CLOUD COMPUTING SECURITY

Seminar report submitted in partial fulfillment of the requirement for the award of the degree

of B. Tech in Computer Science and Technology.

BY

SHRAVYA BADAVATH

20251A3603

Department of IT

G. Narayanamma Institute of Technology and Science

(AUTONOMOUS)(for Women)

Approved by AICTE, New Delhi & Affiliated to JNTUH, Hyderabad

Accredited by NBA, An ISO 9001:2015 Certified Institution

Shaikpet, Hyderabad – 500104, TS.

FEBRUARY, 2023.
i.

DEPARTMENT OF COMPUITER SCIENCE AND TECHNOLOGY

CERTIFICATE

This is to certify that the Seminar Report entitled Cloud computing security is

bonafide work done by Shravya Badavath – 20251A3603 in partial fulfillment of the

requirement for the award of degree in B.Tech III-II, Information Technology, from

G.Narayanamma Institute of Technology and Science.

Seminar Coordinator Head of the Department

 ACKNOWLEDGEMENT

The satisfaction and euphoria that accompany a successful completion of any task would be
incomplete without the mention of people who made it possible and whose constant guidance and
encouragement crowned with all efforts with success. So, I would like to take this opportunity to
express my sincere and heart full thanks to everyone.

I sincerely thank our internal guides K Sridevi Ma’am , Associate Professor and
Ammannamma Ma’am, Associate Professor for extending their guidance towards the fulfillment
of this seminar work. They helped me in preparing the seminar and gave valuable feedback.

Also I extend my gratitude for the panel who gave me constructed feedback and
supported in completing the seminar. I also thank Dr. I. Ravi Prakash Reddy Sir, Head of the
section for providing all facilities to complete the seminar successfully.

Shravya Badavath

ii.

ABSTRACT
Cloud computing is the way of computing in which IT Users share the resources and services that
are distributed over the different organizations or sites. As cloud computing share distributed
resources through the network in the open environment, therefore the security problems are
important for the development of cloud computing application. In traditional Models an individual
has full control on data and processes in his/her computer. Whereas, On the other hand in cloud
computing environment, the service and data maintenance is provided by some provider in which
the client/customer is unaware of where the processes is running or where the data is stored. So the
client has no control over it. The cloud computing uses internet as the communication media. The
provider has to give some assurance for security of data in the cloud computing. Organizations that
use cloud computing as a service infrastructure would certainly like to examine the security and
confidentiality issues for their business critical insensitive applications. Yet, guaranteeing the
security of corporate data in the “cloud” is difficult, if not impossible, as they provide different
services like Software as a service(SaaS), platform as a service(PaaS), and infrastructure as a
service(IaaS). Each service has their own security issues. Business Data protection application,
security and privacy are important security issues must be incorporated in cloud computing. Here,
apart from addressing various security issues a model system has been proposed in which hybrid
cloud computing suitable for high risk data transaction environment.

iii.

LIST OF FIGURES
SL NO. FIGURES PAGE
No.

1. INTRODUCTION 1
TO CLOUD
COMPUTING
2. DEPLOYEMENT 4
MODELS
3. CLASSIFICATIO 7
N OF MODELS
4. MULTITENANCY 10

iv.
CHAPTERS

Chapter 1. Introduction ……………………………………………………………1

Chapter 2. What Is Cloud …………………………………………………………1

Chapter 3. What Is Cloud Computing …………………………………………….2

3.1 Benefits

3.2 Characteristics

Chapter 4. Deployment Models …………………………………………………...6

4.1 Public Cloud

4.2 Private Cloud

4.3 Community Cloud

4.4 Hybrid Cloud

Chapter 5. Service Models …………………………………………………………9

5.1 Infrastructure Asa Service (Iaas)

5.2 Platform As A Service (Paas)

5.3 Software As A Service (Saas)

Chapter 6. Cloud Concerns …………………………………………………………11

Chapter 7. Threats In Cloud Computing ……………………………………………13

Chapter 8. Conclusion ………………………………………………………………17

References…………………………………………………………………………….18

1.
1. INTRODUCTION

Cloud computing is a network based environment that focuses on sharing computations or

resources. Actually, clouds are internet-based and it tries to disguise complexity for clients. Cloud
computing refers to both the applications delivered as services over the internet and the hardware
and software in the data centers that provide those services. Cloud providers use virtualization
technologies combined with self service abilities for computing resources via network
infrastructure. In cloud environments, several kinds of virtual machines are hosted on the same
physical server as infrastructure. In cloud, costumers must only pay for what they use and have not
to pay for local resources which they need to such as storage or infrastructure.

