Week 2 Assignment

When analyzing cloud computing security threats one approach provides the following classification:

·         Infrastructure and host–related threats that affect the entire cloud infrastructure

(Natural disasters,  Unauthorized physical access, Deficient training/negligence of employees, Dumpster diving, Password guessing, Unauthorized data access, Security logs compromisation, Network breaks, Privilege escalation, Ineffective data deletion, Malicious scanning/observation, Insecure/obsolete cryptography, EDoS and resources exhaustion, Isolation malfunction, Billing fraud, Insufficient logging/monitoring, Cloud service failure/termination, Third-party suppliers’ failure, Lock-in, Compliance problems, Data provenance and jurisdiction, Infrastructure modifications, Data processing, Administrative/ownership changes, DoS to cotenants)

·         Service provider–related threats that may affect the customers who seek a service in the cloud

(Replay, Data interception, Browser security, XML signature element wrapping, Injection vulnerabilities, Customer’s negligence and cloud security, Management interface exposure, Loss of governance)

·         Generic threats that may affect both the infrastructure and the service providers/customers

(Social engineering, DDoS, Encryption key exposure/loss, Service engine exposure, Malware and Trojan horses, Malicious insider of cloud provider)

 In this second post I will focus on the Economic Denial of Service (EDoS) as a threat specific to Cloud Computing environments. In EDoS the attacker may steal the account of a customer and gain free access to certain services while the victim is being charged for these services . The surplus of available resources in the cloud poses a threat of a EDDoS where large botnets are generating seemingly legitimate requests for service overloading the cloud. The victim may be able to sustain business operations but the cost to do so threatens economic sustainability.

EDoS and EDDoS can be mitigated by deploying monitoring tools to detect and locate the attack and appropriate countermeasures to diminish it. While the former are reactive mitigation strategies, there are also proactive mitigation strategies, i.e.  ingress filtering, which rejects packets with spoofed source address at the ingress of a network.

One of the biggest challenges for potential cloud customers is the feeling of insecurity and privacy violation. Building a trustworthy cloud service and maintaining its good reputation should be of highest priority for every cloud provider.

Resources:

CRS Press: Cloud computing security : foundations and challenges / editor, John R. Vacca

http://ieeexplore.ieee.org/document/6375171/