the western ridge of Taurus, after parting from the grand angle of
convergence, runs exactly parallel to the margin of the sea, in most
parts about seven miles distant. The country thus fenced off by
Taurus, along the southern coast of Asia Minor, is very distinctly
characterized by these circumstances connected with its orography,
and is in a very peculiar manner bounded and inclosed from the rest
of the continent, by these natural features. The great mountain
barrier of Taurus, as above described, stretches along the north,
forming a mighty wall, which is at each end met at right angles by a
lateral ridge, of which the eastern is Amanus, descending within a
few rods of the water, while the western is the true termination of
Taurus in that direction,――the mountains here making a grand
curve from west to south, and stretching out into the sea, in a bold
promontory, which definitely marks the farthest western limit of the
long, narrow section, thus remarkably enclosed. This simple natural
division, in the apostolic age, contained two principal artificial sub-
divisions. On the west, was the province of Pamphylia, occupying
about one fourth of the coast;――and on the east, the rest of the
territory constituted the province of Cilicia, far-famed as the land of
the birth of that great apostle of the Gentiles, whose life is the theme
of these pages.

Cilicia,――opening on the west into Pamphylia,――is elsewhere

inclosed in mountain barriers, impenetrable and impassable, except
in two or three points, which are the only places in which it is
accessible by land, though widely exposed, on the sea, by its long
open coast. Of these two adits, the most important, and the one
through which the vast proportion of its commercial intercourse with
the world, by land, has always been carried on, is the eastern, which
is just at the oft-mentioned great angle of the Mediterranean, where
the mountains descend almost to the waters of the gulf of Issus.
Mount Amanus, coming from the north-east, and stretching along the
eastern boundary of Cilicia an impassable barrier, here advances to
the shore; but just before its base reaches the water, it abruptly
terminates, leaving between the high rocks and the sea a narrow
space, which is capable of being completely commanded and
defended from the mountains which thus guard it; and forming the
only land passage out of Cilicia to the eastern coast of the
Mediterranean, it was thence anciently called “the gates of Syria.”
Through these “gates,” has always passed all the traveling by land
between Asia Minor and Palestine; and it is therefore an important
point in the most celebrated route in apostolic history. The other
main opening in the mountain walls of this region, is the passage
through the Taurus, made by the course of the Sarus, the largest
river of the province, which breaks through the northern ridge, in a
defile that is called “the gates of Cilicia.”

The boundaries of Cilicia are then,――on the north, mountainous

Cappadocia, perfectly cut off by the impenetrable chain of Taurus,
except the narrow pass through “the gates of Cilicia;”――on the
east, equally well guarded by Mount Amanus, Northern Syria, the
only land passages being through the famed “Syrian gates,” and
another defile north of the coast, toward the Euphrates;――on the
south, stretches the long margin of the sea, which in the western
two-thirds of the coast takes the name of “the Cilician strait,”
because it here flows between the mainland and the great island of
Cyprus, which lies off the shore, always in sight, being less than
thirty miles distant, the eastern third of the coast being bounded by
the waters of the gulf of Issus;――and on the west Cilicia ends in the
rough highlands of Pamphylia. The territory itself is distinguished by
natural features, into two divisions,――Rocky Cilicia and “Level
Cilicia,”――the former occupying the western third, and the latter the
eastern part,――each district being abundantly well described by the
term applied to it. Within the latter, lay the opening scenes of the
apostle’s life.
 Thus peculiarly guarded, and shut off from the world, it might be
expected that this remarkable region would nourish, on the narrow
plains of its fertile shores, and the vast rough mountains of its
gigantic barriers, a race strongly marked in mental, as in physical
characteristics. In all parts of the world, the philosophical observer
may notice a relation borne by man to the soil on which he lives, and
to the air which he breathes,――hardly less striking than the
dependence of the inferior orders of created things, on the material
objects which surround them. Man is an animal, and his natural
history displays as many curious correspondences between his
varying peculiarities and the locality which he inhabits, as can be
observed between the physical constitution of inferior creatures, and
the similar circumstances which affect them. The inhabitants of a
wild, broken region, which rises into mighty inland mountains, or
sends its cliffs and vallies into a vast sea, are, in all ages and climes,
characterized by a peculiar energy and quickness of mind, which
often marks them in history as the prominent actors in events of the
highest importance to mankind in all the world. Even the dwellers of
the cities of such regions, share in that peculiar vivacity of their
countrymen, which is especially imbibed in the air of the mountains;
and carry through all the world, till new local influences have again
subjected them, the original characteristics of the land of their birth.
The restless activity and dauntless spirit of Saul, present a striking
instance of this relation of scenery to character. The ever-rolling
waters of the tideless sea on one side presenting a boundless view,
and on the other the blue mountains rearing a mighty barrier to the
vision,――the thousand streams thence rolling to the former,――the
white sands of the long plains, gemmed with the green of shaded
fountains, as well as the active movements of a busy population, all
living under these same inspiring influences,――would each have
their effect on the soul of the young Cilician as he grew up in the
midst of these modifying circumstances.

