Cloud Security : A Review of Recent Threats and Solution Models

The most significant barrier to the wide adoption of cloud services has been attributed to perceived cloud insecurity (Smitha, Anna and Dan, 2012). In an attempt to review this subject, this paper will explore some of the major security threats to the cloud and the security models employed in tackling them. Access control violations, message integrity violations, data leakages, inability to guarantee complete data deletion, code injection, malwares and lack of expertise in cloud technology rank the major threats. The European Union invested €3m in City University London to research into the certification of Cloud security services. This and more recent developments are significant in addressing increasing public concerns regarding the confidentiality, integrity and privacy of data held in cloud environments. Some of the current cloud security models adopted in addressing cloud security threats were – Encryption of all data at storage and during transmission. The Cisco IronPort S-Series web security appliance was among security solutions to solve cloud access control issues. 2-factor Authentication with RSA SecurID and close monitoring appeared to be the most popular solutions to authentication and access control issues in the cloud. Database Active Monitoring, File Active Monitoring, URL Filters and Data Loss Prevention were solutions for detecting and preventing unauthorised data migration into and within clouds. There is yet no guarantee for a complete deletion of data by cloud providers on client requests however; FADE may be a solution (Yang et al., 2012)

An Analytical Evaluation of Network Security Modelling Techniques Applied to Manage Threats

The current ubiquity of information coupled with the reliance on such data by businesses has led to a great deal of resources being deployed to ensure the security of this information. Threats can come from a number of sources and the dangers from those insiders closest to the source have increased significantly recently. This paper focuses on techniques used to identify and manage threats as well as the measures that every organisation should consider to put into action. A novel game-based onion skin model has been proposed, combining techniques used in theory-based and hardware-based hardening strategies

xLED: Covert Data Exfiltration from Air-Gapped Networks via Router LEDs

In this paper we show how attackers can covertly leak data (e.g., encryption keys, passwords and files) from highly secure or air-gapped networks via the row of status LEDs that exists in networking equipment such as LAN switches and routers. Although it is known that some network equipment emanates optical signals correlated with the information being processed by the device ('side-channel'), intentionally controlling the status LEDs to carry any type of data ('covert-channel') has never studied before. A malicious code is executed on the LAN switch or router, allowing full control of the status LEDs. Sensitive data can be encoded and modulated over the blinking of the LEDs. The generated signals can then be recorded by various types of remote cameras and optical sensors. We provide the technical background on the internal architecture of switches and routers (at both the hardware and software level) which enables this type of attack. We also present amplitude and frequency based modulation and encoding schemas, along with a simple transmission protocol. We implement a prototype of an exfiltration malware and discuss its design and implementation. We evaluate this method with a few routers and different types of LEDs. In addition, we tested various receivers including remote cameras, security cameras, smartphone cameras, and optical sensors, and also discuss different detection and prevention countermeasures. Our experiment shows that sensitive data can be covertly leaked via the status LEDs of switches and routers at a bit rates of 10 bit/sec to more than 1Kbit/sec per LED

Mitigating the Risk of Knowledge Leakage in Knowledge Intensive Organizations: a Mobile Device Perspective

In the current knowledge economy, knowledge represents the most strategically significant resource of organizations. Knowledge-intensive activities advance innovation and create and sustain economic rent and competitive advantage. In order to sustain competitive advantage, organizations must protect knowledge from leakage to third parties, particularly competitors. However, the number and scale of leakage incidents reported in news media as well as industry whitepapers suggests that modern organizations struggle with the protection of sensitive data and organizational knowledge. The increasing use of mobile devices and technologies by knowledge workers across the organizational perimeter has dramatically increased the attack surface of organizations, and the corresponding level of risk exposure. While much of the literature has focused on technology risks that lead to information leakage, human risks that lead to knowledge leakage are relatively understudied. Further, not much is known about strategies to mitigate the risk of knowledge leakage using mobile devices, especially considering the human aspect. Specifically, this research study identified three gaps in the current literature (1) lack of in-depth studies that provide specific strategies for knowledge-intensive organizations based on their varied risk levels. Most of the analysed studies provide high-level strategies that are presented in a generalised manner and fail to identify specific strategies for different organizations and risk levels. (2) lack of research into management of knowledge in the context of mobile devices. And (3) lack of research into the tacit dimension of knowledge as the majority of the literature focuses on formal and informal strategies to protect explicit (codified) knowledge.Comment: The University of Melbourne PhD Thesi

A review of behavioural research on data security

Protection of confidential information or data from being leaked to the public is a growing concern among organisations and individuals. This paper presents the results of the search for literature on behavioural and security aspects of data protection. The topics covered by this review include a summary of the changes brought about by the EU GDPR (General Data Protection Regulation). It covers human and behavioural aspects of data protection, security and data breach or loss (threats), IT architectures to protect data (prevention), managing data breaches (mitigation), risk assessment and data protection audits. A distinction is made between threats and prevention from within an organisation and from the outside

The Insider Threat

The Insider threat is defined similarly by experts in the information technology world for businesses, but addressing the threat has not been of great focus for most organizations. Technology and the Internet have grown exponentially over the past decade leading to changes in how business is conducted. Some basic business practices remain the same; protect the organization and its customers from breach of privacy. How data is gathered, stored, and retrieved has changed. Protecting the perimeter is still important, but these changes in technology now open the doors to a new threat; one that is known but not commonly protected against; the insider. Whether intentionally, or accidentally, the insider threat needs to be incorporated into the currently used security architectures and best practices. How should an organization include the insider threat to the current architecture is the question. Changes need to be made by organizations to the current security architecture. Currently, using technology is not enough, but is still necessary. In order to make it better, considering the employee as a whole and the daily activities necessary to complete a job, as well as working with other business units as a whole needs to be included in the architecture. Behavioral traits can be considered but there are issues in privacy that also need to be considered. Monitoring can be done, but that should not be the only thing considered. Employees lack knowledge as to why actions can have a negative effect on an organization and the way to address this is education. Educating end users is necessary and should be performed regularly to keep not just the technologically inclined up to date. Without education, the current technology used will continue to keep out the intruders, but will not be effective enough to protect against intentional and accidental misuse of the organization and its networks