Presentation is loading. Please wait.

Presentation is loading. Please wait.

Computer Science and Engineering 1 Cloud ComputingSecurity.

Published byGladys Sanders Modified over 9 years ago

Similar presentations

Presentation on theme: "Computer Science and Engineering 1 Cloud ComputingSecurity."— Presentation transcript:

1 Computer Science and Engineering 1 Cloud ComputingSecurity

2 Reading Reading: NIST, The NIST Definition of Cloud Computing, csrc.nist.gov/publications/nistpubs/800-145/SP800-145.pdf, 2011 R. Sandhu, et al., Towards a discipline of mission-aware cloud computing, CCSW’10 in Proc. of the 2010 Cloud Computing Workshop, 13-18, 2010., http://dl.acm.org/citation.cfm?id=1866835.1866839&coll=DL&dl=ACM&CF ID=131355972&CFTOKEN=22051019 http://dl.acm.org/citation.cfm?id=1866835.1866839&coll=DL&dl=ACM&CF ID=131355972&CFTOKEN=22051019 Computer Science and Engineering 2

3 3 What is cloud computing?

4 The NIST Definition Computing paradigm to support ubiquitous, convenient, and on- demand network access to a shared pool of computing resources Access characteristics: can be rapidly provisioned and released with minimal management effort or service provider’s interaction Description: –Essential characteristics –Service model –Deployment model Computer Science and Engineering 4

5 Essential Characteristics On-demand self-service Broad network access Resource pooling Rapid elasticity Measured service Computer Science and Engineering 5

6 Service Models Software as a Service (SaaS) Platform as a Service (PaaS) Infrastructure as a Service (IaaS) Computer Science and Engineering 6

7 Deployment Models Private cloud Community cloud Public cloud Hybrid cloud Computer Science and Engineering 7

8 Cloud concerns The cloud acts as a big black box -> Clients have no idea or control over what happens inside a cloud –Loss of control Cloud provider, system admins –Lack of trust How to support traditional data confidentiality, integrity, availability, and privacy issues, plus some additional attacks –Extra work Computer Science and Engineering 8

9 Security Objectives Confidentiality –Fear of loss of control over data sensitive data stored on a cloud cloud compromises  leak confidential client data –Is the cloud provider honest and won’t peek into the data? Computer Science and Engineering 9

10 Security Objectives Integrity – Correct computations –Data tampering Availability – Denial of Service attack against cloud –Cloud provider goes out of business –Scalability – Cloud provider’s downtime Computer Science and Engineering 10

11 Regulations and Legal requirements Auditability and forensics (out of control of data) –Difficult to audit cloud data –Difficult forensics Legal issues –Who is responsible for complying with regulations? –How about third party clouds? Computer Science and Engineering 11

12 Privacy Issues Massive data mining –Cloud now stores data from a lot of clients, and can run data mining algorithms to get large amounts of information on clients Increased attack surface –Attackers target the communication link between cloud provider and client –Cloud provider employees can be phished Computer Science and Engineering 12

13 WHAT ARE THE SECURITY CONCERNS REGARDING CLOUD COMPUTING? Computer Science and Engineering 13

14 Why do we need cloud security? Players: –Cloud provider –Service consumer Concerns: –Availability –Security Cloud Security Alliance, https://cloudsecurityalliance.org/ https://cloudsecurityalliance.org/ Computer Science and Engineering 14

15 Critical Security Areas in Cloud Computing (CSA) Governing in the Cloud –Governance and Enterprise Risk Management –Legal and Electronic Discovery –Compliance and Audit –Information Lifecycle Management –Portability and Interoperability Operating in the Cloud –Traditional Security, Business Continuity, and Disaster Recovery –Data Center Operations –Incident Response, Notification, and Remediation –Application Security –Encryption and Key Management –Identity and Access Management –Virtualization Computer Science and Engineering 15

