Shared security flaws of cloud computing

http://www.networkworld.com/news/2011/102611-security-cloud-252406.html?ap1=rcb

This article discusses some recently found security flaws in the Amazon web service cloud computing architecture. Fortunately, these flaws were first found by German researchers and no customers have fell victim to the exploits. Researchers were able to gain administrative status thus giving them access to any and all of the users data. Amazon has since been informed of this issue and has repair all holes they know of. However, researchers believe this issue might be exploitable in many other cloud computing services. These general types of attacks that were used against amazon are called XML signature wrapping attacks and cross site scripting attacks. Amazon has announced that these exploits only exist in a very small percent of AWS authentications that are not using SSL endpoints. Amazon posted a list of strategies for remaining secure; one of which being multi-factor authentication. With cloud computing’s rapidly growing popularity it is a good thing researchers are finding and resolving these general exploits in cloud architecture.

Advertisements

3 thoughts on “Shared security flaws of cloud computing

  1. I agree with what you said at the end because if they don’t prepare for what can come in the future now, the cloud architecture is going to suffer a lot. I would also like to point out that a fair amount of amazons cloud computing is done through Zynga so although Amazon says that they are fixing the problems. These exploits might be forwarded to Zynga and they might be fixing the problems in there cloud infrastructure also.

  2. Pingback: “Private cloud” skills « KBT Computer Consulting

  3. Pingback: Windows Azure and Cloud Computing Posts for 10/28/2011+ - Windows Azure Blog

Comments are closed.