Cloud Computing Threats

Threats

Description

Types(Internal, External)

Loss of data integrity

Data integrity is the maintenance  and the assurance of the accuracy and consistency of  data

It dangers loss of data. In [2] and [3]

It solved by mapping techniques, map reduce and Hadoop

Internal threats:  A threat originating inside a company, government agency, or institution and External threats :  A threat originating inside a company, government agency, or institution.

It is internal threats deletion of data without backup and also external threat access the data by unauthorized user

DOS attacks

DOS attacks is a ‘Denial of services’  is an attempt to make an online service unavailable by overwhelming it with traffic from multiple sources. It deeply described in [3], [4] and [7]

Internal threat : No

External threats : Yes  it relates the external hacker by  services are

unavailable to legitimate

users.

Malicious insider

Malicious insider threats which slow the kernel process and generate inappropriate process. A author has discussed in [4], [7] and [10] these are the major threats and it solved by different techniques e.g.   AES(Advance Encryption Algorithm) .

Internal threats:  Yes  it can damage the information by insider.

External threats : No

Data segregation

A data segregation is the principle or policy by which access and storage of a given dataset or sets is segmented. In [6]   this mutual trust can be generated by involvement of third party who attest both the  customers and cloud provider

Internal threat: Yes  the information can be damage by separation  of data.

External threat: No

Authentication

The  authorization is a process for credentials of users in [6] the authors emphasized  the two services provided by TCP are authenticated boot and encryption.

Internal threats: Yes the insider may misuse the information by using his authority.

External threats: Yes the outsider can access the encrypted  password of the users by hacking mechanism  

Data breach

A data breach is a threat in [7], [8] and [10] it is major threat which can potentially view, stolen and used by individual unauthorized to do so. And it solved by RN number techniques and provided the list of guidance.

Internal threat: Yes  it occurs due to

inadequate physical security Procedures.

External threat: Yes the hosted data can be stole and misuse.

Process risk

Process  risk is a threat which relates to the cloud process it can access by the unauthorized users

In [8]  we studied that the service provider should use secure API’s

Internal threat: No

External threat: Yes  the poorly written

APIs may become entry point for malicious

outsiders.

Data disposal

A data disposal is a threat of data destruction it relates some dangers e.g.  data clearing and  data overwrite  which stored in electronic tapes and hard drives.

In [9] it explained in details that how to overcomes from data disposal for using CSF framework.

Internal threat: Yes  deletion and overwriting of data without backup by employee.

External threat:  unauthorized access by hacker to organization database.

Service layer architecture

A service layer architecture in [1] author described the architecture of the cloud computing.  Cloud computing is facing many issues and challenges at the current in forms of architecture, security issues and open challenges in adopting cloud computing.  

Internal threat:  Yes the insider disturbed the service layer.

External threat: No

Issue cyber defense

This issue was highlighted in a NATO workshop for cyber-attack detections for assessments of mission impacts. As from the name cyber defense of major institutions of a country is very vital because cyber-attacks and proxy wars are a growing threat  [5]

Internal threat: No

External threat:  The organization hosting data on cloud may become the victim of cyber theft.