Exploring the Security Dynamics of the Cloud

Cloud Computing Security I

Estimated read time: 1:20

    Summary

    This video delves into the critical importance of cloud computing security, exploring the different security concerns associated with third-party service providers, such as confidentiality, integrity, and availability. It emphasizes the significant challenges organizations face due to threats like data breaches, unauthorized access, and various types of attacks, including denial of service (DoS) and data interception. The discussion extends to potential vulnerabilities, the necessity of implementing robust security policies and mechanisms, and the operational, human, and economic issues impacting security in cloud environments. Through a thoughtful examination of these aspects, the video offers a comprehensive overview of strategies to prevent, detect, and recover from security breaches, highlighting the need for effective network security measures and policy enforcement in the realm of cloud computing.

      Highlights

      • Understanding cloud computing security is key in today's tech environment. 🌥️
      • The video covers the CIA triad - confidentiality, integrity, and availability. 🔒
      • Security threats include data breaches, DoS attacks, and data interception. 🛡️
      • Operational, human, and economic factors impact security measures. 💼
      • Implementing strong network security policies is essential in cloud environments. 🖧

      Key Takeaways

      • Cloud security is crucial when relying on third-party service providers. 🔍
      • Confidentiality, integrity, and availability are the pillars of cloud security, known as the CIA triad. 🛡️
      • Threats like data breaches require robust policy and mechanisms. 📜
      • Security attacks can be categorized into passive and active attacks. 🚨
      • Cloud security includes prevention, detection, and recovery strategies to combat threats. 🔄

      Overview

      Cloud computing security is more important than ever as organizations shift towards relying on third-party service providers. This video explores the essential components of security within the cloud, emphasizing the CIA triad of confidentiality, integrity, and availability. Understanding these principles is vital to safeguarding data and ensuring system stability.

        The transcript delves into various attack types encountered in cloud environments, such as denial of service (DoS) attacks, data interception, and fabrication threats. It underscores the importance of having stringent security policies in place to prevent unauthorized access and data breaches. These policies, along with mechanisms to enforce them, are foundational to maintaining robust security.

          Moreover, the video discusses broader operational and organizational challenges affecting cloud security, highlighting the need for consistent and comprehensive policies across distributed systems. To combat threats effectively, it advocates for detailed vulnerability assessments, penetration testing, and post-attack evaluations, all crucial for a resilient cloud security framework.

