Tag: security measure

Intrusion Detection and Prevention Systems

Dr. Aly, O.
Computer Science

Introduction

The purpose of this discussion is to discuss and analyze the type of devices and methods which are required to be implemented and employed in an enterprise, and the reasons for such devices and methods.  The discussion also addresses the location of these devices within the network to provide intrusion detection.

 Intrusion Detection System (IDS)

The IDS is a system which is responsible for detecting unauthorized access or attacks against systems and networks.  IDS can verify, itemize and characterize threats from outside and inside the network.  Most IDSs are programmed to react certain ways in a specific situation.  Event notification and alerts are critical to the IDS.  They inform administrators and security professional when and where attacks are detected (Abernathy & McMillan, 2016).

The most common method to classify IDS is based on its information source: network-based (NIDS) or host-based (HIDS). The NIDS is the most common IDS to monitor the network traffic on a local network segment.  The network interface card must be operating in a promiscuous mode to monitor the traffic on the network segment.  The NIDS can only monitor the network traffic.  It cannot monitor the internal activity which occurs within a system, such as an attack against a system which is carried out by logging on to the local terminal of the system.  The NIDS is affected by a switched network because the NIDS only monitors a single network segment (Abernathy & McMillan, 2016).

The HIDS monitors traffic on a single system.  The primary role of the HIDS is to protect the system on which it is installed.  The HIDS uses information from the operating system audit trails and system logs.  The detection capabilities of the HIDS are limited by how complete the audit logs and system logs are (Abernathy & McMillan, 2016).

The implementation of IDS is divided into four categories.  The first category is the “signature-based” which analyzes traffic and compares it to attack or state patterns, and reside within the IDS database. The signature-based IDS is also referred to as a misuse-detection system.  This type of IDS is popular despite the fact that it can only recognize attacks as compared with its database and is only as effective as the signatures provided.  The signature-based IDS requires frequent updates.  The signature-based IDS has two types: the pattern-matching, and stateful matching. The pattern-matching signature-based IDS compares traffic to a database of attack patterns.  It carries out specific steps when it detects traffic which matches an attack pattern.  The stateful-matching signature-based IDS records the initial operating system states.  Any changes to the system state which violate the defined rules result in an alert or notification being sent (Abernathy & McMillan, 2016).

The anomaly-based IDS is another type of IDS, which analyzes the traffic and compares it to normal traffic to determine whether said traffic is a threat.  This type of IDS is also referred to as behavior-based or profile-based system.  The limitation of this type of IDS is that any traffic outside of expected norms is reported, resulting in more false positives than signature-based IDS.  There are three types of anomaly-based IDS.  The statistical anomaly-based, protocol anomaly-based, and traffic anomaly-based.  The statistical anomaly-based IDS samples the live environment to record activities.  The more accurate a profile will be built, the longer the IDS is in operation.  However, the development of a profile which will not have a large number of false positive can be difficult and time-consuming.  The threshold for activity deviation is important in this IDS.  When the threshold is too low, the result is a false positive. However, when the threshold is too high, the result is false negatives.  The protocol anomaly-based IDS knows the protocols which it will monitor.  A profile of normal usage is built and compared to activity. The last type of the anomaly-based is the traffic anomaly-based IDS which tracks traffic pattern changes.  Using this types allows all future traffic patterns to be compared to the sample (Abernathy & McMillan, 2016). 

The rule-based and heuristic-based IDS is another type of IDS which is described to be an expert system using a knowledge base, inference engine, and rule-based programming.  The knowledge is configured as rules.  The traffic and the data are analyzed, and the rules are applied to the analyzed traffic.  The inference engine uses its intelligent software to learn, and if the characteristics of an attack are discovered and met, alerts or notification trigger.  This IDS type is also referred to as IF/THEN or expert system. The last type of IDS is application-based which analyzes transaction log files for a single application.  This type of IDS is provided as part of the application or can be purchased as an add-on.

Additional tools can be employed to complement IDS such as vulnerability analysis system, honeypots, and padded cells. The honeypots are systems which are configured with reduced security to entice attackers so that administrators can learn about attack techniques.  Padded cells are special hosts to which an attacker is transferred during an attack.

