Investigation of Fake Insider Threats on Private Cloud Computing Services

Abstract

Cloud-based services are service system mechanisms used by companies or organizations in conducting computerized and integrated transactions in a computer network. A service system must of course be balanced with a level of security. This is used to anticipate cyber crimes that have the potential to occur. Cloud-based services themselves are usually offered by a Cloud Service Provider (CSP). CSPs are generally configured so that they are accessible on the public internet for their services. Companies that prioritize data security want a system that is safe from a series of cyber crimes. Private cloud computing scheme is a solution that can be implemented as an alternative. The problem that occurs is the possibility of MITC (Man in the Cloud) attacks that infiltrate and manipulate identities so that they are detected as fake insider threats on cloud systems. This thesis aims to carry out threat analysis with the Man in the Cloud attack technique on private cloud computing services based on a study of the ISO 27032 standard. Reports and documentation of the results of the analysis are expected to become recommendations for the cybersecurity investigation and management process related to threats to cloud services with private schemes cloud computing.