This article was published as a part of the Data Science Blogathon.
Cloud security is the practice of protecting data and information that is stored on or accessed through a cloud computing service. It is a broad term that covers a range of security concerns, from the physical infrastructure of the cloud to the way data is accessed and managed by cloud users.
There are many benefits to using cloud services, but some security risks also need to be considered. To help mitigate these risks, organizations should implement some basic security measures, such as creating strong passwords and using two-factor authentication. They should also consider using a cloud security solution that provides additional protections, such as data encryption and activity monitoring.
The cloud is here to stay, and so is cloud security. Organizations can make the most of the cloud while keeping their data safe by taking some simple steps to secure their data and operations.
As more and more businesses move to the cloud, they must have a robust security strategy in place. Here are four reasons why cloud security is essential:
1. The cloud is a target for hackers.
Just like any other online platform, the cloud is a target for hackers. They may try to gain access to your data to sell it or use it for malicious purposes.
2. The cloud is constantly evolving.
The cloud is constantly evolving, so the security measures that were in place yesterday may not be sufficient today. It’s essential to stay up-to-date on the latest security threats and to ensure that your cloud provider is taking steps to protect your data.
3. The cloud is shared.
When you use the cloud, you’re sharing resources with other users. This can increase the risk of data breaches since hackers may gain access to your data if they can access your cloud database.
Many types of protocols are used in cloud security, each with advantages and disadvantages. The most common protocols are SSL/TLS, SSH, and IPSec.
SSL/TLS is the most widely used protocol for web applications. It is relatively easy to set up and provides a good level of security. However, it is not as secure as other protocols and is unsuitable for all applications.
SSH is a more secure protocol than SSL/TLS, but it is more difficult to set up. It is often used for applications that require a high level of security, such as email servers.
IPSec is a very secure protocol, but it is very complex to set up. It is often used for VPNs and other applications requiring a high-security level.
In this article, we will discuss them in detail. Let’s get started.
IPsec authenticates and encrypts data packets transmitted over IPv4 and IPv6 networks. IPsec protocol headers are found in a packet’s IP header and define how data in a package is handled, such as routing and delivery across a network. IPsec augments the IP header with several components, including security information and one or more cryptographic algorithms.
Working of IPSec protocol:
It consists of the following elements:
1. Encapsulating Security Payload (ESP): offers data integrity, encryption,
and authentication.
2. Internet Key Exchange(IKE): IKE provides message content protection and an open framework for implementing standard algorithms such as SHA and MD5.
3. Authentication Header(AH): It also provides data integrity, authentication, and anti-replay but not encryption.
Vulnerabilities for security breaches include:
1. Man-in-the-middle attack: IPSec VPN uses keys to identify each other An attacker may be able to recover a weak Pre-Shared Key using this vulnerability. As a result, this attack focuses on IKE’s handshake implementation, which we use for IPsec-based VPN connections.
2. Password cracking: When a VPN user enters a password, the server encrypts it and compares it to previously stored values. If they match, we grant access to the individual. Unfortunately, using weak passwords in an IPSec VPN exposes it to offline dictionaries or brute force attacks. Strengths of IPSec protocol:
3. Confidentiality: IPSec uses public keys to help safely transfer confidential data. As a result, keeping the keys secure ensures secure data transfer.
4. Layer Security (Network): IPSec is transparent and allows for monitoring all network traffic.
5. Application Independence: IPSec only necessitates changes to the operating system. As a result, IPsec-based VPNs do not have to be concerned about the type of application.
Weakness of IPSec Protocol:
1. Range of access
2. Compatibility: Firewall restrictions will make connecting to another network difficult. IPsec does not support multi-protocol or IP multicast traffic.
Tools/Applications:
1. IpsecVpns
2. Non-encrypted authentication
3. Router safety
SSL is the original name for the cryptographic protocol used to authenticate and encrypt network communications. SSL was officially replaced by an updated protocol called TLS some time ago.
Working on SSL protocol:
SSL is made up of two distinct protocols:
1. The Handshake protocol authenticates the server (and, if necessary, the client), negotiates crypto suites, and generates the shared key.
2. The Record protocol isolates each connection and secures communications for the duration of the session using the shared key.
Vulnerabilities for security breaches include:
1. Man-in-the-Middle (MITM) Attacks: There are several ways for a bad actor to undermine the trust established by SSL/TLS and launch a MITM attack. For example, a website’s server key could be stolen, allowing the attacker to pose as the server. In some cases, the issuing Certificate Authority (CA) has been compromised, and the root key has been stolen, allowing criminals to generate their certificates signed with it.
2. Certificates Self-Signed and Wildcard: Server administrators frequently use the free OpenSSL to generate self-signed “wildcard” certificates on the fly. While this practice is quick and easy, it significantly undermines trust because no trusted third-party CA verifies these certificates.
3. SSL/TLS Certificates That Have Expired: Expired certificates cause unplanned system outages or allow hackers to enter your network.
