The Cloud Security Ecosystem: Technical, Legal, Business and Management Issues

Front Cover
The Cloud Security Ecosystem: Technical, Legal, Business and Management Issues
Copyright
Dedication
Contents
Contributors
Foreword
Preface
	How to Read This Book
About the Authors
List of Reviewers
Acknowledgments
Chapter 1: Cloud security ecosystem
	1. How It All Started—The Story of an Online Bookstore
	2. Consolidation of Terminologies and Perspectives
		2.1. Perspective 1: Essential Characteristics
		2.2. Perspective 2: Layers and Scope
	3. The Achilles' Heel—Depending on a Trust Relationship
		3.1. Case Study1: Breach of Trust by a Public Cloud System Administrator
		3.2. Case Study2: Liability of a Liquidated Cloud Business
		3.3. Gatekeepers—Governments Versus Technology Creators
	4. Top Threats and Vulnerabilities of Cloud Security
		4.1. Cloud Security Alliance's Top Threats to Cloud Computing Research
		4.2. Statistics of Common Vulnerabilities Faced by Cloud Service Providers
	5. Managing Cloud Security Risks with the Deming Cycle
	6. Plan—Threats, Risk, and Requirements Landscape
	7. Do—Cloud Security Approaches and Challenges
	8. Check—Forensics and Incident Response
	9. Act—Governance and Auditing
	10. Summary
	References
Part 1: Plan: Threats, risk, and requirements landscape
	Chapter 2: Cybercrime in cloud: Risks and responses in Hong Kong, Singapore
		1. Introduction
			1.1. Definition of Cloud Computing
			1.2. Growth in Cloud Computing: Hong Kong and Singapore
		2. Key factors shaping "Response": Hong Kong, Singapore
			2.1. Hong Kong
				2.1.1. Economy
				2.1.2. Cultural factors
				2.1.3. Political structure
				2.1.4. Criminal justice and legal systems
			2.2. Singapore
				2.2.1. Economy
				2.2.2. Cultural factors
				2.2.3. Political structure
				2.2.4. Criminal justice and legal systems
		3. Discussion
		References
	Chapter 3: CATRA: Conceptual cloud attack taxonomy and risk assessment framework
		1. Introduction
		2. Taxonomies: A literature survey
			2.1. Taxonomy Characteristics
			2.2. Attack Taxonomy Classifiers
			2.3. Attack Taxonomies
				2.3.1. Cyber attack taxonomies
				2.3.2. Countermeasures taxonomies
				2.3.3. Network attack and countermeasure tools taxonomy
				2.3.4. Distributed denial of service taxonomies
				2.3.5. Protocol vulnerability taxonomies
				2.3.6. Botnets and malware taxonomies
				2.3.7. Web service attacks
				2.3.8. Cloud security and attack taxonomies
			2.4. Literature Gaps
		3. Cloud attacks literature review
			3.1. Vulnerabilities and Threat Vectors
				3.1.1. People, process, and physical vulnerabilities
				3.1.2. Technical vulnerabilities and vectors
					3.1.2.1. Distributed denial of service
					3.1.2.2. Cross-VM attacks
					3.1.2.3. The malware vector and virtualization vulnerabilities
					3.1.2.4. Phishing
					3.1.2.5. Web services
					3.1.2.6. Browser
					3.1.2.7. Management console
					3.1.2.8. Cryptography
					3.1.2.9. Network protocols
					3.1.2.10. Expanded network attack surface
			3.2. Threat Actors
				3.2.1. Financially motivated
				3.2.2. Ideologically motivated
				3.2.3. State and corporate backed
				3.2.4. Insiders
				3.2.5. Script kiddies
			3.3. Countermeasures
				3.3.1. Responsibility
				3.3.2. Prevention
					3.3.2.1. People, process, and physical vulnerabilities
					3.3.2.2. Cross-VM attacks
					3.3.2.3. Web services and applications
					3.3.2.4. Management console
					3.3.2.5. Cryptography and network protocols
				3.3.3. Detection
					3.3.3.1. Cloud intrusion detection systems
					3.3.3.2. HVM malware
					3.3.3.3. Phishing
				3.3.4. Containment, recovery, and restoration
					3.3.4.1. DDoS defense mechanisms
					3.3.4.2. Backups
					3.3.4.3. Utilizing virtualization
					3.3.4.4. Expanded network attack surface
			3.4. Cloud Attack Targets
			3.5. Impact of Cloud Attacks
			3.6. Literature Gaps
		4. Conceptual cloud attack taxonomy and risk assessment framework
			4.1. Source Dimension
			4.2. Vector Dimension
			4.3. Vulnerability Dimension
			4.4. Target Dimension
			4.5. Impact Dimension
			4.6. Defense Dimension
		5. Example scenario: extortion by DDoS and account hijacking
			5.1. Parameters
			5.2. Risk Assessment Method
			5.3. Analysis
				5.3.1. Source
				5.3.2. Vectors
				5.3.3. Vulnerabilities
				5.3.4. Defenses