IDS monitors the system behavior and alert on potentially malicious network traffic.  It can be set inline, attached to a spanning port of a switch, or make use of a hub in place of a switch.  The underlying concept is to allow access to all packets that are required to be monitored by the IDS.  Tuning IDS is important because of a balancing act between these four event categories: true positive, false positive, true negative and false negative. Table 1 shows the relationship between these points, adapted from (Robel, 2015). 

Table 1.  Relationship of Event Categories (Robel, 2015).

  The ideal IDS tuning maximize instances of events categorized in the cells with a shaded background. True positive occur when the system alerts on intrusion attempts or other malicious activity, while false negative is of a null situation but are important nonetheless.  The false negative is comprised of the system failing to alert on malicious traffic, while false positive is alerting on benign activity.  There are few methods to connect IDS to capture and monitor traffic.  IDS needs to collect network traffic for analysis. Three main methods can be applied to IDS:  IDS using hub or switch spanning port, IDS using network tap, and IDS connected inline.  Figure 1 illustrates the IDS on the edge of a network or zone (Robel, 2015).

Figure 1.  IDS on the Edge of a Network or Zone. Adapted from (Robel, 2015)

Intrusion Prevention System (IPS)

The IPS is responsible for preventing attacks. When an attack begins, the IPS takes action to prevent and contain the attack.  The IPS can either be network-based IPS or host-based IPS.  IPS can also be signature-based or anomaly-based, or rate-based metric which analyzes the volume of traffic and the type of traffic.  IPS is more costly than the IDS because of the added security of preventing attacks versus detecting attacks.  Moreover, running IPS is more of an overall performance load than running IDS (Abernathy & McMillan, 2016).

A firewall is commonly used to provide a layer of security. However, the firewall has a limitation, as most firewalls can only block based on IP addresses or port.  In contrast, Network Intrusion Prevention System (NIPS) can use signatures designed to detect and defend from specific attacks such as DoS.  This feature is advantages for sites hosting web servers.  IPS have also been known to block buffer overflow type attacks and can be configured to report on network scans which typically signal a potential attack.  The advanced usage of IPS may not drop malicious packets but rather redirect specific attacks to a honeypot (Robel, 2015).

The IPS is connected inline.  This inline requirement enables IPS to drop selected packets, and defend against an attack before it takes hold of the internal network.  IPS connected inline to capture the traffic is illustrated in Figure 2, adapted from (Robel, 2015).

Figure 2. IPS on the border of a network or zone (Robel, 2015).

References

Abernathy, R., & McMillan, T. (2016). CISSP Cert Guide: Pearson IT Certification.

Robel, D. (2015). SANS Institute InfoSec Reading Room.

Physical Security Consideration

Dr. Aly, O.
Computer Science

Introduction

The purpose of this discussion is to discuss and analyze the Physical Security consideration when developing and creating an environmental design for a data center, and the reasons for such consideration.  The discussion also analyzes various control access to the data center and the types of access.  The discussion begins with a brief overview of Physical Threats and Physical Security, followed by the Seven Safeguards for Sensitive Computer and Equipment. The discussion also discussed the Internal Security, and the Environmental Physical Security measures.

Physical Threats and Physical Security

The purpose of the physical security is to protect against physical threats (Stewart, Chapple, & Gibson, 2015).  The physical threats include can be either natural-based threats or human-based threats.  In both cases, they must be considered during the design of the data center.  Natural-based threats include flooding, earthquakes, landslides, or volcanoes.  The human-based threats include theft, vandalism, or intentional fire.  Table 1 summarizes a brief list of these physical threats which should be considered during the design of a data center.  Thus, the physical and environmental security should be considered in two domains of security.  The first domain reflects the engineering aspect of the security as well as the management of the security.  The second domain reflects the foundational concepts, investigation and incident management as well as the disaster recovery (Abernathy & McMillan, 2016; Stewart et al., 2015). 

Table 1.  Physical Threats to Data Center Design Consideration.

Thus, the physical security should be the first in a line of defense which should be considered from the selection of the site and the design (Abernathy & McMillan, 2016).  A realistic assessment of the historical natural disaster events of an area should be performed, and cost/benefit analysis must be implemented to determine the most occurring threats and which threats can be addressed and which should be accepted (Abernathy & McMillan, 2016). Moreover, some of these threats are human-based threats such as the explosion and fire whether intentional or accidental, vandalism, and theft.  

