Presentation is loading. Please wait.

Presentation is loading. Please wait.

A Seminar on Securities In Cloud Computing Presented by Sanjib Kumar Raul Mtech(ICT) Roll-10IT61B09 IIT Kharagpur Under the supervision of Prof. Indranil.

Published byRalf Dawson Modified over 8 years ago

Similar presentations

Presentation on theme: "A Seminar on Securities In Cloud Computing Presented by Sanjib Kumar Raul Mtech(ICT) Roll-10IT61B09 IIT Kharagpur Under the supervision of Prof. Indranil."— Presentation transcript:

1 A Seminar on Securities In Cloud Computing Presented by Sanjib Kumar Raul Mtech(ICT) Roll-10IT61B09 IIT Kharagpur Under the supervision of Prof. Indranil Sengupta HOD,Computer Science

2 Content What is Cloud Computing Cloud Architecture Cloud Structure Types of security in cloud computing Security concern Data Confidentiality in cloud computing. Problem in cloud computing. Conclusion References

3 What is Cloud Computing It is an Internet-based computing technology, where shared resources such as software, platform, storage and information are provided to customers on demand. Cloud Computing is a computing platform for sharing resources that include infrastructures, software, applications, and business processes. Cloud Computing is a virtual pool of computing resources.It provides computing resources in the pool for users through internet.

4 Cloud Architecture A Basic Cloud Network

5 Cont.. Components of cloud computing  Front end The front end is the client’s network or computer, and the applications used to access the cloud.  Back end The back end is the ‘cloud’ itself, which comprises of various computers, servers and data storage devices.

6 Cloud structure and Types The user can access any service which he/she wants for a specific task and for a specific amount of time.

7 Types Public cloud: In public clouds, multiple customers share the computing resources provided by a single service provider. Private cloud: In the private cloud, computing resources are used and controlled by a private enterprise.

8 Cont.. Hybrid cloud: A third type can be hybrid cloud that is typical combination of public and private cloud. Community cloud: Several organizations jointly construct and share the same cloud infrastructure as well as policies,requirements, values, and concerns.

9 Models of Cloud Computing Model 1:Infrastructure as a service(Iaas) Model 2:Platform as a Service(PaaS)

10 Cont.. Model 3:Software as a Service(SaaS) Model 4:Business Process as a Service(BaaS)

11 Types of Security in Cloud Computing 1-Data Security It focuses on protecting the software and hardware associated with the cloud. 2-Network Security Protecting the network over which cloud is running from various attacks – DOS, DDOS, IP Spoofing.

12 Security Concern There are multiple issues in a cloud computing. Loss of Control The first issue associated with cloud computing is the loss of control of an organisation’s data. Data retention Another issue associated with cloud computing can be seen with how old data is managed. Once data is used it is generally stored indefinitely in the cloud.

13 Implementing and achieving security The company secure the data by establish an information security policy (InSPy). Security through password protection

14 Data Confidentiality Protection Confidentiality is defined as the assurance that sensitive information is not disclosed to unauthorized persons, processes, or Devices. Users’ confidential data is disclosed to a service provider if all of the following three conditions are satisfied simultaneously

15 Cont.. 1) the service provider knows where the users’ confidential data is located in the cloud computing systems. 2) the service provider has privilege to access and collect the users’ confidential data in cloud. 3) the service provider can understand the meaning of the users’ data.

16 Problems With Current Cloud Computing Cloud computing system architecture

17 Cont.. The following are the major problems of current cloud computing system: A. Each service provider has its own software layer, platform layer and infrastructure layer. When a user uses a cloud application from a service provider, the user is forced to use the platform and infrastructure provided by the same service provider, and hence the service provider knows where the users’ data is located and has full access privileges to the data.

18 Cont.. B. The user is forced to use the interfaces only provided by the service provider, and users’ data has to be in a fixed format specified by the service provider, and hence the service provider knows all the information required understanding users’ data. Therefore, we cannot prevent service providers from satisfying all of the three Conditions

19 Cont.. Approach to Protect Confidentiality: In our approach,we have the following seven entities : Software Cloud,Infrastructure Cloud, Software Service Broker, Infrastructure Service Broker, Software Service Attestation Authority, DataObfuscator and Data De-obfuscator

20 McCabe’s Cyclomatic Complexity Measures Approach to protect confidentiality

21 Cont.. Our approach makes sure that any of these entities in a cloud computing system does not satisfy the three conditions simultaneously. Software Cloud: A Software Cloud provides software as a service upon users’ requests. Each software cloud may contain multiple software services, and each software service can be discovered and accessed by users through Software Service Broker..

