Privacy Security and Trust Issues arising from Cloud Computing Siani Pearson and Azzedine Benameur International Conference of Cloud Computing Technology and Science 2010 Presented by Shameek Bhattacharjee Fall 2011 Oct 25th Background Cloud Computing is a new paradigm that offers a number of new features Any new paradigm has weaknesses characteristic to its very design Difference between Vulnerability and Security Threat The inherent design of a new paradigm that provides new features also creates new avenues that may be potentially harnessed by malicious entities These issues are a part of vulnerability assessment A vulnerability in a system causes a security threat Security and privacy threats are often contextual and depends on a number of parameters deployment Private Public Hybrid etc and service delivery model SaaS PaaS IaaS Challenges in Cloud Computing Elasticity Allows dynamic expansion and shrinkage of resources makes it difficult to monitor what resources are used and in which country Geographical The cross section of the variety of resources used spans different countries and continents and hence makes compliance with regulations related to data handling difficult Volatility of Resources exacerbates the process of auditing Multi tenancy Virtualization Customers are users of multitenant apps in SaaS The partition used to separate data of each client may be broken Use of virtualization may introduce new threats like cross VM side channel attacks It is possible to break the partition created by use of VMs Outsourcing Nature creates a challenge on data privacy as data is present in another machine owned operated by another organization Vulnerabilities and Threats related to Privacy Lack of User centric control over data Service provider becomes responsible for storage of data in SaaS environment How to provide adequate trust for consumers to switch cloud services Causes vendor lock in Threats o Secondary usage of customer data by CSP E g a CSP may sell a consumer s business sales data to its competitors for money o In an event of vendor demise bankruptcy or a vendor being acquired by another CSP there may be concerns on the data already being held Vulnerabilities and Threats related to Privacy contd Availability Data Proliferation Self healing To provide availability the CSP s replicate data on multiple data centers Back up is critical for providing resilience Cloud provider s may depend on seamless backups for infrastructure resilience There is data flow across legal jurisdictions Threats o It is difficult to ensure that if a deletion request is made all the copies of such data will be deleted o Issues of jurisdiction may be really complicated and questions may raise on what law applies and legal remedy applicable due to heterogeneity of laws across zones Dynamic Nature of Cloud Computing o It is difficult to pin point which specific server or storage device will be used and this worsens the issue of transborder data flow o It s not clear how to assign liability to a security breach or violation of law o Difficult to decide which parties responsible for what aspects of security o There is no trust boundary due to fuzzy boundaries as to where data is stored and processed Private clouds may be solution but the cost is really high Vulnerabilities and threats in cloud Self Optimization feature allows automatic adaptation of services to meet changing requirements provides elasticity scalability intelligence This Hampers the ability to maintain consistent security standards Lack of Standardization makes it difficult to establish security frameworks for heterogeneous environments Use of virtualization Virtualization is used to maximize resource utilization which is an USP of cloud computing Although VM s are meant for isolation it is possible to break the isolation through cross VM side channel attacks to obtain data from a target VM on the same machine A few hurdles Increase of IT management overhead with multiple SaaS products because the model needs to mimic organizational boundary within the cloud as multiple SMBs will be deploying their business processes on a single cloud environment Same data in more than one legal location with different legal consequences Efficient processing of encrypted data at rest in cloud is difficult till date Vulnerabilities in S a a S delivery model Co Located Customers The customers are co located on the same provider s infrastructure and provider must keep each customer from seeing each other s data A malicious entity may also enter as a customer and then access other customer s information You can hack through loopholes in the application or inject client code into Saas System The above vulnerability is a threat to proper data segregation and privacy Checks for SQL injection flaws may be a way to check Locality of data not known In this scenario the customer is not sure where the data is stored There is always a question of whose jurisdiction the data falls under and what are the consequences It acts as a deterrent to use SaaS Difficulty to achieve data integrity Integrity in stand alone systems with a single DB is achieved easily by ensuring the preservation of database constraints and transactional properties ACID properties But in cloud the SaaS are multi tenant applications hosted by a third party A few hurdles SaaS apps expose their functionality through XML based APIs At protocol level does not support transaction or guaranteed delivery so the only option is to implement them at the API level The standards available for ensuring data integrity is not yet mature e g WS Transaction So most SaaS vendors expose their web services API without transaction support Each SaaS app may have different levels of availability and SLA that makes it difficult to ensure data integrity properties across multiple SaaS applications The above vulnerabilities are a threat to data integrity Difficulties in web application security SaaS has to be managed over the web The challenge with SaaS security is almost similar to any web application technology but the problem is that traditional security solutions like network firewall intrusion detection do not adequately address the problem The open web application Project has identified top ten threats Vulnerabilities contd Cloud becomes a High Value Target Since data from various users and organizations are under the same umbrella breaking into cloud will attack a broad spectrum of users Hence it becomes a