Content deleted Content added
Rescuing 2 sources and tagging 0 as dead.) #IABot (v2.0.9.5 |
|||
Line 38:
For interest in Cloud advancements to be viable, companies should recognize the various parts of the Cloud and how they remain to impact and help them. These interests may include investments in cloud computing and security, for example. This of course leads to leads to driving push for the Cloud advancements to succeed.
Though the idea of [[cloud computing]] isn't new, associations are increasingly enforcing it because of its flexible scalability, relative trustability, and cost frugality of services. However, despite its rapid-fire relinquishment in some sectors and disciplines, it's apparent from exploration and statistics that security-related pitfalls are the most conspicuous hedge to its wide relinquishment.{{
It is generally recommended that information security controls be selected and implemented according to and in proportion to the risks, typically by assessing the threats, vulnerabilities and impacts. Cloud security concerns can be grouped in various ways; Gartner named seven<ref>{{cite magazine|url=http://www.infoworld.com/d/security-central/gartner-seven-cloud-computing-security-risks-853|title=Gartner: Seven cloud-computing security risks|magazine=InfoWorld|date=2008-07-02|access-date=2010-01-25}}</ref> while the [[Cloud Security Alliance]] identified twelve areas of concern.<ref>{{cite web|url=https://cloudsecurityalliance.org/artifacts/top-threats-cloud-computing-plus-industry-insights/|title=Top Threats to Cloud Computing Plus: Industry Insights|date=2017-10-20|publisher=Cloud Security Alliance|access-date=2018-10-20}}</ref> [[Cloud access security broker]]s (CASBs) are software that sits between cloud users and cloud applications to provide visibility into cloud application usage, data protection and governance to monitor all activity and enforce security policies.<ref>{{cite web|title = What is a CASB (Cloud Access Security Broker)?|publisher = CipherCloud|url = https://www.ciphercloud.com/what-is-a-casb|access-date = 2018-08-30|archive-url = https://web.archive.org/web/20180831071934/https://www.ciphercloud.com/what-is-a-casb|archive-date = 2018-08-31|url-status = dead}}</ref>
==Security and privacy==
Any service without a "hardened" environment is considered a "soft" target. Virtual servers should be protected just like a physical server against [[Data leakage prevention|data leakage]], [[malware]], and exploited vulnerabilities. "Data loss or leakage represents 24.6% and cloud related malware 3.4% of threats causing cloud outages”.<ref name=JA_1>{{cite journal| title=Limitations and challenges on Security Cloud Testing| author1=Ahmad Dahari Bin Jarno| author2=Shahrin Bin Baharom| author3=Maryam Shahpasand| url=https://www.apu.edu.my/ejournals/jati/journal/JATI-VOLUME_1-ISSUE_2-2017.pdf| journal=Journal of Applied Technology and Innovation| volume=1| issue=2| pages=
===Identity management ===
Line 78:
== Data security ==
There are numerous security threats associated with cloud data services. This includes traditional threats and non-traditional threats. Traditional threats include: [[network eavesdropping]], illegal invasion, and denial of service attacks, but also specific cloud computing threats, such as side channel attacks, virtualization vulnerabilities, and abuse of cloud services. In order to mitigate these threats security controls often rely on monitoring the three areas of the CIA triad. The CIA Triad refers to confidentiality (including access controllability which can be further understood from the following.<ref>{{cite journal |last1=Tang |first1=Jun |last2=Cui |first2=Yong |last3=Li |first3=Qi |last4=Ren |first4=Kui |last5=Liu |first5=Jiangchuan |last6=Buyya |first6=Rajkumar |date=28 July 2016 |title=Ensuring Security and Privacy Preservation for Cloud Data Services |journal=ACM Computing Surveys |volume=49 |issue=1 |pages=1–39 |doi=10.1145/2906153 |s2cid=11126705}}</ref>), integrity and availability.
It is important to note that many effective security measures cover several or all of the three categories. Encryption for example can be used to prevent unauthorized access, and also ensure integrity of the data). Backups on the other hand generally cover integrity and availability and firewalls only cover confidentiality and access controllability.<ref>{{cite web|date=2018-08-04|title=Confidentiality, Integrity and Availability - The CIA Triad|url=https://www.certmike.com/confidentiality-integrity-and-availability-the-cia-triad/|access-date=2021-11-27|website=CertMike|language=en-US}}</ref>
Line 129:
Users had to think about the fact that massive amounts of data are being shared globally. Different countries have certain laws and regulations that have to be adhered to. Differences in policy and jurisdiction give rise to the risk involved with the cloud. Workers are using their personal devices more now that they are working from home. Criminals see this increase as an opportunity to exploit people, software is developed to infect people's devices and gain access to their cloud. The current pandemic has put people in a situation where they are incredibly vulnerable and susceptible to attacks. The change to remote work was so sudden that many companies simply were unprepared to deal with the tasks and subsequent workload they have found themselves deeply entrenched in. Tighter security measures have to be put in place to ease that newfound tension within organizations.
The attacks that can be made on cloud computing systems include [[Man-in-the-middle attack|man-in-the middle]] attacks, [[phishing]] attacks, authentication attacks, and malware attacks. One of the largest threats is considered to be malware attacks, such as [[Trojan horse (computing)|Trojan horses]].
Recent research conducted in 2022 has revealed that the Trojan horse injection method is a serious problem with harmful impacts on cloud computing systems. A Trojan attack on cloud systems tries to insert an application or service into the system that can impact the cloud services by changing or stopping the functionalities. When the cloud system identifies the attacks as legitimate, the service or application is performed which can damage and infect the cloud system.<ref>{{Cite journal |last=Kanaker |first=Hasan |last2=Karim |first2=Nader Abdel |last3=Awwad |first3=Samer A. B. |last4=Ismail |first4=Nurul H. A. |last5=Zraqou |first5=Jamal |last6=Ali |first6=Abdulla M. F. Al |date=2022-12-20 |title=Trojan Horse Infection Detection in Cloud Based Environment Using Machine Learning |url=https://online-journals.org/index.php/i-jim/article/view/35763 |journal=International Journal of Interactive Mobile Technologies (iJIM) |language=en |volume=16 |issue=24 |pages=81–106 |doi=10.3991/ijim.v16i24.35763 |issn=1865-7923|doi-access=free }}</ref>
Line 204:
* [https://aws.amazon.com/security/introduction-to-cloud-security The Beginner's Guide to Cloud Security]
* [https://iase.disa.mil/cloud_security/Pages/index.aspx DoD Cloud Computing Security Requirements Guide (CC SRG)]
===Archive===
* {{Webarchive|url=https://web.archive.org/web/20181021193742/https://iase.disa.mil/cloud_security/Pages/index.aspx |date=2018-10-21 }}
| |||