CLA0D1T—Auditing AWS Services S3 and IAM

Year : 2024 | Volume : 12 | Issue : 03 | Page : 1-12
    By

    Lisshutharan Segaran,

  • Yousif Elamin,

  • Garima Sinha,

  1. Student, Department of Computer Science & Engineering, Jain (Deemed-to-be University), Kochi, Bengaluru, Karnataka, India
  2. Student, Department of Computer Science & Engineering, Jain (Deemed-to-be University), Kochi, Bengaluru, Karnataka, India
  3. Professor, Department of Computer Science & Engineering, Jain (Deemed-to-be University), Kochi, Bengaluru, Karnataka, India

Abstract

The swift embrace of cloud computing has revolutionized how organizations handle and provide their services, delivering unmatched scalability, flexibility, and cost-effectiveness. However, this shift has also introduced a range of new security challenges and vulnerabilities, particularly concerning data access and identity management. This project specifically aims to address these issues within the context of Amazon Web Services (AWS), focusing on auditing the Simple Storage Service (S3) and Identity and Access Management (IAM) services. The primary objective is to identify, analyze, and prioritize potential misconfigurations in access policies and permissions, which are critical components in safeguarding networks, applications, and data storage. Through a structured and comprehensive methodology, this auditing process will systematically classify various misconfigurations, assess their severity, and propose effective remediation strategies. The audit will encompass a detailed review of access control policies, ensuring that they adhere to the principle of least privilege, and scrutinize IAM roles, policies, and permissions to detect any deviations from best practices. By evaluating the impact of identified vulnerabilities, the project will prioritize them based on the potential risk to the organization’s security posture. The anticipated outcomes of this project aim to empower organizations to proactively enhance their cloud security measures, ultimately fostering a safer and more robust cloud computing environment. By addressing these critical security aspects, the project will contribute significantly to mitigating risks associated with cloud adoption and help organizations better protect their digital assets against emerging threats.

Keywords: Cloud computing, cloud security challenges, IAM, S3, auditing services, access policies

[This article belongs to Journal Of Network security ]

How to cite this article:
Lisshutharan Segaran, Yousif Elamin, Garima Sinha. CLA0D1T—Auditing AWS Services S3 and IAM. Journal Of Network security. 2024; 12(03):1-12.
How to cite this URL:
Lisshutharan Segaran, Yousif Elamin, Garima Sinha. CLA0D1T—Auditing AWS Services S3 and IAM. Journal Of Network security. 2024; 12(03):1-12. Available from: https://journals.stmjournals.com/jons/article=2024/view=172059


References

  1. Amazon. (2023). Amazon S3. [online] Available from: https://aws.amazon.com/
  2. Amazon IAM. (2023). AWS Identity and Access Management. [online] Available from: https://aws.amazon.com/iam/
  3. Amazon. (2023). Amazon S3 – Cloud Object Storage. [online] Available from: https://aws.
    amazon.com/s3/
  4. Innovatureinc. (2023). Top 10 cloud computing trends in 2023. [online] Available from: https://innovatureinc.com/top-10-cloud-computing-trends/
  5. Lehtinen J. Technical Review Setup for Amazon Web Services: Assessing Amazon Cloud Computing Service Configurations. 2023
  6. Huy AQ, Hung PD. Security and cost optimization auditing for Amazon Web Services. In: Proceedings of the 2nd International Conference on Software Engineering and Information Management; 2019. p. 44–48. DOI: 10.1145/3305160.3305181
  7. Ismail UM, Islam S. A unified framework for cloud security transparency and audit. J Inf Secur Appl. 2020;54:102594. DOI: 10.1016/j.jisa.2020.102594
  8. Lins S, Schneider S, Sunyaev A. Trust is good, control is better: Creating secure clouds by continuous auditing. IEEE Trans Cloud Comput. 2016;6:890–903. DOI: 10.1109/TCC.2016.25
    22411
  9. Bellavista P, Corradi A, Foschini L, Solimando M. The Audit4Cloud platform for auditing the networking performance of public clouds. In: IEEE Global Communications Conference (GLOBECOM); 2019. IEEE Publications. p. 1–6. DOI: 10.1109/GLOBECOM38437.2019.90
    13870
  10. The Scale Factory. (2019). GitHub – scalefactory/s3audit-ts: CLI tool for auditing S3 buckets. [online] GitHub. Available from: https://github.com/scalefactory/s3audit-ts.
  11. CodiumAI Team. (2023). Creating powerful command-line tools in Python: A practical guide. [online] Available from: https://www.codium.ai/blog/creating-powerful-command-line-tools-in-python-a-practical-guide/
  12. Episyche Technologies. (2022). How to build a CLI Tool using Python? [online] Available from: https://episyche.com/blog/how-to-build-a-cli-tool-using-python
  13. Digital Cloud Training. (2022). AWS IAM. AWS Cheat Sheet. [online] Digital Cloud Training. Available from: https://digitalcloud.training/aws-iam/
  14. Bohara MS. (2020). Programming AWS IAM using AWS python SDK boto3—Part 3. [online] Available from: https://medium.com/geekculture/automating-aws-iam-using-lambda-and-boto3-part-3-3100088a4454
  15. Amazon. (2018). Amazon S3, Object storage built to retrieve any amount of data from anywhere. [online] Available from: https://aws.amazon.com/s3/
  16. Maheta D. (2023). Python with machine learning: Make user experience interactive. [online] Available from: https://www.bacancytechnology.com/blog/python-with-machine-learning
Regular Issue Subscription Review Article
Volume 12
Issue 03
Received 28/05/2024
Accepted 12/07/2024
Published 14/09/2024
Total Visits: 168


My IP

PlumX Metrics