Cloud computing security
The focus of information security is encryption and privacy protection, the key to network security is to prevent illegal access and malicious code, and the core of cloud computing security is the safe use of shared technologies, involving data security, privacy protection, virtualization security, etc. From information security, network security, to cloud computing security, the constant security requirements are information confidentiality and privacy protection. Changed information processing modes and application scenarios bring new security threats: when information processing extends from a single node or center to a network environment, problems such as illegal access, viruses and worms follow; when information and computing When services develop from the network model to the cloud computing model, the security and availability of data and virtualization security have become the core of cloud computing security concerns.
1.2 Analysis of Cloud Computing Security Characteristics According to the annual report of the Cloud Security Alliance CSA and the research results of relevant scholars in the literature. we can summarize the threats to cloud computing security.
Cloud computing adopts a service outsourcing model, and its core technologies include virtualization, multi-tenancy, and cross-domain sharing. Therefore, it faces both traditional security threats and new security challenges. (1) Data security: data leakage, data loss, privacy leakage, complex data access rights management, and difficulty in data destruction; due to cloud computing using a service outsourcing model, the risk of privacy leakage is particularly prominent. (2) Access control and identity authentication: Because it involves the management of massive shared resources, the management complexity of access control and identity authentication is greatly expanded. Once account hijacking occurs, it often brings more serious consequences. (3) Virtualization security: Although service providers have designed and implemented seemingly complete virtual machine isolation strategies, attacks between virtual machines cannot be completely avoided; virtual services make coordinated attacks more likely to occur and difficult to track; Will lead to changes in the security domain. Virtualization technology blurs the boundaries of traditional hosts, and host-granular security policies need to be changed. (4) Multi-tenancy and cross-domain sharing: Multi-tenant isolation and multi-user security need to be guaranteed; cross-domain sharing makes service authorization and access control more complex, and trust transfer between cloud computing entities needs to be re-examined. (5) Advanced Persistent Threat (APT): APT is a long-term planned intrusion and attack on cloud computing systems, which is increasing day by day and forms some underground interest chains. (6) System security loopholes: Due to the complexity of cloud computing system services and the different management and service levels of many service providers, there are always insecure interfaces and APIs, and other security loopholes in the system will also be amplified due to the scale effect of cloud computing. its dangerous. (7) Threats from insiders: The unintentional or intentional information leakage of insiders of service providers often makes security strategies against external attacks ineffective, which has become an important topic of cloud computing security today. (8) Misapplication of cloud services: misuse, abuse and illegal use of cloud services; misuse of cloud computing will bring trouble to users, service providers or third parties, usually manifested as a decrease in information processing efficiency; Illegal use will result in serious consequences. (9) Service availability: service quality is difficult to guarantee and service is refused. Because the society’s dependence on cloud computing services is increasing year by year, once the availability of a cloud service is affected, the resulting losses will gradually increase.