22 Cont.. Infrastructure Cloud: An Infrastructure Cloud provides virtualized system resources, such as CPU, memory, and network resources. An authenticated user can request a virtual machine on which the user can deploy any platform or operating system to execute a software service instance. Software Service Broker:It provides identity anonymization service, by which users can use pseudonyms instead of their true identities so that the users can acquire service instances

23 without revealing their identities. Infrastructure Service Broker:It helps users automatically discover and useavailable infrastructure services. It also provides identity anonymization service to prevent the system from revealing users’ true identities. The Software Service Attestation Authority (SSAA):The SSAA is a third party authority to verify that a service instance does not perform any malicious activity that may disclose users’ confidential data

24 Cont.. A Data Obfuscator: A Data Obfuscator is a middleware provided by a user that can be deployed on a virtual machine in an infrastructure Cloud. The Data Obfuscator provides an operating system environment for software service instance to be run in an Infrastructure Cloud. A Data De-obfuscator: It de-obfuscates obfuscated data so that a user can see the plain data. A Data De-obfuscator remains in the user’s personal computer all the time.

25 S1) a) A user requests a Software Service Broker to find a software service by providing the specification of the software service. b) The Software Service Broker performs automatic service discovery to find a service instance in the Software Cloud that satisfies the user’s requested service requirement specification. c) The Software Service Broker acquires the discovered software instance using an anonymous credential. S2) a) The Software Service Broker deploys the acquired service instance to the testing platform of a Summary.

26 SSAA. The SSAA verifies whether the service instance performs according to the service description, and the service instance does not transmit users’ data to any unauthorized entity. b) After the verification procedure, the software service instance is sent back to the Software Service Broker. S3) a) The user asks the Infrastructure Service Broker to find an infrastructure service compatible to the service instance. b) The Infrastructure Service Broker discovers an infrastructure service provider, who has the capability to execute the acquired software service instance. Cont..

27 S4) The user requests the infrastructure service provider to set up a virtual machine and then deploys the Data Obfuscator on the virtual machine using the Agent Deployment Plans (ADPs), for automated middleware deployment and migration in service based systems. S5) a) The service instance acquired in S1) is sent to Infrastructure Service Broker. b) The service instance is deployed on the workflow of the Data Obfuscator set up in S4). S6) a) The user sends his/her data to the workflow to process.

28 An Illustrative Example An example of online video conferencing to illustrate our approach

29 Cont.. S1) a) The leader of the group requests a Software Service Broker to find the Voice Communication Service, Video Communication Service, File Sharing Service and Instant Messaging Service. b) The Software Service Broker discovers the services. c) The Software Service Broker downloads the service instances of the five software services. S2) a) The Software Service Broker deploys the service instances to the testing platform of a SSAA. b) The SSAA verifies the software service instances. S3) a) The leader of the group requests an Infrastructure Service Broker to find an infrastructure service compatible to the service instances. b) The Infrastructure Service Broker discovers an infrastructure service.

30 Cont.. S4) A virtual machine is set up in the infrastructure cloud. The leader of the group deploys the Data Obfuscator on the virtual Machine. S5) a) The service instances are sent to the Infrastructure Service Broker. b) The service instances are deployed on the Data Obfuscator. The five service instances are composed to a workflow. The workflow provides all the functionalities for online conferencing. S6) a) The users of the group send their input data to the workflow to process. During the processing of the users’ input data, the input data is obfuscated. After completing the processing, a service response of the workflow is sent to all the users of the group that the processing of their input data has been completed.

31 Conclusions Here an approach to protecting users’ confidential data in cloud computing. Our approach is based on three features: (1) separation of software service providers and infrastructure service providers, (2) hiding information about the owner of data and (3) data obfuscation.

32 References [1] Stephen S. Yau and Ho G, ”Protection of users’ data confidentiality”from ACM digital library. [2] J. Heiser and M. Nicolett, “Assessing the security risks of cloud computing,”from ACM digital library. [3] La’Quata Sumter,” Cloud Computing: Security Risk” from ACM digital library. [4] Gary Anthes,”Security in the Cloud” november 2010 | vol. 53 | no. 11 | communications of the acm 11. [5] S N Dhage, B B Meshram,” Cloud Computing Environment” International Conference and Workshop on Emerging Trends in Technology (ICWET 2011) – TCET, Mumbai, India.

