Current Security Threats and Prevention Measures Relating to Cloud Services, Hadoop Concurrent Processing, and Big Data ATHER SHARIF, SARAH COONEY, SHENGQI.

Slides:



Advertisements
Similar presentations
Copyright © 2007 Telcordia Technologies Challenges in Securing Converged Networks Prepared for : Telcordia Contact: John F. Kimmins Executive Director.
Advertisements

2 Assessing the Threatscape Addressing compliance requirements Respond, dont just report Youre already a statistic, how do you rebound? Q&A.
Hi – 5 Marcus Hogue Chris Jacobson Alexandra Korol Mark Ordonez Jinjia Xi Security of Cloud Computing.
Cloud Computing Security Monir Azraoui, Kaoutar Elkhiyaoui, Refik Molva, Melek Ӧ nen, Pasquale Puzio December 18, 2013 – Sophia-Antipolis, France.
2 Assessing the Threatscape Addressing compliance requirements Respond, don’t just report You’re already a statistic, how do you rebound? Q&A.
Security, Privacy and the Cloud Connecticut Community Providers’ Association June 20, 2014 Steven R Bulmer, VP of Professional Services.
September 10, 2012Introduction to Computer Security ©2004 Matt Bishop Slide #1-1 Chapter 1: Introduction Components of computer security Threats Policies.
Is There a Security Problem in Computing? Network Security / G. Steffen1.
Cloud Computing Part #3 Zigmunds Buliņš, Mg. sc. ing 1.
An Approach to Secure Cloud Computing Architectures By Y. Serge Joseph FAU security Group February 24th, 2011.
Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.
The State of Security Management By Jim Reavis January 2003.
1 An Overview of Computer Security computer security.
E-Commerce Technologies for Web Applications. Overview Introduction in E-Commerce - Numbers and Projections Engineering – Layers of E-Commerce - Credit.
July 1, 2004Computer Security: Art and Science © Matt Bishop Slide #1-1 Chapter 1: Introduction Components of computer security Threats Policies.
Presented by Manager, MIS.  GRIDCo’s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to GRIDCo’s.
Telenet for Business Mobile & Security? Brice Mees Security Services Operations Manager.
D ATABASE S ECURITY Proposed by Abdulrahman Aldekhelallah University of Scranton – CS521 Spring2015.
Security Framework For Cloud Computing -Sharath Reddy Gajjala.
Tunis, Tunisia, 28 April 2014 Security Issues for Cloud and Future Networks Noureddine Boudriga, Director CN&S, University of Carthage
Cloud Computing Cloud Security– an overview Keke Chen.
Security issues in the Cloud Presentation for CloudCamp 2012 (Lagos) Christopher Odutola FVC Inc. Dubai.
© 2010 IBM Corporation Cloudy with a chance of security Information security in virtual environments Johan Celis Security Solutions Architect EMEA IBM.
Fine-Grained Access Control (FGAC) in the Cloud Robert Barton.
Security Awareness: Applying Practical Security in Your World Chapter 1: Introduction to Security.
Copyright © 2013 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin Business Plug-In B6 Information Security.
Idaho Cybersecurity Task Force Department of Administration 16 Sep 2015.
Big Data Bijan Barikbin Denisa Teme Matthew Joseph.
Overview Abstract Vulnerability: An Overview Cloud Computing Cloud-Specific Vulnerabilities Architectural Components and Vulnerabilities Conclusion.
Magellan: Experiences from a Science Cloud Lavanya Ramakrishnan.
APPLICATION PENETRATION TESTING Author: Herbert H. Thompson Presentation by: Nancy Cohen.
Cloud Security: Critical Threats and Global Initiatives Jim Reavis, Executive Director July, 2010.
Daniel Cuschieri Information Security Distance Learning Weekend Conference August 2013.
Modeling and Simulation of Cloud Computing:A Review Wei Zhao, Yong Peng, Feng Xie, Zhonghua Dai 報告者 : 饒展榕.
Top Threats WG Co-Chair Jon-Michael Brook. Agenda About our Top Threats Polling the industry Call for participation Categorizing our Top Threats.
Security Issues in Cloud Environment Vamshi. Cloud Environment Security My project.
Kia Manoochehri.  Background  Threat Classification ◦ Traditional Threats ◦ Availability of cloud services ◦ Third-Party Control  The “Notorious Nine”
Yair Grindlinger, CEO and Co-Founder Do you know who your employees are sharing their credentials with? Do they?
November 19, 2008 CSC 682 Use of Virtualization to Thwart Malware Written by: Ryan Lehan Presented by: Ryan Lehan Directed By: Ryan Lehan Produced By:
1 Melanie Alexander. Agenda Define Big Data Trends Business Value Challenges What to consider Supplier Negotiation Contract Negotiation Summary 2.
CLOUDS. Online applications What is cloud computing Common, Location-independent, Online Utility on Demand Common implies multi-tenancy, not single or.
Csci5233 computer security & integrity 1 An Overview of Computer Security.
Incident Response In the Cloud.  CEO of BH Consulting – Independent Information Security Firm  Founder & Head of IRISSCERT – Ireland’s first Computer.
Computer Security By Duncan Hall.
Configuring, Managing and Maintaining Windows Server® 2008 Servers Course 6419A.
Visibility. Intelligence. response Information Security: Risk Management or Business Enablement? Mike Childs Vice President Rook Security.
Bring Your Own Security (BYOS™): Deploy Applications in a Manageable Java Container with Waratek Locker on Microsoft Azure MICROSOFT AZURE ISV PROFILE:
Data-Centric Security and User Access Controls for Hadoop on Microsoft Azure MICROSOFT AZURE APP BUILDER PROFILE: BLUETALON BlueTalon provides data-centric.
What does it mean for Records and Information Management.
July 1, 2004Computer Security: Art and Science © Matt Bishop Slide #1-1 Chapter 1: Introduction Components of computer security Threats Policies.
Technical Security Issues in Cloud Computing By: Meiko Jensen, Jorg Schwenk, Nils Gruschka, Luigi Lo Lacono Presentation by: Winston Tong 2009 IEEE.
A Multi-Dimensional Configurable Access Control Framework for Mobile Applications By: Yaira K. Rivera Sánchez Major Advisor: Steven A. Demurjian.
CSE 5810 Biomedical Informatics and Cloud Computing Zhitong Fei Computer Science & Engineering Department The University of Connecticut CSE5810: Introduction.
Security Policy and Key Management Centrally Manage Encryption Keys - Oracle TDE, SQL Server TDE and Vormetric. Tina Stewart, Vice President.
By Hajira Fatima Safa Mohammed Zaheer Abid Ali. Cloud computing is a result of evolving and adopting existing technologies. The goal of cloud computing.
B ig D ata Analysis for Page Ranking using Map/Reduce R.Renuka, R.Vidhya Priya, III B.Sc., IT, The S.F.R.College for Women, Sivakasi.
Advanced System Security Dr. Wayne Summers Department of Computer Science Columbus State University
Vulnerability Analysis Dr. X. Computer system Design Implementation Maintenance Operation.
Systems and Internet Infrastructure Security (SIIS) LaboratoryPage Systems and Internet Infrastructure Security Network and Security Research Center Department.
Cloud Security– an overview Keke Chen
CMIT100 Chapter 15 - Information.
Amazon Storage- S3 and Glacier
Security Issues.
Information Security: Risk Management or Business Enablement?
Chapter 1: Introduction
Chapter 19: Building Systems with Assurance
NAAS 2.0 Features and Enhancements
CONTENTS BACKGROUND CLOUD MODELS SECURITY CONSIDERATIONS MANAGING RISK.
Computer Science and Engineering
Presentation transcript:

