Presentation is loading. Please wait.

Presentation is loading. Please wait.

SECURITY IN CLOUD COMPUTING By Bina Bhaskar Anand Mukundan.

Published byHannah Pitts Modified over 8 years ago

Similar presentations

Presentation on theme: "SECURITY IN CLOUD COMPUTING By Bina Bhaskar Anand Mukundan."— Presentation transcript:

1 SECURITY IN CLOUD COMPUTING By Bina Bhaskar Anand Mukundan

2 Startups & Small businesses Can use clouds for everything. SaaS, IaaS, collaboration services, online presence. Mid-Size Enterprises Can use clouds for many things. Compute cycles for R&D projects, online collaboration, partner integration, social networking, new business tools. Large Enterprises More likely to have hybrid models where they keep some things in house. On premises data for legal and risk management reasons. Courtesy : Juniper Networks Who is using Clouds today?

3 Problem Statement Image courtesy: Wikipedia VM SECURITY DATA SECURITY SW SECURITY

4 Identify Assets Which assets are we trying to protect? What properties of these assets must be maintained? Identify Threats What attacks can be mounted? What other threats are there (natural disasters, etc.)? Identify Countermeasures How can we counter those attacks? Appropriate for Organization-Independent Analysis We have no organizational context or policies Problem Statement Courtesy : Juniper Networks

5 Misconception Clouds can never be secure This is not true because cloud is like any other network we use currently. Image courtesy : http://www.accmanpro.com/2010/10/29/cloud-misconceptions-security-tops-the-list/

6 Cloud Service Deployment Image courtesy :http://www.rationalsurvivability.com/

7 Vulnerabilities exposed in cloud (1) National Database of Vulnerabilities lists over a hundred potential hypervisor flaws for one particular virtualization technology. Image courtesy: http://lpage.joyent.com/rs/joyent/images/Joyent_Security_Whitepaper_Final_20101001.pdf

8 Vulnerabilities exposed in cloud (2) Hypervisor Holes o Ability to insert code into virtual machines. o The disclosure of unauthorized information o Potential disruption of service. o Run several varieties of guest operating systems o One could use root access to the hypervisor to commit dirty deeds such as planting rootkits into the memory of running operating system kernels

9 Vulnerabilities exposed in cloud (3) Securing Data Storage o The data stored in the cloud may be frequently updated by the users. o Focus on single server scenario which does not consider dynamic data operations. o Traditional cryptographic primitives for the purpose of data security protection cannot be directly adopted due to the users’ loss of control of their data under Cloud Computing.

10 Vulnerabilities exposed in cloud (4) VM Placement attacks o Denial of Service o Measure cache usage (measure CPU utilization on the physical machine; or “how busy are their servers?”) o Load-based co-residence detection (aka detecting co-residence without relying on sending any network probes) o Estimating traffic rates (sounds harmless but can be used to deduce targets activity patterns, peak trading times for maximal DoS effect etc) o Keystroke timing attack (remote keystroke monitoring)

11 Vulnerabilities exposed in cloud (8) Metadata Spoofing attack o Adversary manipulates / re-engineers the metadata content of a web service so that the web service's intended operation is replaced by another operation. Original WSDL Modified WSDL

12 Vulnerabilities exposed in cloud (5) Malware Injection Attack o Adversary creates own instance of virtual machine or service module o Cloud system is manipulated by the adversary in such a way that it points to the adversary's implementation of the service or instance

13 Vulnerabilities exposed in cloud (7) XML Signature

14 Vulnerabilities exposed in cloud (6) Denial of Service o Direct DOS o Indirect DOS

15 Existing Cloud Security Models (1) Cloud Storage Model Multi-Party Non-Repudiation o Normal Mode o Resolve Mode

16 Existing Cloud Security Models (2) Three level security model Image courtesy: Data Security Model for Cloud Computing

17 Existing Cloud Security Models (3) Cloud Cube Model Image courtesy: Cloud Cube Model: Selecting Cloud Formations for Secure Collaboration by Jercho Forum

18 Policies related to Security Application security Maintaining Integrity Authentication / Access Control

19 Suggested Framework USER A USER B Data Application > FOREIGNFOREIGN ATTACKSATTACKS 3LS Data APP 3LS

20 Thank you!

Download ppt "SECURITY IN CLOUD COMPUTING By Bina Bhaskar Anand Mukundan."

