Privacy and Security Challenges in Cloud Computing

Cover
Half Title
Series Page
Title Page
Copyright Page
Table of Contents
Preface
Editors
Contributors
Chapter 1 Security-Enhanced Cloud for Serverless Computing and Its Applications
1.1 Introduction
1.2 Literature Survey
1.3 Architecture of Serverless Computing
1.3.1 Digital Asset Management
1.4 Centralized Servers to Multi-Layer
1.4.1 Search
1.4.2 Process Management
1.4.3 Job and Design Management
1.4.4 Client Management
1.4.5 Storage Management
1.4.6 Google Cloud Functions
1.5 Features Present in Cloud
1.5.1 Scalability and Elasticity
1.5.2 Provision for Own Service
1.5.3 Interfaces for Application Programming
1.5.4 Monitoring and Assessing Output
1.6 Providing Green IT
1.6.1 Sharing of Resources
1.6.2 The Code Quality
1.7 Applications of Cloud Computing
1.7.1 Collaboration and Analytics in Real Time
1.7.2 Systems of Urban and Industrial Management
1.7.3 Science Informatics
1.7.4 Learning Computer
1.7.5 Intra-Communications and Exchange
1.7.6 Privacy and Defense
1.8 Conclusions
References
Chapter 2 Revealing the Web of Cloud Computing: Threats and Vulnerabilities
2.1 Introduction
2.1.1 Characteristics of Cloud Computing
2.1.1.1 On-Demand Self-Service
2.1.1.2 Broad Network Access
2.1.1.3 Resource Pooling and Multi-Tenancy
2.1.1.4 Rapid Elasticity
2.1.1.5 Measured Service
2.2 Deployment Models
2.2.1 Public Cloud
2.2.2 Private Cloud
2.2.3 Community Cloud
2.2.4 Hybrid Cloud
2.3 Service Models
2.3.1 Infrastructure as a Service ( IaaS)
2.3.2 Platform as a Service ( PaaS)
2.3.3 Software as a Services ( SaaS)
2.4 Specific Threats in Cloud Computing
2.4.1 Data Loss
2.4.2 Data Breaches and Leaks
2.4.3 Insecure APIs
2.4.4 Account Hijacking
2.4.5 Miscongfiuration
2.5 Cloud-Specific Vulnerabilities
2.5.1 Incomplete Data Deletion
2.5.2 Compromised CSP Supply Chain
2.5.3 Compromised Internet-Accessible Management APIs
2.5.4 Insiders Abuse Authorised Access
2.5.5 Stolen Credentials
2.5.6 Separation Among Multiple Tenants Fails
2.6 Real-World Attacks and Breaches
2.6.1 Case 1: Disney Plus
2.6.1.1 Threat
2.6.1.2 Impact
2.6.1.3 Vulnerability
2.6.1.4 Mitigation
2.6.2 Case 2: GitHub
2.6.2.1 Threat
2.6.2.2 Impact
2.6.2.3 Vulnerability
2.6.2.4 Mitigation
2.6.3 Case 3: Zoom
2.6.3.1 Threat
2.6.3.2 Impact
2.6.3.3 Vulnerability
2.6.3.4 Mitigation
2.6.4 Generic Threats and Vulnerabilities
2.6.4.1 Threats
2.6.4.2 Vulnerabilities
2.7 Cloud Computing Vulnerabilities to be Addressed
2.7.1 Paucity of Continuous Scanning
2.7.2 Dearth in Adherence to Policies
2.7.3 Breakdown in the Model of Shared Responsibility
2.7.4 Absence of Security around Databases
2.7.5 Low-Entry Barriers for Bad Actors
2.7.6 Automated Attacks
2.8 Conclusions
References
Chapter 3 Security and Privacy Provocation of Data in Cloud Computing
3.1 Cloud Computing: An Infrastructureless Paradigm
3.2 Process of Migration into a Cloud
3.3 Cloud Computing Characteristics
3.3.1 Resource Pooling
3.3.2 On-Demand Self-Service
3.3.3 Easy Maintenance
3.3.4 Scalability and Rapid Elasticity
3.3.5 Economical
3.3.6 Measured and Reporting Service
3.3.7 Security
3.3.8 Automation
3.3.9 Resilience
3.3.10 Large Network Access
3.4 Security and Privacy Challenges in Cloud Computing
3.4.1 Authentication and Identity Management ( IDM)
3.4.2 Organizational Security Management
3.4.3 Trust Management and Policy Integration
3.4.4 Access Control and Accounting
3.4.5 Secure Service Management
3.4.6 Privacy and Data Protection
3.4.7 Access Control Needs
3.4.8 Secure Interoperation
3.5 Case Study on Various Attacks in Cloud Computing
3.5.1 FinTech Company – July 2020
3.5.2 Ambry Genetics Data Breach – April 2020
3.5.3 Equifax Data Breach – July 2017