All physical security should be based on the “Layered Defense Model” (Abernathy & McMillan, 2016).  The underlying concept of this model is the use of multiple approaches which support each other.  Thus, there is no single point of failure or total dependency on a single physical security concept.  If one tier of defense such as perimeter security fails, another layer will serve as the backup. 

The physical security can be enhanced by applying the following concepts.  The first concept is the Crime Prevention Through Environmental Design (CPTED) which is applied in any building.  This concept addresses the main design of the data center starting from the entrance, landscaping, and interior design.  The purpose of this concept is to create behavioral effects and minimize the crime. There are three main strategies to apply the CPTED during the design of the data center.  The first strategy is the “Natural Access Control,” which applies to the entrance of the building, such as doors, light, fences, and landscaping.  The underlying concept of this first strategy is to minimize the entry points and tight the control over those entry points to develop a “Security Zone” in the building.  The second strategy of the CPTED is “Natural Surveillance,” to maximize the visibility of the data center, and decrease crime.  The third strategy involves the “Natural Territorial Reinforcement” to extend the sense of ownership to the employees by creating a feeling of community in the area.  This strategy is implemented by using walls, fences, landscaping and light design.

The implementation of the strategies of the CPTED and achieving their goals are not always possible, and a security plan must discuss and address these strategies to close any gaps.  Thus, the Physical Security Plan is the second concept in this layered defense model.  The Physical Security Plan should address techniques for issues such as criminal activity deterrents, intruders delay, intruder detection, situation assessment, and intrusion response and disruption. Additional physical security issues include visibility, surrounding area and external entities, accessibility, a construction such as walls, and doors.  The data center should not have any internal compartment such as drop ceiling or partitions as they can be used to gain access and increase the risks.  Separate heating, ventilation and air conditioning (HVAC) for these rooms are highly recommended (Abernathy & McMillan, 2016).

Seven Safeguards for Sensitive Computers and Equipment

With respect to the computers and equipment rooms, the physical access should be controlled to those which contain sensitive servers and critical network gear, by locking these rooms all the time and secured. The design of these rooms which contains sensitive servers and critical networks should consider the following seven safeguards.  The first safeguard is to locate computer and equipment room in the center of the building.  The second safeguard is to make a single access door or point of entry to these computer and equipment rooms. The third safeguard is to avoid the top floor or basement of the building.  The fourth safeguard involves the installation and the frequent test of the fire detection and suppressions systems.  The fifth safeguard involves the installation of raised flooring.  The sixth safeguard is to install separate power supplies for these computer and equipment rooms. The last safeguard involves the use of only solid doors (Abernathy & McMillan, 2016).

Internal Security

While the perimeter security is important, the security within the building is as important, as prescribed in the “Concentric Circle” model.  These security measures affect the interior of the data center, such as doors, door lock types.  There are different types of doors such as vault doors, bullet-resistant door.  With respect to the door lock types, there are various types such as electric locks or cipher locks, and proximity authentication devices which contain Electronic Access Control (EAC). Various types of locks can also be used for protecting cabinets and securing devices such as warded locks, tumbler locks, and combination locks.  Moreover, biometrics can be used to provide the highest level of physical access control and is regarded to be the most expensive to deploy in the data center.  The glass entries are also considered in many facilities and data center in windows, glass doors, and glass walls.  Various types of glass should be considered such as standard glass for a residential area, tempered glass with extra strength, acrylic glass, laminated glass.   With respect to the visitors, there must be a control technique for protection.  Additional physical security measures include the equipment rooms and work areas.  Additional physical security measures should include a restricted work area, media storage facilities, and evidence storage (Abernathy & McMillan, 2016).

Environmental Physical Security

Physical security measures should include environmental security measures to address the availability principle of the CIA triad.  These measures include fire protection, fire detection, fire suppression.  The power supply should be considered in the environmental, physical security measures, including types of outages such as surge, brownout, fault, blackout, and sags.  The environmental, physical security measures should also include preventive measures such as the prevention of static electricity.  HVAC should be considered as part of the environmental, physical security measures as the excessive heating can cause a problem, or humidity can cause corrosion problem with the connections.   The water leakage and flooding should be considered as well (Abernathy & McMillan, 2016). 

