University of Twente Student Theses

Login

Penetration testing of AWS-based environments

Szabó, Réka (2018) Penetration testing of AWS-based environments.

[img]
Preview
PDF
1MB
Abstract:Since the last millennium, the various offerings of Cloud Service Providers have become the core of a large number of applications. Amazon Web Services is the market leader at the forefront of cloud computing with the most significant customer base. In accordance with Amazon's policy, security in the cloud needs to be ensured by the clients, which poses a huge security risk. A favoured technique to evaluate the security properties of computer systems is penetration testing and the focus of this thesis is how this technique can be leveraged specifically for AWS environments. A general method is outlined, which can be applied on the client side to improve the security of applications running in the Amazon cloud. The existing tools are integrated into the conventional penetration testing method- ology, and the available toolset is extended to achieve a more comprehensive method. A major element of the study is authenticated penetration tests, in which case credentials are provided to the benign attacker, and thus the focus can be on internal misconfigurations which are often the source of security breaches in AWS environments.
Item Type:Essay (Master)
Faculty:EEMCS: Electrical Engineering, Mathematics and Computer Science
Subject:54 computer science
Programme:Computer Science MSc (60300)
Link to this item:http://purl.utwente.nl/essays/76955
Export this item as:BibTeX
EndNote
HTML Citation
Reference Manager

 

Repository Staff Only: item control page