ABSTRACT

Contents 7.1 Introduction ................................................................................................................... 126 7.2 Threat Model for the Cloud ........................................................................................... 127 7.3 Vulnerabilities, Threats, and Attacks in a Cloud ............................................................ 128

7.3.1 Vulnerabilities in Cloud Environment ................................................................ 128 7.3.1.1 Vulnerabilities in Virtualization/Multitenancy ..................................... 128 7.3.1.2 Vulnerabilities in Internet Protocol ........................................................129 7.3.1.3 Injection Vulnerabilities .........................................................................129 7.3.1.4 Vulnerabilities in Browsers and Application Programming Interfaces

(APIs) ....................................................................................................129 7.3.1.5 Unauthorized Access to Management Interface .................................... 130

7.3.2 Threats to Cloud Computing .............................................................................. 130 7.3.2.1 Change the Business Model .................................................................. 130 7.3.2.2 Abusive Use ...........................................................................................131 7.3.2.3 Insecure Interfaces .................................................................................131 7.3.2.4 Malicious Insiders ..................................................................................131 7.3.2.5 Shared Technology ................................................................................131 7.3.2.6 Data Loss and Leakage ..........................................................................132 7.3.2.7 Risk Profile ............................................................................................133 7.3.2.8 Service Hijacking ...................................................................................133