            Chapters

            • 00:00 - 00:30: Introduction to Cloud Computing Security The chapter introduces the topic of cloud computing security, indicating a continuation from previous discussions on cloud computing. It hints at an exploration of major aspects related to cloud security, setting the stage for a detailed examination of this subject throughout the chapter.
            • 00:30 - 01:00: Overview of Cloud Security Concerns This chapter provides a brief overview of security concerns in cloud computing. It discusses how security impacts different cloud service models, including infrastructure as a service (IaaS), platform as a service (PaaS), and software as a service (SaaS). The chapter emphasizes the reliance on third-party service providers when adopting cloud computing solutions.
            • 01:00 - 01:30: Security Issues with Third-Party Providers The chapter discusses the security issues that arise when application data processes are handled by third-party providers. It highlights concerns regarding data availability, storage, and the potential for unauthorized access or interception by other parties. The chapter emphasizes the importance of security in mission-critical operations, including sensitive data types such as banking, defense, and academic information.
            • 01:30 - 02:00: Mission Critical Data Concerns The chapter titled 'Mission Critical Data Concerns' discusses the importance of addressing data security concerns, specifically related to students' results and other sensitive information. The chapter highlights that moving to cloud technologies is often hindered by security concerns rather than technological limitations. It emphasizes the need for clear data policies and a serious approach to managing these issues.
            • 02:00 - 02:30: Hindrance of Security in Cloud Adoption The chapter titled 'Hindrance of Security in Cloud Adoption' begins with an overview of the concept of security as it applies to computer, information, and network security. It highlights that similar aspects of security are also applicable to cloud computing, albeit with differing concerns. Before delving into the specifics of cloud security, the chapter aims to provide a general understanding of security in computing.
            • 02:30 - 03:00: Basics of Security in Computing This chapter introduces the basics of security in computing, focusing on three fundamental components known as the CIA triad: Confidentiality, Integrity, and Availability. Confidentiality involves keeping data and resources hidden and secure, ensuring that unauthorized parties cannot access them. Integrity refers to maintaining the correctness and trustworthiness of data, ensuring that it has not been altered from its original form. Lastly, Availability ensures that data and resources are accessible to authorized users when needed. These components form the foundational principles of security in computing systems.
            • 03:00 - 03:30: CIA Triad in Security The chapter discusses the CIA Triad in security, which comprises three main components: Confidentiality, Integrity, and Availability. The focus is on Integrity, where the importance of maintaining the unchanged state of data from sender to receiver is emphasized. Authentication of the source ensures the integrity of the information being received. Another critical aspect discussed is Availability, which is necessary for data and resources to be accessible when needed. It highlights that many cyber attacks target Availability through denial of service, affecting access to necessary data and resources.
            • 03:30 - 04:00: Types of Security Attacks The chapter 'Types of Security Attacks' discusses the concept of Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks, implying situations where resources are unavailable. It highlights that any security attack can compromise the security of information by violating the CIA triad (Confidentiality, Integrity, Availability). The chapter promises further exploration of additional components related to security attacks.
            • 04:00 - 04:30: Types of Security Threats This chapter discusses the various types of security threats, emphasizing four main types: interruption, interception, modification, and fabrication. These components broadly cover the different ways data can be compromised during an attack. It explains a basic model of a source sending data to a destination, setting the stage to explore how these threats manifest and affect data security.
            • 04:30 - 05:00: Policy and Mechanisms for Security The chapter discusses various security risks associated with communication such as interception where a message or communication path is interrupted by an unauthorized party. This is termed as an attack on availability as it affects the availability of the message. Another risk discussed is an attack on confidentiality, where an unauthorized party listens in on a communication between two parties (e.g., from A to B or S to D). Finally, the chapter touches on the concept of modification attacks, where an intruder modifies the message being sent.
