September 10, 2022

Machine learning method User Behavior Analytics (UBA) ?Both reports should be written with a word count of 70-105 words(not more than the count provided) and should provide a URL re

Need to present a research reports on

1. Machine learning method

2. User Behavior Analytics (UBA)

Both reports should be written with a word count of 70-105 words(not more than the count provided) and should provide a URL reference link too .

Note : NO PLAGIARISM

Should have minimum of 3 statements which describes the information about the report.

Tips: Should be in simple own words and no usage of critical words and attached the file to know in detail to write on it. This question is from a cyber security subject so that the matter should relate to cyber security for sure and should connect to readers.

Deadline Sep10, 2022 12:00Pm.Cst

Security in Computing, Fifth Edition

Chapter 8: Cloud Computing

Objectives for Chapter 8

Define cloud services, including types and service models

How to define cloud service requirements and identify appropriate services

Survey cloud-based security capabilities and offerings

Discuss cloud storage encryption considerations

Protection of cloud-based applications and infrastructures

Explain the major federated identity management standards and how they differ

What Is Cloud Computing?

On-demand self-service

Add or subtract resources as necessary

Broad network access

Mobile, desktop, mainframe

Resource pooling

Multiple tenants share resources that can be reassigned dynamically according to need and invisibly to the tenants

Rapid elasticity

Services can quickly and automatically scale up or down to meet customer need

Measure service

Like water, gas, or telephone service, usage can be monitored for billing

Service Models

Software as a service (SaaS)

The cloud provider gives the customer access to applications running in the cloud

Platform as a service (PaaS)

The customer has his or her own applications, but the cloud provides the languages and tools for creating and running them

Infrastructure as a service (IaaS)

The cloud provider offers processing, storage, networks, and other computing resources that enable customers to run any kind of software

Service Models

Deployment Models

Private cloud

Infrastructure that is operated exclusively by and for the organization that owns it

Community cloud

Shared by several organizations with common needs, interests, or goals

Public cloud

Owned by a cloud service provider and offered to the general public

Hybrid cloud

Composed of two or more types of clouds, connected by technology that enables data and applications to balance loads among those clouds

Cloud Migration Risk Analysis

Identify assets

Determine vulnerabilities

Estimate likelihood of exploitation

Compute expected loss

Survey and select new controls

Project savings

The steps here are the same as for a normal risk analysis, but here they need to be approached from a specific perspective: How does a cloud deployment, compared to an on-premise deployment, change the answers? Vulnerabilities, likelihood of exploitation, and control options will be the most different in cloud environments, as they are dependent on compatible tools, security mechanisms, and incident response capabilities.

Cloud Provider Assessment

Security issues to consider:

Authentication, authorization, and access control options

Encryption options

Audit logging capabilities

Incident response capabilities

Reliability and uptime

Resources to help with assessment:

FedRAMP (Federal Risk and Authorization Management Program)

PCI DSS (Payment Card Industry Data Security Standard)

CSA STAR (CSA Security, Trust & Assurance Registry)

The specifics of the security issues will depend on the security requirements of the capability that’s being moved to the cloud and therefore on the risk assessment. The three listed resources are databases of cloud providers that have been assessed for their compliance with well-known cloud security standards.

Switching Cloud Providers

Switching cloud providers is expensive and difficult but sometimes becomes necessary and urgent

It is best to have backup options in place in case a migration away from a cloud provider is necessary, but many cloud providers make that practically impossible

SaaS providers are generally hardest to migrate away from, followed by PaaS, then IaaS

Security Benefits of Cloud Services

Geographic diversity

Many cloud providers run data centers in disparate geographic locations and mirror data across locations, providing protection from natural and other local disasters.

Platform and infrastructure diversity

Different platforms and infrastructures mean different bugs and vulnerabilities, which makes a single attack or error less likely to bring a system down. Using cloud services as part of a larger system can be a good way to diversify your technology stack.

Cloud-Based Security Functions

Some security functions may be best handled by cloud service providers:

Email filtering

Since email is already hopping through a variety of SMTP servers, adding a cloud-based email filter is as simple as adding another hop.

DDoS protection

Cloud-based DDoS protection services update your DNS records to insert their servers as proxies in front of yours. They maintain sufficient bandwidth to handle the flood of attack traffic.

Network monitoring

Cloud-based solutions can help customers deal with steep hardware requirements and can provide monitoring and incident response expertise.

