The exponential rise of the cloud computing paradigm has led to the cybersecurity concerns, taking into account the fact that the resources are shared and mediated by a hypervisor that may be attacked and user data can be compromised or hacked. In order to better define these threats to which a cloud hypervisor is exposed, we conducted an in-depth analysis and highlighted the security concerns of the cloud. We basically focused on the two particular issues, i.e., (a) data breaches and (b) weak authentication. For in-depth analysis, we have successfully demonstrated a fully functional private cloud infrastructure running on CloudStack for the software management and orchestrated a valid hack. We analyzed the popular open-source hypervisors, followed by an extensive study of the vulnerability reports associatedwith them. Based onour findings, we propose the characterization and countermeasures of hypervisors vulnerabilities. These investigations can be used to understand the potential attack paths on cloud computing and Cloud-of-Things (CoT) applications and identify the vulnerabilities that enabled them.
1. Literature Overview
Over the past few years, demand for access to data for ever-increasing online users has grown exponentially, with the traditional data centre model not being able to cope with the access from anywhere and any device [1]. This changing world has forced the need to create a new way of supporting these demands; the cloud. This environment creates amodel enabling ubiquitous, ondemand services with the advantages of rapid deployment and revenue savings [2]. Small businesses are embracing cloud technology because it allows them to use enterprise infrastructure only previously afforded by larger companies [3]. Although there is no universal definition of cloud computing [4], most authors seem to have adopted the National Institute of Standards and Technology (NIST) definition of three service models (service, platform, and infrastructure) and four deploy- ment models (private, community, public, and hybrid) [5, 6].
1.1. CloudDeliveryModels. Asmore usersmove their services over to the cloud, the cloud providers are increasing their service offerings and the concept of an on demand, pay-as- you-go service is something the providers are pushing. This has been emphasized in the as a service referencing by authors [4]. The most prominent services are as follows and are depicted in Figure 1:
Recent Comments