Cloud Security : A Review of Recent Threats and Solution Models

The most significant barrier to the wide adoption of cloud services has been attributed to perceived cloud insecurity (Smitha, Anna and Dan, 2012). In an attempt to review this subject, this paper will explore some of the major security threats to the cloud and the security models employed in tackling them. Access control violations, message integrity violations, data leakages, inability to guarantee complete data deletion, code injection, malwares and lack of expertise in cloud technology rank the major threats. The European Union invested €3m in City University London to research into the certification of Cloud security services. This and more recent developments are significant in addressing increasing public concerns regarding the confidentiality, integrity and privacy of data held in cloud environments. Some of the current cloud security models adopted in addressing cloud security threats were – Encryption of all data at storage and during transmission. The Cisco IronPort S-Series web security appliance was among security solutions to solve cloud access control issues. 2-factor Authentication with RSA SecurID and close monitoring appeared to be the most popular solutions to authentication and access control issues in the cloud. Database Active Monitoring, File Active Monitoring, URL Filters and Data Loss Prevention were solutions for detecting and preventing unauthorised data migration into and within clouds. There is yet no guarantee for a complete deletion of data by cloud providers on client requests however; FADE may be a solution (Yang et al., 2012)

Critical Analysis on Detection and Mitigation of Security Vulnerabilities in Virtualization Data Centers

There is an increasing demand for IT resources in growing business enterprises. Data center virtualization helps to meet this increasing demand by driving higher server utilization and utilizing un-used CPU cycles without causes much increase in new servers. Reduction in infrastructure complexities, Optimization of cost of IT system management, power and cooling are some of the additional benefits of virtualization. Virtualization also brings various security vulnerabilities. They are prone to attacks like hyperjacking, intrusion, data thefts, denial of service attacks on virtualized servers and web facing applications etc. This works identifies the security challenges in virtualization. A critical analysis on existing state of art works on detection and mitigation of various vulnerabilities is presented. The aim is to identify the open issues and propose prospective solutions in brief for these open issues

Root causes, ongoing difficulties, proactive prevention techniques, and emerging trends of enterprise data breaches

A data breach in the modern digital era is the unintentional or intentional disclosure of private data to uninvited parties. Businesses now consider data to be a crucial asset, and any breach of this data can have dire repercussions, including harming a company's brand and resulting in losses. Enterprises now place a high premium on detecting and preventing data loss due to the growing amount of data and the increasing frequency of data breaches. Even with a great deal of research, protecting sensitive data is still a difficult task. This review attempts to highlight interesting prospects and offer insightful information to those who are interested in learning about the risks that businesses face from data leaks, current occurrences, state-of-the-art methods for detection and prevention, new difficulties, and possible solutions.Comment: 17 pages, 9 figure

Information Leakage Detection in Distributed Systems using Software Agents

Covert channel attacks utilize shared resources to indirectly transmit sensitive information to unauthorized parties. Current security mechanisms such as SELinux rely on tagging the filesystem with access control properties. However, such mechanisms do not provide strong protection against information laundering via covert channels. Colored Linux [20], an extension to SELinux, utilizes watermarking algorithms to “color” the contents of each file with their respective security classification to enhance resistance to information laundering attacks. In this paper, we propose a mobile agent-based approach to automate the process of detecting and coloring receptive hosts’ filesystems and monitoring the colored filesystem for instances of potential information leakage. Implementation details and execution results are included to illustrate the merits of the proposed approach

Оценка инсайдерских угроз статистическими методами обучения

Популярність мобільних і портативних пристроїв, що використовуються у спільних інформаційних системах, стрімко збільшилась протягом останнього десятиліття. Таким чином, у звичайному офісі людиною може використовуватися велика кількість активних інтерфейсів. Таких як бездротові інтерфейси передачі даних, що може сприяти, у випадку безпосереднього використання, покращенню контролю доступу та підсистем забезпечення безпеки інформації. Незважаючи на те, що підприємствами розробляються методи контролю та попередження реалізації кібератак, загрози від користувачів, що знаходяться усередині корпоративної мережі, найбільш небезпечні для інформаційних активів через неправильне використання акаунтів, втрату даних або шахрайські дії. У статті розглядається визначення інсайдерської загрози та її впливу, а також пропонується огляд методів контролю та запобігання цим загрозам.The popularity of mobile devices, wearable devices used in collaborative information systems, has dramatically exploded over the past decade. Thus, we understand that in ordinary office, a single person can use plenty of active interfaces like wireless data transfer interfaces, which can help, among direct usage, strengthen access control and information security subsystem. Despite the fact that enterprises quite rightly develop controls and prevention techniques to combat cyberattacks, threats from users within the corporate network pose a significant risk to information assets. Existing users with accounts, permissions and access required to perform their jobs are increasingly becoming a major risk to information security through account misuse, data loss and fraudulent activities. This article reviews the definition of an insider threat and its impact, and provides an overview of the techniques to control and remediate these threats.Популярность мобильных и портативных устройств, которые используются в совместных информационных системах, стремительно увеличилась на протяжении последнего десятилетия. Таким образом, в обычном офисе человеком может использоваться большое количество активных интерфейсов. Таких как беспроводные интерфейсы передачи данных, что может способствовать, в случае непосредственного использования, улучшению контроля доступа и подсистем обеспечения безопасности информации. Несмотря на то, что предприятиями разрабатываются методы контроля и предотвращения реализации кибератак, угрозы от пользователей, которые находятся в середине корпоративной сети, наиболее опасные для информационных активов из-за неправильного использования акаунтов, потерю данных или мошеннические действия. В статье рассматривается определение инсайдерской угрозы и ее влияния, а также предлагается обзор методов контроля и предотвращения этим угрозам

