Cloud Computing - Security (BIG Data)
out of 14
Post on 07-Nov-2014
Embed Size (px)
DESCRIPTIONA very high level condensed presentation on Data Security issues on the Cloud.
<ul><li> 1. Cloud ComputingSecurity The BIG Data Vasanth Ganesan MS Telecommunications & Business University of Maryland, College Park </li> <li> 2. What is Cloud Computing? Its all about Sharing </li> <li> 3. Like with anything new, theprimary concern is security RISKS are ALWAYS there! </li> <li> 4. Low Cloud Security Concerns High SaaS PaaS IaaS The Stack Operational Efficiency LowHigh </li> <li> 5. Security Risks &Potential Opportunities </li> <li> 6. What are your main concerns in your approach to Cloud Computing?Source: ENISA An SME Perspective on Cloud, 2009 </li> <li> 7. Security Snap Copy MountYesterday Today </li> <li> 8. In Brief Data Trust Boundary Data Security Identity and Access Management (IAM) Privacy Considerations Information Assurance Concerns CSA Security Guidance v2.1 </li> <li> 9. Trust Boundary Trust Boundaries have changed with cloud computing Note: Different cloud providers might have different trust boundaries Data barriers Need for transparency Governance Enterprise Risk Management Compliance and AuditSource: Cloud Security and Privacy Tim Mather </li> <li> 10. Data Security Providers data collection efforts and monitoring of such Use of encryption Data in Transit Data at Rest Key management is a significant issue Data lineage Data provenance Data remanence Information Lifecycle Management Encryption and Key Management Compliance and AuditSource: Cloud Security and Privacy Tim Mather </li> <li> 11. Identity and Access Management One of the biggest challenges today Currently inadequate for Enterprises Access Control tool Identity and Access Management Traditional security Compliance and AuditSource: Cloud Security and Privacy Tim Mather </li> <li> 12. Privacy Considerations Data is no longer static Transborder data issues may be exacerbated Privacy laws (inconsistent among different jurisdictions) Data governance is weak Encryption is not pervasive Cloud Providers absolve themselves Data remanence still is a ? Information Lifecycle Management Traditional security Compliance and AuditSource: Cloud Security and Privacy Tim Mather </li> <li> 13. Then why the Cloud? Lowers Time to TCO MarketFocus on Core ScalabilityBusiness Flexibility </li> <li> 14. Potential Questions from the Clients Does the provider hold certifications such as ISO 27001/2, SAS 70? If yes, what is the scope of the certifications? Does the provider share with the physical location of the servers? To what extent are storage, memory and other data traces erased from the machines before being reallocated to a different customer? i.e. Data remanence Does the provider support the data classification scheme used? How does the provider guarantee isolation of resources from other customers? Learn from the Cloud service provider (CSP) about key management. Who handles and manages the key? How does the CSP report on its security management? Does the CSP have an analytics tool to monitor your cloud? What are the CSPs control monitoring processes? Is your data bound by local jurisdiction? </li> </ul>
View more >