Principles of Computer Security

Slides:



Advertisements
Similar presentations
STUDY ON OPENSTACK BY JAI KRISHNA. LIST OF COMPONENTS Introduction Components Architecture Where it is used.
Advertisements

Chapter 22: Cloud Computing and Related Security Issues Guide to Computer Network Security.
Clouds C. Vuerli Contributed by Zsolt Nemeth. As it started.
An Approach to Secure Cloud Computing Architectures By Y. Serge Joseph FAU security Group February 24th, 2011.
1 Security on OpenStack 11/7/2013 Brian Chong – Global Technology Strategist.
FI-WARE – Future Internet Core Platform FI-WARE Cloud Hosting July 2011 High-level description.
INTRODUCTION TO CLOUD COMPUTING CS 595 LECTURE 4.
Be Smart, Use PwrSmart What Is The Cloud?. Where Did The Cloud Come From? We get the term “Cloud” from the early days of the internet where we drew a.
M.A.Doman Model for enabling the delivery of computing as a SERVICE.
Cloud computing Tahani aljehani.
Discussion on LI for Mobile Clouds
Plan Introduction What is Cloud Computing?
Security Framework For Cloud Computing -Sharath Reddy Gajjala.
Cloud Computing Why is it called the cloud?.
CLOUD COMPUTING & COST MANAGEMENT S. Gurubalasubramaniyan, MSc IT, MTech Presented by.
Introduction to Cloud Computing
Cloud Computing Saneel Bidaye uni-slb2181. What is Cloud Computing? Cloud Computing refers to both the applications delivered as services over the Internet.
Cloud computing is the use of computing resources (hardware and software) that are delivered as a service over the Internet. Cloud is the metaphor for.
Cloud Computing. What is Cloud Computing? Cloud computing is a model for enabling convenient, on-demand network access to a shared pool of configurable.
Introduction to Cloud Computing
What is the cloud ? IT as a service Cloud allows access to services without user technical knowledge or control of supporting infrastructure Best described.
Introduction to Cloud Computing Insigma Hengtian Software Ltd. * 部分材料摘自 * 部分材料摘自 Jimmy Jiang , Doug Terry Shanping Li
Cloud Computing. Definition  The Cloud is a metaphor for the Internet  Cloud computing is a model for enabling ubiquitous, convenient, on-demand network.
PaaSport Introduction on Cloud Computing PaaSport training material.
Cloud Computing Use Case Draft v2.
CLOUD COMPUTING. What is cloud computing ??? What is cloud computing ??? Cloud computing is a general term for anything that involves delivering hosted.
Cloud computing Cloud Computing1. NIST: Five essential characteristics On-demand self-service Computing capabilities, disks are demanded over the network.
CLOUD COMPUTING RICH SANGPROM. What is cloud computing? “Cloud computing is a model for enabling ubiquitous, convenient, on-demand network access to a.
3/12/2013Computer Engg, IIT(BHU)1 CLOUD COMPUTING-1.
AFACT Cloud Computing WG Zon-yin Shae Institute for Information Industry Bangkok, Thailand, Nov. 26, 2014.
Web Technologies Lecture 13 Introduction to cloud computing.
Windows Azure poDRw_Xi3Aw.
Document Name CONFIDENTIAL Version Control Version No.DateType of ChangesOwner/ Author Date of Review/Expiry The information contained in this document.
Cloud Computing Shannon McManus Michael Weihert. What is Cloud Computing?
1 TCS Confidential. 2 Objective: In this session we will be able to learn  What is Openstack?  History  Capabilities  Openstack as IaaS  Advantages.
G-Cloud - The Delivery of a Shared Computing Platform for Government Ian Osborne Director, Digital Systems KTN Intellect.
Chapter 11 – Cloud Application Development. Contents Motivation. Connecting clients to instances through firewalls. Cloud Computing: Theory and Practice.
© 2012 Eucalyptus Systems, Inc. Cloud Computing Introduction Eucalyptus Education Services 2.
INTRODUCTION TO CLOUD COMPUTING. CLOUD  The expression cloud is commonly used in science to describe a large agglomeration of objects that visually appear.
OPENSTACK Presented by Jordan Howell and Katie Woods.
OpenStack.
Unit 3 Virtualization.
CLOUD ARCHITECTURE Many organizations and researchers have defined the architecture for cloud computing. Basically the whole system can be divided into.
Security on OpenStack 11/7/2013
Chapter 6: Securing the Cloud
Introduction to Cloud Computing
© 2016 Pearson Education, Inc., Hoboken, NJ. All rights reserved.
Cloud computing-The Future Technologies
Meteorological Big Data-as-a-Service: SOA based Environment and Methods for Meteorological Big Data Exploration Yaqiang Wang Chengdu University of Information.
Windows Azure Cloud Visit – Ravindra verma.
The Future? Or the Past and Present?
Cloud Computing Kelley Raines.
A walkthrought by the cloud computing
Chapter 21: Cloud Computing and Related Security Issues
Cloud Computing.
Chapter 22: Cloud Computing Technology and Security
OpenStack Ani Bicaku 18/04/ © (SG)² Konsortium.
Cloud Computing Dr. Sharad Saxena.
Service Oriented Architecture for Cloud Based Travel Reservation Software as a Service Comp 684 – Rayna Burgess.
Mix & Match: Resource Federation
Brandon Hixon Jonathan Moore
Cloud Computing: Concepts
Future Internet: Infrastructures and Services
Fundamental Concepts and Models
NIST Cloud Computing Reference Architecture
Basics of Cloud Computing
Done by:Thikra abdullah
Client/Server Computing and Web Technologies
Presentation transcript:

