3.Understanding
Cloud security
Cloud security
is the practice of protecting cloud-hosted data, applications, and
infrastructure using controls like encryption, identity management, network
protection, and continuous monitoring, under a shared responsibility model
between the provider and the customer.
Cloud computing
security fundamentals focus on
protecting data, applications, and services in the cloud while sharing
responsibility with the provider.
security fundamentals:
·
Shared
Responsibility Model – provider
secures the infrastructure; customers secure data, access, and configurations
·
Identity
& Access Management (IAM) –
least privilege, roles, MFA
·
Data
Security – encryption at rest
and in transit, key management
·
Network
Security – firewalls, VPCs,
segmentation
·
Monitoring
& Logging – visibility,
audits, threat detection
Common cloud computing threats
and vulnerabilities:
- Misconfigured cloud services
Incorrect security settings (such as public storage buckets or open ports) can expose sensitive data and systems to the internet. - Weak identity and access management (IAM)
Poor password policies, lack of multi-factor authentication, or excessive permissions allow attackers to gain unauthorized access. - Data breaches and data leakage
Sensitive information may be exposed due to hacking, misconfiguration, or inadequate encryption and access controls.
·
Insecure APIs and interfaces
Cloud services rely on APIs; if these are poorly secured, attackers can exploit
them to access or manipulate data and services.
·
Account
hijacking
Attackers use phishing or stolen credentials to take control of cloud accounts
and misuse resources or steal data.
·
Insider
threats
Employees or partners with legitimate access may intentionally or accidentally
cause data loss or security incidents.
·
Denial-of-Service
(DoS/DDoS) attacks
Attackers flood cloud services with traffic, making applications unavailable to
legitimate users.
Cloud computing security architecture
·
Facilities
Physical data canters (buildings, power, cooling). Secured by the cloud
provider.
·
Hardware
Physical servers, storage, and networking equipment managed by the provider.
·
Abstraction
Virtualization layer (VMs, containers) that separates hardware from users.
·
Core connectivity & delivery
Networking, internet access, load balancing, and data transmission services.
·
APIs
Interfaces used to access and manage cloud services; must be securely
authenticated.
·
Integration & Middleware
Connects
applications and services (message queues, service buses, runtimes).
·
Applications
Software services provided to users (business apps, web apps).
·
Data / Metadata / Content
User data, system data, and digital content that must be protected.
·
Presentation Platform & Mobility
User interfaces (web, mobile) through which users access cloud services.
Security
boundaries
- IaaS security boundary –
Provider secures facilities, hardware, and virtualization; customer
secures OS, apps, and data.
- PaaS security boundary –
Provider secures infrastructure and platform; customer secures
applications and data.
- SaaS security boundary –
Provider secures almost everything; customer mainly manages data and user
access.
Trusted Cloud Computing means a cloud environment designed with strong
security, privacy, and compliance, giving users confidence their data and
workloads are protected and managed securely.
Secure Execution Environment
A protected area (like a Trusted Execution Environment or hardware enclave)
where code and data run isolated from the rest of the system to prevent
unauthorized access or tampering.
Secure Communication
Techniques like encryption (TLS/SSL), VPNs, or secure tunnels used to protect
data as it travels between systems, ensuring confidentiality, integrity, and
authenticity.
Micro-architectures
in cloud computing are small, modular
components like microservices, containers, or serverless functions that run
independently, making cloud applications scalable, flexible, and resilient.
Micro-architectures
are Serverless or Function-as-a-Service (FaaS) Architecture
·
Functions are
executed in small, stateless environments on demand.
·
No need to manage
servers; automatically scales with usage.
Identity
Management and Access Control (IAM) in Cloud Computing ensures that only authorized users can access cloud
resources. Identity management handles verifying who the user
is through accounts, roles, and authentication methods like passwords or
multi-factor authentication. Access control determines what
those users can do, using policies such as Role-Based Access Control (RBAC) or
Attribute-Based Access Control (ABAC) to enforce least-privilege access.
Together, IAM protects sensitive data, prevents unauthorized access, and
maintains accountability through logging and auditing, ensuring the right users
have the right access to the right resources at the right time.
Access Control in cloud
computing is the process of managing what actions users or systems can
perform on resources. It ensures that only authorized entities can access
or modify data, applications, or services. Common methods include:
- Role-Based Access Control (RBAC):
Permissions assigned based on roles (e.g., admin, user).