Strengths of SSL protocol:
1. Data security: every piece of information is encrypted.
2. Identity confirmation: When installing an SSL certificate, you must undergo a validation process by an independent third party known as a Certificate Authority (CA). The CA verifies your and your organization’s identity, depending on the type of Certificate.
3. Improved Search Engine Ranking
Tools/Applications:
1. OpenSSL: An open-source SSL library that can be used to generate and test SSL certificates on a regional basis.
2. IBM KeyMAN: This Java application stores and manages certificates.
They stand for Virtual Private Networks. VPNs refer to establishing a secure network connection when using public networks. VPNs encrypt your internet traffic and conceal your identity online.
Working of VPNs protocol:
Data will experience the following changes when a connection is established:
1. Your computer’s VPN software encrypts your data traffic and sends it to the VPN server via a secure connection.
2. The VPN network will decrypt the encrypted data of our computer.
3. VPN is intended for you by sending your data to the internet.
4. The VPN server then encrypts the traffic and sends it back to you.
5. Your device’s VPN software will decrypt the data so you can understand and use it.
The layer of operation:
Depending on the type of VPN, it could be layer 2, 3, or even 7.
Vulnerabilities for security breaches include:
1. MITM Attacks: While a VPN can provide some protection from this type of deception through encryption, it is common for the VPN to send traffic out via a split encrypted tunnel in the name of cost savings, leaving endpoints vulnerable.
2. DNS Hijacking: If a hacker gains access to the DNS, they may cause ongoing problems by redirecting users to pages containing advertisements or malware.
3. Recurring Login Attempts: Repeated login attacks, like Distributed Denial of Service (DDOS) attacks, can cause VPN solutions to fail. DDOS attacks overload an app with requests, rendering it unavailable.
Strengths of VPNs protocol:
1. Network security can prevent people, software, and web browsers from connecting to your network. It ensures that the information you send and receive is secure and anonymous.
2. Privacy: makes all of your online communications appear to anyone who can intercept them as illogical, garbled text and characters.
3. Access to geo-restricted services
Tools: there are different VPN services available
1. VPN for Remote Access
2. Ex/Intranet-based VPN
3. VPNs with point-to-point tunneling
TLS, or Transport Layer Security, is a widely used security protocol designed to improve privacy and data security for Internet communications.
Working of TLS protocol:
We must install a TLS certificate on the origin server for a website or application to use TLS. We use the TLS handshake sequence to establish a TLS connection. When a user navigates to a TLS-enabled website, the TLS handshake between the user’s device (also known as the client device) and the web server begins.
The user’s device and the web server exchange the following information during the TLS handshake:
1. Specify the TLS version (TLS 1.0, 1.2, 1.3, etc.).
2. Determine which cypher suites (see below) they will employ.
3. Using the server’s TLS certificate, verify the server’s identity.
4. After the handshake is complete, generate session keys for encrypting messages between them.
Vulnerabilities for security breaches include:
1. MITM (Man-in-the-Middle) Attacks: There are several ways for a bad actor to breach the trust established by SSL/TLS and launch a MITM attack. For example, a website’s server key could be stolen, allowing the attacker to pose as the server. In some cases, the issuing Certificate Authority (CA) has been compromised, and the root key has been stolen, allowing criminals to generate their certificates signed with it.
2. Certificates Self-Signed and Wildcard: On-demand self-signed “wildcard” certificates are frequently created by server administrators. While this practice is quick and easy, it significantly undermines trust because no trusted third-party CA verifies these certificates.
3. SSL/TLS Certificates That Have Expired: Expired certificates cause unplanned system outages or allow hackers to enter your network.
Strengths of TLS protocol:
1. Integrity of data: TLS specifies the type of Certificate exchanged between nodes.
2. Security: TLS is a secure method of transferring data over the internet. Unlike SSL, which employs Keyed Message Authentication, TLS uses a cryptographic technique known as the HMAC (Key-Mashing Authentication Code). This method ensures that the record cannot be tampered with while transmitted over the internet.
3. Control granularity: TLS provides a more sophisticated and reactive alert system.
Tools/Applications:
Tools mentioned in the SSL criteria, i.e.,
1. OpenSSL: An open-source SSL library that can generate and test SSL certificates locally.
2. IBM KeyMAN: This Java application stores and manages certificates.
In this article, we have discussed various protocols used in Cyber security, i.e. making our applications secure from attackers. According to the current demands, there is an excellent need for Cyber security engineers that can code such algorithms that cannot be hacked by someone else. According to a report, the market cap of cyber security will be 8.2 billion in 2021, which is predicted to reach approximately 20 billion by 2025.
Cyber security is somewhat considered more complex than regular programming or software development. It requires explicit knowledge to write, infiltrate, and prevent code infiltration.
Main points of this article:
1. We discussed the basic understanding of cyber security.
2. Then, we discussed various protocols that are used in cyber security.
3. We discussed working, vulnerabilities, strengths, weaknesses, etc.
4. Finally, we have concluded the article.
That is all for today. Thanks for reading.
The media shown in this article is not owned by Analytics Vidhya and is used at the Author’s discretion.