Game to Dethrone: A Least Privilege CTF
Published In
2021 IEEE 6th International Conference on Smart Cloud (smartcloud)
Document Type
Citation
Publication Date
11-2021
Abstract
Identity and Access Management (IAM) misconfiguration is one of the most critical threats to the security of cloud environments. As more infrastructure is being migrated to the cloud, the importance of following the principle of least privilege (PoLP) to mitigate security risks has significantly increased. Unfortunately, the mechanisms provided for doing so in the cloud are complex and substantially different than traditional legacy infrastructure. As a result, the number of practitioners that know how to secure cloud projects is insufficient compared to the number of cloud projects being deployed. To address the issue, this paper describes a Least Privilege CTF, a series of exercises that allows practitioners to practice applying least privileges on cloud deployments that are easily deployed with minimal cost.
Rights
Copyright 2021 IEEE - All rights reserved.
Locate the Document
DOI
10.1109/SmartCloud52277.2021.00030
Persistent Identifier
https://archives.pdx.edu/ds/psu/36833
Publisher
IEEE
Citation Details
Wu, W., & Feng, W.-chang. (2021). Game to Dethrone: A Least Privilege CTF. Institute of Electrical and Electronics Engineers (IEEE). https://doi.org/10.1109/smartcloud52277.2021.00030