Presentation is loading. Please wait.

Presentation is loading. Please wait.

Principles of Computer Security

Published byAmbrose Holmes Modified over 6 years ago

Similar presentations

Presentation on theme: "Principles of Computer Security"— Presentation transcript:

1 Principles of Computer Security
Instructor: Haibin Zhang

2 Cloud Computing and Cloud Security

3 Client-Server Architecture

4 --> Cloud Computing

5 NIST Definitions of Cloud Computing
Software as a service (SaaS) Platform as a service (PaaS) Infrastructure as a service (IaaS)

6 Software as a service (SaaS)
“The capability provided to the consumer is to use the provider's applications running on a cloud infrastructure. The applications are accessible from various client devices through either a thin client interface, such as a web browser (e.g., web-based ), or a program interface. The consumer does not manage or control the underlying cloud infrastructure including network, servers, operating systems, storage, or even individual application capabilities, with the possible exception of limited user-specific application configuration settings.”

7 Platform as a Service (PaaS)
The capability provided to the consumer is to deploy onto the cloud infrastructure consumer-created or acquired applications created using programming languages, libraries, services, and tools supported by the provider. The consumer does not manage or control the underlying cloud infrastructure including network, servers, operating systems, or storage, but has control over the deployed applications and possibly configuration settings for the application-hosting environment.

8 Infrastructure as a Service (IaaS)
Infrastructure as a Service (IaaS). The capability provided to the consumer is to provision processing, storage, networks, and other fundamental computing resources where the consumer is able to deploy and run arbitrary software, which can include operating systems and applications. The consumer does not manage or control the underlying cloud infrastructure but has control over operating systems, storage, and deployed applications; and possibly limited control of select networking components (e.g., host firewalls).

9 Go Beyond These Definitions

10 Go Beyond These Definitions
Someone could modify your cloud according to your need!

11 Go Beyond These Definitions
Someone could modify your cloud according to your need! You could own your own cloud!

12 Go Beyond These Definitions
Someone could modify your cloud according to your need! You could own your own cloud! OpenStack allows you to do that, with some (painful) price…

13 Azure and EC2 MS and Amazon’s specific IaaS

14 EC2

15 Azure Storage Questions
How does Azure prevent from disaster? Did Azure use Paxos? What’s the replication factor in Azure? Azure Storage is an append-only storage. What does it mean?

16 Azure Storage

17 OpenStack (In a Nutshell)
Nova Keystone Cinder Swift Glance Neutron

18 Deployment Scenarios

19 BTW, cloud side channel attacks

20 Nova Open-source IaaS

21 OpenStack (Slightly More Complex)

22 Visualizing OpenStack Dependency Flow
The following: Visualizing OpenStack Dependency Flow Haibin Zhang

23 Basic---Launching an Instance Creating/Running a VM without Networks (Neutron), without Persistent Storage (Cinder) Time User credentials token token; request; project Id Keystone “Success” token vrf (interactive) token vrf (interactive) Nova The common recognition is “EC is now and the future.” token; request for VM image image Glance

24 Extending Basic for Complex Settings 1) Adding persistent storage/Cinder; 2) Adding networks/Neutron
Time User credentials token token; request; project Id Keystone “Success” token vrf (interactive) token vrf (interactive) Nova token; request for VM image Cinder image “NetworkReady” Glance Neutron

25 So far we use Glance as a black-box What’s behind it
So far we use Glance as a black-box What’s behind it? How it interacts with backend storage? Time User credentials token token; request; project Id Keystone “Success” token vrf (interactive) token vrf (interactive) Nova token; request for VM image image Glance Backend Storage e.g., Swift

26 Method 1: Glance as a proxy (default; direct_URL is disabled)
Time User credentials token token; request; project Id Keystone “Success” token vrf (interactive) token vrf (interactive) Nova token; request for VM image image Glance Backend Storage e.g., Swift

27 Method 2: Glance return image/object URL; Nova contacts Swift directly
Time User credentials token token; request; project Id Keystone “Success” token vrf (interactive) token vrf (interactive) Nova token; request for VM image image Glance Backend Storage e.g., Swift

28 Note that this is for the most recent API
Time User credentials token token; request; project Id Keystone “Success” token vrf (interactive) token vrf (interactive) Nova token; request for VM image image Glance Backend Storage e.g., Swift

29 Keystone and OpenStack Token
UUID: 32 bytes PKI PKIz Fernet token

Download ppt "Principles of Computer Security"

Similar presentations

STUDY ON OPENSTACK BY JAI KRISHNA. LIST OF COMPONENTS Introduction Components Architecture Where it is used.

