Submitted by: Submitted by dclark2198
Views: 322
Words: 820
Pages: 4
Category: Other Topics
Date Submitted: 06/14/2012 08:03 PM
Prof comments:
1. Look into security and privacy issues of cloud computing (team comment: select a sub-bullet from the recommendations from below and amplify)
2. Review existing security mechanisms and analyze the pros and cons of them
3. Propose what you believe to be the better
-------------------------------------------------
Section 1 - Security:
|
Security Challenges in Cloud Computing |
The technological vulnerabilities related to cloud computing environments generally fall into one or more of four categories of vulnerability: Data Storage, Data Transmission, Hypervisor and Application, Trust and Visibility of Third-Party Resources and Practices. Additionally, cloud computing resources can be abused and leveraged by attackers against their targets.
Highlighted sections are recommended areas for further research/discussion.
Data Storage Vulnerability
* Seizure / Physical Access / Jurisdiction
* Unknown personnel may have access to or legal authority to read, modify, or seize data storage equipment
* Media Sanitization
* Shared or reused media might not be properly sanitized before being made available for others to access
* Dealing with Classified Spills is a significant challenge
* Data Stored Un-encrypted
* Data, credentials, code, or virtual machines might be stored unencrypted in recovery blocks or caches
Data Transmission Vulnerability
* Session Hijacking/Stealing; Cross-Site Request Forgery (XSRF) / Session Riding
* Valid management sessions might be used to grant attacker unauthorized access
* Exposure of operations due to cloud mission applications activities being subjected to Traffic Flow Analysis (TFA)
* Traffic Capture (Sniffing)
* Network traffic traversing virtual and actual networks might be accessible to others
* Man-in-the-Middle (MITM) attacks
* Management channels which traverse the internet may be intercepted
Hypervisor and...