SlideShare a Scribd company logo
1 of 38
Download to read offline
3/11/2013   Security in Cloud Computing          1




   SECURITY IN CLOUD COMPUTING




                                ABHISHEK KUMAR SINHA
                                MIT,Manipal University
3/11/2013               Security in Cloud Computing   2




                                 Content
Introduction to Cloud Computing

Cloud Storage

Cloud Services

Who Consume Cloud Services?

Why protection against Cloud?

Cloud computing and Security

Privacy in Cloud Computing

Survey on Cloud Infrastructure

Cloud Cryptography

Examine the IBM Security Framework

Guide to implementing a secure cloud

Conclusion
3/11/2013     Security in Cloud Computing             3




Introduction to Cloud Computing
• Cloud computing is a model for enabling ubiquitous,
  convenient, on-demand network access to a shared pool
  of configurable computing resources (e.g., networks,
  servers, storage, applications, and services) that can be
  rapidly provisioned and released with minima
  management effort or service provider interaction [1].
3/11/2013   4
3/11/2013   5
3/11/2013   6
3/11/2013   7
3/11/2013   8
3/11/2013   9
3/11/2013      Security in Cloud Computing             10




Cloud computing and Security [3]
• Cloud computing presents an added level of risk because

  essential services are often outsourced to a third party.

• The externalized aspect of outsourcing makes it harder to

  maintain data integrity and privacy, support data and ser-
  vice availability, and demonstrate compliance.

• Inside the cloud, it is difficult to physically locate where

  data is stored.
3/11/2013    Security in Cloud Computing               11




Cloud computing and Security…
• In addition, the massive sharing of infrastructure with
  cloud computing creates a significant difference between
  cloud security and security in more traditional IT
  environments.
• Users spanning different corporations and trust levels
  often interact with the same set of compute resources.
• At the same time, workload balancing, changing service-
  level agreements (SLAs) and other aspects of todays
  dynamic IT environments create even more opportunities
  for misconfiguration, data compromise and malicious
  conduct.
3/11/2013                                       12



            Privacy in Cloud Computing

• Search history (Google, Yahoo, AOL)

• Emails (Yahoo, Microsoft, Google)

• Documents, Medical history! (Google)

• Photos (Flickr, Google)

• Video watching history (YouTube, Google)

• Web browsing history (DoubleClick, Google)

• Social networks (Facebook, MySpace, Google)
3/11/2013   13
3/11/2013                            14




            Cloud Cryptography
• Homomorphic encryption

• Searchable/Structured encryption

• Proofs of storage

• Server-aided secure computation
3/11/2013                                               15




            Homomorphic encryption
• Homomorphic encryption is a form of encryption which
  allows specific types of computations to be carried out on
  ciphertext and obtain an encrypted result which is the
  ciphertext of the result of operations performed on the
  plaintext.
• E.g.one person could add two encrypted numbers and
  then another person could decrypt the result, without
  either of them being able to find the value of the individual
  numbers.
3/11/2013   16
3/11/2013                                             17




            Searchable Encryption
• Encryption that supports search on encrypted text
  Symmetric key [SWP01,Goh03,CM05,CGKO06]
  Public key [BDOP06, BKOS07,…]
• Guarantees that:
  Cloud never sees documents
  Cloud never sees search keywords
• Pros
  Symmetric variant is very efficient!
• Cons
  Reveals access and search patterns
  Shows how to hide this but it is expensive
3/11/2013   18
3/11/2013                                               19


             Proofs of Storage

•Tamper detection without knowing original file:
  Symmetric-key
  Public-key
 •Guarantees that:
  Cloud will be caught if it tampers with data
• Pros
  Symmetric variant is efficient!
  Verification does not require copy of original data
3/11/2013   20
3/11/2013                                           21


       Server-aided secure computation

• Joint computation w/o revealing inputs
(plain) secure computation
•Guarantees that:
  Parties will not learn each other’s inputs
  Cloud will not learn parties’ inputs
• Pros
 General-purpose (e.g., data mining,voting,negotiations,…)
 Efficient
3/11/2013   22
3/11/2013      Security in Cloud Computing           23