				5.3.5. Targets
				5.3.6. Impacts
				5.3.7. Risk rating
			5.4. Limitations
		6. Conclusion and future work
		References
	Chapter 4: Multitiered cloud security model
		1. Introduction
		2. The Problem
		3. Holistic approach
			3.1. Awareness
			3.2. Classification
			3.3. Technology
			3.4. Policy and Regulation
			3.5. Certification
			3.6. Standards
		4. Why Develop Cloud Security Standards and Guidelines
		5. Related Work
		6. Design considerations of multitiered cloud security
		7. Benefits to Stakeholders
		8. MTCS standards
		9. Self-Disclosure
		10. Certification Scheme
		11. Status
		12. Deployment
		13. Harmonization
		14. Future Work
		15. Conclusion
		Acknowledgements
		References
Part 2: Do: Cloud security approaches and challenges
	Chapter 5: A guide to homomorphic encryption
		1. Introduction
		2. Current industry work-arounds and their gaps
		3. History and Related Work
		4. Overview of partial homomorphic encryption schemes
			4.1. Public Key Encryption
			4.2. El Gamal
			4.3. Paillier Cryptosystem
		5. Fully homomorphic encryption
			5.1. Lattices
			5.2. Lattice Problems
			5.3. Learning With Errors
			5.4. Approximate Eigenvector Algorithm
				Key Generation
				5.4.1. Encryption and Decryption
				Proof for Homomorphic Addition and Multiplication
				Example
		6. Homomorphic Encryption in the Cloud
		7. Future of Homomorphic Encryption and Open Issues
		8. Alternatives to homomorphic encryption
		9. Summary
		References
	Chapter 6: Protection through isolation: Virtues and pitfalls
		1. Introduction
		2. Hypervisors
			2.1. General Architectures
			2.2. Practical Realization
		3. Shared networking architecture
			3.1. Packet Scheduling
			3.2. Traffic Shaping
		4. Isolation-based attack surface
		5. Inventory of known attacks
		6. Protection strategies
		7. Conclusion
		References
	Chapter 7: Protecting digital identity in the cloud
		1. Introduction
		2. The rise of digital identity
			2.1. Composition and Functions of Digital Identity
		3. The rise of cloud computing
			3.1. The Impact of Cloud Computing and Cross-Border Data
		4. Protecting digital identity in the era of cloud computing
		5. Conclusion
	Chapter 8: Provenance for cloud data accountability
		1. Introduction
			1.1. Background
			1.2. Provenance Reconstruction
		2. Related Work
		3. Data Provenance Model for Data Accountability
			3.1. A Case for Provenance
			3.2. Elements of the Data Provenance Model
				3.2.1. Artifact
				3.2.2. Entity
				3.2.3. Actions
				3.2.4. Context
				3.2.5. Time
			3.3. Rules for Data Provenance Model
		4. Reconstructing the Data Provenance
		5. Challenges
		6. Future Work and Concluding Remarks
		References
	Chapter 9: Security as a service (SecaaS)—An overview
		1. Introduction
			1.1. History Repeating Itself
			1.2. The Growth of Cloud Computing Services
			1.3. Defining Security as a Service
			1.4. Motivation for This Chapter
		2. Background
			2.1. Security as a Service
			2.2. Outsourcing Model
		3. Traditional Security
			3.1. On-Premise
			3.2. Managed Security Services
		4. SecaaS Categories of Service
			4.1. System Security
			4.2. Network Security
				4.2.1. Service scanning
				4.2.2. Intrusion detection
				4.2.3. Real-time configuration and alerts
			4.3. Web Security
				4.3.1. Reduce cost and complexity
				4.3.2. Provide real-time protection
				4.3.3. Web filtering
				4.3.4. Granular Web application controls
			4.4. Data Security
		5. Gaps Identified After SecaaS Classification
			5.1. Gaps in SecaaS Web Technologies
			5.2. Lack Of True Risk Evaluation
			5.3. Lack of a Data-centric Approach
			5.4. No Real Classification for Mapping Legitimate Communicating Services
		6. Future Work
		7. Concluding Remarks
		References
	Chapter 10: Secure migration to the cloud-In and out
		1. Introduction
		2. Who Are Cloud Consumer and CSP?
		3. IT-Service of a small lawyer office migrates into the cloud
		4. Requirements for cloud migration
			4.1. Security Policy
			4.2. Policy Development
			4.3. Security and Privacy
			4.4. Detecting and Preventing Sensitive Data Migration to the Cloud
			4.5. Protecting Data Moving to the Cloud
			4.6. Protecting Data in the Cloud
			4.7. IT-Knowledge
			4.8. Control and Visibility
			4.9. Costs
			4.10. Interoperability and Portability
			4.11. Performance
		5. Rollback Scenarios
