Cloud storage systems like Microsoft's Windows Azure Storage and Amazon's Simple Storage Service allow web sites and services to cheaply store large amounts of data and make it available in a controlled manner. However, as with traditional methods of data storage and retrieval (such as SQL-based relational databases), application authors must take care to use cloud storage systems correctly to avoid unauthorized data access or tampering. This presentation will cover a variety of attacks on applications using cloud storage, such as enumeration and REST/SOAP injection, to show how the same effects as a SQL injection attack may be realized on an application using a cloud storage system, as well as how developers can protect themselves from these attacks.
Secdocs is a project aimed to index high-quality IT security and hacking documents. These are fetched from multiple data sources: events, conferences and generally from interwebs.
Serving 8166 documents and 531.0 GB of hacking knowledge, indexed from 2419 authors from 163 security conferences.