A Taxonomy of Cloud Attack Consequences and Mitigation
Strategies
The Role of Access Control and
Privileged Access Management
Overview
Find what are the cloud attack consequences
Find what are the recommended mitigation strategies
Thematic analysis to locate any common strategies
Find the mitigation strategy with the greatest impact
Present a plausible solution
Cloud prevalence
Microsoft Office 360
Dropbox
Number two in the top five areas for increase spending for organizations (IDC Computer World, 2015)
What is cloud?
NIST definition Cloud computing is a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction. This cloud model is composed of five essential characteristics, three service models, and four deployment models.
Service ModelsSoftware as a Service, Platform as a Service, Infrastructure as a service
Deployment ModelsPublic cloud, Private cloud, Community cloud, Hybrid cloud.
Categorisation of Cloud Security Consequences and Mitigation Strategies Current Cloud Security Alliance’s (CSA) “The Notorious Nine Cloud Computing
Top Threats”
We gathered the top threats that cloud service providers and users face and re-categorise to allow effective identification and mitigate the risk presented.
Our categorization differs from the CSA’s paper and places threats into potential consequences
Process
Technology
People
People, Process and Technology
PeopleEmployees, individuals who operate the cloud, both from a customer and cloud service provider perspective
ProcessProcesses which govern the operation of the cloud by the customer and service provider
TechnologyTechnology that is used to run and secure the cloud environment to maintain confidentiality, integrity and availability.
Potential causing factor
Confidentiality, Integrity and Availability
Potential result if breached
Integrity
Confidentiality
Availability
ConfidentialityData is only accessible by authorized entities and unauthorized access is prohibited to protected data
IntegrityData can only be altered by authorised parties or through authorized methods
AvailabilityData and services are accessible to authorized parties as required
Attack Consequences
Attack Consequences
Account hijacking
Compromised logs
People Process Technology
Confidentiality
Integrity Availability
People Process Technology
Confidentiality
Integrity Availability
• Eavesdropping
• Manipulation of data
• Return of falsified information
• Redirection of Clients to illegitimate sitesUnauthorized access to management interfaces
• Alteration of auditable logs for:- Intrusion detection systems- Accountability management- Digital forensics
Attack Consequences
Data Breach
Data Loss
People Process Technology
Confidentiality
Integrity Availability
People Process Technology
Confidentiality
Integrity Availability
• When Sensitive, protected or confidential information is intentionally or unintentionally distributed, transmitted, viewed or stored by an unauthorized individual or organization
• Technical attacks, such as collecting side channel timing information to extract private keys used by other VM’s on a host and hypervisor vulnerabilities.
• Associated with undertrained staff who are unequipped to handle the complex storage environments present in cloud products.
• Physical hardware failures, malware, and software vulnerabilities can result in data loss.
Attack Consequences
Unauthorised Elevation and misuse of privilege
Interception, Injection and Redirection
People Process Technology
Confidentiality
Integrity Availability
People Process Technology
Confidentiality
Integrity Availability
- Circumventing controls, social engineering, malware backdoors, physical theft
- Key flaws include unclear roles and responsibilities, poor enforcement of role definitions and not applying the need to know priniciple
- Hijacking of data to manipulate, block and eavesdrop
- Typically exploit vulnerabilities in internet protocols such as man-in-the-middle attacks, IP spoofing, ARP spoofing, DNS poisoning and RIP attacks.
Attack Consequences
Isolation Failure
Resource Exhaustion
People Process Technology
Confidentiality
Integrity Availability
People Process Technology
Confidentiality
Integrity Availability
• Failure of components used for isolation- Disc partitions, CPU caches, Graphics processing units
• May lead to cross-VM side channel attacks, loss control over the physical resources
• Over provisioning customers or being under resourced to fulfil requests, resulting in opportunities for DoS or attacks on the cloud system hypervisor
• DOS, Cloud DNS wars
Mitigation Strategies
Mitigation Strategies
People Process Technology
Confidentiality
Integrity Availability
People Process Technology
Confidentiality
Integrity Availability
Information Security
Operations Management
• Software tools, systems technologies dedicated to maintaining confidentiality and integrity.
• Includes technologies such as encryption to prevent technology based attacks data sniffing and spoofing attacks.
• Oversees the operation of infrastructure technologies DOS, Cloud DNS wars
• Virtualisation software isolation installation, configuration, patches, scanning configurations audited.
• IDS and IPS firewalls are included in the category.
Mitigation Strategies
Resiliency
Process Management
People Process Technology
Confidentiality
Integrity Availability
People Process Technology
Confidentiality
Integrity Availability
• Infrastructure technologies and contingency planning to ensure services are available to authorized parties.
• Development and enforcement of policy
• Such as Security policies
Mitigation Strategies
People Process Technology
Confidentiality
Integrity Availability
Access Management
• Authentication policies for access to infrastructure
• Authentication and privilege access management
Mitigation Strategies
Mitigation Strategies
Attack ConsequencesAccount Hijacking
Compromised logs
Data Breach
Data Loss
Unauthorized Elevation and Misuse of Privilege
Interception, Injection and Redirection
Isolation Failure
Resource Exhaustion
Information Security
[1, 2] [3, 4] [6]
Operation Management
[7] [7] [7, 8] [7]
Resiliency [4, 10]
[12]
Process Management
[3, 10] [3, 10] [3, 10]
Access Management
[2, 4, 10] [1] [3, 4] [7] [2, 15] [8]
What is Privilege Access Management What is an administrator or a privileged user?
What can occur if administrators are unmanaged and have unlimited access?
What can be done to manage the access privileges?
Research Question
Can a privilege access management system solution be created to provide for finer control and automation over current security solutions in the academic and public space?
Privileged Access Management in IaaS Cloud Computing
Conceptual PAM architecture for cloud
Software Used
VMware Workstation 11.1.1 build-2771112
Microsoft Windows Server 2012 R2 Datacenter x64
Microsoft Windows 10 education x64
Visual Studio 2015
Main programing language: C#
Group Policy
Used for Implement specific configurations for users and computers
Contained in GPOs
Linked to Active Directory directory service containers
Sites
Domains
Orgnaisation units
Based on Hierarchal
Allow the management of users and computer object
Applocker
Built further upon existing Software Restrictions Policies
Prevent unlicensed software from running in the desktop environment if the software is not on the allowed list
Prevent vulnerable, unauthorized applications from running in the desktop environment, including malware
Stop users from running applications that needlessly consume network bandwidth or otherwise affect the enterprise computing environment
Prevent users from running applications that destabilize their desktop environment and increase help desk support costs
Provide more options for effective desktop configuration management
Allow users to run approved applications and software updates based upon policies while preserving the requirement that only users with administrative credentials can install or run applications and software updates
Help to ensure that the desktop environment is in compliance with corporate policies and industry regulations
Proposed Graphical User Interface
Privileged access Managed
Prototyping
Prototyping is currently underway
Testing and metrics procedures are currently under review and are being refined
A Taxonomy of Cloud Attack Consequences and Mitigation
StrategiesThe Role of Access Control and Privileged Access Management
IEEE International Conference on Trust, Security and Privacy in Computing and Communications
(IEEE TrustCom 2015)
Kin Suntana TepRay Hunt
Ben MartiniKim-Kwang Raymond Choo
Conclusion
Cloud prevalence and security concerns
Current threats and consequences outlined
Mitigations strategies to combat
Access management a popular solution
Knowledge gap in Privilege access management
Thank you!Any Questions?