16 Top 10 Customer Issues Eroding Cloud Confidence (from CSA) 1.Government regulations keeping pace with the market (1.80) 2.Exit strategies (1.88) 3.International data privacy (1.90) 4.Legal issues (2.15) 5.Contract lock in (2.18) 6.Data ownership and custodian responsibilities (2.18) 7.Longevity of suppliers (2.20) 8.Integration of cloud with internal systems (2.23) 9.Credibility of suppliers (2.30) 10.Testing and assurance (2.30) Computer Science and Engineering 16

17 WILL THE CLOUD STAY? Computer Science and Engineering 17

18 Cloud and Security Security difficulties in the cloud Cloud as a security service provider Computer Science and Engineering 18

19 What is Security? 1960s: Computer security (CompuSec) and Communication security (CommSec) 1970s: encryption technologies 1990s: Information security (InfoSec) 2000s: Information Assurance, Information Warfare 2008-9: Information Dominance 2010s: Mission Assurance Computer Science and Engineering 19

20 Mission Assurance Getting the job done Security is a secondary objective Always present malicious entity in a cyber system DoD Mission assurance specification Computer Science and Engineering 20

21 WHAT IS A MISSION AWARE CLOUD? Computer Science and Engineering 21

22 Mission-aware cloud Research problems 1. 1.“Develop a heterogeneous experimental cloud computing infrastructure (denoted as the cloud henceforth) spanning multiple locations, security and assurance levels.” 2.“Experimentally explore, develop, and implement extensive instrumentation to monitor, measure and gather statistical data regarding activities in the cloud.” Computer Science and Engineering 22

23 Mission-aware cloud Research problems 2. 3.“Analyze gathered data to estimate underlying network performance and threat vulnerability using regression, analysis of variance, and other generalized linear statistical models.” 4.“Develop new protocols that cope with denial of service (DoS) and insider attacks and ensure predictable delivery of mission critical data.” 5.“Develop new or enhance existing virtual machines (VMs) that enable efficient implementation of access control and trust policies to facilitate mission assurance.” Computer Science and Engineering 23

24 Mission-aware cloud Research problems 3. 7.“Develop models, methodologies and architectures for decentralized dynamic management of security and assurance policies.” 8.“Design automated systems that analyze the tradeoffs between security and availability versus performance and scalability and take corrective action before threats or bottlenecks compromise mission assurance.” Computer Science and Engineering 24

25 Policy Decisions Computer Science and Engineering 25 Pete Ann Pete and Ann shares resources Need agreement on security policy Pete Ann Cloud provider

26 What will be the “new” technology/capability for 2010s? Computer Science and Engineering 26

27 Next Class: Mobile Security Computer Science and Engineering 27

Download ppt "Computer Science and Engineering 1 Cloud ComputingSecurity."

Similar presentations

Prepared for [xxxx] – Commercial in Confidence connect transform protect A Cloudy Cyberspace? Tony Roadknight – Technical Architect.

Prepared for [xxxx] – Commercial in Confidence connect transform protect A Cloudy Cyberspace? Tony Roadknight – Technical Architect.
TechFire Conference Cloud Made Simple - Dispelling the Hype. Brian Larkin Operations Director Digital Planet Brian Larkin Operations Director Digital Planet.

TechFire Conference Cloud Made Simple - Dispelling the Hype. Brian Larkin Operations Director Digital Planet Brian Larkin Operations Director Digital Planet.
Security, Privacy and the Cloud Connecticut Community Providers’ Association June 20, 2014 Steven R Bulmer, VP of Professional Services.

Security, Privacy and the Cloud Connecticut Community Providers’ Association June 20, 2014 Steven R Bulmer, VP of Professional Services.
Ragib Hasan Johns Hopkins University en.600.412 Spring 2011 Lecture 3 02/14/2010 Security and Privacy in Cloud Computing.