Examine the IBM Security Framework [3]
• The IBM Security Framework was developed to describe
  security in terms of the business resources that need to
  be protected, and it looks at the different resource
  domains from a business point of view.
• Based on the IBM Security Framework and informed by
  extensive discussions with IBM clients,IBM provide a host
  of major security requirements in enterprise-class cloud
  computing.
3/11/2013   Security in Cloud Computing   24
3/11/2013     Security in Cloud Computing               25




Cont’d…
• People and identity: Cloud environments usually support
  a large and diverse community of users, so these controls
  are even more critical. In addition, clouds introduce a new
  tier of privileged users: administrators working for the
  cloud provider.
  Privileged-user monitoring, including logging activities,
  becomes an important requirement. This monitoring
  should include physical monitoring and background
  checking.
3/11/2013          Security in Cloud Computing                       26




Cont’d…
• Data and information: Most organizations cite data protection as their

  most important security issue. Typical concerns include the way in
  which data is stored and accessed, compliance and audit
  requirements, and business issues involving the cost of data
  breaches, notification requirements, and damage to brand value.

• All sensitive or regulated data needs to be properly segregated on

  the cloud storage infrastructure, including archived data.

• Encrypting and managing encryption keys of data in transit to the

  cloud or data at rest in the service provider's data center is critical to
  protecting data privacy and complying with compliance mandates.
3/11/2013       Security in Cloud Computing               27




Cont’d…
• Application and process: Clients typically consider cloud

  application security requirements in terms of image
  security.

• All of the typical application security requirements still

  apply to the applications in the cloud,but they also carry
  over to the images that host those applications

• The cloud provider needs to follow and support a secure

  development process.
3/11/2013         Security in Cloud Computing                    28




Cont’d…
• Network, server, and endpoint: In the shared cloud
  environment, clients want to ensure that all tenant domains are
  properly isolated and that no possibility exists for data or
  transactions to leak from one tenant domain into the next.
• To help achieve this, clients need the ability to configure
  trusted virtual domains or policy-based security zones.
• As data moves further from the client's control, they expect
  capabilities like Intrusion
• Detection and Prevention systems to be built into the
  environment.
3/11/2013      Security in Cloud Computing               29




Cont’d…
• Physical infrastructure: The cloud's infrastructure,

  including servers, routers, storage devices, power
  supplies, and other components that support operations,
  should be physically secure.

• Safeguards include the adequate control and monitoring

  of physical access using biometric access control
  measures and closed circuit television (CCTV) monitoring.
3/11/2013      Security in Cloud Computing             30




Guide to implementing a secure cloud
• Implement and maintain a security program:

• A security program can provide the structure for

  managing information security, and the risks and threats
  to the target environment.

• In the event of a security breach, the security program can

  provide crucial information as to how the cloud is
  protected, responses to threats, and a line of
  accountability for management of events.
3/11/2013       Security in Cloud Computing                31




Cont’d…
• Build and maintain a secure cloud infrastructure:

• A secure infrastructure helps provide cloud resiliency and the

  confidence that the information stored in the cloud is
  adequately protected.

• Organizations must ensure that the vendor can meet all

  business requirements, demonstrates an understanding of all
  legal, regulatory, industry, and customer specific requirements,
  and has the capacity to meet those requirements in a
  satisfactory manner.
3/11/2013         Security in Cloud Computing                 32




Cont’d…
• Ensure confidential data protection:

• Data protection is a core principle of information security. All of

  the prevalent information security regulations and standards,
  as well as the majority of industry best practices, require that
  sensitive information be adequately protected in order to
  preserve confidentiality.

• Confidentiality of such data is required no matter where that

  data is resident in the chain of custody, including the cloud
  environment.
3/11/2013         Security in Cloud Computing                          33




Cont’d…
• Implement strong access and identity management:

• Access and identity management are critical to cloud security.

• They limit access to data and applications to authorized and appropriate

  users.

