the user management interface of the cloud provider provides supports for these kinds of protocols, the cloud user’s control of this
important security function cannot be realized.
Access to Data
Data is an enterprise’s core asset. What are the security challenges and requirements surrounding access to data stored in the cloud infrastructure?
Driven by citizen safety and privacy measures, government agencies and enterprises (for example, healthcare organizations) may
demand of a SaaS, PaaS, or IaaS cloud provider that the data pertaining to their applications be:
• hosted in hardware located within the nation’s territory or a specific
region, for example, for disaster recovery concerns (No. 3), and
• protected against malicious or misused processes running in the
cloud (No. 4).
In some cases, the data protection may also call for capabilities for
segmenting data among various cloud storage providers. As a result,
secure and rapid data backup and recovery capabilities should be provided for all mission-critical data (No. 7), and common APIs should
be required to migrate data from one cloud storage provider to
another (No. 8).
Vulnerabilities for PaaS
When developing applications in a PaaS cloud environment, especially
for PaaS solutions, what might leave the application security vulnerable?
Vulnerabilities represent a major security concern whether applications
are hosted internally at an enterprise or offered as a service in the cloud.
In the cloud environment, the custom applications developed by
the cloud user are hosted using the deployment tools and run time
libraries or executables provided by the PaaS cloud provider. While it
is the responsibility of cloud users to ensure that vulnerabilities such as
buffer overflows and lack of input validation are not present in their
custom applications, they might expect similar and additional properties, such as lack of parsing errors and immunity to SQL injection
attacks, to be present in the application framework services provided
by a PaaS cloud provider.
Additionally, they have the right to expect that persistent programs
such as web servers will be configured to run not as a privileged user
(such as root). Further, the modern application frameworks based on
service oriented architectures provide facilities for
dynamically linking applications based on the
dynamic discovery capabilities provided by a persistent program called the
Directory Server. Hence
this directory server program also needs to be securely configured.
Based on the above discussion, two security requirements may
arise from cloud users. First, the modules in the application framework provided are free of vulnerabilities (No. 9). Second, persistent
programs such as web servers and directory servers are configured
properly (No. 10).
The biggest business factors driving the use of IaaS cloud providers
is the high capital costs involved in purchase and operation of high
performance servers and the network gears involved in linking up the
servers to form a cluster to support compute-intensive applications.
The economy of service offered by an IaaS cloud provider comes from
the maximum utilization of physical servers and hence it is difficult to
think of an IaaS cloud offering without a virtual machine.
While it’s critical in PaaS to offer services to ensure the security of
developed applications, in IaaS it’s critical for the cloud provider to
rent to the users secure operating systems. IaaS cloud providers usually offer a platform for subscribers (cloud users) to define their own
virtual machines to host their various applications and associated data
by running a user-controlled operating system within a virtual
machine monitor or hypervisor on the cloud provider’s physical
servers. In this context, a primary concern of a subscriber to an IaaS
cloud service is that their virtual machines are able to run safely without becoming targets of an attack, such as a side channel attack, from
rogue virtual machines collocated on the same physical server.
❝Security readiness is commonly cited
among IT executives as the primary barrier
preventing organizations from immediately
leveraging cloud computing.❞
For many cloud providers, hosting hardware within a specific
region can be done easily. However, protecting the data itself from
malicious processes in the cloud is often more difficult. For many
cloud providers, the competitiveness of the service offering may
depend upon the degree of multi-tenancy. This represents a threat
exposure as the many customers of a cloud could potentially gain control of processes that have access to other customers’ data.
Given the challenges in
protecting access to cloud
data, encryption may provide additional levels of
security. Some enterprises, due to sensitive or proprietary nature of data
and due to other protection requirements such as intellectual property rights, may need to protect the confidentiality of data and hence may require that both data in
transport and data at rest (during storage) be encrypted (Nos. 5 and 6).
While encryption of data in transit can be provided through various security protocols such as transport layer security and web serv-ices-security based on robust cryptographic algorithms, encryption of
data at rest requires the additional tasks of key management (for
example, key ownership, key rollovers, and key escrow). The cloud
environment has a unique ownership structure in the sense that the
owner of the data is the cloud user while physical resources hosting
the data are owned by the cloud provider. In this environment, best
practices for key management have yet to evolve, and this is one of the
areas the standard bodies or industry consortiums have to address in
order to meet the encryption requirements of data at rest.
Data protection, depending upon the criticality of data, may call for
either periodical backups or real time duplication or replication. This is
true in any enterprise IT environment. Hence the cloud user has to look
for these capabilities in an IaaS provider offering storage service. We
will call this subclass of IaaS cloud provider a cloud storage provider.
Further, if the cloud storage provider has experienced a data breach
or if the cloud user is not satisfied with the data recovery features or
data availability (which is also a security parameter) provided by that
organization, the latter should have the means to rapidly migrate the
data from one cloud storage provider to another.