Wrapping Attack:
A SOAP (Simple Object Access Protocol) message is generated when a user makes a request from his Virtual Machine to the browser. The request is directed to the web server. A wrapping attack is done by duplication of the user account and password in the log-in phase so that the SOAP messages that are exchanged during the setup phase between the Web browser and server are affected by the attackers.
Malware-Injection Attack:
The attacker creates a normal operation, like deleteUser, and embeds in it another command, such as setAdminRight. When the user request is passed to the server, it discloses a user account to the attacker rather executing the command to delete an user account.
Flooding Attack:
Attacker generates bogus or malicious data, which could be resource requests or some type of code to be run in the application of a legitimate user, engaging the server’s CPU, memory and all other devices to compute the malware requests. The servers finally end up reaching their maximum capacity, and thereby offload to another server, which results in flooding.
Browser Attack:
It is committed by sabotaging the signature and encryption during the translation of SOAP messages in between the web browser and web server, causing the browser to consider an adversary as a legitimate user and process all requests communicating with web server.
Insecure Interfaces and APIs:
Cloud computing service providers expose a set of software interfaces or APIs that customers use to manage and interact with cloud services. Reliance on a weak set of interfaces can expose an organization to a variety of security issues related to confidentiality, availability, and password integrity.
Malicious administrators:
Cloud computing as a process is governed, managed, and maintained by site administrators. By default, they hold the key to managing all the data, files, and privileged company resources. As a revenge, or for other reasons, administrators may end up spreading, or allowing privileged information to leak.
Data Stealing:
System administrators stealing any volume of data without leaving a trace is one of the biggest overlooked security holes in virtualized data centers. Three simple steps are login as an administrator on the hypervisor, create a replica of a virtual machine and mount the disk image onto the hypervisor and lastly delete the original copy.
Data Leakage:
Data leakage is the movement of data from one customer to another. The data leakage problem comes when a customer deletes their drive and then a new customer creates a new drive. The areas on the physical disks used for the old and new drives can overlap. Its therefore possible for the new customer to try and image off previously written data from other customers.
References:
1. J. Archer, A. Boehme, D. Cullinane, P. Kurtz, N. Puhlmann, and J. Reavis, "Top Threats to Cloud Computing V1. 0," Cloud Security Alliance, 2010.
2. K. Zunnurhain and S. Vrbsky, "Security Attacks and Solutions in Clouds," in Second IEEE International Conference on Cloud Computing Technology and Sciences (IEEE CloudCom 2011), 2011.
3. W. Bailey, (2012), "Insider Threats To Cloud Computing," [Online]. Available: http://www.cloudtweaks.com/2012/10/insider-threats-tocloud-computing/.
4. J. Mutch, (2010), "How to Steal Data from the Cloud," [Online]. Available: http://www.cloudbook.net/resources/stories/how-tosteal-data-from-the-cloud.
5. Patrick, (2010), "Security in a Public IaaS Cloud Part 3: Data
Storage ", [Online]. Available: http://www.cloudsigma.com/blog/15-security-in-the-cloud-datastorage
A SOAP (Simple Object Access Protocol) message is generated when a user makes a request from his Virtual Machine to the browser. The request is directed to the web server. A wrapping attack is done by duplication of the user account and password in the log-in phase so that the SOAP messages that are exchanged during the setup phase between the Web browser and server are affected by the attackers.
Malware-Injection Attack:
The attacker creates a normal operation, like deleteUser, and embeds in it another command, such as setAdminRight. When the user request is passed to the server, it discloses a user account to the attacker rather executing the command to delete an user account.
Flooding Attack:
Attacker generates bogus or malicious data, which could be resource requests or some type of code to be run in the application of a legitimate user, engaging the server’s CPU, memory and all other devices to compute the malware requests. The servers finally end up reaching their maximum capacity, and thereby offload to another server, which results in flooding.
Browser Attack:
It is committed by sabotaging the signature and encryption during the translation of SOAP messages in between the web browser and web server, causing the browser to consider an adversary as a legitimate user and process all requests communicating with web server.
Insecure Interfaces and APIs:
Cloud computing service providers expose a set of software interfaces or APIs that customers use to manage and interact with cloud services. Reliance on a weak set of interfaces can expose an organization to a variety of security issues related to confidentiality, availability, and password integrity.
Malicious administrators:
Cloud computing as a process is governed, managed, and maintained by site administrators. By default, they hold the key to managing all the data, files, and privileged company resources. As a revenge, or for other reasons, administrators may end up spreading, or allowing privileged information to leak.
Data Stealing:
System administrators stealing any volume of data without leaving a trace is one of the biggest overlooked security holes in virtualized data centers. Three simple steps are login as an administrator on the hypervisor, create a replica of a virtual machine and mount the disk image onto the hypervisor and lastly delete the original copy.
Data Leakage:
Data leakage is the movement of data from one customer to another. The data leakage problem comes when a customer deletes their drive and then a new customer creates a new drive. The areas on the physical disks used for the old and new drives can overlap. Its therefore possible for the new customer to try and image off previously written data from other customers.
References:
1. J. Archer, A. Boehme, D. Cullinane, P. Kurtz, N. Puhlmann, and J. Reavis, "Top Threats to Cloud Computing V1. 0," Cloud Security Alliance, 2010.
2. K. Zunnurhain and S. Vrbsky, "Security Attacks and Solutions in Clouds," in Second IEEE International Conference on Cloud Computing Technology and Sciences (IEEE CloudCom 2011), 2011.
3. W. Bailey, (2012), "Insider Threats To Cloud Computing," [Online]. Available: http://www.cloudtweaks.com/2012/10/insider-threats-tocloud-computing/.
4. J. Mutch, (2010), "How to Steal Data from the Cloud," [Online]. Available: http://www.cloudbook.net/resources/stories/how-tosteal-data-from-the-cloud.
5. Patrick, (2010), "Security in a Public IaaS Cloud Part 3: Data
Storage ", [Online]. Available: http://www.cloudsigma.com/blog/15-security-in-the-cloud-datastorage