Current Security Threats and Prevention Measures Relating to Cloud Services, Hadoop Concurrent Processing, and Big Data ATHER SHARIF, SARAH COONEY, SHENGQI GONG, DREW VITEK DEPARTMENT OF COMPUTER SCIENCE SAINT JOSEPH’S UNIVERSITY

Introduction and Motivation  “Big Data” has become a buzzword in almost every industry  Cloud based services are becoming increasingly popular for data storage and analysis  Massive data breaches are still all too common  The security of cloud services is very much reliant on the measures taken by the service provider  As future computer scientists, we feel that knowledge of Big Data and Cloud security measures is invaluable.

Cloud Services  In % of US businesses were using some type of cloud service  “Notorious Nine Cloud Computing Threats” 1.Abuse of Cloud Services 2.Account or Service Traffic Hijacking 3.Data Breaches 4.Data Loss 5.Denial of Service 6.Insecure Interfaces and APIs 7.Insufficient Due Diligence 8.Malicious Insiders 9.Shared Technology Vulnerabilities

Verizon Cloud Security  4 Layered Approach… Base Security Logical Security Value Added Security Governance Risk & Compliance

Big Data  In general, security risks associated with Big Data can be categorized by three V’s… 1. Volume… 2. Velocity… 3. Variety…

Theoretical Sticky Policy Framework  Proposed by S. Li, T. Zhang, J. Gao, and Y. Park  Based on the EnCoRe project  Data Center Domain versus Trusted Authority Domain

Inside the Trusted Authority Domain  Identity and Key Management Engine  Policy Engine  Policy Portal  Policy Controller  Policy Negotiation Component  Policy Update Component  Enforcement Component  Policy Store

Hadoop  Security Vulnerabilities in the Cloud Based System  Difficult to locate and track the node holding a specific file chunk  Chunk Stealing  Chunk Injection

Twilio  Implementation of Hadoop via Amazon cloud services  Access Control Based on:  Job Roles  Bucket Policies  Access Control Lists  Physical Security Measures  Third Party Penetration Testing Every 6 Months  Safe Harbor Compliance

Conclusion With the continued increase in available data and growth in the use of cloud services, knowledge of how to secure these systems is imperative for any computer science professional, and will provide continued opportunity for jobs and research as we leave school to enter the professional world.

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.