Skip to main content

Cloud vulnerabilities

Cloud vulnerability can be defined as a weakness in any part of the cloud environment and can be used by a potential attacker for personal gain. Some common vulnerabilities are:

  1. Session riding: When attackers use the information from cookies to perform data theft or any similar cyber crime, it is referred to as session riding. Tricking users into sending authenticated requests to fake websites is another form of this vulnerability.
  2. Virtual Machine Escape: Any vulnerability in the hyper-visor paves the way for potential attacks on the hyper-visors as well as for all virtual machines running on top of it. This vulnerability, though rare, still exists and can cause serious damage in the worst cases.
  3. Reliability and Availability: Availability of the cloud service directly translates to business value for the client. However, power outages, technical glitches and natural disasters are some common sources that lead to cloud downtime. While a very minimal downtime for maintenance purposes cannot be avoided, it is important for the cloud service provider to create a sense of reliability through unprecedented service levels.
  4. Insecure Cryptography: Cryptographic algorithms used to generate random numbers must provide a large entropy pool for maximum data protection. In the case of random number generators that offer only a small entropy pool, easily guessable numbers could leed to security issues.
  5. Data Portability: There may be several reasons for an organisation to move its data from one cloud service provider to another. Unsatisfying performance, finding a cheaper option or the cloud service provider running out of business could be some possible reasons. In any case, data backup must be in place, and the old cloud service provider must delete 100% of the data owned by the previous client organisation.
  6. Vendor Lock-in: Do you want to be stuck with one single cloud service provider forever? The answer is definitely no, given that the IT needs keep changing for every organisation and another provider in the industry may just come up with the most perfect solution for your current needs.
  7. Internet Dependency: The internet is the unsung hero of the entire cloud setup. An unfailing internet service provider is what an organisation needs to achieve 100% success in the cloud. This is especially critical for key applications like the ones running in hospitals that could cost human lives in the worst case.

Comments

Post a Comment

thank you for visiting :)

Popular posts from this blog

The Seven-Step Model of Migration

Irrespective of the migration approach adopted, the Seven-step Model of Cloud Migration creates a more rational point of view towards the migration process and offers the ability to imbibe several best practices throughout the journey Step 1: Assess Cloud migration assessments are conducted to understand the complexities in the migration process at the code, design and architectural levels. The investment and the recurring costs are also evaluated along with gauging the tools, test cases, functionalities and other features related to the configuration. Step 2: Isolate The applications to be migrated to the cloud from the internal data center are freed of dependencies pertaining to the environment and the existing system. This step cuts a clearer picture about the complexity of the migration process. Step 3: Map Most organisations hold a detailed mapping of their environment with all the systems and applications. This information can be used to distinguish between the ...
Post a Comment
Read more

Special Permissions in linux

The setuid permission on an executable file means that the command will run as the user owning the file, not as the user that ran the command. One example is the passwd command: [student@desktopX ~]$ ls -l /usr/bin/passwd -rw s r-xr-x. 1 root root 35504 Jul 16 2010 /usr/bin/passwd In a long listing, you can spot the setuid permissions by a lowercase s where you would normally expect the x (owner execute permissions) to be. If the owner does not have execute permissions, this will be replaced by an uppercase S . The special permission setgid on a directory means that files created in the directory will inherit their group ownership from the directory, rather than inheriting it from the creating user. This is commonly used on group collaborative directories to automatically change a file from the default private group to the shared group, or if files in a directory should be...
Post a Comment
Read more

RequestsDependencyWarning: urllib3 (1.24.1) or chardet (3.0.4) doesn't match a supported version

import tweepy /usr/lib/python2.7/dist-packages/requests/__init__.py:80: RequestsDependencyWarning: urllib3 (1.24.1) or chardet (3.0.4) doesn't match a supported version!   RequestsDependencyWarning) Traceback (most recent call last):   File "<stdin>", line 1, in <module>   File "/usr/local/lib/python2.7/dist-packages/tweepy/__init__.py", line 14, in <module>     from tweepy.api import API   File "/usr/local/lib/python2.7/dist-packages/tweepy/api.py", line 12, in <module>     from tweepy.binder import bind_api   File "/usr/local/lib/python2.7/dist-packages/tweepy/binder.py", line 11, in <module>     import requests   File "/usr/lib/python2.7/dist-packages/requests/__init__.py", line 97, in <module>     from . import utils   File "/usr/lib/python2.7/dist-packages/requests/utils.py", line 26, in <module>     from ._internal_utils import to...
Post a Comment
Read more

tag