 Cloud, as a service provider, looks very attractive, but it does not come for free. There's a cost of security associated with it. Over the last decade, cloud security has seen a lot of research going into it. Some very interesting artifacts came out as a consequence, which helped the cloud infrastructure to become more trustworthy. So this is, as we speak, an evergreen researchable area. At the same time, it has a lot of money and business associated with it. So because of the paucity of time, we are just going to look at some important aspects of it. So we'd start off with the dimensions, have a quick look at the user concerns, and a quick fix in the form of isolation. So why cloud security would appear as an issue? The reason is cloud computing systems actually span across boundaries of multiple organizations, even across the security borders of various nation states, each having its own national security policy and national cybersecurity policy. So it's not easy to determine who is to be blamed, known as the 5Ws of forensic investigation. You can look it up yourselves. When something unpleasant happens. So the cloud security dimensions cannot be restricted to these bullets only. But for the sake of gravity, let's look at the dimensions. For instance, we need to look at the risks. Risks give rise to the threats. The fundamental difference between threat and risk is when we have a risk, which is internal or intrinsic to a system, it remains a risk. But once we have an intruder, someone who is looking at capitalizing and caching such a risk, it becomes a threat. So threat is hostile presence plus the risks. Then we have the operating systems. Security has very important dimension because after all, it is the OS, which runs the entire computing infrastructure. Then the virtual machine security. The virtual machine security literally is the infrastructure on which the virtual machines are going to run. And the virtualization process itself could pose some security challenges. Then the shared images, the OS images, which are consistently spread across multi-tenants in virtualized environments, is a risk because one size fits all is easy for deployment, but it gives room to some zero-day vulnerabilities and some common threats, which could be applicable to all the tenants. Then the operating system, which is used by the management service provider or the management services like NOC, the network operation center, sometimes known as the ONM operations and management, and equally the SOC, the security operation center. So what exact tools or what exact operating systems are they using is another element in the end-to-end concern. Now the NIST Cloud Reference Model again contains the essential components, which have to be addressed. So we see we have the auditor as an entity, which is going to oversee the security vulnerabilities, risk assessment, risk mitigation, and recommendations for the service providers and the partners, the CSNs. So we see we have an auditor that is going to carry out the security audit and the privacy impact audit because the privacy is the first thing that gets compromised once you publish your data on the cloud. Since a tighter security means a lesser attention to the performance, so there's a trade-off. The auditor has to ensure that the security vulnerabilities have to be mitigated while maintaining bare minimum performance. From the user perspective, that is, I'll say a very self-centered viewpoint, which is everyone's right. The user concerns are the loss of control and ownership of data as soon as you put your data or upload your data on the cloud. The data integrity, if it's going to remain the same. The privacy enforcement, if no one else is allowed to view it, if it is encrypted strong enough. And once a subscriber or a user, CSU, gets a service and after provisioning the service, it wants to deprovision the service. The reminiscence of data becomes a concern because after all, whatever storage took place, someone else could make further copies of it. It has to be taken care of. Then, in the presence of multiple tenants on the same physical machine, how data isolation would be ensured is a serious concern. Then, as a national concern, sometimes the governments want the data related to their citizens to be restricted to certain geographical proximity or locality. This is something which is not possible to be implemented if it's not taken care of particularly. Then, the virtual machine running environment, the hypervisor itself is vulnerable. Then, we have the data integrity protection audit agency. The auditing data has to be the entity that carries out integrity audit has to be made sure that it's also free from vulnerability. Then, the subscribers which are adopting certain policies through provider-provided controls, what is the trust level or what is the trustworthiness of those policies. The policies come in as installable packages, so it means that the verification of these is also a user concern, probably not from the cloud service provider as such, from a third party. Then, the certification accreditation endorsement for a certain cloud service like the free star, four star or five star rating is again a user concern. Let's quickly look at the existing threats which amplify and the emergent threats because of the unique constructs of the cloud environment. The traditional threats simply amplify because the infrastructure becomes highly diverse, distributed beyond the geographical control and user control and a lot of other users sharing the same space. The boundaries between what control does the provider have on your data and the users themselves is becoming hazy. The new threats which are specific to cloud environment is the multi-tenancy that is running the virtual machine manager itself and the new attack channels that are created because we have yet another Achilles heel now in the kill chain. The triple A procedure which was centralized now is distributed, so it means that the application of triple A which is applicable to an individual should not be implementable on another individual as such and not at all to an organization. So it means that the organization now needs a package or a thorough triple A assurance for all the individuals within that organization which are represented by a single name of that organization. Then the presence of the over the top services like WhatsApp and the like have their own proprietary mechanisms which are running on top of cloud services. So there's a lack of transparency and less control of the cloud service providers let alone the users. Now let's look at the threat surface from the user service and the cloud infrastructure viewpoint. These three entities are actually vulnerable from each other. So we say that everyone may attack everyone else. So we see here that if you look at user, a user is vulnerable from the service which it invokes and the cloud infrastructure that it gets services from. At the same time, a user is also vulnerable from another tenant that resides or uses the same cloud infrastructure. Now the service in a quid pro quo or tit for tat basis is also vulnerable from the user itself because the user is also present here with its own API. So the service could be under attack from the user itself or from the cloud infrastructure. Now the cloud infrastructure once it goes rogue is the biggest threat that the users and the services could be exposed to and then the cloud infrastructure is also vulnerable to the user and to the service that the user invokes. Now this material has been actually taken from a reference book. I'm going to share it with you towards the end. This material was presented in a conference back in 2013 and a book was published back then. Now it has been formally republished in 2022. So we were talking about all these vulnerabilities. So could we think about a very simple and basic mechanism to combat these security vulnerabilities? The most obvious answer is isolation. What is isolation? We know that in cloud, the virtual machine managers ensure that each user gets to have its own services in the form whatever IWS, SWAS, PWAS, NWS, whatever. Now the runtime behavior of an application which is running for the user is actually affected by the applications which are running concurrently for other users. So the security vulnerabilities for the virtual machines and the virtual machine manager could be significantly reduced if the number of exposed services and the control knobs for a certain virtual machine manager are limited to a few functions only because the more are the functions which are exposed by the virtual machine manager for a user, it means that we are giving more control to a user to probably wage some kind of attack, particularly in the privileged mode. So this is, I'll say, a quick fix to the concerns that we've seen earlier. The book which I was referring to is Cloud Computing Theory and Practice by Marenesco. It was published initially in 2013, which he presented at a conference. It was republished in 2022 by Morgan Kaufman.