Similar presentations

Secure Data Storage in Cloud Computing Submitted by A.Senthil Kumar(96608205043) C.Karthik(96608205022) H.Sheik mohideen(96608205046) S.Lakshmi rajan(96608205023)

Secure Data Storage in Cloud Computing Submitted by A.Senthil Kumar( ) C.Karthik( ) H.Sheik mohideen( ) S.Lakshmi rajan( )
Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.

Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.
Chap 1: Overview Concepts of CIA: confidentiality, integrity, and availability Confidentiality: concealment of information –The need arises from sensitive.

Chap 1: Overview Concepts of CIA: confidentiality, integrity, and availability Confidentiality: concealment of information –The need arises from sensitive.
INTRODUCTION TO CLOUD COMPUTING CS 595 LECTURE 6 2/13/2015.

INTRODUCTION TO CLOUD COMPUTING CS 595 LECTURE 6 2/13/2015.
Security Issues and Challenges in Cloud Computing

Security Issues and Challenges in Cloud Computing
1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.

1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.
1 An Overview of Computer Security computer security.

1 An Overview of Computer Security computer security.
Copyright © 2009 Juniper Networks, Inc. 1 Cloud Computing: Finding the Silver Lining Steve Hanna, Juniper Networks.

Copyright © 2009 Juniper Networks, Inc. 1 Cloud Computing: Finding the Silver Lining Steve Hanna, Juniper Networks.
Web server security Dr Jim Briggs WEBP security1.

Web server security Dr Jim Briggs WEBP security1.
Authors: Thomas Ristenpart, et at.

Authors: Thomas Ristenpart, et at.
Presented by INTRUSION DETECTION SYSYTEM. CONTENT Basically this presentation contains, What is TripWire? How does TripWire work? Where is TripWire used?

Presented by INTRUSION DETECTION SYSYTEM. CONTENT Basically this presentation contains, What is TripWire? How does TripWire work? Where is TripWire used?
Real Security for Server Virtualization Rajiv Motwani 2 nd October 2010.

Real Security for Server Virtualization Rajiv Motwani 2 nd October 2010.
Cloud Computing Cloud Security– an overview Keke Chen.

Cloud Computing Cloud Security– an overview Keke Chen.
Chirag N. Modi and Prof. Dhiren R. Patel NIT Surat, India Ph. D Colloquium, CSI-2011 Signature Apriori based Network.

Chirag N. Modi and Prof. Dhiren R. Patel NIT Surat, India Ph. D Colloquium, CSI-2011 Signature Apriori based Network.
© 2010 IBM Corporation Cloudy with a chance of security Information security in virtual environments Johan Celis Security Solutions Architect EMEA IBM.

© 2010 IBM Corporation Cloudy with a chance of security Information security in virtual environments Johan Celis Security Solutions Architect EMEA IBM.
Cloud Computing & Security Issues Prepared by: Hamoud Al-Shammari CS 6910 Summer, 2011 University of Colorado at Colorado Springs Engineering & Applied.

Cloud Computing & Security Issues Prepared by: Hamoud Al-Shammari CS 6910 Summer, 2011 University of Colorado at Colorado Springs Engineering & Applied.
Cryptography and Network Security

Cryptography and Network Security
Eng. Wafaa Kanakri Second Semester 1435 CRYPTOGRAPHY & NETWORK SECURITY Chapter 1:Introduction Eng. Wafaa Kanakri UMM AL-QURA UNIVERSITY

Eng. Wafaa Kanakri Second Semester 1435 CRYPTOGRAPHY & NETWORK SECURITY Chapter 1:Introduction Eng. Wafaa Kanakri UMM AL-QURA UNIVERSITY
1 Julius Davies Architectural Technology Specialist Microsoft.

1 Julius Davies Architectural Technology Specialist Microsoft.
International Telecommunication Union Geneva, 9(pm)-10 February 2009 ITU-T Security Standardization on Mobile Web Services Lee, Jae Seung Special Fellow,

International Telecommunication Union Geneva, 9(pm)-10 February 2009 ITU-T Security Standardization on Mobile Web Services Lee, Jae Seung Special Fellow,

Similar presentations

Ads by Google