Top seven
security issues in cloud computing environment as discovered by “Cloud Security
Alliance” CSA are:
• Misuse
and reprehensible use of Cloud
Computing.
• Insecure API.
• Wicked
Insiders.
• Shared
Technology issues /multi-tenancy nature.
• Data
Crash.
• Account,
Service & Traffic Hijacking.
• Unidentified risk report.
5.1 Misuse and reprehensible Use of Cloud Computing
Hackers,
spammers and other criminals take advantage of the suitable registration,
simple Procedures and comparatively unspecified access to cloud services to launch various attacks such as key cracking, passwordetc.
5.2 Insecure Application Programming Interfaces (API)
Customers handle and interact
with cloud services through API’s. Providers must ensure that security is
integrated into their service models, while users must be aware of security
risks.
5.3 Wicked Insiders
Malicious insiders create a huge threat in cloud computing environment, since consumers do not have a clear sight of provider policies and procedures. Malicious insiders can gain unauthorized access into organization and their assets.
5.4 Shared Technology issues/multi-tenancy nature
This is basically based on
shared infrastructure, which is not designed to accommodate a multi- tenant
architecture.
5.5 Data Crash
Comprised data may include deleted or altered data without making a backup,
unlinking a record from a huge environment, loss of an encoding key and illegal
access of sensitive data.
5.6 Account, Service & Traffic Hijacking
Account or service hijacking is usually carried out with stolen credentials.
Such attacks include phishing, fraud and exploitation of software
vulnerabilities. Attackers can access critical areas of cloud computing services like confidentiality, integrity and availability of services.
5.7 Unidentified Risk Report
Cloud services means that
organizations are less involved with software and hardware, so organizations
should not be aware with these issues such as internal security, security
compliance, auditing and logging may be overlooked.
0 Comments