security in cloud computing
DESCRIPTION
Security in Cloud Computing. Presented by : Ahmed Alalawi. Outline. Introduction Cloud Computing Components. Security Issues. Information Security requirements (ISR) Policy Based and Layered Infrastructure Security : Dynamic Infrastructure Security Model Conclusion. - PowerPoint PPT PresentationTRANSCRIPT
Security in Cloud
Computing
Presented by : Ahmed Alalawi
OutlineIntroductionCloud Computing Components.Security Issues.Information Security requirements (ISR)Policy Based and Layered Infrastructure Security :Dynamic Infrastructure Security ModelConclusion
Why we use Cloud Computing ?- Single point of control delivered over the web lets you manage
multiple layers of complex infrastructure .
- Support is just a call away . Real-time human tech. assistance will help you resolve your problem .
- Enterprise Grade Infrastructure-as-a –service system deliver unbeatable computing power.
- On-demand Compute ,Network and Storage components add storage capacity in minutes.
- Pay-as-you-use gives you choice and control over paying .
Cloud Computing Components
Cloud Computing is a class of the next generation highly scalable distributed computingCloud Computing Components :
Five CharacteristicsThree Delivery ModelsThree Deployment Models (Clouds Type)
Five Characteristics:1. On – Demand self-service2. Broad network access3. Resource Pooling4. Rapid elasticity5. Measured Service
Three Delivery Models:1. Infrastructure as a Service (IaaS).2. Platform as a Service (PaaS).3. Software as a Service (SaaS).
Types of Clouds:1. Public Available to public2. Private Available to particular group3. Hybrid is composition of two or more clouds
Types of Clouds: Public CloudA public cloud is a model which allows users’ access to the cloud via interfaces mainstream web browsers.Typically based on a pay-per-use model.Public clouds are less secure than the other cloud models
Types of Clouds: Private Cloud
A private cloud is set up within an organization’s internal enterprise datacenter.All the cloud resources and application are managed by the organization itself.More secure than the Public cloud.
Types of Clouds: Hybrid CloudA hybrid cloud is a private cloud linked to one or more external cloud services, centrally managed, provisioned as a single unit.It provides virtual IT solutions through a mix of both public and private clouds.It Provides more secure control of the data and application and allows various parties to access information over the internet.It has an open architecture that allows interfaces with other management systems.
Cloud Computing Delivery Models: Infrastructure as a Service (IaaS)
Infrastructure as a Service is a single tenant cloud layer where the Cloud computing vendor’s dedicated resources are only shared with contacted clients at a pay-per-use fee.Minimizes the need for huge investment in computing hardware such as servers, networking devices as processing power.
Cloud Computing Delivery Models:Software as a Service (SaaS)
Software as a Service operates on the virtualized and pay-per-use costing model whereby software applications are leased out to contracted organization by specialized SaaS vendors.SaaS applications are accessed using web browsers over the internet , therefore web security is very important .SaaS providers may host the software in their own datacenters or may themselves be outsourced to IaaS providers.
Cloud Computing Delivery Models:Platform as a Service (PaaS)Platform as a service cloud layer works like IaaS but it provides an additional level of ‘rented’ functionality.PaaS offerings facilitate deployment of application without the cost and complexity of buying and managing underlying hardware and software and provisioning hosting capabilities.
PrivateCloud
Public Cloud
SAAS (Software as a Service)
IAAS (Infrastructure as a Service)
PAAS (Platform as a Service)
HybridCloud
Security Issues Privileged access: Who has specialized/privileged access to data? Who decides about the hiring and management of such administrators?Regulatory compliance: Is the could vender willing to undergo external audits and/or security certification?Data location: Does the cloud vender allow for any control over the location of data?Data segregation : Is encryption schemes designed and tested by experienced professionals ?
Continue Security Issues Recovery : What happens to data in the case of a disaster, and does the vendor offer complete restoration, and , if so, How long does that process take ?Investigative Support : Does the vendor have the ability to investigate any inappropriate or illegal activity?Long – term viability: What happens to data if the cloud vendor goes out of business, Is clients’ data returned and in what format?Data Availability: Can the cloud vendor move all their clients’ data onto a different environment should the existing environment become compromised or unavailable ?
Information Security Requirements (ISR)
ISR
Identification &
Authentication
Authorization Confidentiality Integrity Non-repudiation Availability
ISR: Identification & Authentication
This process is targeting at verifying and validating individual cloud users by employing usernames and passwords protecting their cloud profile.
ISR: AuthorizationAuthorization is an important to ensure referential integrity is maintained.Authorization is maintained by the system administrator in a Private Cloud.
ISR: ConfidentialityConfidentiality plays a major part in maintaining control over origination data situated across multiple distributed databases.It is must when employing a Public Cloud due to public clouds accessibility nature.
ISR: IntegrityThe Integrity requirements lies in applying the due diligence within the cloud domain mainly accessing data.The ACID ( Atomicity, Consistency, Isolation and Durability) should be applied across all Cloud Computing Deliver Models.
ISR: Non-repudiationNon-repudiation can be obtained by applying the traditional E-Commerce security protocols and token provisioning to data transmission with cloud applications.
ISR: AvailabilityAvailability is the most critical ISR ,because it is a key decision factor when choosing between Public, Private or Hybrid Cloud as well as the delivery models.
ConclusionIt is clear that although the use of cloud computing has rapidly increased, cloud computing security still a major issue in the cloud computing environment The area of Security on Cloud Computing still open area and there are many challenges in it.
Questions & Comments
Yildiz M, Abawajy J, Ercan T., Bernoth A., ALayered Security Approach for Cloud ComputingInfrastructure, ISPAN, pp.763-767, 10th InternationalSymposium on Pervasive Systems, Algorithms, andNetworks, 2009
Ramgovind, S. Eloff and M.M. Smith, E.,“The management of security in Cloud computing”, inInformation Security for South Asia (ISSA), 2010, pp. 1-7.
Chen, Jianyong; Wang, Yang; Wang, Xiaomin; , "On-Demand Security Architecture for Cloud Computing," Computer , vol.45, no.7, pp.73-78, July 2012doi: 10.1109/MC.2012.120
http://www.idc.com
http://www.netmagicsolutions.com
http://www.salesforce.com
http://www.katescomment.com/iaas-paas-saas-definition
http://en.wikipedia.org/wiki/Cloud_computing
http://aws.amazon.com/ec2
References