			5.1. Vendor Lock-In
		6. Legal aspects
		7. Challenges in cloud migration
			7.1. Latency
			7.2. Security
			7.3. Interoperability
			7.4. Internet Speed
			7.5. Cloud Integration
		8. Migration phases
			8.1. Planning
			8.2. Contracts
			8.3. Migration
			8.4. Operation
			8.5. Termination
		9. Auditing
		10. Summary
		References
	Chapter 11: Keeping users empowered in a cloudy Internet of Things
		1. Introduction
		2. Problem Space Assumptions
			2.1. Physical Limitations of Smart Objects
			2.2. Security Objectives
			2.3. Authentication-Related Tasks
			2.4. Authorization-Related Tasks
			2.5. Implications of Device Constraints for Authenticated Authorization
		3. Delegated Authenticated Authorization
			3.1. Constrained Level
			3.2. Principal Level
			3.3. Less-Constrained Level
			3.4. Authorization to Authorize: Choosing the Authorization Managers
				3.4.1. Estimating the amount of control
				3.4.2. Delegated key management
				3.4.3. Implementation
		4. Usage Example
		5. Conclusion
		References
	Chapter 12: Cloud as infrastructure for managing complex scalable business networks, privacy perspective
		1. Introduction
		2. Knowledge management
			2.1. Definitions and Concepts
			2.2. Social Networks in Business Environment
			2.3. Technology as KM Enabler
			2.4. Security and Privacy in KM Context
		3. Cloud computing overview
			3.1. Cloud Computing Concepts
			3.2. Knowledge as a Service
			3.3. Privacy and Security Issue in Cloud Computing
		4. Strategies toward successful KM system
			4.1. Modeling Knowledge Organizations and Groups
			4.2. Modeling Knowledge Activities and Allocations
		5. Modeling scalability and privacy
		6. Concluding summary
		References
	Chapter 13: Psychology and security: Utilizing psychological and communication theories to promote safer cloud security b...
		1. Introduction
		2. Communication Theories
			2.1. CPM Theory
			2.2. Hyperpersonal Communication
		3. Cognitive psychology
		4. Other relevant theories
			4.1. Learning Theories
			4.2. Protection Motivation Theory
		5. Overcoming Inhibitions to Safer Security Behaviors
		6. Conclusion
		Suggested Further Readings
		References
Part 3: Check: Forensics and incident response
	Chapter 14: Conceptual evidence collection and analysis methodology for Android devices
		1. Introduction
		2. Related Work
			2.1. Background
			2.2. Existing Literature
		3. An Evidence Collection and Analysis Methodology for Android Devices
			3.1. Identify Device and Preserve Evidence
			3.2. Collect Evidence
				3.2.1. Setup bootloader for live OS
				3.2.2. Boot the live OS in memory
				3.2.3. Collect the physical image of the device partitions
			3.3. Examination and Analysis
				3.3.1. Examine app files in private storage
				3.3.2. Examine app files on external storage
				3.3.3. Examine app databases
				3.3.4. Examine and analyze accounts data
				3.3.5. Analyze apps
			3.4. Reporting and Presentation
		4. Conclusion
		References
	Chapter 15: Mobile cloud forensics: An analysis of seven popular Android apps
		1. Introduction
		2. Android cloud apps
			2.1. Dropbox
				2.1.1. Examine app files in private storage (Dropbox)
				2.1.2. Examine app files on external storage (Dropbox)
				2.1.3. Examine app databases (Dropbox)
				2.1.4. Examine and analyze accounts data (Dropbox)
			2.2. Box
				2.2.1. Examine app files in private storage (Box)
				2.2.2. Examine app files on external storage (Box)
				2.2.3. Examine app databases (Box)
				2.2.4. Examine and analyze accounts data (Box)
			2.3. OneDrive
				2.3.1. Examine app files in private storage (OneDrive)
				2.3.2. Examine app files on external storage (OneDrive)
				2.3.3. Examine app databases (OneDrive)
				2.3.4. Examine and analyze accounts data (OneDrive)
			2.4. ownCloud
				2.4.1. Examine app files in private storage (ownCloud)
				2.4.2. Examine app files on external storage (ownCloud)
				2.4.3. Examine app databases (ownCloud)
				2.4.4. Examine and analyze accounts data (ownCloud)
			2.5. Evernote
				2.5.1. Examine app files in private storage (Evernote)
				2.5.2. Examine app files on external storage (Evernote)
				2.5.3. Examine app databases (Evernote)
				2.5.4. Examine and analyze accounts data (Evernote)
			2.6. OneNote
				2.6.1. Examine app files in private storage (OneNote)