Along these shores, from the earliest period of Hellenic

colonization, Grecian enterprise had planted its busy centers of
civilization. On each favorable site, where agriculture or commerce
could thrive, cities grew up in the midst of prosperous colonies, in
which wealth and power in their rapid advance brought in the lights
of science, art, literature, and all the refinements and elegances
which Grecian colonization made the invariable accompaniments of
its march,――adorning its solid triumphs with the graceful polish of
all that could exalt the enjoyment of prosperity. Issus, Mopsuestia,
Anchialus, Selinus and others, were among the early seats of
Grecian refinement; and the more modern efforts of the Syro-
Macedonian sway, had blessed Cilicia with the fruits of royal
munificence, in such cities as Cragic Antioch, Seleucia the Rocky,
and Arsinoe; and in still later times, the ever-active and wide-
spreading beneficence of Roman dominion, had still farther
multiplied the peaceful triumphs and trophies of civilization, by here
raising or renewing cities, of which Baiae, Germanicia and
Pompeiopolis are only a specimen. But of all these monuments of
ancient or later refinement, there was none of higher antiquity or
fame than Tarsus, the city where was born this illustrious apostle,
whose life was so greatly instrumental in the triumphs of Christianity.

Tarsus stands north of the point of a wide indentation of the coast

of Cilicia, forming a very open bay, into which, a few miles south,
flow the waters of the classic Cydnus, a narrow stream which runs a
brief course from the barrier of Taurus, directly southward to the sea.
The river’s mouth forms a spacious and convenient harbor, to which
the light vessels of ancient commerce all easily found safe and ready
access, though most of the floating piles in which the productions of
the world are now transported, might find such a harbor altogether
inaccessible to their heavier burden.

Ammianus Marcellinus, the elegant historian of the decline of the

Roman empire, speaks in high descriptive terms, both of the
province, and the city which makes it eminent in Christian history. In
narrating important events here performed during the times whose
history he records, he alludes to the character of the region in a
preliminary description. “After surmounting the peaks of Taurus,
which towards the east rise into higher elevation, Cilicia spreads out
before the observer, in far stretching areas,――a land, rich in all
good things. To its right (that is the west, as the observer looks south
from the summits of Taurus) is joined Isauria,――in equal degree
verdant with palms and many fruits, and intersected by the navigable
river Calycadnus. This, besides many towns, has two
cities,――Seleucia, the work of Seleucus Nicator of Syria, and
Claudiopolis, a colony founded by Claudius Caesar. Isauria however,
once exceedingly powerful, has formerly been desolated for a
destructive rebellion, and therefore shows but very few traces of its
ancient splendor. But Cilicia, which rejoices in the river Cydnus, is
ennobled by Tarsus, a splendid city,――by Anazarbus, and by
Mopsuestia, the dwelling-place of that Mopsus, who accompanied
the Argonauts. These two provinces (Isauria or ‘Cilicia the Rocky,’
and Cilicia proper or ‘level’) being formerly connected with hordes of
plunderers in a piratical war, were subjugated by the proconsul
Servilius, and made tributary. And these regions, placed, as it were,
on a long tongue of land, are separated from the eastern world by
Mount Amanus.”

This account by Ammianus Marcellinus is found in book XIV. of his history, (p. 19, edited
by Vales.)

The native land of Saul was classic ground. Within the limits of
Cilicia, were laid the scenes of some of the most splendid passages
in early Grecian fable; and here too, were acted some of the
grandest events in authentic history, both Greek and Roman. The
very city of his birth, Tarsus, is said to have been founded by
Perseus, the son of Jupiter and Danae, famed for his exploit at
another place on the shore of this part of the Mediterranean. More
authentic history however, refers its earliest foundation to
Sardanapalus, king of Assyria, who built Tarsus and Anchialus in
Cilicia, nine hundred years before Christ. Its origin is by others
ascribed to Triptolemus with an Argive colony, who is represented on
some medals as the founder. These two stories may be made
consistent with each other, on the supposition that the same place
was successively the scene of the civilizing influence of each of