cloud computing security issues in infrastructure as a service”

19
Technical Seminar on “Cloud Computing Security Issues in Infrastructure as a Service” By Vivek Kumar Maurya (1JB10IS115) Under the Guidance of Asst. Prof Kiran Kumar V, Designation, Dept of ISE Department of Information Science and Engineering

Upload: vivek-maurya

Post on 08-Jun-2015

286 views

Category:

Engineering


0 download

TRANSCRIPT

Page 1: Cloud Computing Security Issues in Infrastructure as a Service”

Technical Seminar on

“Cloud Computing Security Issues in Infrastructure as a Service”

By Vivek Kumar Maurya (1JB10IS115)

Under the Guidance of

Asst. Prof Kiran Kumar V, Designation, Dept of ISE

Department of Information Science and Engineering

Page 2: Cloud Computing Security Issues in Infrastructure as a Service”

CONTENTSAbstractIntroductionLiterature SurveyResults Conclusion References

Page 3: Cloud Computing Security Issues in Infrastructure as a Service”

Abstract This paper presents an elaborated study of IaaS

components security and determines its drawbacks and its countermeasures.

Cloud Infrastructure as a Service (IaaS) helps agencies realize cost savings and efficiencies while modernizing and expanding their IT capabilities.

Cloud-based infrastructure is rapidly scalable, secure, and accessible over the Internet — you only pay for what you use.

Infrastructure as a Service (IaaS) serves as the foundation layer for the other delivery models, and a lack of security in this layer will certainly affect the other delivery models.

Page 4: Cloud Computing Security Issues in Infrastructure as a Service”

IntroductionWhy CLOUD COMPUTING?

Page 5: Cloud Computing Security Issues in Infrastructure as a Service”

“In simple words, the Cloud refers to the process of sharing resources (such as hardware, development platforms and/or software) over the internet. It enables On-Demand network access. These resources are accessed mostly on a pay-per-use or subscription basis.”

Cloud computing is a technology that uses the internet and central remote servers to maintain data and applications.

Page 6: Cloud Computing Security Issues in Infrastructure as a Service”

Cloud computing is much more efficient computing by centralizing storage, memory, and processing .

Data isn’t “chained” to one place; rather, it can be accessed anywhere, from any medium.

Processor speed becomes less important then internet connection speed.

Low maintenance.

Page 7: Cloud Computing Security Issues in Infrastructure as a Service”

Why do customers use the cloud?Cloud computing allows consumers and businesses to

use applications without installation and access their personal files at any computer with internet access.

Page 8: Cloud Computing Security Issues in Infrastructure as a Service”

Literature SurveyAuthors & Year

Paper Title

Contribution Findings or Drawbacks

G. Frankova -2008

“Service Level Agreements: Web Services and Security”

Web Service LevelAgreement (WSLA) framework developed for SLA monitoringAnd enforcement in SOA.(service-oriented architecture)

Cloud clients haveto trust providers , SLA monitoring until standardizing.

W. Mao -2012

“Virtual local area network technology and applications,”

To strengthen network isolation andenhance systems management capabilities.

Virtual networks avoid wasting bandwidth and offer more flexibility, performance, and security.

Page 9: Cloud Computing Security Issues in Infrastructure as a Service”

Cloud Delivery ModelsIaaS(Infrastructure – as- a- Service)A. Iaas is a provision model in which an organization used to

support operations, including storage, hardware, servers and networking components.

B. The service provider owns the equipment and is responsible for running and maintaining it .

C. The client typically pays on a per-use basis.

Page 10: Cloud Computing Security Issues in Infrastructure as a Service”

PaaS(Platform –as- a- Service)A. PaaS is a way to rent hardware, operating systems, storage

and network capacity over the Internet.

B.Operating system features can be changed and upgraded frequently.

C.Initial and ongoing costs can be reduced while developing a software.

SaaS(Software –as- a- Service)A.SaaS sometimes referred to as "software on demand," is

software that is deployed over the internet .

B.It is deployed to run behind a firewall on a local area network or personal computer.

C.With SaaS, a provider licenses an application to customers either as a service on demand, through a subscription, in a "pay-as-you-go" model.

D.This approach to application delivery is part of the utility computing model.

Page 11: Cloud Computing Security Issues in Infrastructure as a Service”

SPI (SaaS, PaaS, IaaS)

Page 12: Cloud Computing Security Issues in Infrastructure as a Service”

Deployment models

Service models Deployment models

Software-As-A-Service (SaaS) Public

Platform-As-A-Service (PaaS) Private

Infrastructure-As-A-Service (IaaS)

Hybrid

Page 13: Cloud Computing Security Issues in Infrastructure as a Service”

Structure of Deployment Model

Page 14: Cloud Computing Security Issues in Infrastructure as a Service”

Security- Who is in control ?

Page 15: Cloud Computing Security Issues in Infrastructure as a Service”

Understanding Security of CloudSecurity in cloud computing is a major concern.

Data in cloud should be stored in encrypted form.

Since all the data is transferred using Internet, data security is of major concern in cloud. Here are key mechanisms for protecting data mechanisms listed below:

Integrity  Accountability

  Privacy Access Control

Authentication Authorization

Page 16: Cloud Computing Security Issues in Infrastructure as a Service”

RESULT

Page 17: Cloud Computing Security Issues in Infrastructure as a Service”

ConclusionEach component in Cloud infrastructure has

its drawbacks which might impact the whole Cloud’s Computing security.

Cloud is a tradeoff between cost, security and privacy.

Change in trust boundaries leads to security and privacy challenges.

Page 18: Cloud Computing Security Issues in Infrastructure as a Service”

References 1. Pankaj Arora and Rubal Chaudhry Wadhawan ,”Cloud

Computing Security Issues in Infrastructure as a Service ”, Volume 2, Issue 1, January 2012

2. G. Frankova, Service Level Agreements: Web Services and Security, ser. Lecture Notes in Computer Science. Berlin, Heidelberg: Springer Berlin Heidelberg, 2007, vol. 4607.

3. S. Garg and H. Saran, “Anti-DDoS Virtualized Operating System,” ARES, p. 7, 2008.

4. V. Rajaravivarma, “Virtual local area network technology and applications,” Proceedings The Twenty-Ninth Southeastern Symposium on System Theory, pp. 49–52, 1997.

Page 19: Cloud Computing Security Issues in Infrastructure as a Service”