How to ensure data security in a cloud computing environment

Resources and data that were originally confined to private networks are now exposed to the Internet, and these resources and data are placed on all shared public networks of Third-party cloud computing providers.

An example related to the first risk factor is the Amazon Web Services (AWS) Vulnerability Note 1, reported in December 2008. In a blog post, the authors elaborate on a vulnerability in the digital Signature algorithm, "Amazon SimpleDB database via HTTP (Amazonian SimpleDB), Amazon Elastic Computing Cloud (Amazon elastic Compute cloud,ec2) Or the Amazon simple queuing service (Amazon Easy queue Service,sqs) executes queries (query, also called rest) requests. "While HTTPS (in place of HTTP) may reduce integrity risk, users who do not use HTTPS (but use HTTP) face increasing risk that their data may be altered inexplicably in transit.

Note 1: This issue was reported on December 18, 2008 in Colin Percival's blog "Daemonic Dispatches", see "AWS signature version 1 is insecure" (http:// www.daemonology.net/blog/2008-12-18-AWS-signature-version-1-is-insecure.html). The issue has not been publicly acknowledged on Amazon's Web Services Web site, and there has been no public response to Percival's blog posts.

Figure 3-1: A general topology map of private cloud computing

Ensure proper access control

Because some of the resources (and possibly all of the resources) are now exposed to the Internet, the data of the public cloud users will face growing risks. Auditing a cloud provider's network operations (not to mention the real-time monitoring based on its own network) is largely unlikely, even after an ex post audit. Access to the network level of log and data is not much, and the ability to fully investigate and collect evidence data is also very limited.

An example related to the second risk factor is the problem of IP address reuse (redistribution). In general, the cloud provider no longer retains the user's IP address when the user no longer needs an assigned IP address. When an address becomes available, the address is usually reassigned to another user. From the perspective of the cloud provider, this makes sense. The number of IP addresses is limited and is also an asset for charges. However, from the perspective of user security, the use of IP address redistribution may cause problems. Users cannot be certain that their network access to resources can terminate with the release of IP addresses, and that there is a time lag between the IP addresses from DNS to the DNS cache cleanup. Changing the physical address (for example, a Mac) from the ARP table will also have a lag time to remove the ARP address from the cache, so it will remain in the ARP cache until the old address is purged. This means that even if the address may have changed, the original address is still valid in the cache, so users can still access resources that should not exist. Recently, one of the largest cloud-computing providers has received a number of issues related to the issue of an unresolved IP address. This is most likely the March 2008 Amazon Network's efforts to promote the ability of its resilient IP address a driving factor note 2. (Use a resilient IP address to assign to the user 5 routable IP addresses that are assigned by user control.) In addition, according to Simson Garfinkel:

A problem exists in the existing load balancing system that causes any TCP/IP connections that exceed 231 bytes of content to terminate. This means that the target content exceeding 2GB must be executed several times in Amazon simple Storage Service (S3), with each execution corresponding to the different byte region of the same target content 3.

However, issues such as not-defunct IP addresses and unauthorized network access to resources do not only appear on routable IP addresses (for example, those that provide direct Internet access). This problem also exists in the distribution of the internal network provided by the provider to the user and the assignment of the non routable IP address Note 4. Although resources may not be available directly via the Internet, these resources must be accessible to the provider's network for administrative purposes. (Each public or Internet-facing resource has its own private address.) Other users of your cloud computing provider are likely to get your resources from within the cloud provider's network, although they may not intentionally do so. 5. As reported in the Washington Post, Amazon Web Services has a problem with its misuse of resources, endangering the public and other user 6.

Some products in the market note 7 can help mitigate the problem of IP address reuse, but unless a cloud provider makes these products available to users as a service, users will have to seek third-party products and pay fees to address the problems posed by cloud computing providers.