3.5.4 Uber Data Breach – November 2017
3.6 Analysis of Case Studies
3.6.1 Cyber Espionage
3.6.2 Web Vandalism
3.6.3 Distributed Denial of Service ( DDoS)
3.6.4 Infrastructure Attacks
3.6.5 Hardware Compromise: Theft and Damage
3.7 Cloud Computing Attacks: A Statistical Analysis
3.8 Privacy Considerations for Sensitive Data
3.8.1 Framework for Two-Factor Authentication
3.9 Security Solutions for Cloud Computing
3.9.1 Role of Cryptography in Cloud Security
3.9.2 Role of Blockchain in Cloud Security
3.10 Security Monitoring for Cloud Computing
3.10.1 Process of Cloud Security Monitoring
3.11 Incident Response to Attacks in Cloud Computing
3.11.1 Response to the Threats
3.11.1.1 Using Firewalls
3.11.1.2 Using MIDS and MIPS
3.12 Privacy Preservation for Data in Cloud Computing
3.13 Analysis of Existing Security Algorithms
3.13.1 Rivest– Shamir–Adleman ( RSA) Algorithm
3.13.2 Diffie–Hellman Key Exchange (D-H) Algorithm
3.13.3 Symmetric Algorithms
3.13.4 MD5 Algorithm
3.14 Conclusions
References
Chapter 4 Networking Security Incitements in Cloud Computing
4.1 Introduction
4.2 Overview of Cloud Computing
4.2.1 Types of Cloud Computing
4.2.2 Cloud Computing-Based Services
4.2.2.1 Uses of Cloud-Based Services
4.2.2.2 Common Attributes for Cloud-Based Services
4.2.3 Cloud Computing Services with a Variety of Shapes and Sizes
4.2.4 Real-Time Examples of Cloud Computing
4.3 Cloud Computing and Security Threats
4.3.1 Understanding about Cloud Security and Its Benefits
4.3.2 Open Challenges in Cloud Networking Security
4.3.3 Solutions for Cloud Security
4.4 Techniques and Significance of Cloud Security
4.4.1 Data Breaks/ Data Defeat
4.4.2 Rejection of Service Attacks/ Malware Injection
4.4.3 Snatching Integration
4.4.4 Insufficient Change Control and Misconfiguration
4.4.5 Timid Boundaries and Unfortunate API Executions
4.4.6 Abettor Coercion
4.4.7 Inadequate Identification and Uniqueness/ Compromised Financial Statement
4.4.8 Weak Control Plane/ Lack of Due Conscientiousness
4.4.9 Common Vulnerabilities
4.4.10 Immoral Use or Exploitation of Cloud Services
4.4.11 Deficiency of Cloud Security Strategy/ Regulatory Violations
4.4.12 Inadequate Cloud Handling Visibility
4.4.12.1 Network ( Traffic Scrutiny and Implicit Patching)
4.4.12.2 Cloud Illustration ( Load Security at Runtime)
4.4.12.3 DevOps ( Container Security)
4.5 Cloud Security Has Three Key Practices
4.6 Conclusions
References
Chapter 5 Security Concerns of Virtualization in Cloud Computing
5.1 Introduction to Cloud Computing
5.2 Virtualization Overview
5.2.1 Full Virtualization
5.2.2 Paravirtualization
5.2.3 Traditional Security Approaches to Virtualization
5.2.3.1 VM Escape
5.2.3.2 Hyperjacking
5.2.3.3 VM Sprawl
5.2.3.4 Hypervisor Vulnerabilities
5.2.3.5 Single Point of Failure
5.2.3.6 Inside-VM Attack
5.2.3.7 Outside-VM Attack
5.2.3.8 Cross-VM Side Channel Attack
5.2.3.9 Outdated SW Packages in VMs
5.2.3.10 VM Footprint
5.2.3.11 VM Image Sprawl
5.2.4 Security Benefits Due to Virtualization
5.2.4.1 Centralizing Confidential Data
5.2.4.2 Providing Secure Access
5.2.4.3 Setting up a Sandbox
5.2.4.4 How to Tackle Virtualization Security Challenges
5.2.4.5 Know the Risks
5.2.4.6 Harden the Host Machine
5.2.4.7 Police Network Access
5.2.4.8 Be Realistic
5.3 Security Challenges in Virtualization
5.4 Types of Security in Virtualization
5.4.1 Segmentation
5.4.2 Micro-Segmentation
5.4.2.1 Benetfis of Micro-Segmentation
5.4.3 Isolation
5.5 Attacks on the Virtualized System
5.5.1 Hypervisor-Based Attacks
5.5.1.1 Types of Hypervisors
5.5.2 VM-Based Attacks
5.5.3 VM Image Attacks
5.6 Best Practices
5.6.1 Network Security
5.6.2 Essential Network Security Best Practices