In summary, security professionals must consider various techniques for protecting the data center starting from the selecting of the building to the interior security to the environment security.  They consider the CPTED strategies, and the seven safeguards.  The natural access control is a discussion in this discussion, and the security professional must consider these natural control access. 

References

Abernathy, R., & McMillan, T. (2016). CISSP Cert Guide: Pearson IT Certification.

Stewart, J., Chapple, M., & Gibson, D. (2015). ISC Official Study Guide.  CISSP Security Professional Official Study Guide (7th ed.): Wiley.

Biometric Access Control

Dr. Aly, O.
Computer Science

Introduction

The purpose of this discussion is to discuss and analyze the biometric access control to secure a highly sensitive area of the organization operating environment.  The discussion begins with a brief overview of the Access Control, followed by Biometric Technology, and the Implementation of Biometric System.

Access Control

The Access Control technique whether for the physical asset or logical assets such as sensitive data is to limit and control the access to the authorized users only to access network, system or device.  The Access Control technique involves access type to the network, system or device.  The Access Control is provided to those authorized users through physical and logical controls.  The physical access is to limit access to the physical components such as network, system, or device.  Locks are the most popular physical Access Control technique to prevent access to the data centers including the network devices such as routers, switches and wires, and systems.   Other physical Access Control techniques include guards and biometrics, which should be considered as part of the security measures, based on the assets values, and the need to protect such assets.  The logical Access Control, on the other hand, limits and control the access of the authorized users using software or hardware components.  Examples of the logical Access Control include authentication and encryption.  The implementation of the physical and logical Access Control requires a good comprehension of the requirements, the administration methods of the Access Control, and the assets which will be protected.  Protecting a physical data center is different protecting the data stored in the data center (Abernathy & McMillan, 2016).

Biometric Technology

Biometric technology is physiological or behavioral characteristics.  The physiological characteristics include any unique physical attribute of the user, including iris, retina, and fingerprints.  The behavioral characteristics measure the actions of the user in a situation, including voice patterns, and data entry characteristics.  Biometric technologies as security measures started to be embedded into the operating system such as Apple’s Touch ID technology.  Understanding both physiological and behavioral characteristics must have a priority to ensure the adoption of these technologies for more secure access control.

The physiological characteristics of the Biometric technology employ a biometric scanning device to measure certain information about a physiological characteristic.  The physiological biometric systems include fingerprint, finger scan, hand geometry, hand topography, palm or hand scans, facial scans, retina scans, iris scans, and vascular scans.

The behavioral characteristics of the Biometric technology employ a biometric scanning device to measure the action of the person.  The biometric behavior system includes signature dynamics, keystroke dynamics, and voice pattern or print. 

The security professional must have a good understanding of the following biometric related technology so that they would not struggle during the implementation of such a technology.  These terms include enrollment time, feature extraction, accuracy, throughput rate, acceptability, false rejection rate (FRR), false acceptance rate (FAR), crossover error rate (CER).  Table 1 summarizes each of these terms with a brief description.

Table 1.  Biometric Technology Related Terms.

When using Biometric technology, security professionals often refer to a Zephyr Chart which illustrates the comparative strengths and weaknesses of the biometric system. However, other methods should also be considered to measure the effectiveness of each biometric system, and its level of user acceptance.   Table 2 summarizes popular biometric methods.  The first popular biometric methods ranked by the effectiveness of the most effective method first.  The second popular methods ranked by user acceptance.  As shown in the table, an iris scan is on the top list as an effective method, while voice pattern is at the top of user acceptance method. 

Table 2.  Summary of the Popular Biometric Methods.

Implementation of Biometric System

In accordance to (CSA, 2011), security control must be strategically positioned and conform to acceptable quality standards consistent with prevalent norms and best practices.  Thus, entry points must be secured using Access Control system such as proximity cards/biometric access.  When dealing with Cloud environment, the traditional authentication method for user username and password should not be sufficient.  Organizations and Cloud users must employ strong authentication techniques such as smartcard/PKI, Biometrics, RSA token, and so forth (Sukhai, 2004).  The implementation of Biometric technology provides a more secure layer to access either the physical location where systems, network, and devices are located or to the data which stored in these data centers.  With respect to the user, the user can view it as a convenient method as these biometric methods are part of the bodies which can last as long as the user is authorized to access these facilities and these data.  Since the iris scan seems to be the most effective biometric method, the researcher will employ such a method during the implementation of the Biometric technology.  The iris scan method scans the colored portion of the eye, including all rifts, coronas, and furrows.  It has a higher accuracy than any other biometric scan.

