Abstract
Cloud services provided by Microsoft are growing rapidly in number and importance. Azure Active Directory (AAD) is becoming more important due to its role in facilitating identity management for cloud-based services. However, several risks and security issues have been associated with cloud systems due to vulnerabilities associated with identity management systems. In particular, misconfigurations could severely impact the security of cloud-based systems. Accordingly, this study identifies and experimentally evaluates exploitable misconfiguration vulnerabilities in Azure AD which can eventually lead to the risk of privilege escalation attacks. The study focuses on two scenarios: dynamic group settings and the activation of the Managed Identity feature on virtual devices. Through experimental evaluation, the research demonstrates the successful execution of these attacks, resulting in unauthorized access to sensitive information. Finally, we suggest several approaches to prevent such attacks by isolating sensitive systems to minimize the possibility of damage resulting from a misconfiguration accident and highlight the need for further studies.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