2. What is cloud?

The term cloud refers to a network or internet. In other words we can say that cloud is something,
which is present at remote location. Cloud can provide services over network that is on public
networks or on private networks i.e; WAN,LAN or VPN. Applications such as e-mail, web
conferencing, customer relationship management(CRM), all run in cloud.

2.

3. What is cloud computing?

 Cloud computing refers to manipulating, configuring and accessing the applications online. It offers
online data storage, infrastructure and application.

3.1 Benefits of cloud computing:

1. Scalability

The IT needs of every company are different. For example, a big tech company with thousands of
employees needs different resources than a startup with only three. Cloud providers are a perfect
solution for either company because their services can be scaled to meet their needs.This scaling
can be done in a matter of seconds or minutes, which is great for a company that’s growing quickly.
As demands increase, a business can quickly scale its cloud-based infrastructure without investing
in physical components.

2. Cost

While the initial migration of existing infrastructure may take planning, money, and time, most
businesses see cost savings in using cloud services right away. Since cloud computing resources
can be sized to a business’s needs, they never pay for more than they use. It’s a pay-as-you-go
system.

3. Speed
Along with saving time and resources, cloud computing has also sped up software development.
Setting up a new development environment or virtual machine on a cloud can be done in seconds
with the click of a few buttons. With a traditional data center, you’d have to purchase, install, and
maintain all the required hardware. Cloud services are fast. With a traditional data center, users
have to connect to that one data center no matter where they’re located in the world. A cloud
service, on the other hand, can be distributed across the world, so users get a fast connection close
to their geographical location.
4. Performance
Because providing modern IT infrastructure is their business, cloud providers keep data centers
updated with the latest high-performance hardware and technologies. This enables better
connectivity and performance.
5. Security
Cybersecurity is a big concern of any business. Cloud services resolve this by managing
permissions and access to the services and resources they provide. For example, you could restrict
access to an important file to a specific set of users.
3.

3.2 CHARACTERISTCS OF CLOUD COMPUTING

 The essential characteristics of cloud computing are:

On-Demand Self-Service
A consumer can unilaterally provision computing capabilities, such as server time and network
storage, as needed automatically without requiring human interaction with each service provider.

Broad Network Access

Capabilities are available over the network and accessed through standard mechanisms that
promote use by heterogeneous thin or thick client platforms (e.g. mobile phones, tablets and
workstations).

Resource Pooling
The providers computing resources are pooled to serve multiple consumers using a multi-tenant
model, with different physical and virtual resources dynamically assigned and reassigned according
to consumer demand.

Rapid Elasticity
Capabilities can be elastically provisioned and released, in some cases automatically, to scale
rapidly outward and inward commensurate with demand. To the consumer, the capabilities
available for provisioning often appear to be unlimited and can be appropriated in any quantity at
any time.

Measured Service
Cloud systems automatically control and optimize resource use by leveraging a metering capability
at some level of abstraction appropriate to the type of service (e.g. storage, processing, bandwidth,
and active user accounts). Resource usage can be monitored, controlled, and reported, providing
transparency for both the provider and consumer of the utilized service

4.
 There are certain services and models working behind the scene making the cloud computing
feasible and accessible to end users. The following are the working models for cloud computing:
-deployment models

-service models

4. DEPLOYMENT MODELS

Deployment models defines the type of access to the cloud, i.e; how the cloud is located?

Cloud can have four types of access: public, private, hybrid and community.

4.1 Public Cloud

The name says it all. It is accessible to the public. Public deployment models in the cloud are
perfect for organizations with growing and fluctuating demands. It also makes a great choice for
companies with low-security concerns. Thus, you pay a cloud service provider for networking
services, compute virtualization & storage available on the public internet. It is also a great delivery
model for the teams with development and testing. Its configuration and deployment are quick and
easy, making it an ideal choice for test environments.

.
5.

Benefits of Public Cloud

 Minimal Investment - As a pay-per-use service, there is no large upfront cost and is ideal for
businesses who need quick access to resources
 No Hardware Setup - The cloud service providers fully fund the entire Infrastructure

No Infrastructure Management - This does not require an in-house team to utilize the public cloud

Limitations of Public Cloud

 Data Security and Privacy Concerns - Since it is accessible to all, it does not fully protect against
cyber-attacks and could lead to vulnerabilities.
 Reliability Issues - Since the same server network is open to a wide range of users, it can lead to
malfunction and outages
 Service/License Limitation - While there are many resources you can exchange with tenants, there
is a usage cap.

