Rahat Masood

Intrusion Detection System in Cloud Computing: Challenges and opportunities

Today, Cloud Computing is the preferred choice of every IT organization since it provides flexible and pay-per-use based services to its users. However, the security and privacy is a major hurdle in its success because of its open and distributed architecture that is vulnerable to intruders. Intrusion Detection System (IDS) is the most commonly used mechanism to detect attacks on cloud. This paper provides an overview of different intrusions in cloud. Then, we analyze some existing cloud based intrusion detection systems (IDS) with respect to their type, positioning, detection time, detection technique, data source and attacks they can detect. The analysis also provides limitations of each technique to evaluate whether they fulfill the security requirements of cloud computing environment or not. We emphasize the deployment of IDS that uses multiple detection methods to cope with security challenges in cloud.

Cloud authorization: exploring techniques and approach towards effective access control framework

Despite the various attractive features that Cloud has to offer, the rate of Cloud migration is rather slow, primarily due to the serious security and privacy issues that exist in the paradigm. One of the main problems in this regard is that of authorization in the Cloud environment, which is the focus of our research. In this paper, we present a systematic analysis of the existing authorization solutions in Cloud and evaluate their effectiveness against well-established industrial standards that conform to the unique access control requirements in the domain. Our analysis can benefit organizations by helping them decide the best authorization technique for deployment in Cloud; a case study along with simulation results is also presented to illustrate the procedure of using our qualitative analysis for the selection of an appropriate technique, as per Cloud consumer requirements. From the results of this evaluation, we derive the general shortcomings of the extant access control techniques that are keeping them from providing successful authorization and, therefore, widely adopted by the Cloud community. To that end, we enumerate the features an ideal access control mechanisms for the Cloud should have, and combine them to suggest the ultimate solution to this major security challenge — access control as a service (ACaaS) for the software as a service (SaaS) layer. We conclude that a meticulous research is needed to incorporate the identified authorization features into a generic ACaaS framework that should be adequate for providing high level of extensibility and security by integrating multiple access control models.

Assessment Criteria for Trust Models in Cloud Computing

Cloud computing is an emerging technology that provides elastic and flexible computing resources to the existing capabilities of business world. Besides several benefits of Cloud computing, there are still many challenging issues such as security and privacy of data stored on Cloud and lack of trust on Cloud service providers. Trust is one of the major barriers in the growth and adoption of Cloud by the IT industry due to absence of any reliable and efficient trust evaluation mechanism. Various trust management models have been proposed, but there exists no criteria to evaluate the effectiveness of these models in Cloud computing. In this regard, we have proposed an assessment criterion for the evaluation of trust models, containing the essential features that are mandatory for trust establishment in Cloud environment. We have also presented a detailed analysis of existing trust models and analyzed them with respect to our proposed assessment criteria. The assessment and analysis of trust models helps the customers to select the most appropriate and reliable model in accordance with their preferences and requirements.

SWAM: Stuxnet Worm Analysis in Metasploit

Nowadays cyber security is becoming a great challenge. Attackers community is progressing towards making smart and intelligent malwares (viruses, worms and Root kits). They stealth their existence and also use administrator rights without knowing legal user. Stuxnet worm is an example of a recent malware first detected in July 2010. Its variants were also detected earlier. It is the first type of worm that affects the normal functionality of industrial control systems (ICS) having programmable logic controllers (PLC) through PLC Root kit. Its main goal is to modify ICS behavior by changing the code of PLC and make it to behave in a way that attacker wants. It is a complex piece of malware having different operations and functionalities which are achieved by exploiting zero day vulnerabilities. Stuxnet exploits various vulnerable services in Microsoft Windows. In this paper we will show real time simulation of first three vulnerabilities of these through Metasploit Framework 3.2 and analyze results. A real time scenario is established based on some assumptions. We assumed Proteus design (pressure sensor) as PLC and showed after exploitation that the pressure value drops to an unacceptable level by changing Keil code of this design.

Evaluation and establishment of trust in cloud federation

Cloud federation is a future evolution of Cloud computing, where Cloud Service Providers (CSP) collaborate dynamically to share their virtual infrastructure for load balancing and meeting the Quality of Service during the demand spikes. Today, one of the major obstacles in adoption of federation is the lack of trust between Cloud providers participating in federation. In order to ensure the security of critical and sensitive data of customers, it is important to evaluate and establish the trust between Cloud providers, before redirecting the customers requests from one provider to other provider. We are proposing a trust evaluation model and underlying protocol that will facilitate the cloud providers to evaluate the trustworthiness of each other and hence participate in federation to share their infrastructure in a trusted and reliable way.