            • 05:00 - 05:30: Policy Implementation Challenges The chapter discusses the challenges in policy implementation, focusing on issues related to data integrity. It describes a scenario where an intruder intercepts and alters a message being sent from source S to destination D. Despite the message alteration by the intruder, D perceives the message as being sent from S, illustrating a significant problem in maintaining the integrity of data during transmission.
            • 05:30 - 06:00: Security Models and Goals This chapter discusses attacks on integrity and authenticity within security models. It explains how an attacker can pretend to be the original source of a message, comprising an attack on authenticity. The chapter emphasizes the importance of authenticating the source of a message before receiving it to ensure it comes from a legitimate and verified origin, thus preventing what is termed fabrication attacks.
            • 06:00 - 06:30: Security Assurance and Operational Issues In this chapter titled 'Security Assurance and Operational Issues,' the discussion focuses on the critical components of security across various domains such as computer security, information security, network security, and cloud security. The chapter underscores that while the characteristics and manifestations of security threats may vary across these domains, they fundamentally face similar types of security issues and challenges. The emphasis is on understanding that the core problems remain constant despite the surface differences in security applications.
            • 06:30 - 07:00: Types of Attacks: Passive and Active The chapter titled 'Types of Attacks: Passive and Active' discusses the concept of threats in the context of cybersecurity. It clarifies that threats do not equate to actual attacks, similar to how vulnerabilities do not necessarily mean a system is compromised. The chapter delves into different classes of threats, one of which is the 'threat of disclosure,' an example of an attack under this class is 'snooping.' This type of threat signifies unauthorized access to information, which can be considered a passive attack.
            • 07:00 - 07:30: Security Services and Non-Repudiation The chapter titled 'Security Services and Non-Repudiation' explores various security threats, categorized mainly into deception, disruption, and usurpation. Deceptive threats involve issues like modifications, spoofing, and repudiation of origin and receipt, which can result in a lack of trust and data manipulation. Disruptive threats cover service modifications that can hinder the availability and reliability of processes. Usurpative threats, on the other hand, consist of unauthorized alterations, spoofing, and denial of services, which aim to undermine the integrity and the assurance of the security framework.
            • 07:30 - 08:00: Network Security and Policies The chapter titled 'Network Security and Policies' discusses various threats and security concerns associated with IT and information systems. It emphasizes that these systems, whether personal, organizational, inter-organizational, or intra-organizational, are governed by specific policies and mechanisms. These policies dictate what is permitted and what is not, highlighting the importance of clear guidelines in maintaining security.
            • 08:00 - 08:30: Implementing Security Policies The chapter 'Implementing Security Policies' discusses the function of security policies in determining what is allowed and what is not within a system. It suggests that policies can be hierarchical and structured in various ways, although it does not delve into specific methodologies. The focus is on defining the comprehensive security of site systems, encompassing information structure, network access protocols, and individual components.
            • 08:30 - 09:00: Network Reconnaissance and Vulnerability The chapter discusses the concept of network reconnaissance and vulnerability, focusing on organizational policies. It explains how policies are typically formulated by a centralized body within an organization, taking into account all components. However, the implementation of these policies is usually distributed across different parts of the organization, using the example of the IIT Kharagpur network.
            • 09:00 - 09:30: Penetration Testing and Post-Attack Investigation The chapter titled 'Penetration Testing and Post-Attack Investigation' discusses the complexity involved in implementing security policies across various network devices and sub-networks within an organization's IT infrastructure. It highlights the challenges of distributed policy implementation across different devices, emphasizing the need for comprehensive strategies in managing and securing network traffic. The presence of multiple layers and types of network switches (layer three and layer three plus) and the involvement of different departments and authorities, such as presidents, add additional layers of complexity to the process.
            • 09:30 - 10:00: Security in Cloud Computing This chapter explores security in cloud computing, focusing on the alignment of implementation and policy. It discusses the challenges in ensuring that the implementation conforms to the defined policies, highlighting this as a significant research problem globally. The chapter also differentiates between policies, which define what is and isn't allowed, and mechanisms used to enforce these policies.

