Download presentation
Presentation is loading. Please wait.
1
Ragib Hasan Johns Hopkins University en.600.412 Spring 2011 Lecture 8 04/11/2011 Security and Privacy in Cloud Computing
2
Cloud Network Security Goal: Examine techniques for securing cloud networking Review Assignment #8: (Due 4/18) Challenges for Cloud Network Security, HP Labs tech Report, 2010. 4/11/2011en.600.412 Spring 2011 Lecture 9 | JHU | Ragib Hasan
3
Recap: Airavat (Cloud Privacy) Strengths? Weaknesses? Ideas? 4/11/2011en.600.412 Spring 2011 Lecture 9 | JHU | Ragib Hasan
4
Today’s talk Will discuss a position paper (not an implementation or systems description paper) Will introduce the notion of cloud networking as a service, and its security implications – We will discuss what will be the issues in such a model 4/11/2011en.600.412 Spring 2011 Lecture 9 | JHU | Ragib Hasan
5
For your review Instead of writing pros and cons of the paper, write the following: – Why security is a problem in cloud networking? (a brief paragraph) – 3 or more challenges in cloud network security – 3 or more techniques that may be used to secure cloud networks 4/11/2011en.600.412 Spring 2011 Lecture 9 | JHU | Ragib Hasan
6
Cloud Networking Cloud computing requires – More performance from existing networks (bandwidth, quality, availability) – More flexibility Most of existing work on cloud focuses on single data centers and providers – But clouds can also be distributed (across different locations for same provider, or across different providers) 4/11/2011en.600.412 Spring 2011 Lecture 9 | JHU | Ragib Hasan
7
Cloud Networking Cloud Networking involves – Ability to swiftly reconfigure networks according to client requirement (Network as a Service or NaaS) – Runs on top of intranet and the Internet – Uses network virtualization to connect clouds and users 4/11/2011en.600.412 Spring 2011 Lecture 9 | JHU | Ragib Hasan
8
Cloud Networking Cloud networking extends network virtualization beyond the data centre to bring two new aspects to cloud computing: – the ability to connect the user to services in the cloud and – the ability to interconnect services that are geographically distributed across cloud infrastructures 4/11/2011en.600.412 Spring 2011 Lecture 9 | JHU | Ragib Hasan
9
SAIL project from HP / EU Major European Union and HP project Goal is to – develop networking functions for applications with highly variable demands, – integrating these functions with computing and storage – along with the necessary tools for management and security. 4/11/2011en.600.412 Spring 2011 Lecture 9 | JHU | Ragib Hasan
10
Threat Model Attacker: – External or Internal – Internal attacker can be disgruntled employee, or even hardware/software manufacturers embedding a trapdoor in code/firmware Threats – All traditional threats on networks (eavesdropping, DoS, Man-in-the-middle etc.) – Legal attacks (e.g., network crosses legal borders) 4/11/2011en.600.412 Spring 2011 Lecture 9 | JHU | Ragib Hasan
11
Secure cloud Networking: Challenges Users view network as a private one, but it is built on top of public infrastructures How to implement security? – Component based: Virtual components themselves manage security – Infrastructure based: Network manages security 4/11/2011en.600.412 Spring 2011 Lecture 9 | JHU | Ragib Hasan
12
Secure Cloud Networking: Challenges Integrity – How to ensure routing security (integrity and availability of routing information) 4/11/2011en.600.412 Spring 2011 Lecture 9 | JHU | Ragib Hasan
13
Secure Cloud Networking: challenges How the virtual network provider guarantees a certain network capacity to a customer, How the access to this virtual network is controlled, and How the virtual network usage is accounted for (metering) 4/11/2011en.600.412 Spring 2011 Lecture 9 | JHU | Ragib Hasan
14
Further reading 4/11/2011en.600.412 Spring 2011 Lecture 9 | JHU | Ragib Hasan SAIL Project: http://www.sail-project.euhttp://www.sail-project.eu
Similar presentations