4.2 Private Cloud

Now that you understand what the public cloud could offer you, of course, you are keen to know
what a private cloud can do. Companies that look for cost efficiency and greater control over data
& resources will find the private cloud a more suitable choice.

It means that it will be integrated with your data center and managed by your IT team.
Alternatively, you can also choose to host it externally. The private cloud offers bigger
opportunities that help meet specific organizations' requirements when it comes to customization.
It's also a wise choice for mission-critical processes that may have frequently changing
requirements.

Benefits of Private Cloud

6.

 Data Privacy - It is ideal for storing corporate data where only authorized personnel gets access
 Security - Segmentation of resources within the same Infrastructure can help with better access and
higher levels of security.
 Supports Legacy Systems - This model supports legacy systems that cannot access the public cloud.

Limitations of Private Cloud

 Higher Cost - With the benefits you get, the investment will also be larger than the public cloud.
Here, you will pay for software, hardware, and resources for staff and training.
 Fixed Scalability - The hardware you choose will accordingly help you scale in a certain direction
 High Maintenance - Since it is managed in-house, the maintenance costs also increase.

7.

4.3 Community Cloud

 The community cloud operates in a way that is similar to the public cloud. There's just one
difference - it allows access to only a specific set of users who share common objectives and use
cases. This type of deployment model of cloud computing is managed and hosted internally or by a
third-party vendor. However, you can also choose a combination of all three.

Benefits of Community Cloud

 Smaller Investment - A community cloud is much cheaper than the private & public cloud and
provides great performance
 Setup Benefits - The protocols and configuration of a community cloud must align with industry
standards, allowing customers to work much more efficiently.

Limitations of Community Cloud

 Shared Resources - Due to restricted bandwidth and storage capacity, community resources often
pose challenges.
 Not as Popular - Since this is a recently introduced model, it is not that popular or available across
industries

4.4 Hybrid Cloud

As the name suggests, a hybrid cloud is a combination of two or more cloud architectures. While
each model in the hybrid cloud functions differently, it is all part of the same architecture. Further,
as part of this deployment of the cloud computing model, the internal or external providers can
offer resources.

Let's understand the hybrid model better. A company with critical data will prefer storing on a
private cloud, while less sensitive data can be stored on a public cloud. The hybrid cloud is also
frequently used for 'cloud bursting'. It means, supposes an organization runs an application on-
premises, but due to heavy load, it can burst into the public cloud.

Benefits of Hybrid Cloud

 Cost-Effectiveness - The overall cost of a hybrid solution decreases since it majorly uses the public
cloud to store data.

8.
 Security - Since data is properly segmented, the chances of data theft from attackers are significantly
reduced.
 Flexibility - With higher levels of flexibility, businesses can create custom solutions that fit their
exact requirements

Limitations of Hybrid Cloud

 Complexity - It is complex setting up a hybrid cloud since it needs to integrate two or more cloud
architectures
 Specific Use Case - This model makes more sense for organizations that have multiple use cases or
need to separate critical and sensitive data

Important Public Private Community

Factors to
Consider

Setup and Easy Requires Requires

ease of use profession professional
al IT IT Team
Team

Data Low High Very High

Security and
Privacy

Scalability High High Fixed

and requirements
flexibility

Cost- Most Most Cost is distributed

Effectiveness afford expensive Among
able members

Reliability Low High Higher

 9.

5. SERVICE MODELS

5.1 Infrastructure as a Service (IaaS)

IaaS is also known as Hardware as a Service (HaaS). It is a computing infrastructure managed over
the internet. The main advantage of using IaaS is that it helps users to avoid the cost and
complexity of purchasing and managing the physical servers.

Characteristics of IaaS

There are the following characteristics of IaaS -

o Resources are available as a service

o Services are highly scalable

o Dynamic and flexible

o GUI and API-based access

o Automated administrative tasks

Example: DigitalOcean, Linode, Amazon Web Services (AWS), Microsoft Azure, Google Compute
Engine (GCE), Rackspace, and Cisco Metacloud.

5.2 Platform as a Service (PaaS)

PaaS cloud computing platform is created for the programmer to develop, test, run, and manage the
applications.

Characteristics of PaaS

There are the following characteristics of PaaS -

o Accessible to various users via the same development application.

o Integrates with web services and databases.

o Builds on virtualization technology, so resources can easily be scaled up or down as per the
organization's need.
o Support multiple languages and frameworks.

o Provides an ability to "Auto-scale".

Example: AWS Elastic Beanstalk, Windows Azure, Heroku, Force.com, Google App Engine,
Apache Stratos, Magento Commerce Cloud, and OpenShift.
 10.