In summary, this discussion discussed and analyzed Biometric Access Control which can be implemented to secure a highly sensitive area of the organization.  The discussion analyzed the Access Control techniques, Biometric Methods, and the Implementation of Biometric Method. The analysis indicates that iris scan is the most effective methods, while voice pattern is ranked at the top of the user acceptance.

References

Abernathy, R., & McMillan, T. (2016). CISSP Cert Guide: Pearson IT Certification.

CSA. (2011). Security guidance for critical areas of focus in cloud computing v2. 1. Cloud Security Alliance, v3.0, 1-76.

Sukhai, N. B. (2004). Access control & biometrics. Paper presented at the Proceedings of the 1st annual conference on Information security curriculum development.

Security Measures for Virtual and Cloud Environment

Dr. Aly, O.
Computer Science

Introduction

The purpose of this discussion is to discuss and analyze security measures for virtual and cloud environments. It also discusses and analyzes the current security models and the possibility for additional enhancements to increase the protection for these virtual and cloud environments. 

Virtualization

Virtualization is a core technology in Cloud Computing technology.  The purpose of Virtualization in Cloud Computing is to virtualize the resources to Cloud Computing Service Models such as Software-as-a-Service (SaaS), Infrastructure-as-a-Service (IaaS), and Platform-as-a-Service (PaaS) (Gupta, Srivastava, & Chauhan, 2016).   Virtualization allows creating many instances of Virtual Machines (VMs) in a single physical operating system.  The utilization of these VMS provides flexibility, agility, and scalability to the Cloud Computing resources.  The VM is provided to the client to access resources at a remote location using the virtualization computing technique.  Key features of Virtualization include the resource utilization using isolation among hardware, operating systems, and software.  Another key feature of Virtualization is the multi-tenancy for simultaneous access of the VMs residing in a single physical machine. After the VM is created, it can be copied and migrated.  These features of the Virtualization are double-edged as they provide flexibility, scalability, and agility, while they cause security challenges and concerns.  The security concerns are one of the biggest obstacles to the widespread adoption of the Cloud Computing (Ali, Khan, & Vasilakos, 2015). 

The hardware Virtualization using the physical machine is implemented using hypervisor.  The hypervisor has two types:  Type 1 and Type 2. Type 1 of the hypervisor is called “Bare Metal Hypervisor” as illustrated in Figure 1.  Type 2 of the hypervisor is called “Hosted Hypervisor” as illustrated in Figure 2.   The “Bare Metal Hypervisor” provides a layer between the physical system and the VMs, while the “Hosted Hypervisor” is deployed on the Operating System.

Figure 1.  Hypervisor Type 1: Bare Metal Hypervisor. Adapted from (Gupta et al., 2016).

Figure 2: Hypervisor Type 2: Hosted Hypervisor. Adapted from (Gupta et al., 2016).

Virtualization has many security flaws to intruders.  The traditional security measures that control physical systems are found inadequate or ineffective when dealing with the virtualized data center, hybrid and private Cloud environment (Gupta et al., 2016).  Moreover, the default configuration of the hypervisor does not always include security measures that can protect the virtual and cloud environment.

One of the roles of the hypervisor is to control the management between the VMs and the physical resources.  In Type 1 Hypervisor “Bare Metal Hypervisor,” the single point of failure increases the security breaches for the whole virtualized physical environment on the physical system.  In Type 2 Hypervisor “Hosted Hypervisor,” the configuration exposes more threats than the “Bare Metal Hypervisor.”  The VMs, which are hosted in the physical system, communicate with each other which can cause the loopholes to the intruders. 

Virtualization is exposed to various types of threats and vulnerabilities.  These vulnerabilities in Virtualization Security include VM Escape, VM Hoping, VM Theft, VM Sprawl, Insecure VM Migration, Sniffing and Spoofing.  Figure 3 illustrates the vulnerabilities of the Virtualization. 

