Page 1005 - Cloud computing: From paradigm to operation
P. 1005

Security                                                   7


            8.5     Monitoring data analysis

            Monitoring data can be analyzed by the CSP and CSC to understand the status of the cloud platform resources
            in order to better manage and secure them.

            8.6     Monitoring data presentation
            It is recommended that monitoring data be presentable in meaningful ways in order to be useful for better
            management of SLAs and cloud security. Since the volume of cloud monitoring data can be very large, is
            recommended that these data be summarized in a manageable and understandable way.


            8.7     Monitoring data destruction
            To maintain monitoring data security, the CSP is required to destroy monitoring data as CSCs demand.
            CSPs  can  optionally  destroy  monitoring  data  after  an  appropriate  period  of  time  after  monitoring  data
            creation.

            8.8     Monitoring data backup

            It is required to create monitoring data backups and to restore data from backups.


            9       Security threats and challenges for monitoring data of cloud computing
            The security threats and challenges for cloud computing, clauses 7 and 8 respectively in [b-ITU-T X.1601],
            have provided the security threats and challenges for the CSC and CSP in cloud computing; cloud monitoring
            data also faces similar security threats and challenges that are defined in [b-ITU-T X.1601. Some of these
            security threats and challenges for cloud monitoring data include but are not limited to those shown below:
            a)      data loss and leakage;

            b)      insecure service access;
            c)      unauthorized administration access;
            d)      insider threats;
            e)      loss of trust;
            f)      loss of governance;
            g)      loss of confidentiality;

            h)      service unavailability;
            i)      misappropriation of intellectual property;
            j)      shared environment;
            k)      jurisdictional conflict;
            l)      bad migration and integration.

            For each monitoring data lifecycle stage, cloud monitoring data face some particular security threats and
            challenges.


            9.1     Security threats and challenges in monitoring data collection stage
            a)      data collection without authorization: A CSP or attackers may collect the CSC's monitoring data
                    without permission or authorization.

            b)      acquisition  interface  vulnerability:  Attackers  may  use  a  monitoring  data  acquisition  interface
                    vulnerability.
            c)      spoofing: Attackers could masquerade as the management system, or data storage server, of cloud
                    monitoring service, and cause the loss of monitoring data.
            d)      tampering and intercepting: Attackers could use man-in-the-middle or other network attacks to
                    tamper with, or intercept monitoring data.


                                                                                                         997
   1000   1001   1002   1003   1004   1005   1006   1007   1008   1009   1010