5.3 Software as a Service (SaaS)

SaaS is alsO known as "on-demand software". It is a software in which the applications are hosted
by a cloud service provider. Users can access these applications with the help of internet connection
and web browser.

Characteristics of SaaS

There are the following characteristics of SaaS -

o Managed from a central location

o Hosted on a remote server

o Accessible over the internet

o Users are not responsible for hardware and software updates. Updates are applied automatically.

o The services are purchased on the pay-as-per-use basis

Example: BigCommerce, Google Apps, Salesforce, Dropbox, ZenDesk, Cisco WebEx, ZenDesk,

Slack, and GoToMeeting.
 11.

6. CLOUD CONCERNS

Malicious insider:

Malicious insider
A malicious insider is a person motivated to create a bad impact on the organization’s mission by
taking action that compromises information confidentiality, integrity, and/or availability. The
malicious activities often insider could potentially have an impact on: the confidentiality, integrity
and availability of all kind of data and services with impact on the internal activities, organization’s
reputation and customer trust. This is especially important in the case of cloud computing due to the
fact that cloud architectures require certain roles, like cloud administrators, cloud auditors, cloud
security personnel, which are extremely high-risk.

Lack of Trust

Trust between the Service provider and the customer is one of the main issues cloud computing
faces today. There is no way for the customer to be sure whether the management of the Service is
trustworthy, and whether there is any risk of insider attacks. This is a major issue and has received
strong attention by companies. The only legal document between the customer and service provider
is the Service Level Agreement (SLA). This document contains all the agreements between the
customer and the service provider; it contains what the service provider is doing and is willing to
do. However, there is currently no clear format for the SLA, and as such, there may be services not
documented in the SLA that the customer may be unaware that it will need these services at some
later time.

Data Confidentiality:

Privacy and security of data is crucial for users to store their private or confidential
information in the cloud.To ensure security of the records, authentication and access control
techniques are used.
Cloud storage could resolve authentication , data security and access control problems by
increasing cloud trustworthiness and reliability .Owing to the non-
 12.
trustworthy cloud service providers (CSP), confidentiality may also be compromised. Better
encryption techniques will guarantee confidentiality.

Data Integrity:

Data integrity is useful for data authenticity, and guarantees data consistency and reliability as
well. Lack of credibility is a big challenge in the cloud world, because of data privacy
problems, there are many security threats and attacks. Data integrity ensures
that the data is not modified or altered without the knowledge of the user. When the intruder or
unauthorized person has control to the stored data , data privacy is at stake. The user data can be
attacked by data modification, Tag forgery attack and data leakage attack. Monitoring data
integrity is important to prevent data manipulation and data crashing in cloud providers.

Data Availability :

when incidents such as hard disk destruction, IDC fire, and network errors occur, the
degree to which customer data can be accessed or retrieved and how users validate their data
using methods rather than relying solely on the Cloud storage provider's credit guarantee.
 13.
7. THREATS IN CLOUD:

Why cloud computing brings new threats?

-Traditional system security mostly means keeping bad guys out.

-The attacker needs to either compromise the authentication or access control system,or impersonate
existing users.
Consumer’s loss of control
-Data, applications, resources are located with provider
- User identity management is handled by the cloud
- User access control rules, security policies and enforcement are managed by the cloud
provider.
- Consumer relies on provider to ensure
- Data security and privacy
- Resource availability
- Monitoring and repairing of services/resources

Multitenancy in Cloud computing: 

Multitenancy is a type of software architecture where a single software instance can serve
multiple distinct user groups. It means that multiple customers of cloud vendor are using the same
computing resources. As they are sharing the same computing resources but the data of each
Cloud customer is kept totally separate and secure. It is very important concept of Cloud
Computing.

In cloud computing Multitenancy also refer as shared host where same resources are divided
among different customers.
 14.

The example of multitenancy is the same as working of

Bank. Multiple people can store money in the one same bank. But every customer asset is totally
different like one customer cannot have access to the other customer’s money and account and
different customers are not aware about each other’s account balance and details etc.

Multi-tenancy is an architectural approach enabling a single instance of an application to be

shared among multiple organizations or users, and is applied only to SaaS (Software as a service).
The core principle here is, it is the single instance of the application which is being shared.
Hence, multi-instance architectures aren’t the same as multi-tenant architectures.

Malicious insiders

they can be employees, former employees, contractors or business associates who have legitimate
access to your systems and data, but use that access to destroy data, steal data or sabotage your
systems. It does not include well-meaning staff who accidentally put your cyber security at risk or
spill data.