            Cloud Computing Security I Transcription

            • 00:00 - 00:30 hi so we will be continuing our discussion on cloud computing today we will be discussing on ah another major aspect of this ah cloud computing which is ah which we can say cloud
            • 00:30 - 01:00 security so we will talk ah we will try to have a ah brief overview of of the security parts say and how this security affects ah cloud computing as as ah we all ah understand that ah when when we go for cloud computing whether it is the infrastructure as a service a platform as a service or software as a service or anything as a service what we are relying on a third party service provider
            • 01:00 - 01:30 so our application data processes are running on some third party so whenever it is running on third party the security becomes a issue specially that what is the availability where my data is stored whether it is been seen or intercepted by my ah some other parties and those concerns will be ah there and specially if this is a mission critical ah operations or mission critical data or some critical data like banking data defense data even academic
            • 01:30 - 02:00 data related to ah students results and other things this needs to be ah looked into in a in a various ah serious person we will see in the course of the things that one of the ah one of the major hindrance towards going towards this cloud is more than technology rather more this concern about security what will be the policies what data policy etcetera and so on and so forth so with this ah we will start our thing but before going to that
            • 02:00 - 02:30 ah i thought that it will be quick ah brush up of what what do you mean by security in terms of when we talk about computer security or information security or network security so what are the different aspects are there ah it is likely that all those aspect in some form of other will be also reflected in the cloud but the concern may be different so before going to the cloud security part say we will see security in general for any computing
            • 02:30 - 03:00 service computing and networking service ok so ah if we look at ah ah security what are the three basic ah components one is the confidentiality integrity and availability right this what we say cia components right confidentiality deals with keep keeping the data and resources hidden ah that you dont know that where the data is that it is confidential integrity is that ah data integrity is [mention/maintained] maintained like ah or origin or the source
            • 03:00 - 03:30 integrity is mentioned may maintained right like so that whatever i sent from a to b b receives the same thing ah or ah that integrity or authentication of the source that i am getting from the itself it is there and availability in happening access to the data and resources there is another important component right so ah that is what we see that most of the attacks are going as ah denial of services where the availability is compromised so the
            • 03:30 - 04:00 everything is fine but finally you dont have the resource at your hand so it is some sort of a dos or sometimes the ddos type of ah attacks so any security attack on the other say that any action that compromises the security of the information or any action which violates the cia ah type of things there is basic premise right there are lot of other components we will see so if we look at there are immediately it
            • 04:00 - 04:30 will come up that there are typically four type of ah things maybe there one is inter interruption one is interception ah modification fabrication so this four components more or less encompasses or combination of this more or less ah or it encompasses all type of things which are ah which are compromised during a ah attack so our basic model is a source sending a data to a destination and when we talk a talk about ah interruptions so that
            • 04:30 - 05:00 a the message or the communication path is interrupted it can be interception that the goes from source to destination but somebody else also ah intercept and listening to the thing so this is attack on availability this availability is block this is attack on confidentiality like you are sending from a to b or s to d and somebody else that intruder i is listening to that it can be attack on modification that
            • 05:00 - 05:30 this attack on integrity of that data ah right so or even the origin right source is sending to d but in between there is a intruder i which intercept the message changes the message and send it to d so d for d it is a message coming from s and the message am has been changed to am dash but still the for d it is it is the message which is send which has been send or which has been forwarded by ah sources
            • 05:30 - 06:00 so that is a attack on integrity so there can be attack on authenticity right i i pretend or intrude are pretend to be the sources right so on and so the it is attack on authenticity so i need to authenticate who who is my source so before receiving a message i need to know that i am supposed to receive from a authenticated source is and i am receiving those message so that is a ah attack on authenticity or what we say fabrication
            • 06:00 - 06:30 now ah so one side we see that the major security components other side that the type of attacks which can be there what a and if you look at these are this can this is true for whether it is a computer security or a information security or network security or cloud security right they it may have different type of characteristics and manifestation nevertheless it has the same type of ah what we say same type of ah problems or same type of security issues realizes
            • 06:30 - 07:00 now if you look at that what are the threats right so threats does not mean it is attacked right so its like vulnerability does not mean that it is compromised but these are the possible threats so classes of threats one is a threat of disclosure right so i have a threat of disclosure like what which is type of in the attack what we say ah snooping so a threat
            • 07:00 - 07:30 of deception like modifications spoofing repudiation of origin denial of receipt and type of things so this is a threat of deception so there can be a threat of disruption that is if it is a modified in the threats of disruption service and an another is a threat of usurpation that is modification spoofing delay denial of services so these are these are differents
            • 07:30 - 08:00 category of threats which are there so we have attacks which have security concerns and threats these are different components overall whenever a a a whenever a it systems or any information system whether it is organizational or it is personal or it is inter organization intra organization whatever there are guided by policies and mechanisms ok very ah tricky issues ah so policy says what is what is not allowed right
