Just asking for your favour for the information regarding how the following process mentioned herewith is maintained/implemented in existing Cloud architectures.Whether the following encryption/decryption of hardware related information for security aspects are followed or not YES/No in existing Cloud architectures?
I have developed a proposed solution for the following weakness present in cloud architecture by an encryption program written for encrypting/decrypting the information used for creating following problems of developing a malware.
Suppose, attacker gained the control of a cloud system or somehow managed to get the system info somehow. Now she/he is thinking to perform more damage (that means POST attack scenario). As an example, after getting RAM info, Memory info, Data Center Server info (Talking about hardware info, which is generated in rawdata form in Cloud Reports tool ), it is possible to create a permanent backdoor or hardware malware to damage the physical system permanently or to gain access to other systems (I mean, gain in one part and then spreading the malware). To create hardware malware, every single server information is very important, like processing speed, memory up/down phase etc. Also, in a cloud infrastructure there are many phases. Even you can gain access to one part then it is not sure that you can get control to whole Data Center grid. So, some POST attack planning is required to extend to attack scenario.
Is SSL client socket and SSL server socket also involved in accessing such hardware information for malware threats?
Software/Hardware used: Cloudsim tool, Cloud Reports(a gui for cloudsim)