In recent years clouds became one of the most popular storage solutions, with an ability to host everything from simple textual data, to multimedia, apps, and other different kinds of software that can became instantly accessible on users demand. This and some other benefits of cloud computing made it almost irresistible to big companies with massive data storage requirements. In 2015 more than 82% of companies were using cloud storage, which is an 8% increase from 2014 figure.
Since the introduction of cloud computing, security has been one of the biggest concerns, which is why plenty of myths concerning cloud security are still circling around. Clouds offer the same level of security as regular server or hard disk storage spaces, just the process of securing data in the cloud is much different from the other two mentioned environments.
In this article we are going to inspect certain security issues that can influence clouds and cause problems. We will also share some of the most common techniques for securing cloud environments and stored data, from both provider’s and client’s side.
Security Issues
There are several types of security issues that can cause problems in cloud environments. Some of these issues are regular on all types of networks (including internet itself), while others are more specific to clouds.
Client-Server Technology Issues
Cloud servers are targeted by several kinds of malicious attacks from the users. Some of these are:
- SQL Injections– Attacker might insert malicious code into SQL query in order to gain unauthorized access to databases and change or steal stored data;
- Man-in-the Middle– This type of attack is done by intercepting and modifying communication between client and server, while leaving both parties unaware of malicious activity;
- Cross Site Scripting– Attacker places malicious code (stored or reflected XSS) on the website in order to attack client’s machine.
- Denial of Service– This practice involves overloading cloud servers with messages, which makes them vulnerable to hacker’s attacks and can cause a system crash.
Data Storage Issues
These issues are mainly caused by weak protection in public clouds and untrusted cloud providers. To secure data that’s being stored in or being in transition through the cloud, providers need to secure three important criteria:
- Confidentiality– Data access should be strictly authorized;
- Integrity– Data upload shouldn’t be tampered by anyone;
- Availability– Data should be available to all authorized users;
Common Security Techniques
To make clouds and stored data more secure cloud providers use several different techniques.
- Moving Target Defense– By constantly changing configuration of network layer, providers make understanding system vulnerabilities much more complicated to the intruder. This is usually done by network address hopping techniques and there are two ways this security technique can be implemented, by homogenous or heterogeneous target defense moving. Difference between these two ways is that in homogenous moving all nodes on the network are employed in the process, while in heterogeneous the moving is deployed on the network, together with combination of static and regular nodes.
- Message Authentication Code– Technique that includes algorithm that accepts or declines symmetric key and produces message authentication code. Symmetric key is agreed by both sender and receiver and they need to verify it on each retrieval.
- Symmetric Encryption– Encryption technique that uses one generated security key in decryption and encryption process.
- Asymmetric Encryption– Technique that uses two different security keys for encryption and decryption, one private and one public.
Image source: Flickr
Other than these common techniques, there are also security measures that should be implemented by cloud clients, in order to secure their data in the best possible way. Some of these measures are:
- Carefully read cloud service user’s agreement;
- Introduce stronger passwords– Passphrases are always a good option;
- Encrypt files yourself– You can add compressed files protected by passwords;
- Always choose an encrypted cloud service;
- Do your own backups;
Consumers and companies have a lot of great cloud packages to choose from. We explained some of the most common techniques in this article, but you should be aware that due to tough competition in this niche, cloud providers are constantly improving their security protocols. pCloud for example uses Crypto client-side encryption and there are lots of other companies that are introducing new security measures almost on monthly bases.
from Feedster http://www.feedster.com/blog/marcusjensen/cloud-security/
No comments:
Post a Comment