What is Cloud Security? – Cloud Security refers to the security implementations, deployments, and preventions to defend against security threats. Cloud Security includes Control policies, deployment of security devices such as application firewalls, Next generation IPS devices and hardening the infrastructure of Cloud Computing. It also includes some activites that are to be taken from the service providers end as well as actions that should be taken at the user end.
Cloud Security Control Layers
There are several security mechanisms, devices, and policies that provide support at different cloud security control layers. At the Application Layer, Web Application Firewalls are deployed to filter the traffic and observe the behavior of traffic. Similarly, Systems Development Life Cycle (SDLC), Binary Code Analysis, Transactional Security provide security for online transactions, and script analysis, etc.
In Cloud Computing, to provide confidentiality and integrity of information that is being communicated between client and server, different policies are configured to monitor any data loss. These policies include Data Loss Prevention (DLP) and Content Management Framework (CMF). Data Loss Prevention (DLP) is the feature which offers to prevent the leakage of information to outside the network. Traditionally this information may include company or organizations confidential information, propritary, financial and other secret information. Data Loss Prevention feature also ensures the enforcement of compliance with rules and regulations using Data Loss Preventions policies to prevent the user from intentionally or unintentionally sending this confidential information.
Security of Cloud Computing regarding management is performed by different approaches such as Governance, Risk Management, and Compliance (GRC), Identify and Access Management (IAM), Patch and Configuration management. These approaches help to control the secure access to the resources and manage them.
There are some solutions available to secure the network layer in cloud computing such as the deployment of Next-Generation IDS/IPS devices, Next-generation Firewalls, DNSSec, Anti-DDoS, Oauth and Deep Packet Inspection (DPI), etc. Next-Generation Intrusion Prevention System, known as NGIPS, is one of the efficiently-proactive components in the Integrated Threat Security Solution. NGIPS provide stronger security layer with deep visibility, enhanced security intelligence and advanced protection against emerging threat to secure complex infrastructures of networks.
Cisco NGIPS Solutions provides deep network visibility, automation, security intelligence, and next-level protection. It uses the most advanced and effective intrusions prevention capabilities to catch emerging sophisticated network attacks. It continously collects information regarding the network, including operating systems informaiton, files and applications informations, devices and user’s information. This information helps NGIPS to determine network maps and host profiles which lead to contextual information to make better decisions about intrusive events.
The root of Trust (RoT) is established by validating each components of hardware and software from the end entity up to the root certificate. It is intended to ensure that only trusted software and hardware can be used while still retaining flexibility.
Computer And Storage
Computing and Storage in cloud computing can be implementing Host-Based Intrusion Detection or Preventions Systems (HIDS/HIPS). Configuring Integrity Check, File System Monitoring and Log File Analysis, Connections Analysis, Kernel Level Detecion, Encrypting the storage, etc. Host-based IPS/IDS is normally deployed for the protection of specific host machine, and it works closely with the Operating System Kernel of the host machine, It creates a filtering layer and filters out any malicious application call to the OS.
Physical Security is always required on priority to secure anything. As it is also the first Layer OSI Model. if the device is not physically secured, any sort of security configuration will not be effective. Physical Security includes protection against man-made attacks such as theft, damage, unauthorized physical access as well as enviormental impact such as rain, dust, power failure, fire. etc.
Responsibilities in Cloud Security
Cloud Service Provider
- Web Application Firewall (WAF).
- Real Traffic Grabber (RTG)
- Data Loss Preventions (DLP)
- Secure Web Gateway (SWG)
- Application Security (App Sec)
- Virtual Private Network (VPN)
- Load Balancer
- Trusted Platform Module
- Netflow and Others
Cloud Service Consumer
- Public Key Infrastructure (PKI)
- Security Development Life Cycle (SDLC)
- Web Application Firewall (WAF)
- Secure Web Gateway
- Application Security
Cloud Security Tools
Core Security Technologies offers Offers ” Core CloudInspect ” A cloud Security testing solutions for Amazon Web Services (AWS). This is a tool that profits from the Core Impact and Core Insight Technologies to offer penetration-testing as a service form Amazon Web Services for EC2 users.
For More hacking Content Click Here