報告人 : 葉瑞群 日期 : 2011/11/10 出處 : IEEE Transactions on Knowledge and Data Engineering.

Slides:



Advertisements
Similar presentations
ETHICAL HACKING A LICENCE TO HACK
Advertisements

Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.
Cloud Computing Part #3 Zigmunds Buliņš, Mg. sc. ing 1.
An Approach to Secure Cloud Computing Architectures By Y. Serge Joseph FAU security Group February 24th, 2011.
© 2011 IBM Corporation Cloud Security Perspectives Dan Carlsen Certified Security IT Specialist – IBM
 Max Planck Institute for Software Systems Towards trusted cloud computing Nuno Santos, Krishna P. Gummadi, and Rodrigo Rodrigues MPI-SWS.
Security Issues and Challenges in Cloud Computing
Supervisor : Mr. Hadi Salimi Advanced Topics in Information Systems Mazandaran University of Science and Technology February 4, 2011 Survey on Cloud Computing.
Security Issues in Elastic Clouds
RSA Approach for Securing the Cloud Bernard Montel Directeur Technique RSA France Juillet 2010.
Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Quantitative.
Kaspersky Lab: The Best of Both Worlds Alexey Denisyuk, pre-sales engineer Kaspersky Lab Eastern Europe 5 th April 2012 / 2 nd InfoCom Security Conference.
Does "The Cloud" Fit Into Your Organization? Tom Horan Meridian IT Inc. VP, Strategic Markets (847)
5205 – IT Service Delivery and Support
N. GSU Slide 1 Chapter 04 Cloud Computing Systems N. Xiong Georgia State University.
Cloud computing Tahani aljehani.
CAP6135: Malware and Software Vulnerability Analysis Examples of Term Projects Cliff Zou Spring 2012.
Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec
Website Hardening HUIT IT Security | Sep
Ragib Hasan Johns Hopkins University en Spring 2010 Lecture 2 02/01/2010 Security and Privacy in Cloud Computing.
Cloud Computing Cloud Computing Class-1. Introduction to Cloud Computing In cloud computing, the word cloud (also phrased as "the cloud") is used as a.
作者 :Jin Li, Qian Wang, Cong Wang, Ning Cao, Kui Ren, and Wenjing Lou 出處 :IEEE Transactions on Knowledge and Data Engineering(2011) 日期 :2012/05/15 報告人 :
Sinaia, Romania August, TH Workshop “Software Engineering Education and Reverse Engineering” Dhuratë Hyseni, Betim Çiço South East European University.
Cloud Computing Brian Curran, Sabatino DeRico, Mike Delisa, Mudit Goel, Jon Guagenti, Jess Caso, Greg Flynn.
© 2010 IBM Corporation Cloudy with a chance of security Information security in virtual environments Johan Celis Security Solutions Architect EMEA IBM.
Cloud Computing – A gaze through a foggy crystal ball Vasant Raval In cooperation with: Syntel, Inc.
“Assuring Reliable and Secure IT Services”. IT Redundancy: Its Value How much reliability to buy? Customer Service impacted as a result of 15 minutes.
NICE :Network Intrusion Detection and Countermeasure Selection in Virtual Network Systems.
E-Security: 10 Steps to Protect Your School’s Network NEN – the education network.
Business Computing 550 Lesson 6. 2 Security Threats on Web Sites Issues and vulnerabilities 1.Illegal Access and Use (Hacking the system or users exposing.
UI and Data Entry UI and Data Entry Front-End Business Logic Mid-Tier Data Store Back-End.
Cloud Computing.
TECHNOLOGY GUIDE THREE
HPCC 2015, August , New York, USA Wei Chang c Joint work with Qin Liu a, Guojun Wang b, and Jie Wu c a. Hunan University, P. R. China b. Central.
報告人 : 葉瑞群 日期 :2012/01/9 出處 : IEEE Transactions on Knowledge and Data Engineering.
Systems Analysis and Design in a Changing World, 6th Edition 1 Chapter 12 - Databases, Controls, and Security.
Alyssa Fung Kyung Yi Brian Patullo. Introduction Background of cloud computing implementation Cloud technology Fundamental problems of cloud computing.
Cloud Computing Security Keep Your Head and Other Data Secure in the Cloud Lynne Pizzini, CISSP, CISM, CIPP Information Systems Security Officer Information.
Cloud Computing Presented by Alicia Wallis and Kerri Warf.
Module 11: Designing Security for Network Perimeters.
Security in Cloud Computing Zac Douglass Chris Kahn.
Security Vulnerabilities in A Virtual Environment
Security in Cloud Computing Zac douglass Chris kahn.
© 2012 IBM Corporation IBM Security Systems 1 © 2012 IBM Corporation Cloud Security: Who do you trust? Martin Borrett Director of the IBM Institute for.
Configuring, Managing and Maintaining Windows Server® 2008 Servers Course 6419A.
CLOUD COMPUTING-3.
“Lines of Defense” against Malware.. Prevention: Keep Malware off your computer. Limit Damage: Stop Malware that gets onto your computer from doing any.
Chapter 11 – Cloud Application Development. Contents Motivation. Connecting clients to instances through firewalls. Cloud Computing: Theory and Practice.
Managed IT Services JND Consulting Group LLC
FROM CLOUD COMPUTING TO CLOUD MANUFACTURING Jenia Brook.
A Seminar On. What is Cloud Computing? Distributed computing on internet Or delivery of computing service over the internet. Eg: Yahoo!, GMail, Hotmail-
Chapter 6: Securing the Cloud
BEST CLOUD COMPUTING PLATFORM Skype : mukesh.k.bansal.
Cybersecurity - What’s Next? June 2017
Conflict Resolution & Policy Compliance in Multi-Cloud Distributed System. Presented By:- Adarsh Pillay Deepak Begrajka Rudra gupta.
VIRTUALIZATION & CLOUD COMPUTING
Chapter Six Cloud Computing
Network Security Analysis Name : Waleed Al-Rumaih ID :
Windows Server 2016 Secure IaaS Microsoft Build /1/2018 4:00 AM
CLOUD COMPUTING Presented By:- EduTechlearners
Cloud Testing Shilpi Chugh.
CompTIA Security+ Study Guide (SY0-401)
Healthcare Cloud Security Stack for Microsoft Azure
4/3/2019 8:56 PM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS.
Computer Science and Engineering
The MobileIron® Threat Detection difference:
Cloud Computing for Wireless Networks
Presentation transcript:

