Multi tenancy environment:

The multi-tenant application design was created to enable multiple users (tenants) to access the same application logic simultaneously.

Each tenant has its own view of the application that it uses, administers, and customizes as a dedicated instance of the software while remaining unaware of other tenants that are using the same application.

Common characteristics of multi tenant applications include: Usage Isolation - The usage behavior of one tenant does not affect the application availability and performance of other tenants.

Data Security - Tenants cannot access data that belongs to other tenants.

Recovery - Backup and restore procedures are separately executed for the data of each tenant.

Application Upgrade - Tenants are not negatively affected by the synchronous upgrading of shared software artifacts.

Scalability - The application can scale to accommodate increases in usage by existing tenants and/or increases in the number of tenants.

Metered Usage - Tenants are charged only for the application processing and features that are actually consumed.

Data Tier Isolation - Tenants can have individual databases, tables, and/or schemas isolated from other tenants. Alternatively, databases, tables, and/or schemas can be designed to be intentionally shared by tenants.

Risks in multi tenancy environment:

Inadequate Logical Security Controls: Physical resources are shared between multiple tenants. That means dependence on logical segregation to ensure that one tenant deliberately cannot interfere with the security of the other tenants.

Malicious or Ignorant Tenants: If the provider has weaker logical controls between tenants, a malicious or an ignorant tenant may reduce the security posture of other tenants.

Shared Services can become single point of failure

Performance Risks: One tenant’s heavy use of the service may impact the quality of service provided to other tenants.

Uncoordinated Change Controls and Misconfigurations:

When multiple tenants are sharing the underlying infrastructure all changes needs to be well coordinated and tested.

Intrusion Detection System (IDS) in Cloud Computing:

Intrusion detection system plays an important role in the security and perseverance of active defense system against intruder hostile attacks for any business and IT organization. IDS implementation in cloud computing requires an efficient, scalable and virtualization-based approach.

In cloud computing, user data and application is hosted on cloud service provider’s remote servers and cloud user has a limited control over its data and resources. In such case, the administration of IDS in cloud becomes the responsibility of cloud provider. Although the administrator of cloud IDS should be the user and not the provider of cloud services.

Intrusion Detection System (IDS) can be used to enhance the security measures by a systematic examination of logs, configurations and network traffic. Cloud computing have two approaches i. e. Knowledge-based IDS and Behavior-Based IDS to detect intrusions in cloud computing.

Behavior-Based IDS assumes that an intrusion can be detected by observing a deviation from normal to expected behavior of the system or users. Knowledge-based IDS techniques apply knowledge accumulated about specific attack.

Knowledge-based IDS can't detect unknown attacks, but it uses rules and monitors a stream of event s to find malicious characteristics and set the new rules for unknown attacks.

Multiple intrusion detection systems (IDSs) are deployed in each layer of cloud infrastructure for protecting each Virtual Machine (VM) against threats.