CS8791 / Cloud Computing 2022

UNIT-IV
CLOUD SECURITY

 Cloud security is a discipline of cyber security dedicated to securing cloud computing

systems. This includes keeping data private and safe across online-based
infrastructure, applications, and platforms.
 Cloud providers host services on their servers through always-on internet
connections.
 Since cloud provider’s business relies on customer trust, cloud security methods are
used to keep client data private and safely stored.
 However, cloud security also partially rests in the client’s hands as well.
 Cloud security is composed of the following categories:
o Data security
o Identity and access management (IAM)
o Governance (policies on threat prevention, detection, and mitigation)
o Data retention (DR) and business continuity (BC) planning
o Legal compliance

What is cloud security?

 Cloud security is the whole bundle of technology, protocols, and best practices that
protect cloud computing environments, applications running in the cloud, and data
held in the cloud.
 Cloud security is based on a shared cloud responsibility model in which both the
provider and the customer possess responsibility in securing the cloud.
 The full scope of cloud security is designed to protect the following, regardless of your
responsibilities:
o Physical networks — routers, electrical power, cabling, climate controls, etc.

Dr. A.M.Rajeswari, CSE, VCET Page 1 of 13

 CS8791 / Cloud Computing 2022

o Data storage — hard drives, etc.

o Data servers — core network computing hardware and software
o Computer virtualization frameworks — virtual machine software, host
machines, and guest machines
o Operating systems (OS) — software that houses
o Middleware — application programming interface (API) management,
o Runtime environments — execution and upkeep of a running program
o Data — all the information stored, modified, and accessed
o Applications — traditional software services (email, tax software, productivity
suites, etc.)
o End-user hardware — computers, mobile devices, Internet of Things (IoT)
devices, etc.

Why Is Cloud Security Architecture Important?

 Cloud security architecture allows businesses to take advantage of all that the cloud
offers—including software as a service (SaaS), platform as a service (PaaS), and
infrastructure as a service (IaaS) offerings—while mitigating exposure and
vulnerability.
 Without cloud security architecture, the risks associated with using the cloud could
outweigh any potential benefit.

Cloud security risks

 Some common cloud security threats include:
o Risks of cloud-based infrastructure including incompatible legacy IT
frameworks, and third-party data storage service disruptions.
o Internal threats due to human error such as misconfiguration of user access
controls.

Dr. A.M.Rajeswari, CSE, VCET Page 2 of 13

 CS8791 / Cloud Computing 2022

o External threats caused almost exclusively by malicious actors, such as

malware, phishing, and DDoS attacks.

Cloud Security Challenges

 In cloud model users lose control over physical security.
 In a public cloud, users are sharing computing resources with other companies.
 When users share the environment in the cloud, it results in data at risk of seizure
(attack).
 Storage services provided by one cloud vendor may be incompatible with another
vendor’s services; this results in unable to move from one to the other.
 Vendors create “sticky services”.
 Sticky services are the services which makes end user, in difficulty while transporting
from one cloud vendor to another.

How does cloud security work?

 Every cloud security measure works to accomplish one or more of the following:
o Enable data recovery in case of data loss
o Protect storage and networks against malicious data theft
o Deter human error or negligence that causes data leaks
o Reduce the impact of any data or system compromise

Introduction to Cloud Security Architecture from a Cloud Consumer's Perspective

 Cloud application developers have been successfully developing applications for IaaS
(Amazon AWS, Rackspace, etc) and PaaS (Azure, Google App Engine, Cloud
Foundry) platforms.
 The cloud services can be delivered in many flavors i.e. in any combination of
o service delivery models, SaaS, PaaS and IaaS (SPI), and

Dr. A.M.Rajeswari, CSE, VCET Page 3 of 13

 CS8791 / Cloud Computing 2022

o operational models, public, private and hybrid,

the cloud security concerns and solutions are context (pattern) dependent. Hence, the
solution architecture should match these concerns and build security safeguards
(controls) into the cloud application architecture.

Cloud Security Architecture is a shared responsibility

 Cloud security is based on a shared cloud responsibility model in which both the
provider and the customer possess responsibility in securing the cloud.
 Cloud providers will cover many aspects of physical, infrastructure, and application
security while cloud customers remain responsible for certain areas of security and
control, depending on the cloud environment.
 Cloud security responsibilities in a public cloud are shared between the cloud
customer (your enterprise) and the cloud service provider where as in a private cloud,
the customer is managing all aspects of the cloud platform.
 Cloud service providers are responsible for securing the shared infrastructure
including routers, switches, load balancers, firewalls, hypervisors, storage networks,
management consoles, DNS, directory services and cloud API.
 The figure below highlights the layers, within a cloud service, that are secured by the
provider versus the customer.

