6.2 Threat Agents (Fundamental Cloud Security Unit 2 chapter 2) Cloud computing concept(chapter 6)

6.2. Threat Agents


A threat agent is an entity that poses a threat because it is capable of carrying out an attack.
Cloud security threats can originate either internally or externally,from humans or software programs.
Corresponding threat agents are described in the upcoming sections.
Figure 6.3 illustrates the role a threat agent assumes in relation to vulnerabilities, threats, and risks, and the safeguards established by security policies and security mechanisms.


Figure 6.3. How security policies and security mechanisms are used to counter threats, vulnerabilities, and risks caused by threat agents

1.Anonymous Attacker
An anonymous attacker is a non-trusted cloud service consumer without permissions in the cloud.
It typically exists as an external software program that launches network-level attacks through public networks.
When anonymous attackers have limited information on security policies and defenses, it can inhibit their ability to formulate effective attacks.
Therefore, anonymous attackers often resort to committing acts like bypassing user accounts or stealing user credentials, while using methods that either ensure anonymity or require substantial resources for prosecution.

Figure 6.4. The notation used for an anonymous attacker.

2.Malicious Service Agent
A malicious service agent is able to intercept and forward the network traffic that flows within a cloud.
It typically exists as a service agent (or a program pretending to be a service agent) with compromised or malicious logic.
It may also exist as an external program able to remotely intercept and potentially corrupt message contents.

Figure 6.5. The notation used for a malicious service agent.

3.Trusted Attacker
A trusted attacker shares IT resources in the same cloud environment as the cloud consumer and attempts to exploit legitimate credentials to target cloud providers and the cloud tenants with whom they share IT resources.
Unlike anonymous attackers (which are non-trusted), trusted attackers usually launch their attacks from within a cloud’s trust boundaries by abusing legitimate credentials or via the appropriation of sensitive and confidential information.

Figure 6.6. The notation that is used for a trusted attacker.

Trusted attackers (also known as malicious tenants) can use cloud-based IT resources for a wide range of exploitations, including the hacking of weak authentication processes, the breaking of encryption, the spamming of e-mail accounts, or to launch common attacks, such as denial of service campaigns.

4.Malicious Insider Malicious insiders are human threat agents acting on behalf of or in relation to the cloud provider.
They are typically current or former employees or third parties with access to the cloud provider’s premises.
This type of threat agent carries tremendous damage potential, as the malicious insider may haveadministrative privileges for accessing cloud consumer IT resources.

Figure 6.7. The notation used for an attack originating from a workstation.
The human symbol is optional.


Cloud computing concept Book Link
CLOUDCOMPUTING THEORY PLAYLIST
CLOUD COMPUTING PRACTICAL PLAYLIST
Subscribe the Channel Link
IF any #Query or #Doubt #DM on #Instagram :- #bansode_ajay_2102
#bansode_tech_solution

Comments

Post a Comment

Popular posts from this blog

Load Data From Excel To Grid View in Asp.net C#

Image
Load Data From Excel To Grid View in Asp.net C# This is very easy to load data from excel sheet to grid view in asp.net web page using c#. In this tutorial you can learn how to Load excel sheet data to Grid View easily using asp.net C# code. This tutorial also covers how to get data from any excel file to Grid View dynamically in c# using file Upload control. Follow this steps 1. Create an asp.net project. 2. design asp.net page with file Upload, button control and a Grid View control. 3. create an excel connection string in the web config file. 4. Write code to load data from excel sheet to Grid View asp.net using C#. code:- using System; using System.Collections.Generic; using System.Linq; using System.Web; using System.Web.UI; using System.Web.UI.WebControls; using System.IO; using System.Collections; using System.Configuration; using System.Data.OleDb; using System.Data; public partial class _Default : System.Web.UI.Page {     protected void Page_Load(...
Read more

Advance Web Programming | TYIT | Mumbai University | Practical 1A | Product of 4 Value

Image
Advance Web Programming | TYIT | Mumbai University | Practical 1A | Product of 4 Value ASP.net Design :- csharp Code :- #using System; namespace WebApplicationpractical1 { public partial class WebForm1practical1A : System.Web.UI.Page { protected void Page_Load(object sender, EventArgs e) { } protected void Button1_Click(object sender, EventArgs e) { int value1, value2, value3, value4, Product; value1 = Convert.ToInt32( TextBoxvalue1.Text); value2 = Convert.ToInt32( TextBoxvalue2.Text); value3 = Convert.ToInt32( TextBoxvalue3.Text); value4 = Convert.ToInt32( TextBoxvalue4.Text); Product = value1 * value2 * value3 * value4; FinalProduct.Text = Product.ToString(); } } }
Read more

10.5. Identity and Access Management (IAM) in Cloud Computing

Image
10.5. Identity and Access Management (IAM) The identity and access management (IAM) mechanism encompasses the components and policies necessary to control and track user identities and access privileges for IT resources, environments, and systems. Specifically, IAM mechanisms exist as systems comprised of four main components: • Authentication – Username and password combinations remain the most common forms of user authentication credentials managed by the IAM system, which also can support digital signatures, digital certificates, biometric hardware (fingerprint readers), specialized software (such as voice analysis programs), and locking user accounts to registered IP or MAC addresses. • Authorization – The authorization component defines the correct granularity for access controls and oversees the relationships between identities, access control rights, and IT resource availability. • User Management – Related to the administrative capabilities of the system, the user manag...
Read more