Cloud Storage

By default, most cloud storage solutions either store users’ data unencrypted or encrypt all data for all customers using a single key and therefore don’t provide strong confidentiality

Some cloud services provide better confidentiality by generating keys on a per-user basis based on that user’s password or some other secret

For maximum confidentiality, some cloud providers embrace a trust no one (TNO) model in which even the provider does not have the keys to decrypt user data

Lastpass TNO Implementation

This flowchart shows how Lastpass is able to authenticate users but unable to decrypt those users’ data. The critical element is that the hash Lastpass derives from the user’s password for authentication is different from, and cannot be calculated using, the hash Lastpass derives from the user’s password for decryption. Decryption takes place client-side.

Boxcryptor TNO Implementation

The main benefit of the Boxcryptor implementation is that it allows users to selectively share files with other users. It does so by generating a per-file random key and then using each authorized user’s public key to encrypt that random key.

Data Loss Prevention (DLP)

DLP is more difficult in cloud environments than on-premise environments, as cloud customers have much less control over data ingress and egress points

DLP options for cloud-based corporate data:

Force users to work through the corporate virtual private network (VPN) to access corporate-contracted cloud resources

Install DLP agents on users’ corporate systems

In IaaS environments, insert a DLP server as a proxy between user systems and other corporate cloud servers

Cloud Application Security

Attacks against shared resources

Shared computing resources change the threat landscape. Sharing a system with a vulnerable application may result in those shared resources becoming compromised and consequently spreading attacks to your applications. There are also attacks, such as cryptographic side-channel attacks, that specifically target shared resource environments.

Attacks against insecure APIs (app programming interface)

Cloud vendors have a history of using known broken APIs. A recent survey of cloud security incidents over a 5-year period found that almost one-third of those incidents were caused by insecure interfaces and APIs.1 A separate study found major security weaknesses in SSL libraries used by major cloud service providers, including Amazon and PayPal.2

Cryptographic side-channel attacks use incidental information—processor and memory response, temperature, and so on—to reduce the search space of cryptographic keys. They have been proven effective in small, cloud-like laboratory environments.

1. Ko, R., et al. “Cloud Computing Vulnerability Incidents: A Statistical Overview.” Cloud

Security Alliance white paper, 13 Mar 2013.

2. Georgiev, M., et al. “The Most Dangerous Code in the World: Validating SSL Certificates

in Non-Browser Software.”ACM Conf on Comp and Comm Security ’12, 2012.

Federated Identity Management (FIdM)

FIdM enables identity information to be shared among several entities and across trust domains. In this diagram, the user wishes to access the service provider, but the service provider needs to check with a completely unrelated, but trusted, identity provider to ensure the user’s validity and authority first.

Security Assertion Markup Language (SAML)

An XML-based standard that defines a way for systems to securely exchange user identity and privilege information

Commonly used when a company wants to give its employees access to corporate cloud service subscriptions

If an employee leaves the company, his corporate login credentials are disabled and, by extension, so are his login rights to the cloud service

SAML Authentication Process

The IdP is often a corporate identity store, and the SP is often a cloud service provider.

OAuth

Whereas SAML is an authentication standard, OAuth is an authorization standard

OAuth enables a user to allow third-party applications to access APIs on that user’s behalf

When Facebook asks a user if a new application can have access to his photos, that’s OAuth

OAuth allows users to give third-party applications access to only the account resources they need, and to do so without sharing passwords; users can revoke access at any time

OAuth Authorization

The flow is too long to fit on one slide, so it is cut in half. The left half is first, followed by the right half.

OpenID Connect (OIDC)

OAuth has been extended to support authentication in the form of OIDC

OIDC is a relatively new standard for FIdM

OIDC provides much better support for native applications (versus web applications) than does SAML

Works by adding an identity token to the existing authorization tokens, essentially treating identity information as another authorization right

OIDC Authentication

The flow is too long to fit on one slide, so it is cut in half. The left half is first, followed by the right half.

Securing IaaS

Shared storage

When you deallocate shared storage, it gets reallocated to other users, potentially exposing your data. Encrypted storage volumes are the most reliable mitigation.