Figure 3.  Vulnerabilities of Virtualization. Adapted from (Gupta et al., 2016).

As indicated in (Gupta et al., 2016), Hypervisor should be inbuilt with the firewall security and disable access console (USB, NIC) to prevent unauthorized access.   The access to the Role Based Access Control (RBAC) is effective to control Hyper jacking of VMs.  The role and responsibilities should be defined to the users of the VMs to check the access authorization. 

Security Principles, Security Mode. Security Models and Security Implementation

As indicated in (Abernathy & McMillan, 2016), the primary goal of all security measures is to provide protection and ensure that the measure is successful.  Three major principles of security include confidentiality, integrity, and availability (CIA).  These Security Principles are known as CIA triad.  The confidentiality is provided if the data cannot be read either through access control and encryption for data as it exists on the hard drive or through encryption as the data is in transit.   Confidentiality is the opposite of “disclosure” (Abernathy & McMillan, 2016).  The Integrity is provided if the data is not changed in any way by unauthorized users.  The integrity principle is provided through the hashing algorithm or a checksum.  The availability principles provide the time the resources or data is available. The availability is measured as a percentage of “up” time with 99.9% of uptime representing more availability than 99% uptime.   The availability principle ensures the availability and access of the data whenever it is needed.  The availability principle is described as a prime goal of security.  Most of the attacks result in a violation of one of these security principles of confidentiality, integrity, or availability.  Thus, the defense-in-depth technique is recommended as an additional layer of security.  For instance, even if the firewall is configured for protection, access control list should still be applied to resources to help prevent access to sensitive data in case the firewall gets breached.  Thus, the defense-in-depth technique is highly recommended.

Security has four major Security Modes which are typically used by the Mandatory Access Control (MAC).  These four security modes include Dedicated Security Mode, System High-Security Mode, Compartmented Security Mode, and Multi-Level Security Mode.  The MAC operates in different security modes at different times based on variables such as sensitivity of data, the clearance level of the user, and the actions users are authorized to take.  In all the four security modes, a non-disclosure agreement (NDA) must be signed, and the access to certain information is based on each mode.

Security Models provide a mapping technique for the security policymakers to the rules which a computer system must follow.  Various types of the Security Models provide various approaches to implement such a mapping technique (Abernathy & McMillan, 2016). 

  • State Machine Model,
  • Multi-Level Lattice Models, 
  • Matrix-Based Models,
  • Non-Interface Models, and
  • Information Flow Models.

Moreover, there are formal Security Models which are incorporating security concepts and principles to guide the security design of systems. These formal Security Models include the following seven Models (Abernathy & McMillan, 2016).  The detail for each model is beyond the scope of this discussion.

  • Bell-LaPadula Model.
  • Biba Model.
  • Clark-Wilson Integrity Model.
  • Lipner Model.
  • Brewer-Nash Model.
  • Graham-Denning Model.
  • Harrison-Ruzzo-Ullman Model.

With respect to the Security Implementation, there are standards which must be followed when implementing security measures for protection.  These standards include ISO/IEC27001 and 27002 and PCI-DSS.   The ISO/IEC27001 is the most popular standards, which is used by the organization to obtain certification for information security.  These standard guides ensure that the information security management system (ISMS) of the organization is properly built, administered, maintained and progressed.  The ISO/IEC 27002 standard provides a code of practice for information security management. This standard includes security measures such as access control, cryptography, compliance.  The PCI-DSS v3.1 is specific for payment card industry. 

Security Models in Cloud Computing

As Service Model is one of the main models in Cloud Computing.  These services are offered through a Service Provider known as a Cloud Service Provider to the cloud users.  Security and privacy are the main challenges and concern when using Cloud Computing environment.  Although there is a demand to leverage the resources of the Cloud Computing to provide services to clients, there is also need and the requirement for the Cloud servers and resources not to learn any sensitive information about the data being managed, stored, or queried (Chaturvedi & Zarger, 2015).   Effort should be exerted to improve the control of users to their data in the public environment.  Cloud Computing Security Models include Multi-Tenancy Model, Cloud Cube Security Model, the Mapping Model of Cloud, Security and Compliance, and the Cloud Risk Accumulation Model of CSA (Chaturvedi & Zarger, 2015).

