cloud computing and its security issues
TRANSCRIPT
Cloud computing and its security issues
Presented By: Jyoti Srivastava
1106065IT1
Outline:
1. What is cloud computing?2. Characteristics of cloud computing3. Cloud architecture4. Services of cloud computing5. Cloud computing service layers6. Types of cloud computing7. Working of cloud computing8. Data controller’s responsibility9. Contractual issues10. Data protection11. Privacy data protection12. Conclusion13. References
What is cloud computing?
Cloud computing is a set of IT services that are provided to a customer over a network on a leased basis and with the ability to scale up or down their service requirements.
Cloud computing is a new approach that reduces IT complexity by leveraging the efficient pooling of on-demand, self-managed virtual infrastructure, consumed as a service.
Cloud computing involves deploying groups of remote servers and software networks that allow centralized data storage and online access to computer services or resources.
Cloud computing is an umbrella term used to refer to Internet based development and services
Contd.. cloud computing provides a variety of computing resources , from servers and storage to
enterprise applications such as email, security, backup/DR, voice, all delivered over the Internet. The Cloud delivers a hosting environment that is immediate, flexible, scalable, secure, and available – while saving corporations money, time and resources.
Characteristics of cloud computing Common characteristics:
Essential characteristics:
Massive Scale Resilient Computing
Low Cost Software
Virtualization Service Orientation
Advanced Security
Homogeneity Geographic Distribution
Resource Pooling
Broad Network Access Rapid Elasticity
Measured Service
On Demand Self-Service
Cloud architecture: It refers to the components and subcomponents required for cloud computing. These
components typically consist of a front end platform (fat client, thin client, mobile device), back end platforms (servers, storage), a cloud based delivery, and a network (Internet, Intranet, Intercloud). Combined, these components make up cloud computing architecture.
services of cloud computing:
Cloud computing service layers:
services Description
Services
Application
Development
Platform
Storage
Hosting
Services – Complete business services such as PayPal, OpenID , OAuth , Google Maps, Alexa.
Application – Cloud based software that eliminates the need for local installation such as Google Apps, Microsoft Online
Storage – Data storage or cloud based NAS such as CTERA, iDisk, CloudNAS.
Development – Software development platforms used to build custom cloud based applications (PAAS & SAAS) such as SalesForce.Platform – Cloud based platforms, typically provided using virtualization, such as Amazon ECC, Sun Grid
Hosting – Physical data centers such as those run by IBM, HP, NaviSite , etc.
Application
Focused
Infrastructure
Focused
Types of cloud computing:
Working of cloud computing:
Cloud Computing system can be divided it into two section:
1. The front end 2. The back end. The front end is the side the computer
user, or client, sees . The back end is the "cloud" section of the system. On
the back end there are various computers , servers and data storage systems that create the "cloud" of computing
services . A central server administers the system, monitoring traffic and client demands to ensure everything runs smoothly.
Data controller’s responsibility: Data processing by third parties: According to Swiss data protection law, the data controller must therefore ensure that an
appointed third party (data processor) only processes data in such a way as the data controller himself would be permitted to.
Transferring personal data abroad: According to these, exporting data abroad is permissible if legislation that ensures adequate data
protection in accordance with Swiss standards exists in the country in which the recipient of the data is located.
Data security: It includes the protection of systems and data from the risks of unauthorized or arbitrary destruction, arbitrary loss, technical faults, forgery, theft and unlawful use, as well as from unauthorized modification, copying, access or other unauthorized processing.
CONTRACTUAL ISSUES:
In cloud computing the legal responsibility for data processing is borne by the user, who enlists the services of a cloud service provider. The user is the data collector. As in all other cases in which a third party is given the task of processing personal data.
Particular attention must be paid to the following points in a contract with a cloud service provider:
Scope of processingThe type of data processing permissible by the provider is to be clearly specified, and the purpose for which the data may be processed.
Subcontractors:The conditions under which the provider may for his part pass on the data to subcontractors have to be defined, for example, to a provider of storage capacity.
Deletion of data : An essential point is that data that has to be deleted by the user because he or she no longer
needs it or may no longer process it for another reason is also deleted by the provider and no more copies of data are available. This can lead to problems, in particular in connection with backups that are created by the provider.
Contd… Data security measures: The organizational and technical data security measures that are to be taken by the provider are to
be stipulated in the contract, such as the access rights of the provider's employees to data and the systems used to process them, or the encryption of data during transmission or storage, or both.
Localization of data:To enable fulfillment of the requirements in connection with the export of data, the customer must know in which countries the servers are deployed on which the data is processed and stored and the provider is to be under an obligation not to transfer the data to any other countries without prior consultation with the user.
Service level agreements:According to the purpose for which the data is processed it is important to agree on binding service levels for availability and data recovery and if necessary, safeguarded by supporting fixed penalties in the event of non-compliance with the agreed service levels.
Audits:By agreeing on information and audit rights, the user establishes the opportunity to verify that the obligations entered into by the provider are being fulfilled.
Data Protection: Data stored in the cloud typically resides in a shared environment collocated with data from
other customers. Data Isolation: Data can take many forms. For example, for cloud-based application development, it includes the
application programs, scripts, and configuration settings, along with the development tools. For deployed applications, it includes records and other content created or used by the applications, as well as account information about the users of the applications.
Data Sanitization: The data sanitization practices that a service provider implements have obvious implications for
security. Sanitization is the removal of sensitive data from a storage device in various situations, such as when a storage device is removed from service or moved elsewhere to be stored. It also applies to backup copies made for recovery and restoration of service, and residual data remaining upon termination of service.
Data Location: Use of an in-house computing center allows an organization to structure its computing
environment and know in detail where data is stored and the safeguards used to protect the data.
Privacy data protection:Data Encrypt:
Encryption is, so far, the best way you can protect your data. Generally encryption works as follows: You have a file you want to move to a cloud, you use certain software with which you create a password for that file, you move that password-protected file to the cloud and no one is ever able to see the content of the file not knowing the password.
Use an encrypted cloud service: There are some cloud services that provide local encryption and decryption of your files in
addition to storage and backup. It means that the service takes care of both encrypting your files on your own computer and storing them safely on the cloud.
Read the user agreement to find out how your cloud service storage works:
If you are not sure what cloud storage to choose or if you have any questions as for how that or another cloud service works you can read the user agreement of the service you are planning to sign up for. There is no doubt it's hard and boring but you really need to face those text volumes.
Conclusion:
Cloud Computing builds on decades of research in virtualization, distributed computing, utility computing, and more recently networking, web and software services.
It implies a service oriented architecture, reduced information technology overhead for the end-user, great flexibility, reduced total cost of ownership, on-demand services and many other things.
Cloud Computing increases profitability by improving resource utilization. Costs are driven down by delivering appropriate resources only for the time those resources are needed.
References:
[1] Anita Campbell (2008-08-31). “Cloud Computing-Get Used to the Term” The App Gap. http://www.theappgap.com
[2] http://searchsecurity.techtarget.com/magOnline/0,sid14_gci1349551.html. [3] J. Brodkin. (2008, Jun.). “Gartner: Seven cloud-computing security risks.” InfoWorld,
Available: <http://www.infoworld.com/d/security-central/gartner-seven-cloudcomputingsecurity-risks-853?page=0,1> [Mar. 13, 2009].
[4] Cloud Computing Use Case Discussion Group. "Cloud Computing UseCases Version 3.0,"2010.
[5] http://webjcli.org/article/view/303/418
[6] Adobe Systems Inc., "Adobe Flex Framework Technologies", 2011, http://labs.adobe.com/technologies/flex.
THANK YOU