Shared network

Typical practice among IaaS providers prevents users from sniffing one another’s network traffic, but the safest bet is to encrypt all network traffic to and from virtual machines whenever possible

Host access

Require two-factor authentication

Do not use shared accounts

Enforce the principle of least privilege

Use OAuth rather than passwords to give applications access to API interfaces

Use FIdM wherever possible so as to only manage one set of accounts

IaaS Security Architecture

In this diagram, each server type is in its own security enclave, with the critical servers being protected by both firewalls and application proxies. Each of these servers is dedicated to a very specific purpose and is therefore simple and predictable enough to allow for application whitelisting, which greatly limits malware potential. This level of VM specialization is not always practical, but it greatly limits potential vulnerability.

Summary

When considering a move to cloud infrastructure, a full risk assessment will reveal critical requirements and bring up important unexpected issues

Cloud storage encryption options vary widely—confidentiality requirements are a key consideration

FIdM, including SAML, OAuth, and OIDC, provides strong security benefits by centralizing account and authorization management

In IaaS infrastructures, use server specialization, security enclaves, and application whitelisting to greatly limit the potential attack surface

image2.emf

image3.emf

image4.emf

image5.emf

image6.emf

image7.emf

image8.emf

image9.emf

image10.emf

image11.emf

Security in Computing, Fifth Edition

Chapter 7: Databases

Objectives for Chapter 7

Basic database terminology and concepts

Security requirements for databases

Implementing access controls in databases

Protecting sensitive data

Data mining and big data

Database Terms

Database (DB)

Database administrator (DBA)

Database management system (DBMS)

Table

Record

Field/element

Schema

Subschema

Attribute

Relation

Database: A collection of data and a set of rules that organize the data by specifying certain relationships among the data

Database administrator: Person who defines the rules that organize the data and controls who should have access to what parts of the data

Database management system: The system through which users interact with the database

Record: One related group of data

Field/element: Elementary data items that make up a record (e.g., name, address, city)

Schema: Logical structure of a database

Subschema: The portion of a database a given user has access to

Attribute: A column in a database

Relation: A set of database columns

Database Terms

DB: A collection of data and a set of rules that organize the data by specifying certain relationships among the data

DBA: Person who defines the rules that organize the data and controls who should have access to what parts of the data

DBMS: The system through which users interact with the database

Table: A collection of records

Record: One related group of data

Field/element: Elementary data items that make up a record (e.g., name, address, city)

Schema: Logical structure of a database

Subschema: The portion of a database a given user has access to

Attribute: A column in a database

Relation: A set of database columns

Database Example

A database with three tables

Database Example

A database with three tables

Schema Example

The schema of the database from the previous slide

Queries

A query is a command that tells the database to retrieve, modify, add, or delete a field or record

The most common database query language is SQL

Example SQL Query

SELECT ZIP=‘43210’

Where do we find databases?

This is a good time to encourage students to think about places databases are commonly used and all the purposes they may be used for. Examples such as banks, large retailers, and law enforcement quickly make clear why all of these requirements are critically important. We’ve already discussed many of the ways these requirements are achieved in previous chapters, but the remainder of this chapter covers special considerations for databases.

Where do we find databases?

Purpose and Use

Where do we find databases?

Purpose and Use

CIA

Reliability and Integrity

Reliability: in the context of databases, reliability is the ability to run for long periods without failing

Database integrity: concern that the database as a whole is protected against damage

Collepals.com Plagiarism Free Papers

Are you looking for custom essay writing service or even dissertation writing services? Just request for our write my paper service, and we'll match you with the best essay writer in your subject! With an exceptional team of professional academic experts in a wide range of subjects, we can guarantee you an unrivaled quality of custom-written papers.

Get ZERO PLAGIARISM, HUMAN WRITTEN ESSAYS

Why Hire Collepals.com writers to do your paper?

Quality- We are experienced and have access to ample research materials.

We write plagiarism Free Content

Confidential- We never share or sell your personal information to third parties.

Support-Chat with us today! We are always waiting to answer all your questions.

Machine learning method User Behavior Analytics (UBA) ?Both reports should be written with a word count of 70-105 words(not more than the count provided) and should provide a URL re

image2.emf

image3.emf

image4.emf

image5.emf

image6.emf

image7.emf

image8.emf

image9.emf

image10.emf

image11.emf

Related Posts

Effective display designs must provide all the necessary data in the proper sequence to carry out the task. Identify a recent personal user experience where

Effective display designs must provide all the necessary data in the proper sequence to carry out the task. Identify a recent personal user experience where

To complete this assignment, review the prompt and grading rubric in the Final Project Milestone Guidelines and Rubric. When you have finished your work, sub