5.6.2.1 Disaster Recovery Stages
5.6.3 Protection of a Virtual Machine
5.6.4 The System of Management
5.6.5 Security Hypervisor
5.6.6 Remote Access
5.6.6.1 Good Practices
5.7 Conclusions
References
Chapter 6 Operational Security Agitations in Cloud Computing
6.1 Cloud Computing—An Overview
6.2 Cloud Computing Services and Applications
6.2.1 Cloud Computing Service Models
6.2.2 Cloud Computing Deployment Models
6.2.3 Cloud Computing Applications
6.3 Cloud Computing Vulnerabilities
6.4 Case Studies on Attack in Cloud Computing
6.5 Security Policies and Rules
6.6 Security Solutions for Cloud Computing
6.7 Mitigating Techniques—A Comparison
6.8 Role of Cryptography in Security Enrichment
6.9 Comparison of Cryptographic Algorithms
6.9.1 Cryptographic Algorithms—A Comparison
6.10 Conclusions
References
Chapter 7 Secure Data Storage and Retrieval Operations Using Attribute- Based Encryption for Mobile Cloud Computing
7.1 Introduction
7.2 Cloud Computing
7.3 Mobile Cloud Computing
7.4 System Architecture
7.4.1 Services Necessary for Mobile Client
7.4.2 Services Offered by Mobile Server
7.5 Limitations and Issues in MCC
7.5.1 Resource Limitations
7.5.2 Network Issues
7.5.3 Security Issues
7.6 Related Works
7.7 Proposed Scheme
7.8 System and Models
7.8.1 Notations
7.8.2 System Design
7.9 Attribute-Based Encryption
7.10 Secrecy-Conserving CP-ABE
7.10.1 Construction
7.10.2 Background Information
7.10.3 System Setup and Key Generation
7.10.4 Encryption
7.10.5 Decryption
7.11 Attribute-Based Data Retrieval
7.11.1 Data Management Overview
7.12 Performance Evaluation
7.12.1 Computation Performance of SC- CP-ABE
7.12.2 Storage Performance of ABDR
7.13 Ciphertext Storage Overhead
7.14 Key Storage Overhead
7.15 Conclusions
References
Chapter 8 Deep Dive on Popular Security Models and Strategies of Cloud Computing
8.1 Access Control Mechanisms in Cloud Computing
8.1.1 Discretionary Access Control Mechanism
8.1.2 Mandatory Access Control Mechanism
8.1.3 Role-Based Access Control Mechanism
8.2 Secure Deployment Strategies of Cloud Platform
8.2.1 Public Cloud
8.2.2 Private Cloud
8.2.3 Community Cloud
8.2.4 Hybrid Cloud
8.3 Novel Key Management Practices in Cloud
8.3.1 Key Management at Client Side
8.3.2 Key Management at Cloud Service Provider Side
8.3.3 Key Management at Both User and Cloud Sides
8.3.4 Key Splitting Technique
8.3.5 Key Management at Centralized Server
8.3.6 Group Key Management for Cloud Data Storage
8.4 Privacy Preservation of Cloud Computing Environment
8.4.1 Privacy Preservation at Cloud Service Side
8.4.1.1 Privacy Protection at Application Level of Cloud Service
8.4.1.2 Privacy Protection at Application Platform Level
8.4.1.3 Privacy Protection at Cloud Management Platform Level
8.5 Recent Vulnerabilities in Multi-Cloud Paradigms
8.6 Cloud Data Protection and Privilege Controls
8.6.1 Bit Split Technique
8.7 Security Issues of Cloud Computing
8.7.1 Lack of Access Management
8.7.2 Data Leak and Data Breach
8.7.3 Data Loss
8.8 Advancements in Cloud Security Strategies
8.9 Conclusions
References
Chapter 9 Quantum Computing and Quantum Cryptography
9.1 Introduction
9.2 Nature of Light
9.3 Origin of Modern Physics
9.4 Application of Quantum Physics
9.4.1 Quantum Computers
9.4.2 Quantum Computing
9.4.3 Qubit
9.4.4 Superposition
9.4.5 Entanglement
9.4.6 Popular Real-Life Scenario
9.5 Quantum Cryptography
9.6 Conclusions and Future of Quantum
References
Chapter 10 An Extensive Exploration of Privacy and Compliance Considerations for Hybrid Cloud Deployments
10.1 Privacy and Security Issues in Hybrid Cloud Environments
10.2 Identity Management ( IM) in Hybrid Cloud Settings