Dr. A.M.Rajeswari, CSE, VCET Page 4 of 13

 CS8791 / Cloud Computing 2022

Cloud Security Architecture – Plan

 As a first step, architects need to understand what security capabilities are offered by
cloud platforms (PaaS, IaaS).
 The figure below illustrates the architecture for building security into cloud services.

 Security offerings and capabilities continue to evolve and vary between cloud
providers.
 Hence you will often discover that security mechanisms such as key management and
data encryption will not be available. For example: the need for a AES 128 bit
encryption service for encrypting security artifacts and keys escrowed to a key
management service.
 For such critical services, one will continue to rely on internal security services.
 A “Hybrid cloud” deployment architecture pattern may be the only viable option for
such applications that dependent on internal services. Another common use case is
Single Sign-On (SSO). SSO implemented within an enterprise may not be extensible

Dr. A.M.Rajeswari, CSE, VCET Page 5 of 13

 CS8791 / Cloud Computing 2022

to the cloud application unless it is a federation architecture using SAML 1.1 or 2.0
supported by the cloud service provider.
 The following are cloud security best practices to mitigate risks to cloud services:
o Architect for security-as-a-service: Application deployments in the cloud
involve orchestration of multiple services including automation of DNS, load
balancer, network QoS, etc.
o Implement sound identity, access management architecture and practice:
Scalable cloud bursting and elastic architecture will rely less on network
based access controls and warrant strong user access management
architecture.
o Leverage APIs to automate safeguards: Any new security services should
be deployed with an API (REST/SOAP) to enable automation.
o Always encrypt or mask sensitive data: Today’s private cloud applications
are candidates for tomorrow’s public cloud deployment. Hence architect
applications to encrypt all sensitive data irrespective of the future
operational model.
o Do not rely on an IP address for authentication services: IP addresses in
clouds are ephemeral in nature so you cannot solely rely on them for
enforcing network access control.
o Log, Log, Log: Applications should centrally log all security events that will
help create an end-to-end transaction view with non-repudiation
characteristics.
o Continuously monitor cloud services: Monitoring is an important function
given that prevention controls may not meet all the enterprise standards.

Dr. A.M.Rajeswari, CSE, VCET Page 6 of 13

 CS8791 / Cloud Computing 2022

Secure Software Development Life Cycle (SSDLC)

 The Secure Software Development Lifecycle (SSDLC) generally refers to a
systematic, multi-step process that streamlines software development from inception
to release.
 It’s an easy-to-follow step by step procedural model that enables organizations to:
o Develop software in a timely manner
o Reinforcing the product’s timeline of initial planning
o Designing, and eventual deployment.
 Established in the late 1960s, the Secure SDLC has grounded itself in nearly every
modern software company.
 The secure software development life cycle is a step-by-step procedure to develop
software with several objectives, including:
o Scalably streamlining the product/software pipeline and
o Optimizing the design, deployment, and maintenance of said software.
 A software development life cycle (SDLC) is a framework for the process of building
an application from inception to decommission.
 Over the years, multiple SDLC models have emerged—from waterfall and iterative to,
more recently, agile and CI/CD, which increase the speed and frequency of
deployment.

Dr. A.M.Rajeswari, CSE, VCET Page 7 of 13

 CS8791 / Cloud Computing 2022

 In general, SDLCs include the following phases:

o Planning and requirements o Coding
o Architecture and design o Testing and results
o Test planning o Release and maintenance
 Here are some of the primary advantages of a secure SDLC approach:
o Your software is more secure, as security is a continuous concern.
o All stakeholders are aware of security considerations.
o You detect design flaws early, before they’re coded into existence.
o You reduce your costs, thanks to early detection and resolution of defects.
o You reduce overall intrinsic business risks for your organization.

How Do You Make an SDLC Secure?

 You can make a SDLC more secure by adding extra security measures to the existing
groundwork of your SDLC development process.
 For example, a tech leader could write, draft, and enforce security requirements
alongside the collection of functional requirements in the SDLC.
 And during the architecture and design phase, you can perform a risk analysis to
target specific vulnerabilities.

Dr. A.M.Rajeswari, CSE, VCET Page 8 of 13

 CS8791 / Cloud Computing 2022

 A variety of secure software development life cycle models have been proposed and
effectively enforced in modern development frameworks.

secure software development life cycle models

 NIST 800-64: Developed by the National Institutes of Standards and Technology, the
guidelines provide security considerations and parameters within the SDLC to be
observed by U.S. federal agencies.
 MS Security Development Lifecycle (MS SDL): Proposed by Microsoft in association
with the phases of a classic SDLC, the MS SDL is one of the first of its kind and
provides dependable security considerations that work for most modern development
pipelines.
 OWASP CLASP (Comprehensive, Lightweight Application Security Process): Based
on the MS SDL, OWASP is very easy to integrate into your existing software
architecture plan. It maps security activities to roles in an organization.

