Security and Confi dentiality

All Web service architectures have issues relating to security. On a similar note, cloud application can be viewed as a different Web service model that has similar security loopholes in them. Organisations which are keen on moving the in-house

Security Control Reliability Public Cloud PaaS SaaS IaaS Fig. 3.2 Technology in charge and security engineers of an organisation must consider the inherent issues before migrating to cloud

applications to cloud must consider the way in which the application security behaves in a cloud environment. Well-known security issues such as data loss and phishing pose serious threats to organisation’s data and software. In addition to those, there are other security issues which arise due to the third-party dependency for services pertaining to cloud application development and deployment. From a very naive point of view, it looks daunting to put an organisation’s critical and confi dential data and its software into a third person’s CPU and storage. The multi- tenancy model and the pooled computing resources in cloud computing have intro- duced new security challenges that require novel techniques to tackle with [ 7 ].

One of the top cloud application security issues is lack of control over the comput- ing infrastructure. An enterprise moving a legacy application to a cloud computing environment gives up control over the networking infrastructure, including servers, access to logs and incident response. Most applications are built to be run in the con- text of an enterprise data centre, so the way they store and the way they transmit data to other systems is assumed to be trusted or secure. This is no more true in case of cloud environment. All the components that have traditionally been very trusted and assume to be running in a safe environment now are running in an untrusted environ- ment. Many more issues such as the Web interface, data storage and data transfer have to be considered whilst making security assessments. The fl exibility, openness and public availability of cloud computing infrastructures challenge many funda- mental assumptions about application security. The lack of physical control over the networking infrastructure might mandate the use of encryption in the communication between servers of an application that processes sensitive data to ensure its confi den- tiality. Risks that a company may have accepted when the application was in-house must be reconsidered when moving to a cloud environment.

Ex. 1

If an application is logging sensitive data in a fi le on the on-premise server and not encrypting it, a company might accept that risk because it owns the hardware. This will not be a safe acceptance anymore on the cloud environment as there exists no static fi le system where the application log will reside due to the reason that the application is executed in different virtual machines which may be on different physical machines depending on the scale. The logging thus takes place onto some shared storage array and hence the need to encrypt it arises. The security threat model takes a different dimension on the cloud, and, hence, a lot of vulnerabilities which were low are now high and they must be fi xed.

Ex. 2

A company hosting an application in its own data centre might ward off a denial- of-service attack with certain infrastructure or could take actions such as blocking the attacking IP addresses. In case of cloud, if the provider handles the mitigation of attacks, then the consumer or the organisation hosting application needs to re- account for how the risk or attack can be mitigated as there is no control or visibility.

3.2.1.1 Overcoming the Challenge

It is important to understand the base security solutions provided by the service provider, for example, fi rewalls and intrusion detection systems, which are built into to the cloud architecture. Also, it is important to note assurances the provider is willing to offer in the case of breaches or loss. These details will help an organisa- tion in making security-related decisions and answering some important questions such as ‘Are these solutions and assurances suffi cient for the data which is being put into the cloud?’ Employing a strong user authentication scheme for cloud service will reduce many of the security breaches and data loss. In the end, an enterprise should ensure that the cloud workloads will have at least the same level of protec- tion as their sensitive on-premise workloads, but for less sensitive workloads, they should avoid paying for excessive security.

3.2.2

Control

Introduction of third-party service provider decreases an organisation’s control over its software and data. This holds good especially in case of SaaS where the SaaS cloud provider may choose to run software from various clients on a single machine and storage at a given point of time. There is no control over the decision pertaining to the above issue. Furthermore, the actual control over the software and service is limited to the condition mentioned in the policy and user agreement and only via certain service provider defi ned API (and keys).

As an example, code snippet for authentication in a Rackspace [ 8 ] cloud service (sent as JSON ) is as shown below:

curl -i \ -H "Content-Type: application/json" \ -H "Accept: application/json" \ -d \ '{ "credentials": { "username": "my_Rackspace_username", "key": "12005700-0300-0010-1000-654000008923"} }' \ https://auth.api.rackspacecloud.com/v1.1/auth where:

username – is the assigned username for which the authentication request is being sent key – the API key provided to access the cloud service

If, for instance, the consumer wishes to introduce another layer of authentication, then the cloud provider does not allow for this facility as the API is not designed to provide such facility. This can be extended not only to authentication but to the entire APIs used for various purposes during cloud application development. This hinders access and limits any tweaking which can enable the application function better or help the organisation in curbing cost [ 9 ]. Also, as a security concern, the ability to limit access to certain confi dential data will eventually go in vain as the data is still available in some form or the other at the service provider and poses a serious threat to confi dentiality.

3.2.2.1 Overcoming the Challenge

Agreements and standardisation is one way to overcome the problem of control in a cloud environment. Also, the paradigm of cloud does not make it feasible for a pro- vider to give access control beyond a certain limit.