Computer Science and Engineering

Slides:



Advertisements
Similar presentations
Secure, Scalable, Synchronizable, and Social Business oriented Rich Internet Applications to reduce costs and add value to clients Authors: Avenir Cokaj,
Advertisements

TechFire Conference Cloud Made Simple - Dispelling the Hype. Brian Larkin Operations Director Digital Planet Brian Larkin Operations Director Digital Planet.
Security, Privacy and the Cloud Connecticut Community Providers’ Association June 20, 2014 Steven R Bulmer, VP of Professional Services.
Chapter 22: Cloud Computing and Related Security Issues Guide to Computer Network Security.
Supervisor : Mr. Hadi Salimi Advanced Topics in Information Systems Mazandaran University of Science and Technology February 4, 2011 Survey on Cloud Computing.
Bharat Bhargava Computer Science Purdue University Research in Cloud Computing YounSun Cho Computer Science Purdue.
Ragib Hasan Johns Hopkins University en Spring 2010 Lecture 5 03/08/2010 Security and Privacy in Cloud Computing.
CLOUD PRIVACY AND SECURITY CS 595 LECTURE 15 4/15/2015.
Cloud Usability Framework
Wally Kowal, President and Founder Canadian Cloud Computing Inc.
Cloud Computing Guide & Handbook SAI USA Madhav Panwar.
Oyinkan Adedun Adeleye Caitlyn Carney Tyler Nguyen.
Securing and Auditing Cloud Computing Jason Alexander Chief Information Security Officer.
Cloud computing Tahani aljehani.
Security in Cloud Computing Presented by : Ahmed Alalawi.
EA and IT Infrastructure - 1© Minder Chen, Stages in IT Infrastructure Evolution Mainframe/Mini Computers Personal Computer Client/Sever Computing.
Discussion on LI for Mobile Clouds
Cloud Computing in Large Scale Projects George Bourmas Sales Consulting Manager Database & Options.
Effectively and Securely Using the Cloud Computing Paradigm.
Clouds on IT horizon Faculty of Maritime Studies University of Rijeka Sanja Mohorovičić INFuture 2009, Zagreb, 5 November 2009.
CLOUD COMPUTING & COST MANAGEMENT S. Gurubalasubramaniyan, MSc IT, MTech Presented by.
Introduction to Cloud Computing
MIGRATING INTO A CLOUD P. Sai Kiran. 2 Cloud Computing Definition “It is a techno-business disruptive model of using distributed large-scale data centers.
Security and Privacy: Can we trust the cloud?
Jim Reavis, Executive Director Cloud Security Alliance November 22, 2010 Developing a Baseline On Cloud Security.
Dell Connected Security Solutions Simplify & unify.
Computer Science and Engineering 1 Cloud ComputingSecurity.
The Legal Issues Facing Digital Forensic Investigations In A Cloud Environment Presented by Janice Rafraf 15/05/2015Janice Rafraf1.
Cloud Use Cases, Required Standards, and Roadmaps Excerpts From Cloud Computing Use Cases White Paper
Cloud Computing Security Keep Your Head and Other Data Secure in the Cloud Lynne Pizzini, CISSP, CISM, CIPP Information Systems Security Officer Information.
Daniel Cuschieri Information Security Distance Learning Weekend Conference August 2013.
PaaSport Introduction on Cloud Computing PaaSport training material.
Cloud computing Cloud Computing1. NIST: Five essential characteristics On-demand self-service Computing capabilities, disks are demanded over the network.
CLOUD COMPUTING RICH SANGPROM. What is cloud computing? “Cloud computing is a model for enabling ubiquitous, convenient, on-demand network access to a.
© 2012 IBM Corporation IBM Security Systems 1 © 2012 IBM Corporation Cloud Security: Who do you trust? Martin Borrett Director of the IBM Institute for.
CISC 849 : Applications in Fintech Namami Shukla Dept of Computer & Information Sciences University of Delaware A Cloud Computing Methodology Study of.
1 TCS Confidential. 2 Objective : In this session we will be able to learn:  What is Cloud Computing?  Characteristics  Cloud Flavors  Cloud Deployment.
CLOUD-BASED VIDS A CIO’S PERSPECTIVE Stephen Alford, CIO WEP, Inc.
© 2012 Eucalyptus Systems, Inc. Cloud Computing Introduction Eucalyptus Education Services 2.
INTRODUCTION TO CLOUD COMPUTING. CLOUD  The expression cloud is commonly used in science to describe a large agglomeration of objects that visually appear.
Cloud Computing: Legislative and Regulatory Frameworks Presentation to AREGNET Ria M. Thomas 29 April 2014 Occid-OrientStrategies.
CS 6027 Advanced Networking FINAL PROJECT ​. Cloud Computing KRANTHI ​ CHENNUPATI PRANEETHA VARIGONDA ​ SANGEETHA LAXMAN ​ VARUN ​ DENDUKURI.
Access Control in Cloud Security
Understanding The Cloud
Avenues International Inc.
Introduction to Cloud Computing
By: Raza Usmani SaaS, PaaS & TaaS By: Raza Usmani
VIRTUALIZATION & CLOUD COMPUTING
Cloud Computing Kelley Raines.
Cloud Computing By P.Mahesh
Chapter 21: Cloud Computing and Related Security Issues
Introduction to Cloud Computing
Cloud Computing.
Chapter 22: Cloud Computing Technology and Security
Cloud Computing Team Members: Aleksandra Knezevic Willie Robbins
CLOUD COMPUTING Presented By:- EduTechlearners
UTSA's New Center Center for Security and Privacy Enhanced Cloud Computing (C-SPECC) Ravi Sandhu Executive Director of ICS and C-SPECC Professor.
CNIT131 Internet Basics & Beginning HTML
EIS Fast-track Revision Om Trivedi Enterprise Information Systems
Clouds: What’s new is old is new…
Developing a Baseline On Cloud Security Jim Reavis, Executive Director
Service Oriented Architecture for Cloud Based Travel Reservation Software as a Service Comp 684 – Rayna Burgess.
3 Cloud Computing.
What is Interesting in the CCSP certification?
Computers Are Your Future Twelfth Edition
Cloud Computing: Concepts
Views of Cloud Computing
Basics of Cloud Computing
Cloud Computing for Wireless Networks
Presentation transcript:

Computer Science and Engineering Cloud Computing Security Computer Science and Engineering

What is cloud computing? Computer Science and Engineering

Computer Science and Engineering The NIST Definition Computing paradigm to support ubiquitous, convenient, and on-demand network access to a shared pool of computing resources Access characteristics: can be rapidly provisioned and released with minimal management effort or service provider’s interaction Description: Essential characteristics Service model Deployment model Computer Science and Engineering

Essential Characteristics On-demand self-service Broad network access Resource pooling Rapid elasticity Measured service – pay-as-you-go Computer Science and Engineering

Computer Science and Engineering Service Models Software as a Service (SaaS) Platform as a Service (PaaS) Infrastructure as a Service (IaaS) Data Data as a service (cloud storage) Database as a service Transactional vs. analytical applications Computer Science and Engineering

Computer Science and Engineering Cloud databases Mix of Relational and NonSQL ACID vs. BASE guarantees Centralized vs. Distributed Shared-nothing vs. share-everything Etc… Computer Science and Engineering

Computer Science and Engineering Deployment Models Private cloud Community cloud Public cloud Hybrid cloud Computer Science and Engineering

Computer Science and Engineering Cloud concerns The cloud acts as a big black box -> Clients have no idea or control over what happens inside a cloud Loss of control Cloud provider, system admins Lack of trust How to support traditional data confidentiality, integrity, availability, and privacy issues, plus some additional attacks Extra work Computer Science and Engineering

