cloud computing security issues in infrastructure as a service”

Technical Seminar on

“Cloud Computing Security Issues in Infrastructure as a Service”

By Vivek Kumar Maurya (1JB10IS115)

Under the Guidance of

Asst. Prof Kiran Kumar V, Designation, Dept of ISE

Department of Information Science and Engineering

CONTENTSAbstractIntroductionLiterature SurveyResults Conclusion References

Abstract This paper presents an elaborated study of IaaS

components security and determines its drawbacks and its countermeasures.

Cloud Infrastructure as a Service (IaaS) helps agencies realize cost savings and efficiencies while modernizing and expanding their IT capabilities.

Cloud-based infrastructure is rapidly scalable, secure, and accessible over the Internet — you only pay for what you use.

Infrastructure as a Service (IaaS) serves as the foundation layer for the other delivery models, and a lack of security in this layer will certainly affect the other delivery models.

IntroductionWhy CLOUD COMPUTING?

“In simple words, the Cloud refers to the process of sharing resources (such as hardware, development platforms and/or software) over the internet. It enables On-Demand network access. These resources are accessed mostly on a pay-per-use or subscription basis.”

Cloud computing is a technology that uses the internet and central remote servers to maintain data and applications.

Cloud computing is much more efficient computing by centralizing storage, memory, and processing .

Data isn’t “chained” to one place; rather, it can be accessed anywhere, from any medium.

Processor speed becomes less important then internet connection speed.

Low maintenance.

Why do customers use the cloud?Cloud computing allows consumers and businesses to

use applications without installation and access their personal files at any computer with internet access.

Literature SurveyAuthors & Year

Paper Title

Contribution Findings or Drawbacks

G. Frankova -2008

“Service Level Agreements: Web Services and Security”

Web Service LevelAgreement (WSLA) framework developed for SLA monitoringAnd enforcement in SOA.(service-oriented architecture)

Cloud clients haveto trust providers , SLA monitoring until standardizing.

W. Mao -2012

“Virtual local area network technology and applications,”

To strengthen network isolation andenhance systems management capabilities.

Virtual networks avoid wasting bandwidth and offer more flexibility, performance, and security.

Cloud Delivery ModelsIaaS(Infrastructure – as- a- Service)A. Iaas is a provision model in which an organization used to

support operations, including storage, hardware, servers and networking components.

B. The service provider owns the equipment and is responsible for running and maintaining it .

C. The client typically pays on a per-use basis.

PaaS(Platform –as- a- Service)A. PaaS is a way to rent hardware, operating systems, storage

and network capacity over the Internet.

B.Operating system features can be changed and upgraded frequently.

C.Initial and ongoing costs can be reduced while developing a software.

SaaS(Software –as- a- Service)A.SaaS sometimes referred to as "software on demand," is

software that is deployed over the internet .

B.It is deployed to run behind a firewall on a local area network or personal computer.

C.With SaaS, a provider licenses an application to customers either as a service on demand, through a subscription, in a "pay-as-you-go" model.

D.This approach to application delivery is part of the utility computing model.

SPI (SaaS, PaaS, IaaS)

Deployment models

Service models Deployment models

Software-As-A-Service (SaaS) Public

Platform-As-A-Service (PaaS) Private

Infrastructure-As-A-Service (IaaS)

Hybrid

Structure of Deployment Model

Security- Who is in control ?

Understanding Security of CloudSecurity in cloud computing is a major concern.

Data in cloud should be stored in encrypted form.

Since all the data is transferred using Internet, data security is of major concern in cloud. Here are key mechanisms for protecting data mechanisms listed below:

Integrity  Accountability

  Privacy Access Control

Authentication Authorization

RESULT

ConclusionEach component in Cloud infrastructure has

its drawbacks which might impact the whole Cloud’s Computing security.

Cloud is a tradeoff between cost, security and privacy.

Change in trust boundaries leads to security and privacy challenges.

References 1. Pankaj Arora and Rubal Chaudhry Wadhawan ,”Cloud

Computing Security Issues in Infrastructure as a Service ”, Volume 2, Issue 1, January 2012

2. G. Frankova, Service Level Agreements: Web Services and Security, ser. Lecture Notes in Computer Science. Berlin, Heidelberg: Springer Berlin Heidelberg, 2007, vol. 4607.

3. S. Garg and H. Saran, “Anti-DDoS Virtualized Operating System,” ARES, p. 7, 2008.

4. V. Rajaravivarma, “Virtual local area network technology and applications,” Proceedings The Twenty-Ninth Southeastern Symposium on System Theory, pp. 49–52, 1997.