				2.6.2. Examine app files on external storage (OneNote)
				2.6.3. Examine app databases (OneNote)
				2.6.4. Examine and analyze accounts data (OneNote)
			2.7. Universal Password Manager
				2.7.1. Examine app files in private storage (UPM)
				2.7.2. Examine app files on external storage (UPM)
				2.7.3. Examine app databases (UPM)
				2.7.4. Examine and analyze accounts data (UPM)
			2.8. Further App Analysis
				2.8.1. Dropbox analysis
				2.8.2. Box analysis
				2.8.3. OneDrive analysis
				2.8.4. ownCloud analysis
				2.8.5. Evernote analysis
				2.8.6. OneNote analysis
				2.8.7. Universal password manager analysis
			2.9. Our Research Environment
				2.9.1. Nexus 4
				2.9.2. Android VM
				2.9.3. Samsung Galaxy S3
		3. Conclusion
		References
	Chapter 16: Recovering residual forensic data from smartphone interactions with cloud storage providers
		1. Introduction
		2. Related work
		3. Experiment design
		4. Findings
			4.1. Detailed Dropbox Findings
				4.1.1. Android applications
				4.1.2. iOS application
			4.2. Detailed Box Findings
				4.2.1. Android applications
				4.2.2. iOS application
			4.3. Detailed SugarSync Findings
				4.3.1. Android applications
				4.3.2. iOS application
			4.4. Detailed Syncplicity Findings
				4.4.1. Android applications
				4.4.2. iOS application
		5. Discussion
		6. Conclusions and Future Work
		Appendix A. Metadata artifacts recovered dropbox service
		Appendix B. Metadata Artifacts Recovered Box Service
		Appendix C. Metadata Artifacts Recovered Syncplicity Service
		References
	Chapter 17: Integrating digital forensic practices in cloud incident handling: A conceptual Cloud Incident Handling Model
		1. Introduction
		2. Background
			2.1. Cloud Computing Infrastructure
			2.2. Incident Handling in Cloud Computing
			2.3. Related Work
		3. Cloud Incident Handling Model: A Snapshot
		4. Case Study Simulation: ownCloud
			4.1. Preparation and Forensic Readiness
			4.2. Identification
			4.3. Assessment, Forensic Collection, and Analysis
			4.4. Action and Monitoring
			4.5. Recovery
			4.6. Evaluation and Forensic Presentation
		5. Concluding Remarks
		References
	Chapter 18: Cloud security and forensic readiness: The current state of an IaaS provider
		1. Introduction
		2. Review of the private IaaS provider
			2.1. Overview of the Case Study Organization
			2.2. Security Analysis Methodology
				2.2.1. Establishment of a security policy
				2.2.2. Organization of information security
				2.2.3. Asset management
				2.2.4. Human resources security management
				2.2.5. Physical and environmental security
				2.2.6. Communications and operations management
					Establish operational procedures and responsibilities
					Third-party service delivery management
					Malicious/mobile code
					Backup
					Network security management
					Media handling
					Information exchange
					Electronic commerce services
					Monitoring
				2.2.7. Access control
				2.2.8. Information systems acquisition, development, and maintenance
				2.2.9. Information security incident management
				2.2.10. Business continuity management
				2.2.11. Compliance management
				2.2.12. Summary of observations
			2.3. Cloud Vulnerabilities and Threat Assessment
				2.3.1. Data breaches
				2.3.2. Data loss
				2.3.3. Account or service hijacking
				2.3.4. Insecure interfaces and APIs
				2.3.5. Denial-of-service
				2.3.6. Malicious insiders
				2.3.7. Abuse of cloud computing
				2.3.8. Insufficient due diligence
				2.3.9. Shared technology issues
				2.3.10. Summary of observations
			2.4. Digital Forensic Readiness Assessment
				2.4.1. Define business scenarios that require digital evidence
				2.4.2. Identify available sources and different types of potential evidence
				2.4.3. Determining the evidence collection requirement
				2.4.4. Establish a capability securely gathering legally admissible evidence to meet the requirement
				2.4.5. Establish a policy for secure storage and handling of potential evidence
				2.4.6. Ensure monitoring and auditing is targeted to detect and deter major incidents
				2.4.7. Specify circumstances when escalation to a full formal investigation is required
				2.4.8. Train staff, so that all those involved understand their role in the digital evidence process and the legal sensit...
