Skip to main content

Table 4 Relationships between threats, vulnerabilities, and countermeasures

From: An analysis of security issues for cloud computing

Threat Vulnerabilities Incidents Countermeasures
T01 V01 An attacker can use the victim’s account to get access to the target’s resources. Identity and Access Management Guidance [65]
Dynamic credential [66]
T02 V03a, V03c Data from hard drives that are shared by several customers cannot be completely removed. Specify destruction strategies on Service-level Agreements (SLAs)
T03 V03a, V03c, V03d, V03f, V04a-f, V05a, V07 Authors in [58] illustrated the steps necessary to gain confidential information from other VMs co-located in the same server as the attacker. FRS techniques [67]
Digital Signatures [68]
Side channel [69] Encryption [69]
Homomorphic encryption [70]
T04 V01, V02 An attacker can request more computational resources, so other legal users are not able to get additional capacity. Cloud providers can force policies to offer limited computational resources
T05 V01 Some examples are described in [32] such as SQL, command injection, and cross-site scripting Web application scanners [71]
T06 V06a, V06b A zero-day exploit in the HyperVM virtualization application that destroyed about 100,000 websites [72] HyperSafe [60]
TCCP (Trusted Cloud
Computing Platform) [63]
TVDc (Trusted Virtual Datacenter) [73, 74]
T07 V04b, V06b [75] presents a study that demonstrates security flaws in most virtual machines monitors  
T08 V05a, V05b An attacker can create a VM image containing malware and publish it in a public repository. Mirage [49]
T09 V04d [76] has empirically showed attacks against the migration functionality of the latest version of the Xen and VMware virtualization products. PALM [64]
TCCP [63]
VNSS [52]
T10 V07 Sniffing and spoofing virtual networks [51] Virtual network framework based on Xen network modes: “bridged” and “routed” [51]