STUDY ON OPENSTACK BY JAI KRISHNA. LIST OF COMPONENTS Introduction Components Architecture Where it is used.
Chapter 22: Cloud Computing and Related Security Issues Guide to Computer Network Security.

Chapter 22: Cloud Computing and Related Security Issues Guide to Computer Network Security.
Clouds C. Vuerli Contributed by Zsolt Nemeth. As it started.

Clouds C. Vuerli Contributed by Zsolt Nemeth. As it started.
An Approach to Secure Cloud Computing Architectures By Y. Serge Joseph FAU security Group February 24th, 2011.

An Approach to Secure Cloud Computing Architectures By Y. Serge Joseph FAU security Group February 24th, 2011.
1 Security on OpenStack 11/7/2013 Brian Chong – Global Technology Strategist.

1 Security on OpenStack 11/7/2013 Brian Chong – Global Technology Strategist.
FI-WARE – Future Internet Core Platform FI-WARE Cloud Hosting July 2011 High-level description.

FI-WARE – Future Internet Core Platform FI-WARE Cloud Hosting July 2011 High-level description.
INTRODUCTION TO CLOUD COMPUTING CS 595 LECTURE 4.

INTRODUCTION TO CLOUD COMPUTING CS 595 LECTURE 4.
Be Smart, Use PwrSmart What Is The Cloud?. Where Did The Cloud Come From? We get the term “Cloud” from the early days of the internet where we drew a.

Be Smart, Use PwrSmart What Is The Cloud?. Where Did The Cloud Come From? We get the term “Cloud” from the early days of the internet where we drew a.
M.A.Doman 2011. Model for enabling the delivery of computing as a SERVICE.

M.A.Doman Model for enabling the delivery of computing as a SERVICE.
Cloud computing Tahani aljehani.

Cloud computing Tahani aljehani.
Discussion on LI for Mobile Clouds

Discussion on LI for Mobile Clouds
Plan Introduction What is Cloud Computing?

Plan Introduction What is Cloud Computing?
Security Framework For Cloud Computing -Sharath Reddy Gajjala.

Security Framework For Cloud Computing -Sharath Reddy Gajjala.
Cloud Computing Why is it called the cloud?.

Cloud Computing Why is it called the cloud?.
CLOUD COMPUTING & COST MANAGEMENT S. Gurubalasubramaniyan, MSc IT, MTech Presented by.

CLOUD COMPUTING & COST MANAGEMENT S. Gurubalasubramaniyan, MSc IT, MTech Presented by.
Introduction to Cloud Computing

Introduction to Cloud Computing
Cloud Computing Saneel Bidaye uni-slb2181. What is Cloud Computing? Cloud Computing refers to both the applications delivered as services over the Internet.

Cloud Computing Saneel Bidaye uni-slb2181. What is Cloud Computing? Cloud Computing refers to both the applications delivered as services over the Internet.
Cloud computing is the use of computing resources (hardware and software) that are delivered as a service over the Internet. Cloud is the metaphor for.

Cloud computing is the use of computing resources (hardware and software) that are delivered as a service over the Internet. Cloud is the metaphor for.
Cloud Computing. What is Cloud Computing? Cloud computing is a model for enabling convenient, on-demand network access to a shared pool of configurable.

Cloud Computing. What is Cloud Computing? Cloud computing is a model for enabling convenient, on-demand network access to a shared pool of configurable.
Introduction to Cloud Computing

Introduction to Cloud Computing

Similar presentations

Ads by Google