A Cyber-Physical Threat Analysis for Microgrids

SSD 2018, 15th International Multi-Conference on Systems, Signals and Devices, Hammamet, TUNISIE, 19-/03/2018 - 22/03/2018MicroGrids (MGS) are foreseen as a building block of the smart grid. They allow for the integration of distributed energy resources and storage within the conventional grid. This is partly possible through deployment of Information and Communication Technologies (ICTS) within these structures. Therefore cyber security is a major concern for MGS. This paper investigates cyber-physical security aspects of the MG, including vulnerabilities and threat landscape. A cyber-physical security risk assessment is presented for evaluating impacts of exploiting existing vulnerabilities by potential threats on MG operations

A Strategic Model for Forensic Readiness

Forensic readiness has been defined as: ‘…the capability of an organisation to use digital evidence in a forensic investigation’. For businesses, especially medium or small enterprises, gaining this capability can seem time consuming and expensive: it may involve a number of processes, it may require new hardware and software and people with specialised skill sets may need to be hired in order to implement any plan. Yet developing and maintaining a forensic readiness capability is vital in the digital age. Fraud and cybercrime cost almost £11bn in the UK alone last year. Across the European Union, the national annual cost of cybercrime now accounts for 0.41% of GDP. Recent figures have also shown that up to 62% of digital incidents are caused by insiders, either accidentally or knowingly. An astonishing 91% of cybersecurity attacks begin with a single email. This research proposes a structured, strategic approach to forensic readiness for businesses that is economic to implement and run. It is based on people and processes rather than complex electronic systems. Key to this approach is a firm’s best asset - its own staff. It is theorised that the foundation stone of forensic readiness is a strong internal security culture. In order to achieve this aim, a unique, scalable model for efficient and inclusive planning is put forward with a reporting construct which aims to assure company-wide involvement

Strategies for Implementing Successful IT Security Systems in Small Businesses

Owners of small businesses who do not adequately protect business data are at high risk for a cyber attack. As data breaches against small businesses have increased, it has become a growing source of concern for consumers who rely on owners of small businesses to protect their data from data breaches. Grounded in general systems theory and routine activity approach, the focus of this qualitative multiple case study was to explore strategies used by owners of small businesses to protect confidential company data from cyber attacks. The process used for collecting data involved semistructured face-to-face interviews with 5 owners of small businesses in Florida, as well as a review of company documents that were relevant to strategies used by owners of small businesses to protect confidential company data from cyber attacks. The thematic analysis of the interview transcripts revealed 4 themes for protecting business data against cyber attacks, which are security information management strategy, organizational strategy, consistent security policy, and cybersecurity risk management strategy. A key finding is that owners of small businesses could develop an organizational strategy by incorporating procedures used to protect from and respond to cyber attacks. The implications for positive social change include the potential to increase customers’ confidence and businesses’ economic growth, as well as stimulate the socioeconomic lifecycle, resulting in potential employment gains for residents within the communities

Determining Small Business Cybersecurity Strategies to Prevent Data Breaches

Cybercrime is one of the quickest growing areas of criminality. Criminals abuse the speed, accessibility, and privacy of the Internet to commit diverse crimes involving data and identity theft that cause severe damage to victims worldwide. Many small businesses do not have the financial and technological means to protect their systems from cyberattack, making them vulnerable to data breaches. This exploratory multiple case study, grounded in systems thinking theory and routine activities theory, encompassed an investigation of cybersecurity strategies used by 5 small business leaders in Middlesex County, Massachusetts. The data collection process involved open-ended online questionnaires, semistructured face-to-face interviews, and review of company documents. Based on methodological triangulation of the data sources and inductive analysis, 3 emergent themes identified are policy, training, and technology. Key findings include having a specific goal and tactical approach when creating small business cybersecurity strategies and arming employees with cybersecurity training to increase their awareness of security compliance. Recommendations include small business use of cloud computing to remove the burden of protecting data on their own, thus making it unnecessary to house corporate servers. The study has implications for positive social change because small business leaders may apply the findings to decrease personal information leakage, resulting from data breaches, which affects the livelihood of individuals or companies if disclosure of their data occurs