Loading presentation...

Present Remotely

Send the link below via email or IM

Copy

Present to your audience

Start remote presentation

  • Invited audience members will follow you as you navigate and present
  • People invited to a presentation do not need a Prezi account
  • This link expires 10 minutes after you close the presentation
  • A maximum of 30 users can follow your presentation
  • Learn more about this feature in our knowledge base article

Do you really want to delete this prezi?

Neither you, nor the coeditors you shared it with will be able to recover it again.

DeleteCancel

Make your likes visible on Facebook?

Connect your Facebook account to Prezi and let your likes appear on your timeline.
You can change this under Settings & Account at any time.

No, thanks

CSC599 - Cloud Computing Security

No description
by

Suleiman ALAQEL

on 1 April 2013

Comments (0)

Please log in to add your comment.

Report abuse

Transcript of CSC599 - Cloud Computing Security

ANALYSIS OF SECURITY
AND PRIVACY ISSUES OF
CLOUD COMPUTING ENVIRONMENTS by: Suleiman M. ALAQEL Advisor & Committee Chair: Chang-Shyh Peng, Ph.D.
Committee Members: Myungsook Klassen, Ph.D. & John Dillon, MS. Definition
& History Characteristics Service models Deployment models Issues of Cloud Computing Privacy of
Cloud Computing Security of
Cloud Computing Simulations SaaS PaaS Agenda Official Definition:
“a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction” Easy definition? Examples 2000s: 1970s: So? It's a buzz word! Marketing! How did Amazon start the current market? Virtualization Adjust the resources

Security

Disaster management Performance Test and monitor all four core resources Handling for usage spikes Cost IT departments
Recurring expanses Scalability Real-time
No suspend / upgrade the
hardware/tests/reactivate Security Same if not better than traditional
90% no recovery plan Infrastructure on site.
1 hardware per Client Public Cloud Private Cloud No cost efficiency Government agencies & healthcare Cut costs significantly Efficient for the peek loads Hybrid Cloud Private and Public Security Community Cloud Fewer users Common concern Infrastructure as a service Physical hardware
or a virtual machine block in-house IT = not popular Full freedom... Almost. Hold and resume Platform as a Service Hardware + Platform Better balance: no hardware & enough freedom Software as a Service Software is ready for
immediate use Least customizable Hardware + Network OS + Dev. Env. Software Compliance Open source Open standards Dropbox vs Google Drive Sustainability Service abuse The right of individuals to ‘know what is known about them’ Control how that information is communicated Prevent its abuse Privacy
Concerns Regulatory
Compliance Deletion of Data
and Backups Data Location Data state Audit Trails
and Logs Encrypted? computing power. Physically secured?
Laws Profiting from their customers' data?
90% concerned about their data
80% concerned about their photos All access to the customers' data
Debugging Transparent policy
Data removal upon the user's request
or termination of the service Physical Level Security Trust the service providers Security guards
Automated access controls
Video surveillance
... And so on Network Level IaaS, PaaS, SaaS Man-in-the-middle OS and Application Levels Bridges the virtual machine and the network Unneeded operating system functions Data Level and Access Control Encrypted in use
or backup Trust Not a technical matter
Reputation Virtualization Isolation Misconception Virtualization is not safer? Software maintenance vague Side-Channel attacks Lab testing but proven Encryption keys Application and Code Security Coded properly? SQL injections
Cross-site scripting
Unauthorized admin privileges More in IaaS and PaaS than SaaS Other Security Issues (Traditional) Viruses
Unauthorized Access
Data at Rest
Data in Transit
Data Remnant Google App Engine
Programmer's responsibility
http://al-aqel.com/demo.html Google App
More security
http://al-aqel.com/demo.html Questions?
Full transcript