There are many reasons an insider can be or become malicious including revenge, coercion,
ideology, ego or seeking financial gain through intellectual property theft or espionage.

They could:

 impact external sites, creating public damage to your brand

 prevent your systems from functioning properly
 15.

 steal or sell business trade secrets or intellectual property (IP)

 install malware for their own purposes

Data Breaches:

A data breach is a security incident in which sensitive, private, or confidential data related to a
person or organization has been accessed, copied, or transmitted by an unauthorized party.
Data breach is a threat with severe risk and is ranked as number one among the threats in cloud
computing. Over 1.4 billion records were lost to data breaches in 2017 alone, many of which
involved
cloud servers.

Data breaches can be caused due to targeted attacks, simple human error,
application vulnerabilities, or poor security practices.

Data Loss :

It is corruption or unavailability of data which results due to natural disasters like floods,
earthquakes; and simple human errors like when a cloud administrator accidentally deletes
files, hard drive failure, power failure, or due to malware infection. To avoid data loss, the
most efficient strategy is to backup data to multiple locations so that even when data gets corrupted
or lost at one location, it can be replaced with a copy available at another location.

Denial of Service :

A DoS (Denial of Service) attack, effects the availability of a system. In a DoS attack, there is
only one source machine from which the attack originates and it is susceptible to mitigate. DoS
attacks are designed to prevent legitimate users of a service from
being able to access their data or applications.

A DDoS (Distributed Denial of Service) attack on the other hand, employs several systems to
attack a cloud service. In a DDoS attack, the attacker takes control of several victim systems
known as zombies or slaves by spreading different kinds of malware.
 16.
This collection of slaves is known as a botnet. Now, the attacker can take down a cloud service by
ordering the slaves in the botnet to send fake traffic which fabricates data
or applications or other resources in cloud unavailable to legitimate users.

Both DoS and DDoS attacks are easy to execute, especially if the attacker has control over a
botnet. Now-a-days, these services are available online for a modest fee and there is no need to
make your own botnet. One high-profile example of DDoS occurred in October 2016, when an
attack on Internet DNS (Domain Name Service) company.

A variation of DoS or DDoS, particularly related to cloud is Economic Denial of

Sustainability (EDoS) attack where an attacker sends fake requests to a victim cloud service to
have an economic affect.

Account Hijacking:

Cloud services add a new threat to the landscape of account or service hijacking. Account
hijacking is compromising the account credentials of a legitimate user and utilizing them for
nefarious purposes. With stolen credentials, attackers might compromise the confidentiality,
integrity, or availability of the cloud services.

Techniques like phishing and fraud allow attackers to hijack account credentials.
Enterprises should mitigate the sharing of account credentials between users and cloud services
and enable multifactor authentication where ever possible.
 17.
8. CONCLUSION:

The cloud computing model is one of the promising computing models for service providers, cloud
providers and cloud consumers. But to best utilize the model we need to block the existing security
holes. Based on the details explained above, we can summarize the cloud security problem
as follows:

-some of the security problems are inherited from the used technologies.

-multi-tenancy and isolation is a major dimension in the cloud security problem that requires a
vertical solution from the SaaS layer down to physical infrastructure (to develop physical alike
boundaries among tenants instead of virtual boundaries currently applied).
-security management is very critical to control and manage this number of requirements and
controls.

Based on this discussion we recommend that cloud computing security solutions should:

-focus on the problem abstraction, using model-based approaches to capture different security
views and link such views in a holistic cloud security model.
-support for multi-tenancy where each user can see only his security configurations, elasticity, to
scale up and down based on the current context.
-support integration and coordination with other security controls at different layers to deliver
integrated security.
-be adaptive to meet continuous environment changes and stakeholders needs.
 18.
REFERENCES

[1] K. Hashizume, D. G. Rosado, E. Fernández-Medina, and E. B. Fernandez, "An

analysis of security issues for cloud computing," J. Internet Serv. Appl., vol. 4, no. 1, p. 5, 2013.

[2] CSOonline Top Cloud Security Threats 2018 -

https://www.csoonline.com/article/3043030/security/12-top-cloud-security-threats-for-2018.html
(last accessed on Mar, 2018)

[3] Lee, K. (2012). Security Threats in Cloud Computing Environments. International Journal of
Security and Its Application

[4] Iyer, B. & Henderson, J.C. (2010). Preparing for the future: understanding the seven capabilities
of cloud computing. MIS Quarterly Executive, 9, 117-131.

[5] Kandukuri, B.R., Paturi, R., Rakshit, A.: Cloud Security Issues. In: The Proceedings of IEEE
International Conference on Service Computing, pp. 517–520 (2009)