Academic Integrity: tutoring, explanations, and feedback — we don’t complete graded work or submit on a student’s behalf.

Consider a cloud based storage-as-a-service provider. It provides a storage serv

ID: 3858784 • Letter: C

Question

Consider a cloud based storage-as-a-service provider. It provides a storage service similar to Dropbox, where user files on their personal storage (e.g. laptop hard drives) are synchronized and saved in the cloud.

1. What is the attack surface of this storage service (i.e. where are the places the system (or user data) can be attacked?).

2. What are the assets in this system that should be protected?

3. Who can be the attacker and what capability can they have? (i.e. are they external or internal? What can an external attacker do? What can an internal attacker do? What is their motivation:?)

Explanation / Answer

Hi,

Please find the answer to the questions below:-

======================================================================================

The attack surface of storage as services in cloud computing:-

1) Attack on Application layer:-Attacks such as DDos, XSS attack, Hidden cookie attack, and SQL injection attack is possible on application layer through which the services are accessed.

2) Attack on Infrastructure Layer:-All XML messages structure are passed through this layer hence the structured message can be compromised at the initial level only.

3) Attack on Virtualized Layer:-Since cloud providers mostly used the virtualization the attack can happen at clock rate, cache and system clock rate also.

Taking into consideration the above attacks the assets that should be protected are:-

The application layer i.e user interface,(GUI ) .

The browser used should have high security level

The protected mode of the browser should be on.

The infrastructure i.e Platform where the pllication is built or accessed should be protected from double triple encryption.

The Machine where the data is stored as the hacker can attack on cache or system clock.

Types Of attackers are:-

Insider Threat :- Employees can use their access to a company’s cloud-based services to access sensitive information .

Indecent Use Of Storage(OUTSIDER OR INSIDER):- The huge storage capacity of cloud services allows outsider or insider to install malware,virus,Trojan into the system.


=======================================================================================

Please let me know in case any queries.

Related Questions

Consider a circular roller coaster loop of radius 15.5 m. You already know that
Question #2260656
Consider a circular, perfectly reflecting Solar sail that is initially at rest a
Question #1884907
Consider a circular-motion problem in which tension not only must provide the pr
Question #1413198
Consider a cirucuit made of two resistors of resistances r and R and a capacitor
Question #1772621
Consider a city dealing with a severe ozone problem. Ozone levels are initially
Question #1104748
Consider a city dealing with a severe ozone problem. Ozone levels are initially
Question #1104775
Consider a city that has a number of kebab stands operating throughout the downt
Question #1247939
Consider a city where the owners of vacant lots will vote on a proposed growth b
Question #1098900
Hire Me For All Your Tutoring Needs
Integrity-first tutoring: clear explanations, guidance, and feedback.
Drop an Email at
drjack9650@gmail.com
Chat Now And Get Quote

Navigate

Previous
Consider a closed triangular box resting within a horizontal electric field of m
Next
Consider a cloud based storage-as-a-service provider. It provides a storage serv

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.