Today, cloud computing is a well-established industry. It is cost-effective, highly agile and flexible, with the ability to provide on-demand, large web-scale cloud computing. Data security is a major concern with a common question: is moving data to the cloud secure or not? In most cases, data is secure. However, when it comes to the fear of losing critical data, organizations tend to opt for a private cloud.
Let's discuss how shared security works in a public cloud. The security implementation of major cloud providers is not the sole responsibility of a cloud service provider, but the shared responsibility of the provider and customer. A service provider is responsible for the underlying infrastructure, but resource access and application security is the responsibility of the customer. This is similar to a situation in which you have a big community with a main entrance secured by many guards. Once you allow a visitor inside the premises, the activity of the visitor becomes your responsibility. In our situation, if a vulnerability is found in Hypervisor, the service provider won't allow you to patch it. If a vulnerability is found in an operating system, the service provider won't patch for VM and the responsibility, therefore, transfers to the customer.
Network security is a major component of a multi-tenancy environment and strict isolation is a must. Cloud providers do provide a networking infrastructure base to build isolated networks, but they do not keep track of what kind of network traffic goes in and out. Infrastructure hardware and software vulnerabilities can cause major failure to maintain isolation between tenants. During the failure, if attackers gain access for one tenant, they can access resources for other tenants as well.
Another major threat exists with cloud consumer data. A consumer has less visibility of where the data was physically stored. A very simple example would be consumer data deletion. Tenant data may be stored on multiple physical hosts; those may be part of the same cluster or may not be. If the consumer opted for geo-redundancy, the data might be located in one region or may be spread across regions. The data deletion process may differ from one service provider to another and consumers have no mechanism to validate data deletion. There must be a chance that this data is available to the next tenant during storage provisioning otherwise attackers might gain access to the data.
So far, we have discussed that threats are generic in nature. In multi-tenancy, a CPU can cause major risks when the CPUs are shared across multiple customers. Interesting, right? Let's discuss this in detail:
Meltdown and Spectre vulnerabilities make data leaking possible for co-hosted tenants, which makes them particularly dangerous when a single device is shared between users. Cloud offers a separate instance to each customer; isolation is tight and has no way to jump from one instance to another. In this case, attackers extract data that is currently being processed directly from the processor for customers sharing the same chip. This might include your passwords stored in a password manager or browser, your personal photos, emails, instant messages, and even critical documents in business. The biggest worry arises when you are not sure if somebody has tried to steal your data. The exploitation does not leave any traces in traditional log files.