            • 08:00 - 08:30 so the policy says that what is allowed what is that not allowed right so it is it tries to do it in a in in a fashion that which which which which of the things can be allowed and things there can be hierarchical to a way of defining policies there can be different way of things we are not going to that so this defines the security of the site systems overall ah information structure a overall network access protocol and individual to
            • 08:30 - 09:00 group to distributed anything right so there is is policies usually in organizations policies are made somewhat centralized centralized in the sense it has been formulated across the for ah all all components of the organizations and it is something a sort of a policy making body does it now incidentally the implementation is most of the time distributed like i say that i have a i have this iit kharagpur network so
            • 09:00 - 09:30 there are several departments there as a several sub networks there are several layer three plus layer three and layer three plus type of switches so it says they policy that this way the traffic will go and etcetera etcetera and not only that they are additionally there are also presidents etcetera at the same time ah this this policy need to be implemented across this different category of devices so the implementation is ah often in a distributed fashion or in different devices and type of things where the so now there is a big challenge
            • 09:30 - 10:00 the how to guarantee this implementation conform to the policy one to one right it is nothing more or less what the policy defines so there is a these are some open ah not exactly open problem these are very strong research problem across the world that how to how to formally say that your implementation and policy match with each other and so forth now so policies says what is and what is not allowed where i on the other hand mechanisms
            • 10:00 - 10:30 enforce policies right so i have mechanism to enforce policies so composition of policies if the policy is conflict discrepancies may create security vulnerabilities so there is another things if it is if if when we compose policies so if i have several policy and composition of the policies if there are conflicts ah discrepancies may arise and then the there can be security vulnerabilities like like i can say that one policy says that
            • 10:30 - 11:00 this traffic can be allowed or another policy said that this category of traffic should be denied and you see there is a overlap that which can be either allowed or denied you need to decide right this mainly happens because number of cases this implement is in a distributed way and if sometimes there are ah there are class in the local versus global policies etcetera so this need to be addressed these need to be first of all i defined and these need to be a address and this becomes a very critical
            • 11:00 - 11:30 thing when there is a organization is pretty large to look at an individual policies and verify and all those things so looking all those things so what we have seems there are security models or security objectives there are attack models there are threats and i there are policies and mechanisms so these are different components which looks at a different way of the things right now i need to bring them together and ah have
            • 11:30 - 12:00 what is my security goal so one of the major security goal is prevention prevent attackers from violating security policies so that should be there so attacker if i have the security policies if it is restricts that thing attackers should be should not be able able to violate the security policies detection detect attackers violation of the security policy so detection that the when the security policies are being violated by the attackers need to be detected right so detection i can have we then we will try
            • 12:00 - 12:30 to the earlier the detection is more ah strong your security perimeter right so we need to detect as early as possible because if the attack has gone on go on into the place then what we what we are left with is more of the post mortem of the what had happened and basically learn to look at the other things there are a issues of ah another issue is recovering if if attack and if compromised if down to some extent or fully or ah partially then
            • 12:30 - 13:00 how to recover from this thing right so what will be my recovery mechanisms mechanism from these type of things like ah stop attack ah assess and repair damage ah continue to function correctly even if the attack succeeds and there are different type of things people that there are in best practices we have in critical system as redundancy system there
            • 13:00 - 13:30 are logging mechanisms to recover and other things never the less we need to recover from the thing ah to a stage where we where ah like pre attack stays type of things you know on all doing so we incurred cost right all this comes with a cost trust and assumptions that is another aspects so underlie all aspects of security right so i have some trust and assumption i trust this system i assume that system will work
            • 13:30 - 14:00 fine or this or this ah particular application and so on and so forth things are there so it all stress and if you if you look at our day to day ah life also ah for security mechanisms we have some sort of a test trust and assumption like like i say i understand what we trust that the security person who is guarding that particular installation or particular premise is can be trusted right so so i assume that ah this can be trusted
            • 14:00 - 14:30 to this extent and so on and so forth and type of things so this also is important thing so policies unambiguously partition system states right so that is ah if you look at the system state system goes on different state because first of all it is a dynamic thing right it is not that it is statically one defined things are there so it is it should [un/unambiguously] unambiguously partition the system state that means i am in this state
            • 14:30 - 15:00 or this state which state i am there so it should be ambiguous partition correctly capture the security requirement of every stage right so it will not only partition it should also security requirements of every stage mechanisms assume to enforce policies so mechanisms are there to enforce policies supports mechanisms ah support mechanisms work ah correctly so that the mechanism is basically a implementation or realization of the policies and that should
            • 15:00 - 15:30 be they are in place now if we look at a little bit ah holistically so if i have like set of reachable states of a system right so if the set of reachable state is in this ah this type of miss and ah if i have a ah set of secured stages like this type of ah hash line right so one we say that if the set of reachable state is within the overall
            • 15:30 - 16:00 set of secured state then i say it is fully secure right so what i am trying to say that the system goes over different state all are within the security state so i have say i have security state security state at s one to s twenty as secure my system basically hover between s five to s sixteen so that means it is always in the security