報告人 : 葉瑞群 日期 : 2011/11/10 出處 : IEEE Transactions on Knowledge and Data Engineering

1.Introduction 2.Information Security Policies 3.Cloud RAS Issues 4.Solutions for Against Cloud Security Problems 5.Conclusion 2

 What is Cloud Computing?  Cloud computing is a network-based environment that focuses on sharing computations or resources.  In cloud, costumers must only pay for what they use and have not to pay for local resources which they need to such as storage or infrastructure. 3

The three types of cloud environments: 1.Public Cloud 2.Private Cloud 3.Hybrid Cloud The three major types of service in the cloud environment: 1.SaaS(Software as a Service) 2.PaaS(Platform as a Service) 3.IaaS(Infrastructure as a Service) 4

 What is RAS(Reliability Availability Security)?  For having good and high performance such as: 1.Availability management 2.Access control management 3.Vulnerability and problem management 4.Patch and configuration management 5.Countermeasure 6.Cloud system using and access monitoring 5

 In cloud computing technology there are a set of important policy issues, which include issues of privacy,security, anonymity,government surveillance, reliability, and liability, amongothers.  But the most important between them is security and how cloud provider assures it. 6

 Gartner's seven security issues which cloud clients should advert as mentioned below: 1.Privileged user access 2.Regulatory compliance 3.Data location 4.Data segregation 5.Recovery 6.Investigative support 7.Long-term viability 7

 Using Cloud results applications and data will move under third-party control.  This shared responsibility model will bring new security management challenges to the organization's IT operations staff. 8

 First, the data will store away from the customer's local machine.  Second, the data is moving from asingle-tenant to a multi-tenant environment.  These changes can raise an important concern that called data leakage. 9

 All of users who use same virtual machine as infrastructure, if a hacker steals a virtual machine or take control over it, he will be able to access to all users' data within it.  The hacker can copy them into his local machine before cloud provider detect that virtual machine is in out of control then the hacker with analysis the data may be find valuable data afterward 10

 What is DDoS(Distributed Denial of Service)?  Serious problem is when a malicious user deliberately done a DDoS attacks using botnet.  Unfortunately, similar to IPS(Intrusion Prevention Systems) solutions,firewalls are vulnerable and ineffective against DDoS attacks. 11

 There are several traditional solutions to mitigate security problems that exist in the Internet environment, as a cloud infrastructure, but nature of cloud causes some security problem that they are especially exist in cloud environment. 12

 1. Control access to information.  2. Manage user access rights.  3. Encourage good access practices.  4. Control access to network services.  5. Control access to operating systems.  6. Control access to applications and systems. 13

 1.Partitioning  2.Migration  3.Workload Analysis and Allocation 14

 As a solution, cloud providers can add more resource to protect themselves from such attacks but unfortunately there is no defense against a powerful DDoS attack which has good sapience. 15

END 16