Sharing The Cloud With Your Enemy presented at BlueHat 2009

by Billy Rios ( Microsoft ), Nathan Mcfeters (Ernst & Young ),

Tags: Security

Summary : Thanks to the plethora of emerging of cloud service offerings, the sheer power of computation available to almost anyone with a (stolen) credit card is quite stunning. This presentation will not discuss legal and compliance implications of consuming cloud services; let us leave that to the auditors and their checklists. Instead, this presentation will focus on the following topics:
An examination of how the cloud "Security Stack" increases or decreases security exposures.
A demonstration of how the impact of well-known attack vectors can have a devastating effect on cloud platforms and the clients that consume them.
A walkthrough of discovered vulnerabilities that affected well-known, popular cloud providers.
New attack vectors that target the business models of cloud service providers, which may introduce perpetual and unstoppable abuse without deviation in the cloud providers' business models.
The goal of this presentation is to kick off a discussion in the technology community with the sincere hope that it will lead to a broad realization of the security implications of changes that are likely to affect cloud platforms and their clients in the near future.