Principles of Computer Security Instructor: Haibin Zhang hbzhang@umbc.edu

Cloud Computing and Cloud Security

Client-Server Architecture

--> Cloud Computing

NIST Definitions of Cloud Computing Software as a service (SaaS) Platform as a service (PaaS) Infrastructure as a service (IaaS)

Software as a service (SaaS) “The capability provided to the consumer is to use the provider's applications running on a cloud infrastructure. The applications are accessible from various client devices through either a thin client interface, such as a web browser (e.g., web-based email), or a program interface. The consumer does not manage or control the underlying cloud infrastructure including network, servers, operating systems, storage, or even individual application capabilities, with the possible exception of limited user-specific application configuration settings.”

Platform as a Service (PaaS) The capability provided to the consumer is to deploy onto the cloud infrastructure consumer-created or acquired applications created using programming languages, libraries, services, and tools supported by the provider. The consumer does not manage or control the underlying cloud infrastructure including network, servers, operating systems, or storage, but has control over the deployed applications and possibly configuration settings for the application-hosting environment.

Infrastructure as a Service (IaaS) Infrastructure as a Service (IaaS). The capability provided to the consumer is to provision processing, storage, networks, and other fundamental computing resources where the consumer is able to deploy and run arbitrary software, which can include operating systems and applications. The consumer does not manage or control the underlying cloud infrastructure but has control over operating systems, storage, and deployed applications; and possibly limited control of select networking components (e.g., host firewalls).

Go Beyond These Definitions

Go Beyond These Definitions Someone could modify your cloud according to your need!

Go Beyond These Definitions Someone could modify your cloud according to your need! You could own your own cloud!

Go Beyond These Definitions Someone could modify your cloud according to your need! You could own your own cloud! OpenStack allows you to do that, with some (painful) price…

Azure and EC2 MS and Amazon’s specific IaaS

EC2

Azure Storage Questions How does Azure prevent from disaster? Did Azure use Paxos? What’s the replication factor in Azure? Azure Storage is an append-only storage. What does it mean?

Azure Storage

OpenStack (In a Nutshell) Nova Keystone Cinder Swift Glance Neutron

Deployment Scenarios

BTW, cloud side channel attacks

Nova Open-source IaaS

OpenStack (Slightly More Complex)

Visualizing OpenStack Dependency Flow The following: Visualizing OpenStack Dependency Flow Haibin Zhang

Basic---Launching an Instance Creating/Running a VM without Networks (Neutron), without Persistent Storage (Cinder) Time User credentials token token; request; project Id Keystone “Success” token vrf (interactive) token vrf (interactive) Nova The common recognition is “EC is now and the future.” token; request for VM image image Glance

Extending Basic for Complex Settings 1) Adding persistent storage/Cinder; 2) Adding networks/Neutron Time User credentials token token; request; project Id Keystone “Success” token vrf (interactive) token vrf (interactive) Nova token; request for VM image Cinder image “NetworkReady” Glance Neutron

So far we use Glance as a black-box What’s behind it So far we use Glance as a black-box What’s behind it? How it interacts with backend storage? Time User credentials token token; request; project Id Keystone “Success” token vrf (interactive) token vrf (interactive) Nova token; request for VM image image Glance Backend Storage e.g., Swift

Method 1: Glance as a proxy (default; direct_URL is disabled) Time User credentials token token; request; project Id Keystone “Success” token vrf (interactive) token vrf (interactive) Nova token; request for VM image image Glance Backend Storage e.g., Swift

Method 2: Glance return image/object URL; Nova contacts Swift directly Time User credentials token token; request; project Id Keystone “Success” token vrf (interactive) token vrf (interactive) Nova token; request for VM image image Glance Backend Storage e.g., Swift

Note that this is for the most recent API Time User credentials token token; request; project Id Keystone “Success” token vrf (interactive) token vrf (interactive) Nova token; request for VM image image Glance Backend Storage e.g., Swift

Keystone and OpenStack Token UUID: 32 bytes PKI PKIz Fernet token

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.