Ragib Hasan Johns Hopkins University en Spring 2011 Lecture 3 02/14/2010 Security and Privacy in Cloud Computing.
Chapter 22: Cloud Computing and Related Security Issues Guide to Computer Network Security.

Chapter 22: Cloud Computing and Related Security Issues Guide to Computer Network Security.
Ragib Hasan Johns Hopkins University en.600.412 Spring 2010 Lecture 1 01/25/2010 Security and Privacy in Cloud Computing.

Ragib Hasan Johns Hopkins University en Spring 2010 Lecture 1 01/25/2010 Security and Privacy in Cloud Computing.
Tom Yarmas CTO – Cloud Technologies U.S. Public Sector Cloud Computing: How to do it right!

Tom Yarmas CTO – Cloud Technologies U.S. Public Sector Cloud Computing: How to do it right!
Clouds C. Vuerli Contributed by Zsolt Nemeth. As it started.

Clouds C. Vuerli Contributed by Zsolt Nemeth. As it started.
Supervisor : Mr. Hadi Salimi Advanced Topics in Information Systems Mazandaran University of Science and Technology February 4, 2011 Survey on Cloud Computing.

Supervisor : Mr. Hadi Salimi Advanced Topics in Information Systems Mazandaran University of Science and Technology February 4, 2011 Survey on Cloud Computing.
Bharat Bhargava Computer Science Purdue University Research in Cloud Computing YounSun Cho Computer Science Purdue.

Bharat Bhargava Computer Science Purdue University Research in Cloud Computing YounSun Cho Computer Science Purdue.
Ragib Hasan Johns Hopkins University en.600.412 Spring 2010 Lecture 5 03/08/2010 Security and Privacy in Cloud Computing.

Ragib Hasan Johns Hopkins University en Spring 2010 Lecture 5 03/08/2010 Security and Privacy in Cloud Computing.
Presented by: Rajdeep Biswas Roll No.: 0104IT071082; Branch: IT (VII Sem.) R.K.D.F. Institute of Science & Technology Cloud Computing When Outsourcing.

Presented by: Rajdeep Biswas Roll No.: 0104IT071082; Branch: IT (VII Sem.) R.K.D.F. Institute of Science & Technology Cloud Computing When Outsourcing.
CLOUD PRIVACY AND SECURITY CS 595 LECTURE 15 4/15/2015.

CLOUD PRIVACY AND SECURITY CS 595 LECTURE 15 4/15/2015.
Cloud Usability Framework

Cloud Usability Framework
Wally Kowal, President and Founder Canadian Cloud Computing Inc.

Wally Kowal, President and Founder Canadian Cloud Computing Inc.
Be Smart, Use PwrSmart What Is The Cloud?. Where Did The Cloud Come From? We get the term “Cloud” from the early days of the internet where we drew a.

Be Smart, Use PwrSmart What Is The Cloud?. Where Did The Cloud Come From? We get the term “Cloud” from the early days of the internet where we drew a.
M.A.Doman 2011. Model for enabling the delivery of computing as a SERVICE.

M.A.Doman Model for enabling the delivery of computing as a SERVICE.
Cloud Computing Guide & Handbook SAI USA Madhav Panwar.

Cloud Computing Guide & Handbook SAI USA Madhav Panwar.
SPRING 2011 CLOUD COMPUTING Cloud Computing San José State University Computer Architecture (CS 147) Professor Sin-Min Lee Presentation by Vladimir Serdyukov.

SPRING 2011 CLOUD COMPUTING Cloud Computing San José State University Computer Architecture (CS 147) Professor Sin-Min Lee Presentation by Vladimir Serdyukov.
Design of New or Changed Services in the Cloud: An ISO/IEC 20000 Perspective Ronald Dattero Missouri State University, CIS Dept. Stuart D. Galup Florida.

Design of New or Changed Services in the Cloud: An ISO/IEC Perspective Ronald Dattero Missouri State University, CIS Dept. Stuart D. Galup Florida.

Similar presentations

Ads by Google