Send the link below via email or IMCopy
Present to your audienceStart remote presentation
- Invited audience members will follow you as you navigate and present
- People invited to a presentation do not need a Prezi account
- This link expires 10 minutes after you close the presentation
- A maximum of 30 users can follow your presentation
- Learn more about this feature in our knowledge base article
Copy of Cloud Computing Security
Transcript of Copy of Cloud Computing Security
Background Cloud Computing
Cloud Security Issues
Introduction about Cloud Computing
Security threats in IaaS service model.
Outline of the Presentation
Cloud is a Buzzy Phrase.
NIST Definition (publication 800-145, 2009) :
“Cloud computing is a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction”.
Key Features of cloud
Cloud service Model
Cloud deployment Model
Key features of cloud
1. On demand Self-service
User access cloud services through online control panel anytime anywhere.
Example : Dropbox, Amazon EC2
2. Rapid Elasticity
Ability to scale in seconds
Example: Aminoto Company
3. Resource Pooling
Cloud computing is multi-tenant architecture.
Services adjusted to meed client need.
4. Measured Services
Economic benefits to many organization
5. Network Access
Cloud Services available over Internet
Cloud Service Model :)
Software as a Service (SaaS)
Platform as a Service (PaaS)
Infrastructure as a Service (IaaS)
Cloud Deployment Model :)
Cloud security vs Traditional IT security.
Vulnerabilities & Threats in cloud computing IaaS.
Security Defense Mechanism
Is it safe & secure to use cloud?
1- Outsourced location
VM migration Attack.
3-Data Confidentiality & Integrity.
4- Compliance & government regulation
Cloud Computing is a concern?
IT Traditional Security Vs Cloud computing Security!
SECURITY Is The Most Concerning Cloud Issue
International Data Corporation(IDC) market research & analysis firm, highlighted that security topic ranked the first
of votes. (Posted December 15th, 2009).
Security control in cloud is no different from traditional IT environemnt [Keiko Hashizume 2013]
Cloud is build over the internet and all concerns related to security in internet are also posed by the cloud.
virtual machine escape,
session riding and hijacking
insecure or obsolete cryptography
Cloud Specific Security Issues
One reason : Essential characteristics of Cloud Computing
1- On-demand self-service
Unauthorized access to management interface
2- Broad network access
Internet protocol vulnerabilities
3- Resource pooling & Elasticity
Data recovery vulnerability.
AWS Elastic Beanstalk, Terremark, Rockspace, Windows Azure, Openstack(opensource)
Force.com, Google App Engin, YAhoo Pipes, Eucalyptus(open source), OpenNepula.
who is responsible for security?
Security responsibilities in cloud stack are shared between customers and providers.
Differ between cloud service models(layers)
[Bernd Grobauer 2011]
Getting access to login credentials of honest customers
privileged access & knowledge of the resources
scan for vulnerabilities and exploit them afterward.
Thank you :)
Any Question ?
5. Broad Network Access
Cloud Services accessed over Internet
Vulnerbilities & threats in IaaS
Cloud Security Issues- In literature
why traditional security solution can not be integrated in cloud ?
[Zhifeng et al, 2013]
Cloud computing is capable of handling mass data & intensive computation tasks, therefore the existing mechanisms may not suffice due to unbearable computation & communication overheads.
New Strategies & solutions are needed !!
Vulnerability & Threats in IaaS
Hypervisor(VMM) code complication
: Virtual Machine scape, Denial of Serivce
Co-resident Virtual Machines.
Cross-VM attack (gain access to another VM ).
: co-residency detection, HomeAlone
uncontrolled public VM Image Repository
Malicious VM creation, 2 scenarios
Copy user VM or
Create VM from scratch
Encrypt VM, Migrate
1- transfer VM to malicious host
2- exposed to network
3- malicious VM transferred to another targeted Host
: violate confidentiality of consumer's VM.
: Encrypt data, Encrypt VM, TCCP
Trusted Computing Cloud Platform(TCCP).
[N.Santos et al 2011]
[Eric Keller et al,2010]
Presented by: Manal Al-Arawahi
Supervisors: Professor Eran Edirisinghe & Dr Olaf Maennel