• Establish application and environment provisioning:

• In a centrally managed cloud environment, it is essential to have automated

  provisioning functionality in place.
3/11/2013    Security in Cloud Computing              34




Cont’d…
• Implement a governance and audit management

  program:

• To be prepared for regulatory or internal audits, you need

  to have a program in place that defines when, how, and
  where to collect log and audit information.
3/11/2013       Security in Cloud Computing           35




Cont’d…
• Implement a vulnerability and intrusion management
  program:
• In a trusted cloud environment, you have to implement a
  strict vulnerability management program and mechanisms
  such as intrusion detection systems (IDS) and intrusion
  prevention systems (IPS) to ensure that IT resources
  (servers, network, infrastructure components, and
  endpoints) are constantly monitored for vulnerabilities and
  breaches.
3/11/2013   Security in Cloud Computing               36




Cont’d…
• Maintain environment testing and validation:
• In order to maintain an intact cloud IT environment, you
  have to employ different mechanisms
• for testing and validation.
3/11/2013     Security in Cloud Computing                 37




Conclusion
• Cloud computing provides an efficient, scalable, and cost-

  effective way for today’s organizations to deliver business
  or consumer IT services over the Internet.

• Cloud computing is often provided as a service, so control

  over data and operations is shifted to third-party service
  providers, requiring their clients to establish trust
  relationships with their providers and develop security
  solutions that take this relationship into account.
3/11/2013   Security in Cloud Computing              38




Reference
[1] “The NIST Definition of Cloud Computing”, Reports on
Computer Systems Technology, National Institute of
Standards and Technology Special Publication 800-
145,September 2011.

[2] “IBM Point of View: Security and Cloud Computing”,
Cloud computing White paper, November 2009.

[3] “Cloud Security Guidance IBM Recommendations for
the Implementation of Cloud Security”, IBM RedBooks.

More Related Content

What's hot

On technical security issues in cloud computing
On technical security issues in cloud computingOn technical security issues in cloud computing
On technical security issues in cloud computingsashi799
 
Ensuring data storage security in cloud computing
Ensuring data storage security in cloud computingEnsuring data storage security in cloud computing
Ensuring data storage security in cloud computingUday Wankar
 
Presentation on cloud computing security issues using HADOOP and HDFS ARCHITE...
Presentation on cloud computing security issues using HADOOP and HDFS ARCHITE...Presentation on cloud computing security issues using HADOOP and HDFS ARCHITE...
Presentation on cloud computing security issues using HADOOP and HDFS ARCHITE...Pushpa
 
SOME SECURITY CHALLENGES IN CLOUD COMPUTING
SOME SECURITY CHALLENGES  IN CLOUD COMPUTINGSOME SECURITY CHALLENGES  IN CLOUD COMPUTING
SOME SECURITY CHALLENGES IN CLOUD COMPUTINGHoang Nguyen
 
Evaluation Of The Data Security Methods In Cloud Computing Environments
Evaluation Of The Data Security Methods In Cloud Computing EnvironmentsEvaluation Of The Data Security Methods In Cloud Computing Environments
Evaluation Of The Data Security Methods In Cloud Computing Environmentsijfcstjournal
 
Cloud Computing and Security - ISACA Hyderabad Chapter Presentation
Cloud Computing and Security - ISACA Hyderabad Chapter PresentationCloud Computing and Security - ISACA Hyderabad Chapter Presentation
Cloud Computing and Security - ISACA Hyderabad Chapter PresentationVenkateswar Reddy Melachervu
 
Data storage security in cloud computing
Data storage security in cloud computingData storage security in cloud computing
Data storage security in cloud computingSonali Jain
 
Ensuring data security in cloud computing. - Anusha Tuke
Ensuring data security in  cloud computing. - Anusha TukeEnsuring data security in  cloud computing. - Anusha Tuke
Ensuring data security in cloud computing. - Anusha TukeAnusha Chavan
 
DATA STORAGE SECURITY CHALLENGES IN CLOUD COMPUTING
DATA STORAGE SECURITY CHALLENGES IN CLOUD COMPUTINGDATA STORAGE SECURITY CHALLENGES IN CLOUD COMPUTING
DATA STORAGE SECURITY CHALLENGES IN CLOUD COMPUTINGijsptm
 
SecRBAC: Secure data in the Clouds
SecRBAC: Secure data in the CloudsSecRBAC: Secure data in the Clouds
SecRBAC: Secure data in the CloudsNexgen Technology
 
Cloud computing and its security issues
Cloud computing and its security issuesCloud computing and its security issues
Cloud computing and its security issuesJyoti Srivastava
 
Cloud Computing Security
Cloud Computing SecurityCloud Computing Security
Cloud Computing SecurityNithin Raj
 
Cloud computing security
Cloud computing security Cloud computing security
Cloud computing security Akhila Param
 
