Unsecure cloud storage: prevalence & mitigation

Cloud storage services are gaining popularity due to their flexibility, elasticity, and support to a growing need of data storage at a very accessible price, around $0.02 per GigaByte (GB) each month. Thus, more and more companies and users are relying on cloud providers to store their files. This p...

Descripción completa

Detalles Bibliográficos
Autor: Ramirez Aguado, Miguel
Tipo de recurso: tesis de maestría
Fecha de publicación:2018
País:España
Institución:Universitat Politècnica de Catalunya (UPC)
Repositorio:UPCommons. Portal del coneixement obert de la UPC
Idioma:inglés
OAI Identifier:oai:upcommons.upc.edu:2117/127695
Acceso en línea:https://hdl.handle.net/2117/127695
Access Level:acceso abierto
Palabra clave:Computer security
Cloud computing
cloud storage
aws
google cloud
ibm cloud
cybersecurity
Seguretat informàtica
Computació en núvol
Àrees temàtiques de la UPC::Informàtica
Descripción
Sumario:Cloud storage services are gaining popularity due to their flexibility, elasticity, and support to a growing need of data storage at a very accessible price, around $0.02 per GigaByte (GB) each month. Thus, more and more companies and users are relying on cloud providers to store their files. This project will study the four main cloud storage providers: Amazon Web Services (AWS), Google Cloud, IBM Cloud and Microsoft's Azure. After understanding how each cloud provider works, a scanning tool was developed to search all four providers for public objects. To make sure companies and administrators understand the utility of the tool, privacy settings and permissions are commented, also commenting how and why previous data leakage occurred. The tool has been tested and the results obtained show that there is a lot of sensitive data available to the public. With the help of the developed tool, penetration testers can help companies by making sure that no sensitive data is publicly available.