How does a secure SDLC work?

 Generally speaking, a secure SDLC involves integrating security testing and other
activities into an existing development process.
 Examples include writing security requirements alongside functional requirements and
performing an architecture risk analysis during the design phase of the SDLC.

The 6 Steps of a Secure Software Development Lifecycle

 By ensuring that your organization complies with the secure software development life
cycle, you will establish a sustainable model for product planning/inception and final
launch.
 The secure software development life cycle is progressive and systematically
structured, streamlined with the following 6 steps:

Dr. A.M.Rajeswari, CSE, VCET Page 9 of 13

 CS8791 / Cloud Computing 2022

1. Planning and requirements analysis

2. Architecture, design, and development outlines
3. Test planning
4. Coding
5. Testing and results
6. Release and continual maintenance

1. Planning and requirements analysis:

 Preliminary planning and requirement analysis is the most fundamental stage in a
secure software development life cycle.

Dr. A.M.Rajeswari, CSE, VCET Page 10 of 13

 CS8791 / Cloud Computing 2022

 Requirement analysis is generally performed by senior members of the team along

with corresponding customer feedback and cooperation with the sales department,
sourced marketing surveys, and domain experts in the industry.
 A feasibility study estimates the short and long-term viability of the project from an
economical, operational, and technical lens.
 Additionally, project managers can estimate, plan, and create quality assurance
requirements during this phase.
 At the end of planning and requirement analysis, the team should have an outcome
from their technical feasibility study to work with.
2. Architecture, design, and development outlines
 By using an SRS as a base template for the product architecture, architects can
effectively deliver a backend product design according to feasibility and preliminary
requirements.
 Based on the requirements outlined in the SRS, typically more than one design
approach is proposed and documented in the design document specification (DDS).
 Eventually, the DDS is reviewed by all major project stakeholders, and based on
critical parameters such as risk assessment, product robustness, budget and time
constraints, and design modularity, the most viable architectural approach is
selected.
 The design approach in a secure software development life cycle is comprehensive.
3. Test planning
 In a secure software development life cycle, a test plan outlines:
o The strategy used to test an application
o Resources that will be used
o Test environment
o The potential limitations of the testing, and
o The projected schedule of the testing activities.

Dr. A.M.Rajeswari, CSE, VCET Page 11 of 13

 CS8791 / Cloud Computing 2022

 The quality assurance team lead will typically undertake test planning and resource
allocation/assurance during this stage.
 A test plan generally includes the following:
o An introduction or brief overview of the test plan document
o Expectations about business and technical constraints while testing the
software
o Comprehensive list of test cases to be included in testing the application
o Features tested
o Approach to be used during software testing
o Deliverables to be fulfilled and tested
o Resources allocated for application testing
o Potential all-around risks involved during the testing process
o Schedule of tasks and milestones to be achieved within the testing time
frame
4. Coding
 Now it’s time to build and develop the product!
 In this stage of the secure software development life cycle, code development is
executed in compliance with the DDS.
 As long as the design/architecture was performed in a detailed and organized
fashion, code generation can be accomplished without many logistical hurdles.
 It’s imperative that developers follow the coding guidelines as defined by their
organization and program-specific tools, including the compilers, interpreters, and
debuggers that are used to streamline the code generation process.
 Various high-level programming languages such as C, C++, Pascal, PHP, and Java
are typically implemented for application development.
 Regardless, the chosen programming language is entirely dependent upon the type
of software, its industry Use cases, and the technical specifications of the project.

Dr. A.M.Rajeswari, CSE, VCET Page 12 of 13

 CS8791 / Cloud Computing 2022

5. Testing and results

 After several rounds of code review and quality assurance, product testing can be
implemented in the secure software development life cycle.
 It’s important to note that this stage is usually a subset of all stages in modernized
SDLC models.
 In other words, testing should be actively streamlined in real-time through each step
of the SDLC to ensure a sustainable development process.
 However, this fifth stage alone is a testing only stage of the product where critical
defects are effectively reported, tracked/localized, fixed, and retested for final
deployment and redeployment.
 This rinse and repeat process is repeated until quality standards are satisfied as
defined in the SRS.
6. Release and continual maintenance
 Once your organization’s product has undergone quality assurance and testing, the
product is ready to be formally released into the appropriate market.
 Depending on your organization’s market-level strategy, the product may first be
released into a limited segment/sector of the primary market before being tested in
a real business environment.
 Otherwise, many startups and corporations release their product into cold water and
review customer feedback in order to continuously optimize product features and
software usability.

************************

Dr. A.M.Rajeswari, CSE, VCET Page 13 of 13