Computer Science and Engineering Security Objectives Confidentiality Fear of loss of control over data sensitive data stored on a cloud cloud compromises  leak confidential client data Is the cloud provider honest and won’t peek into the data? Computer Science and Engineering

Computer Science and Engineering Security Objectives Integrity Correct computations Data tampering Availability Denial of Service attack against cloud Cloud provider goes out of business Scalability Cloud provider’s downtime Computer Science and Engineering

Regulations and Legal requirements Auditability and forensics (out of control of data) Difficult to audit cloud data Difficult forensics Legal issues Who is responsible for complying with regulations? How about third party clouds? Computer Science and Engineering

Computer Science and Engineering Privacy Issues Massive data mining Cloud now stores data from a lot of clients, and can run data mining algorithms to get large amounts of information on clients Increased attack surface Attackers target the communication link between cloud provider and client Cloud provider employees can be phished Computer Science and Engineering

What are the Security concerns regarding Cloud computing? Computer Science and Engineering

Why do we need cloud security? Players: Cloud provider Service consumer Concerns: Availability Security Computer Science and Engineering

Critical Security Areas in Cloud Computing (CSA) Governing in the Cloud Governance and Enterprise Risk Management Legal and Electronic Discovery Compliance and Audit Information Lifecycle Management Portability and Interoperability Operating in the Cloud Traditional Security, Business Continuity, and Disaster Recovery Data Center Operations Incident Response, Notification, and Remediation Application Security Encryption and Key Management Identity and Access Management Virtualization Computer Science and Engineering

Top 10 Customer Issues Eroding Cloud Confidence (from CSA) Government regulations keeping pace with the market (1.80) Exit strategies (1.88) International data privacy (1.90) Legal issues (2.15) Contract lock in (2.18) Data ownership and custodian responsibilities (2.18) Longevity of suppliers (2.20) Integration of cloud with internal systems (2.23) Credibility of suppliers (2.30) Testing and assurance (2.30) Computer Science and Engineering

Computer Science and Engineering Will the cloud stay? Computer Science and Engineering

Computer Science and Engineering Cloud and Security Security difficulties in the cloud Cloud as a security service provider Computer Science and Engineering

Computer Science and Engineering What is Security? 1960s: Computer security (CompuSec) and Communication security (CommSec) 1970s: encryption technologies 1990s: Information security (InfoSec) 2000s: Information Assurance, Information Warfare 2008-9: Information Dominance 2010s: Mission Assurance Computer Science and Engineering

Computer Science and Engineering Mission Assurance Getting the job done Security is a secondary objective Always present malicious entity in a cyber system DoD Mission assurance specification Computer Science and Engineering

What is a Mission aware cloud? Computer Science and Engineering

Mission-aware cloud Research problems 1. “Develop a heterogeneous experimental cloud computing infrastructure (denoted as the cloud henceforth) spanning multiple locations, security and assurance levels.” “Experimentally explore, develop, and implement extensive instrumentation to monitor, measure and gather statistical data regarding activities in the cloud.” Computer Science and Engineering

Mission-aware cloud Research problems 2. “Analyze gathered data to estimate underlying network performance and threat vulnerability using regression, analysis of variance, and other generalized linear statistical models.” “Develop new protocols that cope with denial of service (DoS) and insider attacks and ensure predictable delivery of mission critical data.” “Develop new or enhance existing virtual machines (VMs) that enable efficient implementation of access control and trust policies to facilitate mission assurance.” Computer Science and Engineering

Mission-aware cloud Research problems 3. “Develop models, methodologies and architectures for decentralized dynamic management of security and assurance policies.” “Design automated systems that analyze the tradeoffs between security and availability versus performance and scalability and take corrective action before threats or bottlenecks compromise mission assurance.” Computer Science and Engineering

Computer Science and Engineering Policy Decisions Pete and Ann shares resources Need agreement on security policy Pete Ann Cloud provider Ann Pete Computer Science and Engineering

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.