            • 16:00 - 16:30 state it can be precise that the it ah totally matches with this the set of security and set of reachability is matches other can be broad that means all are not in the security zone or the in the secure state but a but there are some state which is there right the one thing we should be we should know that how my security policy mechanisms we
            • 16:30 - 17:00 service work work so that i i can say that how much secured i am so there is a ah issue of assurance like ah which consists of specifications right like requirement analysis statement of desired functionalities design how the system will meet the specification and implementation program systems that carry out design right so what it tries to do that in order to have properly design the thing i can assure that
            • 17:00 - 17:30 this much security ah ok has been ah can be ah assured based on my ah my design specification etcetera right so this this is these are the best practices which need to be put into place so that my security level goes up now there are issues of operational issues or sometimes there are economical issues right cost benefit analysis
            • 17:30 - 18:00 is it typical ah it is cheaper to prevent or recover right so um so whether which is costly like it is it is recovering is costly or things like i i say that ah i have a lap which has some linux installation ah or windows installation or combined both of them and
            • 18:00 - 18:30 we run the lap on day to day basis but as such i we dont store anything in the system right so a in that case that is students are supposed to bring their documents or download their codes etcetera run and then release the thing right but end of the day there is no question of ah storing any data or there is no responsibility from the authority so that the data will be saved etcetera for that i may not look look
            • 18:30 - 19:00 for ah much interested for preventing the attack right even some attack is there if i can recognize i can always reinstall that i can have a already a image of the whole ah system and i can reinstall the image right but on the other hand if there is a data intensive or say research data etcetera then i am more interested in preventing the right or a system which is online running on things i want to prevent the data hum so that is cost analysis
            • 19:00 - 19:30 benefit other is the risk analysis right should we protect something how much should we protect this thing right how much risk is there there are laws and customs right let are desired security measures illegal will people do them etcetera so we have different operational issues ah which are there there are of course some of the human issues right organizational problems or people problems so there are always human in the loop and
            • 19:30 - 20:00 there are human issues of ah responsibility per says authority and so on and so forth so if we tie them together so threats are there policies are ah a based on the threats policies are made based on the specification based on the things policy specification the design is there based on design that implementation and then operation this operational issues are feedback either to the implementation or design specification and things or operational
            • 20:00 - 20:30 issues comes as a threat so this is if we try to make them together bring them together it is like sort of it now what we are looking as of now is more from the point of view of ah like from the providers or the from the system point of view like what are the what could be the possible threats what could be important possible policies
            • 20:30 - 21:00 how to implement what is the mechanisms and so on and so forth right but if we try to look at that what are the different type of attacks like one is passive attack right obtain information that is being transmitted eavesdropping so it is not the attacks but these are more eavesdropping so two types release of message content it may be desirable to prevent the opponent from learning the contents of the transmission
            • 21:00 - 21:30 so release of the message content may be one of the attack traffic analysis like i dont look at the message but say but i want to look at the traffic right if the traffic is highly ah volatile or heavy or low i try to predict that what could be the effect of the effect of the ah type of mechanisms going on right i can say that if there is a very high traffic that may be some sort of a video conferencing or video chat is going on and
            • 21:30 - 22:00 it may be something need to be looked attached to me something if is a low traffic or ah medium traffic i can i can say that this is the type of things and based on not only the traffic traffic persist time it said also plays different important role usually passive attackers are difficult to detect because they dont do direct harm and very difficult to detect whereas on the other hand i we have ah active attackers like involve
            • 22:00 - 22:30 some modification of the data stream or creation of false streams so that is these are all active attackers right so four categories so one one is masquerade one entity pretends to be different entity so that is the one attacker replay passive capture of the data unit and its subsequent retransmission to produce unauthorized effect right so this is a replay attack right so contained ah passive capture of the data
            • 22:30 - 23:00 units and its subsequent retransmission huge amount of retransmission of the date modification some portion of the legitimate message is altered so that is the attack of ah of modification denial of service prevents the normal use of communication um facilities so this is a dos type of attack or denial of services attack so all these attacks actually create ah problem in our ah in in the operation of the active system
            • 23:00 - 23:30 now in the security services as as those things we have seen that the these are the security threats security services try to give provide this sort of services right like confidentiality authenticity integrity non repudiation access control accessibility a availability so this ah this first thing we had discussed non repudiation what we say the order is final right it is
            • 23:30 - 24:00 like that ah you say ah you order something like you say that the bank you instruct your bank that you transfer over online that you transfer x amount from my account to somebody elses account and next day i go to the bank that i never gave this right so there is a there is a there should be a way of handling this so there is non repudiation is why is ah is such things is is basically says the order is better access control is
