Learn How To Secure The Cloud Multi-Tenant Environment Using Hypervisor Based Segmentation And Database Based Segmentation Techniques...
Hypervisor Based Segmentation
Hypervisor
based Segmentation is very important aspect of securing the multi-tenant
environment generally when the cloud offering is IAAS i.e. Infrastructure as a
service.
Hypervisor
is generally a middleware between the underlying hardware and Virtual Machine
and is involved in the entire virtualization process and also managing the VMs.
In IAAS the multiple tenants or the customers are given the VMs which are
generally the file servers, storage servers, databases, application servers,
etc. The major risk or vulnerability arises in the architecture of co-residing
of all the VMs of different tenants. There is always a threat of unauthorized
access, data breaches, MITM – Man in The Middle Attacks, malware injection and
various other attacks. Isolation and segmentation in VM should be done for the
data integrity and confidentiality. But as Hypervisor is the main source which
is involved making calls to and fro from VM and the underlying hardware, if
segmentation is done at this level then none other option can prove out to be
better for securing the multi-tenant
infrastructure of the cloud.
infrastructure of the cloud.
 |
| Securing Cloud...:) |
Database Based Segmentation
Database
based segmentation is needed when the cloud offering is mainly SAAS i.e.
Software as a service. In a multitenant environment when the customers are
using the same instance of the software there is chance that the records or the
data associated with that software is stored in the same database or inside the
same table where the other tenant’s data is also stored in. So there arises a
major risk when the data is just identified the tenant id and stored in the
table or the same database. So one thing that can be done to avoid this type of
risk is to encrypt the data inside the database, if by means it is compromised
it would be very difficult to decipher it. Secondly the Access Control and Role
mechanism should be established that ensures only those rows and fields to be
accessed and modifiable in accordance with the security policies.
So That's all about securing multi-tenant environment of Cloud. This was one of my college assignments of Cloud Security ;)
Spread Knowledge!!!
So That's all about securing multi-tenant environment of Cloud. This was one of my college assignments of Cloud Security ;)
Spread Knowledge!!!