For this week’s post I am going to look at the shared
technology vulnerabilities as a security concern to cloud computing.
Cloud providers deliver services by sharing infrastructure,
platform and applications. One of the essential characteristics of the cloud is
resource pooling – resources that are
used to provide the cloud service are realized, using a homogeneous
infrastructure that is shared between all service users. The underlying
components of the infrastructure, supporting the cloud, may not have been designed
with strong isolation properties that are needed for IaaS, PaaS and SaaS. This
can lead to shared technology vulnerabilities that can be exploited in all
service models. The impact of a compromised piece of shared technology can be
devastating and potentially affect the entire cloud. Resource pooling enables
several customers to share certain network infrastructure components, vulnerabilities
in a DNS server, DHCP and IP protocols might cause a network-based cross-tenant
attack.
To mitigate the risks of shared technology vulnerabilities,
multifactor authentication on all hosts should be implemented, along with
Host-based Intrusion Detection System (HIDS) and Network-based Intrusion
Detection System (NIDS). A defense in-depth strategy can be used for security
enforcement and monitoring. Another point to mention is the partnership between
the cloud provider and the customer – the security of the cloud is a shared
responsibility and both sides need to take preventative actions to protect the
infrastructure, services and data.
Resources:
The Treacherous 12
Cloud Computing Top Threats in 2016, (February 2016), prepared by the Cloud
Security Alliance, retrieved from https://downloads.cloudsecurityalliance.org/assets/research/top-threats/Treacherous-12_Cloud-Computing_Top-Threats.pdf
Grobauer, B., Walloscheck, T., Stöcker, E., (2011, August
15), Understanding Cloud Computing
Vulnerabilities, retrieved from https://www.infoq.com/articles/ieee-cloud-computing-vulnerabilities
Ma, Joy, (2015, December 14), Top 10 Security Concerns for Cloud-Based
Services, retrieved from https://www.incapsula.com/blog/top-10-cloud-security-concerns.html
No comments:
Post a Comment