CSP level attacks

Guest hopping attack: An attacker will try get access to one virtual machine by penetrating another virtual machine hosted in the same hardware.
SQL injection: It can be done  by injecting the SQL commands into the database of an application to crash the
     database.

 Malicious Insider: In private cloud, its employee is granted access to the sensitive data of some or all customer administrators. Such privileges may expose information to security threats.
Side channel attack: It occurs when an attacker places a malicious virtual machine on the same physical machine as the victim machine so that he can access all the confidential information on the victims machine.

Comments

Post a Comment

Popular posts from this blog

Cloud service models

• Software as a Service (SaaS):                  -- It offers renting application functionality from a service provider rather than buying, installing and running software by the user. • Platform as a Service ( PaaS ) :                 -- It provides a platform in the cloud, upon which applications can be developed and executed. • Infrastructure as a Service ( IaaS ) :                   -- vendors offer computing power and storage space on demand.
Keep reading

Network level attacks

• DNS attacks:      Domain hijacking: Domain hijacking is defined as changing the name of a domain without the knowledge or permission from the domain’s owner or creator. This enable the intruders to access the sensitive information.       Cross site scripting: It is a type of attack in which user enters right URL of a website and hacker on the other site redirect the user to its own website and hack its credentials. • IP spoofing:         DOS attack: When hackers overflows a network server or web server with frequent request of services to damage the network, the denial of service cannot keep up with them, server could not legitimate client regular requests. • Man in the middle attack: This is another issue of network security that will happen if secure socket layer (SSL) is not properly configured. • Network Sniffing: Another type of attack is network sniffer, it is a more critical issue of network security in which unencryp
Keep reading

Types of clouds

Private cloud                      The cloud is managed by an organization and serve it solely. Public cloud              --The cloud infrastructure is owned and managed by a large Cloud Service Provider (CSP). Community cloud                    --The cloud is managed by several organizations and supports a specific community that has the same interest. Hybrid cloud                    -- The cloud infrastructure is composed of two or more of the above models           
Keep reading