System-Centric Security Research Actions

We provide a discussion on relevant research actions that need to be taken to mitigate the threats, gaps, and challenges previously identified and reported in Appendix A.3 of document D4.3.

• RA3.1 – SDN. The advent of SDN that enables centralized control of network applications and devices increased the efficiency of cloud services. It enabled cloud services to deploy cross-storage spanning across many different locations around the globe, thus making storage management way more efficient and less complex. Examples of cross-storage include including multi-clouds, hybrid clouds, meta-clouds, and clouds federations [1]. World renown companies, such as Microsoft and IBM are working on the development of cross-storages, and particularly cross-cloud. Such solutions provide very high-security standards and enable administrators to manage the entire network from a single control panel. On top of that, this technology can aid in filtering out malicious traffic and in the case of an emergency establish new virtual machines with minimal costs [2].
  Threats: T3.1.2 – Inadequate design and planning or incorrect adaptation, T3.3.1 – Configuration poisoning, T3.4.3 – Malicious code/software/activity, T3.4.4 – Generation and use of rogue certificates, T3.4.6 – Failures of business process, T3.4.7 – Code execution and injection (unsecured APIs), T3.5.1 – Violation of laws or regulations, T3.6.2 – Malicious insider, T3.6.5 – Cloud sprawl – COVID19
  Gaps: G3.2 – Gaps on data control, G3.3 – Gaps on multi-tenancy, isolation and resource management, G3.8 – Lack of visibility/control, G3.12 – Gaps on insider threat, G3.14 – Gaps on abuse and nefarious use of cloud services, G3.21 – Gaps on endpoint controls, G3.23 – Gaps on remote network controls
• RA3.2 – ML/AI-based solutions. There have already been efforts of integrating ML and AI capabilities within clouds, such as Google’s AlphaGo, Apple Siri, and Microsoft’s Cortana. In the future, ML and DL techniques could revolutionize the ways of storing big data in the cloud in the terms of computational costs and required hardware space. AI and ML solutions also have a huge potential in reinforcing the security and reliability of cloud solutions. Moreover, these technologies could prevent data loss by detecting data breaches in cloud storages [2].
  Threats: T3.1.2 – Inadequate design and planning or incorrect adaptation, T3.2.1 – Interception of information, T3.2.2 – Unauthorized acquisition of information (data breach), T3.3.1 – Configuration poisoning, T3.3.2 – Business process poisoning, T3.4.3 – Malicious code/software/activity, T3.4.6 – Failures of business process, T3.4.7 – Code execution and injection (unsecured APIs), T3.5.1 – Violation of laws or regulations, T3.4.8 – Phishing – COVID19, T3.6.5 – Cloud sprawl – COVID19
  Gaps: G3.6 – Gaps on forensics, G3.8 – Lack of visibility/control, G3.12 – Gaps on insider threat, G3.15 – Gaps on insecure interfaces and APIs
• RA3.3 – Data encryption. Despite the continuous development of cloud environments and the emergence of new technologies come, the open nature of the cloud comes with risks. The introduction and deployment of new cloud-related technologies only exacerbate this risk by introducing even more security holes. Encryption arises as one of the most appropriate solutions for these Gaps: However, currently available encryption technologies, as well intrusion detection systems are not sufficiently efficient in protecting large-scale systems such as clouds. Hence, there is a need to conduct further research in improving existing and developing new intrusion detection solutions and encryption techniques. Some of the potential solutions to these problems include real-time encryption technology [3], real-time defensive systems, and lightweight cryptographic solutions such as AES [4].
  Threats: T3.2.1 – Interception of information, T3.2.2 – Unauthorized acquisition of information (data breach), T3.3.2 – Business process poisoning, T3.4.1 – Identity fraud, T3.4.5 – Misuse of assurance tools
  Gaps: G3.1 – Gaps on the use of cryptography, G3.2 – Gaps on data control, G3.10 – Gaps on lack of cloud security architecture and strategy, G3.11 – Gaps on insufficient identity, credential, access, and key management, G3.15 – Gaps on insecure interfaces and APIs, G3.16 – Gaps on account hijacking due to the inadequate authentication, G3.18 – Gaps on malware exposure, G3.21 – Gaps on endpoint controls, G3.24 – Gaps on the configuration of cloud storage
• RA3.4 – Cloud-to-cloud backup. Cloud-to-cloud backup is expected to become a standard procedure in the upcoming future [5]. It involves the process of backing-up data stored on one cloud onto another cloud. Current backup technologies deployed on the cloud are still susceptible to data loss due to hardware failures or natural disasters. Even though cloud-to-cloud technology could solve these issues, it is still in its infancy and requires more research to further bolster its security aspects and resolve other underlying issues, such as the clashes with other deduplication technologies.
  Threats: T3.1.1 – Information leakage/sharing due to human errors, T3.2.2 – Unauthorized acquisition of information (data breach), T3.4.2 – Denial of service, T3.4.6 – Failures of business process, T3.6.2 – Malicious insider
  Gaps: G3.13 – Gaps on weak control planes, 3.20 – Gaps on logistic challenges to the ever-increasing cloud usage, G3.24 – Gaps on the configuration of cloud storage

---

Highlights on Identified Research Actions

There are four main areas in which future system cybersecurity research actions should be focused, namely SDN, ML/DL-based solutions, data encryption, and cloud-to-cloud backup. The efficiency of cloud services increased with the emergence of SDN-based cloud solutions, such as multi-clouds, hybrid clouds, meta-clouds, and clouds federations. Aside from being able to bring security standards to the next level by allowing network management from a single control panel, these solutions have the potential of differentiating good and malicious traffic. ML and AI security solutions can be used not only for increasing the efficiency and reliability of cloud services but also for detecting data breaches in the cloud. Aside from bringing various benefits to the end-users, deployment of the emerging cloud-based technologies and add-ons usually introduces new security gaps and risks. Despite being one of the most suitable solutions for preventing such events, available data encryption solutions are not fully suitable for the clouds. Hence, there arises a need for new solutions and further research on novel concepts such as real-time encryption technology and real-time defensive systems. One of the most anticipated new security solutions is cloud-to-cloud backup, which is expected to fix the shortcomings of traditional backup technologies. However, it is still in its infancy and a lot of work remains to be done to resolve the clashes with the existing deduplication technologies. 

---

[1] SDN Security: Five reasons SDN is more secure than legacy networks, https://codilime.com/five-reasons-sdn-is-more-secure-than-legacy-networks/

[2] C. B. Tan, M. H. A. Hijazi, Y. Lim and A. Gani, “A survey on Proof of Retrievability for cloud data integrity and availability: Cloud storage state-of-the-art, issues, solutions and future trends,” Journal of Network and Computer Applications, vol. 110, pp. 75-86, 2018.

[3] D. Quick, B. Martini and R. Choo, Cloud storage forensics, Syngress, 2013.

[4] S. Khan, S. Parkinson and Y. Qin, “Fog computing security: a review of current applications and security solutions,” Journal of Cloud Computing, vol. 6, nº 1, pp. 1-22, 2017.

[5] Hot data storage technology trends for 2017, https://searchstorage.techtarget.com/feature/Hot-data-storage-technology-trends-for-2017