Loading presentation...

Present Remotely

Send the link below via email or IM

Copy

Present to your audience

Start remote presentation

  • Invited audience members will follow you as you navigate and present
  • People invited to a presentation do not need a Prezi account
  • This link expires 10 minutes after you close the presentation
  • A maximum of 30 users can follow your presentation
  • Learn more about this feature in our knowledge base article

Do you really want to delete this prezi?

Neither you, nor the coeditors you shared it with will be able to recover it again.

DeleteCancel

Make your likes visible on Facebook?

Connect your Facebook account to Prezi and let your likes appear on your timeline.
You can change this under Settings & Account at any time.

No, thanks

Copy of Cloud Computing Security

No description
by

manal al rawahi

on 7 April 2014

Comments (0)

Please log in to add your comment.

Report abuse

Transcript of Copy of Cloud Computing Security

Cloud Computing Security
Background Cloud Computing
Security Concern
Cloud Security Issues
Conclusion
Introduction about Cloud Computing

Cloud-specific security

Security threats in IaaS service model.

Security Mechanisms.
Outline of the Presentation
Outline
What is
Cloud Computing?
Cloud is a Buzzy Phrase.

NIST Definition (publication 800-145, 2009) :

“Cloud computing is a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction”.

Key Features of cloud
Cloud service Model
Cloud deployment Model
Key features of cloud
(Essential Characteristics)
1. On demand Self-service
User access cloud services through online control panel anytime anywhere.

Example : Dropbox, Amazon EC2
2. Rapid Elasticity
Ability to scale in seconds

Example: Aminoto Company
3. Resource Pooling
Cloud computing is multi-tenant architecture.

Services adjusted to meed client need.

4. Measured Services
Billing system.

Economic benefits to many organization
5. Network Access
Cloud Services available over Internet
Cloud Service Model :)
Software as a Service (SaaS)
Platform as a Service (PaaS)
Infrastructure as a Service (IaaS)
Cloud Deployment Model :)
Outline:
Cloud Computing.

Cloud security vs Traditional IT security.

Vulnerabilities & Threats in cloud computing IaaS.

Security Defense Mechanism
Is it safe & secure to use cloud?

1- Outsourced location

2-Multi-tenancy architecture.
VM side-Attack
Hypervisor Attack
DoS Attack
VM migration Attack.

3-Data Confidentiality & Integrity.

4- Compliance & government regulation
Why
Cloud Computing is a concern?
IT Traditional Security Vs Cloud computing Security!
SECURITY Is The Most Concerning Cloud Issue
International Data Corporation(IDC) market research & analysis firm, highlighted that security topic ranked the first
87%
of votes. (Posted December 15th, 2009).
Security control in cloud is no different from traditional IT environemnt [Keiko Hashizume 2013]
Cloud is build over the internet and all concerns related to security in internet are also posed by the cloud.
virtual machine escape,
session riding and hijacking
insecure or obsolete cryptography

Cloud Specific Security Issues
One reason : Essential characteristics of Cloud Computing
.
1- On-demand self-service
Unauthorized access to management interface

2- Broad network access
Internet protocol vulnerabilities

3- Resource pooling & Elasticity
Data recovery vulnerability.
Example :
Google App,Salesforce
Example :
AWS Elastic Beanstalk, Terremark, Rockspace, Windows Azure, Openstack(opensource)
Examples:
Force.com, Google App Engin, YAhoo Pipes, Eucalyptus(open source), OpenNepula.
who is responsible for security?
Security responsibilities in cloud stack are shared between customers and providers.

Differ between cloud service models(layers)
[Bernd Grobauer 2011]
Attack Types
Maliciously outsider
Normal user.
Getting access to login credentials of honest customers

Maliciously Insiders
privileged access & knowledge of the resources
malicious tenant.

Internet
scan for vulnerabilities and exploit them afterward.
Thank you :)
Any Question ?
5. Broad Network Access
Cloud Services accessed over Internet
Vulnerbilities & threats in IaaS
Cloud Security Issues- In literature
why traditional security solution can not be integrated in cloud ?
[Zhifeng et al, 2013]
Cloud computing is capable of handling mass data & intensive computation tasks, therefore the existing mechanisms may not suffice due to unbearable computation & communication overheads.

New Strategies & solutions are needed !!
Confidentiality
Integrity
Availability
Privacy
Accountability
Compliance
Vulnerability & Threats in IaaS
1-vulnerability:
Hypervisor(VMM) code complication
Threat
: Virtual Machine scape, Denial of Serivce
Defense:
NoHype

2-Vulnerabily:
Co-resident Virtual Machines.
Threat:
Cross-VM attack (gain access to another VM ).
Defense
: co-residency detection, HomeAlone


3- V
ulnerability:
uncontrolled public VM Image Repository
Threat:
Malicious VM creation, 2 scenarios
Copy user VM or
Create VM from scratch
Defense:
Encrypt VM, Migrate




5- Vulnerability:
VM migration
Threat:
insecure Migration
1- transfer VM to malicious host
2- exposed to network
3- malicious VM transferred to another targeted Host
Defense:
TCCP

6-
Vulnerability:
Malicious SysAdmin/Provider.
Threat
: violate confidentiality of consumer's VM.
Defense
: Encrypt data, Encrypt VM, TCCP
Virtualization:
NoHype
Trusted Computing Cloud Platform(TCCP).
[N.Santos et al 2011]
[Eric Keller et al,2010]
Presented by: Manal Al-Arawahi
Supervisors: Professor Eran Edirisinghe & Dr Olaf Maennel
Full transcript