33 Thank you Any Query ?

Download ppt "A Seminar on Securities In Cloud Computing Presented by Sanjib Kumar Raul Mtech(ICT) Roll-10IT61B09 IIT Kharagpur Under the supervision of Prof. Indranil."

Similar presentations

Wei Lu 1, Kate Keahey 2, Tim Freeman 2, Frank Siebenlist 2 1 Indiana University, 2 Argonne National Lab

Wei Lu 1, Kate Keahey 2, Tim Freeman 2, Frank Siebenlist 2 1 Indiana University, 2 Argonne National Lab
Creating HIPAA-Compliant Medical Data Applications with Amazon Web Services Presented by, Tulika Srivastava Purdue University.

Creating HIPAA-Compliant Medical Data Applications with Amazon Web Services Presented by, Tulika Srivastava Purdue University.
Distributed Data Processing

Distributed Data Processing
IT Industry & Cloud Computing. Trends ‘2011- The year of high salaries and immense job opportunities for IT job seekers’ (Source – Blog.Timesjobs.com)

IT Industry & Cloud Computing. Trends ‘2011- The year of high salaries and immense job opportunities for IT job seekers’ (Source – Blog.Timesjobs.com)
Secure Data Storage in Cloud Computing Submitted by A.Senthil Kumar(96608205043) C.Karthik(96608205022) H.Sheik mohideen(96608205046) S.Lakshmi rajan(96608205023)

Secure Data Storage in Cloud Computing Submitted by A.Senthil Kumar( ) C.Karthik( ) H.Sheik mohideen( ) S.Lakshmi rajan( )
High Performance Computing Course Notes 2007-2008 Grid Computing.

High Performance Computing Course Notes Grid Computing.
An Approach to Secure Cloud Computing Architectures By Y. Serge Joseph FAU security Group February 24th, 2011.

An Approach to Secure Cloud Computing Architectures By Y. Serge Joseph FAU security Group February 24th, 2011.
INTRODUCTION TO CLOUD COMPUTING CS 595 LECTURE 6 2/13/2015.

INTRODUCTION TO CLOUD COMPUTING CS 595 LECTURE 6 2/13/2015.
Security Issues and Challenges in Cloud Computing

Security Issues and Challenges in Cloud Computing
Notes to the presenter. I would like to thank Jim Waldo, Jon Bostrom, and Dennis Govoni. They helped me put this presentation together for the field.

Notes to the presenter. I would like to thank Jim Waldo, Jon Bostrom, and Dennis Govoni. They helped me put this presentation together for the field.
CSCE 790: Computer Network Security Chin-Tser Huang University of South Carolina.

CSCE 790: Computer Network Security Chin-Tser Huang University of South Carolina.
Using Digital Credentials On The World-Wide Web M. Winslett.

Using Digital Credentials On The World-Wide Web M. Winslett.
Chapter 13 Physical Architecture Layer Design

Chapter 13 Physical Architecture Layer Design
Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.

Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.
What is Cloud Computing? o Cloud computing:- is a style of computing in which dynamically scalable and often virtualized resources are provided as a service.

What is Cloud Computing? o Cloud computing:- is a style of computing in which dynamically scalable and often virtualized resources are provided as a service.
(Remote Access Security) AAA. 2 Authentication User named flannery dials into an access server that is configured with CHAP. The access server will.

(Remote Access Security) AAA. 2 Authentication User named "flannery" dials into an access server that is configured with CHAP. The access server will.
Cloud Computing 1100101 (101).

Cloud Computing (101).
What is it? CLOUD COMPUTING.  Connects to the cloud via the Internet  Does computing tasks, or  Runs applications, or  Stores Data THE AVERAGE CLOUD.

What is it? CLOUD COMPUTING.  Connects to the cloud via the Internet  Does computing tasks, or  Runs applications, or  Stores Data THE AVERAGE CLOUD.
Cloud Usability Framework

Cloud Usability Framework
Web-Enabling the Warehouse Chapter 16. Benefits of Web-Enabling a Data Warehouse Better-informed decision making Lower costs of deployment and management.

Web-Enabling the Warehouse Chapter 16. Benefits of Web-Enabling a Data Warehouse Better-informed decision making Lower costs of deployment and management.

Similar presentations

Ads by Google