10.3 Safeguarding Data Transfer and Workloads across Hybrid Cloud Settings
10.3.1 Migration of Threats to the Cloud
10.4 Storing Data in a Third-Party or Hosted Environment
10.5 Security Threats and Compliance Models
10.6 Access-Based Control Mechanisms in Hybrid Cloud Environments
10.7 Monitoring and Audits in a Hybrid Cloud System
10.8 Hardware Cloud Security Models in Hybrid Environments
10.9 Conclusions
References
Chapter 11 Threat Detection and Incident Response in Cloud Security
11.1 Introduction
11.1.1 Attributes of Cloud
11.2 Cloud Deployment and Models
11.2.1 Deployment Strategies
11.2.2 Models for Cloud Delivery
11.3 Cloud Computing and Security
11.3.1 Authentication/ Authorization
11.3.2 Identity and Access Management
11.3.3 Data Integrity/ Availability/ Condfientiality
11.3.4 Cyber Threat Intelligence
11.3.5 Monitoring
11.3.6 Incident Response
11.3.7 Managing Policies
11.3.8 Data Privacy
11.4 Threat Detection in Cloud
11.4.1 Event-Based Threat Detection
11.4.1.1 Brute-Force Attack
11.4.1.2 Abusing Identity and Access Management
11.4.2 Use Cases
11.5 Incident Response in Cloud
11.5.1 Importance of Incident Response
11.5.2 Incident Response Planning
11.5.3 Incident Handling in Cloud
11.5.3.1 Carrying a Defined Process before an Incident/ Security Breach Happens
11.5.3.2 Analysis and Risk Prioritization
11.5.3.3 Using the Right Tools
11.5.3.4 Visual Representation
11.5.3.5 Communication and Documentation
11.5.3.6 Post-Incident Activity
11.6 Top Cloud Security Providers
11.6.1 Amazon Web Service ( AWS)
11.6.2 Microsoft Azure
11.6.3 Google Cloud
11.7 Summary: Challenges in Cloud Security Incident Response
11.8 Future Scope
References
Chapter 12 The Cyber Artificial Intelligence Platform for Cloud Security
12.1 Introduction
12.2 Issues That Occur in the Cloud Security
12.2.1 Illegal Access
12.2.2 Hijacking of Account
12.2.3 External Data Sharing
12.2.4 Cyberattack
12.2.5 DoS Attack
12.3 Cyber Artificial Intelligence Analysis
12.3.1 Customer Information
12.3.2 Submission Information
12.3.3 Resultant Data
12.3.4 Web Data
12.4 The Impacts of AI on Cyber Security
12.4.1 The Positive Uses of AI
12.4.2 Drawbacks and Limitations of Using AI
12.5 AI Methodology for Cyber Security
12.5.1 Learning Methods
12.5.2 Machine Learning Method
12.5.3 Deep Learning Method
12.5.4 Bio-Inspired Method
12.6 AI Techniques for Preserving Against Cyberspace Attacks
12.6.1 Identification of Malware
12.6.2 Detection of Intrusion
12.6.3 Masquerading and Malware Identification
12.7 Issues of Artificial Intelligence Platform for Cloud Security
12.7.1 Challenges in and Solutions to Data Security
12.8 Cloud Security
12.9 Strategies for Cyber Security Efficiency Metrics
12.9.1 Insufficient Elimination of Data
12.9.2 Feature Extraction and Selection
12.9.3 Data Cut-off
12.9.4 Parallel Processing
12.9.5 Training Models Used for Cyber AI
12.9.6 Accuracy in Security Models
12.9.6.1 Alert Correlation
12.9.6.2 Signature-Based Anomaly Detection
12.9.6.3 Attack Detection Algorithm
12.10 GPU-Based CNN-MSVM Cloud Security System
12.10.1 Modified Support Vector Machine
12.10.2 GPU-Based CNN Architecture
12.10.3 Data Traffic Analysis for GPU-Based CNN Network
12.10.4 Benefits of AI and Machine Learning for Cloud Security
12.10.4.1 Big Data Processing
12.10.4.2 Event Prediction
12.10.4.3 Event Detection and Blocking
12.10.4.4 Delegating to Automated Technologies
12.11 Conclusions
References
Chapter 13 Enhanced Hybrid and Highly Secure Cryptosystem for Mitigating Security Issues in Cloud Environments
13.1 Introduction
13.2 Review of Literature
13.3 Proposed Enhanced HPS Algorithm
13.4 Results and Discussion
13.4.1 Test Files
13.5 Conclusions
References
Index