Assessment Criteria for Cloud Identity Management Systems

Cloud computing offers many benefits to the IT industry by making available the services and resources that helps them to proliferate or decrease their organizational resources automatically on demand. On the other hand, organizations are still uncertain about the security and privacy of their sensitive information (for instance the identity credentials) in the multitenant environment of the Cloud. Many security systems have been devised for the protection of resources in Cloud environments. Identity Management Systems, in this regard, play a vital role in ensuring effective user authentication, provisioning, de-provisioning and access control decisions. Many Cloud IDMSs have been proposed until now claiming to offer flexibility, agility and robustness. However, no comparative analysis of such Cloud based IDMSs has been performed so far, as to the best of our knowledge there exists no specific criteria against which one can evaluate an IDMS on Cloud. This paper proposes an assessment criterion for the evaluation of Cloud based IDMSs, comprising of potential security features that are positively imminent for the assessment of Cloud based IDMSs. Furthermore, analysis of Cloud IDMSs is presented based on the proposed assessment criteria. Potential research directions in the area of Cloud identity management and security are also discussed.

Security Aspects of Virtualization in Cloud Computing

In Cloud computing, virtualization is the basis of delivering Infrastructure as a Service (IaaS) that separates data, network, applications and machines from hardware constraints. Although Cloud computing has been a focused area of research in the last decade, research on Cloud virtualization security has not been extensive. In this paper, different aspects of Cloud virtualization security have been explored. Specifically, we have identified: i) security requirements for virtualization in Cloud computing which can be used as a step towards securing virtual infrastructure of Cloud, ii) attacks that can be launched on Cloud virtual infrastructure, and iii) security solutions to secure the virtualization environment by overcoming the possible threats and attacks.

Usage control model specification in XACML policy language

Usage control model (UCON) is one of the emerging and comprehensive attribute based access control model that has the ability of monitoring the continuous updates in a system making it better than the other models of access control. UCON is suitable for the distributed environment of grid and cloud computing platforms however the proper formulation of this model does not exist in literature in any policy specification standard. It is for this reason that UCON is not widely adopted as an access control model by industry, though research community is now paying attention to make standard policy specification for this model. In this paper we are suggesting the interpretation of UCON model in extensible access control markup language (XACML) which is an OASIS standard of access control policies. We also highlight UCON model features by explaining its core processes and characteristics with respect to the case study of financial application.

Security of sharded NoSQL databases: A comparative analysis

NoSQL databases are easy to scale-out because of their flexible schema and support for BASE (Basically Available, Soft State and Eventually Consistent) properties. The process of scaling-out in most of these databases is supported by sharding which is considered as the key feature in providing faster reads and writes to the database. However, securing the data sharded over various servers is a challenging problem because of the data being distributedly processed and transmitted over the unsecured network. Though, extensive research has been performed on NoSQL sharding mechanisms but no specific criterion has been defined to analyze the security of sharded architecture. This paper proposes an assessment criterion comprising various security features for the analysis of sharded NoSQL databases. It presents a detailed view of the security features offered by NoSQL databases and analyzes them with respect to proposed assessment criteria. The presented analysis helps various organizations in the selection of appropriate and reliable database in accordance with their preferences and security requirements.

Access Control As a Service in Cloud: Challenges, Impact and Strategies

The evolution of service-oriented architecture has given birth to the promising cloud technology, which enables the outsourcing of existing hardware and software information technology (IT) infrastructure via the Internet. Since the cloud offers services to a variety of organizations under the same umbrella, it raises security issues including unauthorized access to resources and misuse of data stored in third-party platform. The fact that the cloud supports multiple tenants is the cause for the biggest concern among organizations: how to prevent malicious users from accessing and manipulating data they have no right to access. In this regard, various access control techniques have been proposed, which concentrate on certain authorization issues like the ease of privilege assignment or the resolution of policy conflicts, while ignoring other important weaknesses such as the lack of interoperability and management issues which arise in the dynamic cloud environment. To cover all these challenges, access control as a service (ACaaS), which stems from its significantly more popular parent, security as a service (SECaaS), is considered a viable solution for mediating cloud service consumers’ access to sensitive data. In this chapter, we assist the cloud community in understanding the various issues associated with providing authorization services in the cloud that may be technical, such as privilege escalation and separation of duties, or managerial, such as the steep requirement of time and money for this purpose. ACaaS is the comprehensive solution to some of the issues highlighted previously. We have also discussed the significance and impact of ACaaS, along with the strategies reported in the literature for providing a secure access to the applications hosted on the cloud. We then holistically cover the authorization requirements of the cloud environment, specifically for software as a service (SaaS) model, evaluating the extant relevant solutions based on certain defined factors from the National Institute of Standards and Technology (NIST)-. The outcome of our research is that an ideal ACaaS should be extensive and holistic, which encompasses all the requisite security and managerial features and provides an efficient and reliable access control mechanism to the cloud consumers that complies with international standards.