				2.4.9. Present an evidence-based case describing the incident and its impact
				2.4.10. Ensure legal review to facilitate action in response to the incident
				2.4.11. Summary of observations
		3. Conclusions
		References
	Chapter 19: Ubuntu One investigation: Detecting evidences on client machines
		1. Introduction
		2. Related Work
		3. Methodology
		4. Experiment Setup
		5. Discussion and Analysis
			5.1. Windows Browser Based
				5.1.1. Memory
				5.1.2. Browser cache and history
				5.1.3. Registry
				5.1.4. Network traffic
			5.2. Windows App-Based
				5.2.1. Memory
				5.2.2. File system
				5.2.3. Event logs
				5.2.4. Registry
				5.2.5. Network traffic
				5.2.6. Uninstallation
			5.3. Mac OS X App-Based
				5.3.1. Memory
				5.3.2. Network traffic
			5.4. iOS App-Based
		6. Conclusion
		References
Part 4: Act: Governance and Auditing
	Chapter 20: Governance in the Cloud
		1. Why is governance important?
		2. What are the questions that boards should be asking?
		3. Calculating ROI
		4. Auditing the cloud
			4.1. Planning and Scoping the Audit
			4.2. Governance and enterprise risk management
			4.3. Legal and electronic discovery
			4.4. Compliance and audit
			4.5. Portability and interoperability
			4.6. Operating in the cloud
			4.7. Identity and access management
		5. Conclusion
	Chapter 21: Computational trust methods for security quantification in the cloud ecosystem
		1. Introduction
		2. Computational Trust: Preliminaries
		3. State-of-the-art Approaches Tackling Cloud Security
			3.1. Computational Trust Models and Mechanisms
			3.2. Trusted Computing Technologies
			3.3. Cloud Security Transparency Mechanisms
			3.4. Cloud Security Quantification Methods
		4. Computational Trust Methods for Quantifying Security Capabilities
			4.1. Formal Analysis of Security Capabilities
				4.1.1. Transforming security attributes into formal security terms
					4.1.1.1. Example
				4.1.2. Mapping security terms to PLTs
					4.1.2.1. Example
			4.2. Evaluating Security Capablities
				4.2.1. CertainLogic operators
					4.2.1.1. CertainTrust
					4.2.1.2. CertainLogic AND () Operator
					4.2.1.3. CertainLogic FUSION operator
				4.2.2. Security capability assessment using certainLogic operators
			4.3. Visually Communicating Multiple Security Capabilities
		5. Case Studies
			5.1. Case Study 1: Quantifying and Visually Communicating Security Capabilities
				Practical
				Customized
				5.1.1. Experiments: practical case
				5.1.2. Experiments: customized case
			5.2. Case Study 2: Quantifying and Communicating Security Capabilities in Presence of Multiple Sources
				5.2.1. Experiments
		6. Conclusion
		Acknowledgment
		Appendix. Proof for Theorem 1
		References
	Chapter 22: Tool-based risk assessment of cloud infrastructures as socio-technical systems
		1. Introduction
		2. Structure of a Typical Cloud Infrastructure Scenario
			2.1. Levels of Abstraction
			2.2. Attacker Goals
			2.3. A Cloud Scenario
		3. The TRESPASS Project
		4. Modeling the Scenario for Analysis
			4.1. High-Level Model
				4.1.1. Infrastructure
				4.1.2. Actors
			4.2. Middle-Level Model
				4.2.1. Routing
				4.2.2. Network traffic set-up
				4.2.3. Flow-based access control
			4.3. Low-Level Model
			4.4. Modeling Typical Network Components
				4.4.1. Routers and routing
				4.4.2. Defining a service
					4.4.2.1. Generic Service Access
					4.4.2.2. Administrator Access
				4.4.3. Switch versus hub
				4.4.4. Firewalls
				4.4.5. VPNs
			4.5. Modeling Actors
				4.5.1. Actor processes
				4.5.2. Non-process attributes
			4.6. Process Library
		5. Identifying Attacks
		6. Risk Assessment
			6.1. Model-Based Risk Assessment
			6.2. Attack-Based Risk Assessment
			6.3. Combined Risk Assessment
		7. Conclusion
		Acknowledgments
		References
Index