            • 24:00 - 24:30 a big field that how this access control will be there there are ah works on role based access control mechanisms and so on and so forth it is basically say the prevent misuse of resources so you should have that particular resource particular access ah to a particular resource center so that you can use that resources availability performance and non erasure type of services so that is denial of services service attack and ah there can be virus that
            • 24:30 - 25:00 deletes files so that is your thats the also case of non availability so role of ah security so if when you when you talk about computer security network security information security cloud security and so on and so forth what are the role of ah thing the security infrastructure should provide ah first of all confidentiality all right that means ah protect against loss
            • 25:00 - 25:30 of privacy the integrity protection against data altered ah data alteration or corruption so that is the protection of this the integrity because as you have seen integrity ah that ah during the message transfer the data is being altered availability protection against denial of service authentication identification of legitimate ah users so that how to identify an authenticated legitimate user authorization is determination of whether or not operation
            • 25:30 - 26:00 is allowed by a certain user non repudiation as we have discussed the order is final safety protection against tampering damage theft etcetera right and we have a series of attacks based on that different type of vulnerabilities and so on and so forth from social engineering to phishing password attacks buffer overflow command injection and etcetera etcetera so these are different type of attacks which are there in the information system which
            • 26:00 - 26:30 are true in some sense ah for the cloud infrastructure also now if we look at ah a typical scenario like say network security which is very prominent because the cloud is based on a this term is basically build on the distributed systems which are ah leverage or network and so its important that the basic network level security is high so network security works like this determination of the network security policies that what should be the security policy implementing those ah those policy then ah reconnaissance
            • 26:30 - 27:00 so that should this to see that whether the security things are in place or not vulnerability scanning like how how vulnerable i am so that look at the vulnerability scanning there is a concept of penetration testing that means or what we say self attacking sort of scenario is a self and safe attacking scenario that how much i can predict it to the system ah so it is a penetration testing and there is a need of post post attack in ah investigation
            • 27:00 - 27:30 if there is a attack then post attack investigation so determination of security ah policy ah that the security policy is a full ah security roadmap and for any organization so smaller things if it is a inter organization so that the what will be the security policies need to be ah placed right it is a full road map have to be there the network design should reflect ah these policies so if it is a network thing so whenever you are designing it should
            • 27:30 - 28:00 confirm these security policies so implementing the security policies implementing ah policies include installation and configuration of security measures like firewalls installation of configuration of ids and there are several other type of things which need to be there so if we look at it is a big picture like this where you have different there is demilitarized zone internal network and that firewall or network address translator nat switch firewall
            • 28:00 - 28:30 and type of things right so it is it is dual homing or two firewalls are there so implement ah security policies either the policies or the excess rules in the firewall or ids or there is a concept of honeypot or honeynet where vulnerable things are there so that lot of attacks will be there and ah the security ah means security personnels understand that
            • 28:30 - 29:00 what sort of attacks is there based on that signatures they basically do they basically fine tune there are rda ah ids or firewall policies so the next thing is that need to learn about the network right so in order to ah whether to attack or prevent you need to none of the network so ip address of the host identify key servers with critical data and so on and so forth so there are two forms are there
            • 29:00 - 29:30 one is passive which is undetectable one is active it is not ah often detected by the ids right so there are this is a need there is a vulnerability scanning that as we are [dis/discussing] discussing as we are discussing couple of minutes back that i need to basically scan my vulnerabilities right so that how vulnerable i am in the other system wise so there are different scanner there are ah in case of a network there are different like there is a open source thicknesses in map and so and so forth so that you can basically
            • 29:30 - 30:00 scan that which are the what are the possible vulnerabilities and type of things right so this is important that you scan and see that what is the security quote unquote security health of your ah installation so other scanner will allow to exploit then they are they are called metasploit and type of things which has is ah security database there are difference ah security vulnerability database like one such is that in vd national
            • 30:00 - 30:30 vulnerability database where which basically says that what are the different vulnerabilities so ah scanners are need to be updatable so that it goes on as in case of antivirus etcetera which are primarily scanner so need to update with the signatures and then we have the penetration testing like one we do a vulnerability analysis of a say a network and then looking at the vulnerabilities we do a penetration testing of the system
            • 30:30 - 31:00 that how much i can penetrate into the systems and type of things these are safe attacks and ah late as late as ah means a organization or the security personnel can know that what are the different vulnerability points and put appropriate patches and finally we have a post attack investigation the forensics of the attacks the process is heavily guided by the laws that how this post attack or post mortem scenarios screaming there then retain
            • 31:00 - 31:30 chain of evidences that how things happens etcetera so these are post mortem or post attack scenarios now if you look at in our in case of a cloud all these things also come in different in same or different forms right because these are more generic though we discussed at the end little bit of ah network related but these are primarily more generating attacks and then we have ah um this ah post attack investigations
            • 31:30 - 32:00 ah to look at that what are the different attack pattern etcetera and we will try to look at in our next ah lecture or so that how what are the implications or what are the specialty ah of this ah security in case of cloud computing ok so will stop here today thank you