Presentation on theme: "Security in Cloud Computing Presented by : Ahmed Alalawi."— Presentation transcript:
Security in Cloud Computing Presented by : Ahmed Alalawi
Outline Introduction Cloud Computing Components. Security Issues. Information Security requirements (ISR) Policy Based and Layered Infrastructure Security : Dynamic Infrastructure Security Model Conclusion
Why we use Cloud Computing ? -Single point of control delivered over the web lets you manage multiple layers of complex infrastructure. -Support is just a call away. Real-time human tech. assistance will help you resolve your problem. -Enterprise Grade Infrastructure-as-a –service system deliver unbeatable computing power. -On-demand Compute,Network and Storage components add storage capacity in minutes. -Pay-as-you-use gives you choice and control over paying.
Cloud Computing Components Cloud Computing is a class of the next generation highly scalable distributed computing Cloud Computing Components : Five Characteristics Three Delivery Models Three Deployment Models (Clouds Type)
Five Characteristics: 1.On – Demand self-service 2.Broad network access 3.Resource Pooling 4.Rapid elasticity 5.Measured Service
Three Delivery Models: 1. Infrastructure as a Service (IaaS). 2. Platform as a Service (PaaS). 3. Software as a Service (SaaS).
Types of Clouds: 1.Public Available to public 2.Private Available to particular group 3.Hybrid is composition of two or more clouds
Types of Clouds: Public Cloud A public cloud is a model which allows users’ access to the cloud via interfaces mainstream web browsers. Typically based on a pay-per-use model. Public clouds are less secure than the other cloud models
Types of Clouds: Private Cloud A private cloud is set up within an organization’s internal enterprise datacenter. All the cloud resources and application are managed by the organization itself. More secure than the Public cloud.
Types of Clouds: Hybrid Cloud A hybrid cloud is a private cloud linked to one or more external cloud services, centrally managed, provisioned as a single unit. It provides virtual IT solutions through a mix of both public and private clouds. It Provides more secure control of the data and application and allows various parties to access information over the internet. It has an open architecture that allows interfaces with other management systems.
Cloud Computing Delivery Models: Infrastructure as a Service (IaaS) Infrastructure as a Service is a single tenant cloud layer where the Cloud computing vendor’s dedicated resources are only shared with contacted clients at a pay-per-use fee. Minimizes the need for huge investment in computing hardware such as servers, networking devices as processing power.
Cloud Computing Delivery Models: Software as a Service (SaaS) Software as a Service operates on the virtualized and pay-per-use costing model whereby software applications are leased out to contracted organization by specialized SaaS vendors. SaaS applications are accessed using web browsers over the internet, therefore web security is very important. SaaS providers may host the software in their own datacenters or may themselves be outsourced to IaaS providers.
Cloud Computing Delivery Models: Platform as a Service (PaaS) Platform as a service cloud layer works like IaaS but it provides an additional level of ‘rented’ functionality. PaaS offerings facilitate deployment of application without the cost and complexity of buying and managing underlying hardware and software and provisioning hosting capabilities.
Private Cloud Private Cloud Public Cloud SAAS (Software as a Service) IAAS (Infrastructure as a Service) PAAS (Platform as a Service) Hybrid Cloud Hybrid Cloud
Security Issues Privileged access : Who has specialized/privileged access to data? Who decides about the hiring and management of such administrators? Regulatory compliance : Is the could vender willing to undergo external audits and/or security certification? Data location : Does the cloud vender allow for any control over the location of data? Data segregation : Is encryption schemes designed and tested by experienced professionals ?
Continue Security Issues Recovery : What happens to data in the case of a disaster, and does the vendor offer complete restoration, and, if so, How long does that process take ? Investigative Support : Does the vendor have the ability to investigate any inappropriate or illegal activity? Long – term viability: What happens to data if the cloud vendor goes out of business, Is clients’ data returned and in what format? Data Availability: Can the cloud vendor move all their clients’ data onto a different environment should the existing environment become compromised or unavailable ?
ISR: Identification & Authentication This process is targeting at verifying and validating individual cloud users by employing usernames and passwords protecting their cloud profile.
ISR: Authorization Authorization is an important to ensure referential integrity is maintained. Authorization is maintained by the system administrator in a Private Cloud.
ISR: Confidentiality Confidentiality plays a major part in maintaining control over origination data situated across multiple distributed databases. It is must when employing a Public Cloud due to public clouds accessibility nature.
ISR: Integrity The Integrity requirements lies in applying the due diligence within the cloud domain mainly accessing data. The ACID ( Atomicity, Consistency, Isolation and Durability) should be applied across all Cloud Computing Deliver Models.
ISR: Non-repudiation Non-repudiation can be obtained by applying the traditional E-Commerce security protocols and token provisioning to data transmission with cloud applications.
ISR: Availability Availability is the most critical ISR,because it is a key decision factor when choosing between Public, Private or Hybrid Cloud as well as the delivery models.
Conclusion It is clear that although the use of cloud computing has rapidly increased, cloud computing security still a major issue in the cloud computing environment The area of Security on Cloud Computing still open area and there are many challenges in it.