- Attribute-Based Access Control (ABAC): Access
determined by user attributes, resource attributes, or environment
conditions.
- Policy-Based Access Control: Access
granted according to predefined rules and policies.
Autonomic Security:
A self-managing cloud security system that automatically detects,
prevents, and recovers from threats without human intervention.
cloud
computing security challenges:
Cloud environments are attractive targets for attackers because they store
large amounts of sensitive data. Misconfigured storage, weak authentication, or
vulnerabilities in applications can lead to unauthorized access, exposing
personal, financial, or corporate data.
·
DataLoss
Data can be permanently lost due to accidental deletion,
hardware or software failures, natural disasters, or malware attacks. Even
though cloud providers often have redundancy, customers are still responsible
for backups and data recovery strategies.
·
Account Hijacking
If attackers gain access to cloud accounts through
phishing, weak passwords, or stolen credentials, they can manipulate, steal, or
delete critical data. This can lead to financial loss, reputation damage, or
legal consequences.
·
Insider Threats
Employees, contractors, or partners with legitimate
access can intentionally or unintentionally misuse cloud resources. Insider
threats are difficult to detect because the actions often appear legitimate.
·
Insecure APIs and Interfaces
Cloud services rely on APIs for management and integration. If these APIs are
poorly secured, attackers can exploit them to access data, launch attacks, or
manipulate services. Proper authentication, authorization, and encryption are
crucial.
·
Shared Technology Vulnerabilities
Cloud providers use shared infrastructure such as
hypervisors and virtualization platforms. Vulnerabilities in these technologies
can allow attacks across tenants, compromising isolation and security.
·
Denial-of-Service (DoS) and DDoS Attacks
Attackers can flood cloud services with traffic, causing service outages and
affecting availability. Large-scale DDoS attacks can also lead to financial
loss and reputational damage.
Virtualization Security Management is protecting hypervisors, VMs, virtual networks, and management tools so multiple systems can safely run on shared hardware.
· virtualization management in a cloud environment where a user submits commands along with a VM descriptor to a management server.
·
The management
server verifies and controls these requests before allowing the hypervisor to
create and run the user’s virtual machine.
·
This process
ensures that only authorized and properly defined VMs are deployed, while
malicious or unauthorized VMs are blocked, as shown by the cross mark.
·
The hypervisor
enforces isolation between virtual machines, preventing malicious VMs from
affecting legitimate ones and maintaining overall cloud security.
A virtual
threat is a security risk that targets virtualized environments such as
virtual machines, hypervisors, or virtual networks. These threats can include malicious
VMs, VM escape attacks where an attacker breaks out of a VM to
access the host, hypervisor vulnerabilities, unauthorized access to
management servers, and VM with unpatched or misconfigured machines.
Because multiple VMs share the same physical resources, a single virtual threat
can impact many systems at once if not properly managed.
VM security
recommendations focus on keeping
virtual machines protected and isolated in a virtualized environment. Use trusted
and hardened VM images, keep the OS and applications patched, and
apply least-privilege access with strong authentication. Enable network
segmentation to limit VM-to-VM attacks, monitor VM activity and logs, and
restrict the use of snapshots and cloning. Regular backups and
vulnerability scans help ensure VMs remain secure against attacks.
VM-specific
security techniques:
·
VM isolation
·
VM hardening
(disable unused services)
·
Use trusted /
golden VM images
·
Regular patching
and updates
·
Strong
authentication and access control
·
Least-privilege
permissions
·
Network
segmentation and virtual firewalls
· Secure snapshots and cloning control
·
Regular backups
and recovery testing
Assignment -3
1)
what
are threats?
2)
What
is common vulnerability?
3)
What
is trusted cloud computing?
4)
What
is Micro architecture?
5)
Explain
identity management
6)
What
is access control?
7)
Explain
virtual security management
8)
Explain
cloud computing security challenges
9)
What
are virtual threats?
10)
What
are VM specific security techniques?
Hi. I’m Designer of Blog Magic. I’m CEO/Founder of ThemeXpose. I’m Creative Art Director, Web Designer, UI/UX Designer, Interaction Designer, Industrial Designer, Web Developer, Business Enthusiast, StartUp Enthusiast, Speaker, Writer and Photographer. Inspired to make things looks better.
0 comments:
Post a Comment