The Multi-Tenancy Model is described to be the major functional characteristic of Cloud Computing allowing multiple applications to provide cloud services to the clients.  The user’s tenants are separated by virtual partitions, and each partition holds clients tenant’s data, customized settings and configuration settings.  Virtualization in a physical machine allows users to share computing resources such as memory, processor I/O and storage to different users’ applications and amends the utilization of Cloud resources.  SaaS is a good example of Multi-Tenant Model which provides scalability to serve a large number of clients based on Web service.  This model of Multi-Tenancy is described by the security experts to be vulnerable and expose confidentiality which is regarded to be one of the Security Principles to risk between the tenants.  Side channel attack is a significant risk in the Multi-Tenancy Model.  This kind of attack is based on information obtained from bandwidth monitoring.   Another risk of the Multi-Tenancy Model is the assignment of resources to the clients with unknown identity and intentions.  Another security risk associated with Multi-Tenancy involves data storage of multiple tenants in the same database tablespaces or backup tapes. 

The Cloud Cube Security Model is characterized by four main elements; Internal/External, Proprietary/Open, Parameterized/De-parameterized, and Insourced/Outsourced.  The Mapping Model of Cloud, Security, and Compliance Model is another Model to provide a better method to analyze the gaps between cloud architecture and compliance framework and the corresponding security control strategies provided by the Cloud Service Provider, or third parties.  The Cloud Risk Accumulation Model of CSA is the last Security Models of Cloud Computing.  The three Cloud Models of IaaS, PaaS, and SaaS have various security requirements due to the layer dependencies.

Security Implementation: Virtual Private Cloud (VPC)

The VPC Deployment Model is a model that provides more security than the Public Deployment Model.  In this Model, the user can apply Access Control at the instance level as well as at the network level.  Policies are configured and assigned to groups based on the access role.   The VPC as a Deployment Model of the Cloud Computing did solve problems such as the loss of authentication, loss of confidentiality, loss of availability, loss, and corruption of data (Abdul, Jena, Prasad, & Balraju, 2014).  The VPC is logically isolated from other virtual networks in the cloud.  As indicated in (Abdul et al., 2014), VPC is regarded as the most prominent approach to Trusted Computing technology.  However, organizations must implement the security measures based on the requirements of the business.  For instance, organizations and users have control to select the IP address range, create a subnet, route tables, network gateway and security as illustrated in Figure 4.

Figure 4.  Virtual Private Cloud Security Implementation.

In summary, security measures must be implemented to protect the cloud environment.  Virtualization imposes threats to the Cloud environment.  The hypervisor is a major component of Virtualization.  It is recommended that the Hypervisor should be inbuilt with the firewall security and disable access console (USB, NIC) to prevent unauthorized access.   The access to the Role Based Access Control (RBAC) should be effective to control Hyper jacking of VMs.  The role and responsibilities should be defined to the users of the VMs to check the access authorization.  Virtual Private Cloud as a trusted deployment model of the Cloud Computing provides a more secure cloud environment than the Public Cloud. The Security Implementation must follow certain standards.  The organization must comply with these standards to protect organizations and users.

References

Abdul, A. M., Jena, S., Prasad, S. D., & Balraju, M. (2014). Trusted Environment In Virtual Cloud. International Journal of Advanced Research in Computer Science, 5(4).

Abernathy, R., & McMillan, T. (2016). CISSP Cert Guide: Pearson IT Certification.

Ali, M., Khan, S. U., & Vasilakos, A. V. (2015). Security in cloud computing: Opportunities and challenges. Information Sciences, 305, 357-383. doi:10.1016/j.ins.2015.01.025

Chaturvedi, D. A., & Zarger, S. A. (2015). A review of security models in cloud computing and an Innovative approach. International Journal of Computer Trends and Technology (IJCTT), 30(2), 87-92.

Gupta, M., Srivastava, D. K., & Chauhan, D. S. (2016). Security Challenges of Virtualization in Cloud Computing. Paper presented at the Proceedings of the Second International Conference on Information and Communication Technology for Competitive Strategies, Udaipur, India.