Data security in cloud computing
Data security in cloud computingData security in cloud computing
Data security in cloud computingPrince Chandu
 
TWO-FACTOR DATA SECURITY PROTECTION MECHANISM FOR CLOUD STORAGE SYSTEM
TWO-FACTOR DATA SECURITY PROTECTION MECHANISM FOR CLOUD STORAGE SYSTEMTWO-FACTOR DATA SECURITY PROTECTION MECHANISM FOR CLOUD STORAGE SYSTEM
TWO-FACTOR DATA SECURITY PROTECTION MECHANISM FOR CLOUD STORAGE SYSTEMNexgen Technology
 
Data security in the cloud
Data security in the cloud Data security in the cloud
Data security in the cloud IBM Security
 

What's hot (20)

Data security using rsa
Data security using rsaData security using rsa
Data security using rsa
 
On technical security issues in cloud computing
On technical security issues in cloud computingOn technical security issues in cloud computing
On technical security issues in cloud computing
 
Ensuring data storage security in cloud computing
Ensuring data storage security in cloud computingEnsuring data storage security in cloud computing
Ensuring data storage security in cloud computing
 
Presentation on cloud computing security issues using HADOOP and HDFS ARCHITE...
Presentation on cloud computing security issues using HADOOP and HDFS ARCHITE...Presentation on cloud computing security issues using HADOOP and HDFS ARCHITE...
Presentation on cloud computing security issues using HADOOP and HDFS ARCHITE...
 
SOME SECURITY CHALLENGES IN CLOUD COMPUTING
SOME SECURITY CHALLENGES  IN CLOUD COMPUTINGSOME SECURITY CHALLENGES  IN CLOUD COMPUTING
SOME SECURITY CHALLENGES IN CLOUD COMPUTING
 
Cloud Encryption
Cloud EncryptionCloud Encryption
Cloud Encryption
 
Evaluation Of The Data Security Methods In Cloud Computing Environments
Evaluation Of The Data Security Methods In Cloud Computing EnvironmentsEvaluation Of The Data Security Methods In Cloud Computing Environments
Evaluation Of The Data Security Methods In Cloud Computing Environments
 
Cloud Computing and Security - ISACA Hyderabad Chapter Presentation
Cloud Computing and Security - ISACA Hyderabad Chapter PresentationCloud Computing and Security - ISACA Hyderabad Chapter Presentation
Cloud Computing and Security - ISACA Hyderabad Chapter Presentation
 
Data storage security in cloud computing
Data storage security in cloud computingData storage security in cloud computing
Data storage security in cloud computing
 
Ensuring data security in cloud computing. - Anusha Tuke
Ensuring data security in  cloud computing. - Anusha TukeEnsuring data security in  cloud computing. - Anusha Tuke
Ensuring data security in cloud computing. - Anusha Tuke
 
DATA STORAGE SECURITY CHALLENGES IN CLOUD COMPUTING
DATA STORAGE SECURITY CHALLENGES IN CLOUD COMPUTINGDATA STORAGE SECURITY CHALLENGES IN CLOUD COMPUTING
DATA STORAGE SECURITY CHALLENGES IN CLOUD COMPUTING
 
SecRBAC: Secure data in the Clouds
SecRBAC: Secure data in the CloudsSecRBAC: Secure data in the Clouds
SecRBAC: Secure data in the Clouds
 
Cloud Computing Security Issues
Cloud Computing Security Issues Cloud Computing Security Issues
Cloud Computing Security Issues
 
Cloud computing and its security issues
Cloud computing and its security issuesCloud computing and its security issues
Cloud computing and its security issues
 
Cloud Computing Security
Cloud Computing SecurityCloud Computing Security
Cloud Computing Security
 
Cloud computing security
Cloud computing security Cloud computing security
Cloud computing security
 
Data security in cloud computing
Data security in cloud computingData security in cloud computing
Data security in cloud computing
 
G0314043
G0314043G0314043
G0314043
 
TWO-FACTOR DATA SECURITY PROTECTION MECHANISM FOR CLOUD STORAGE SYSTEM
TWO-FACTOR DATA SECURITY PROTECTION MECHANISM FOR CLOUD STORAGE SYSTEMTWO-FACTOR DATA SECURITY PROTECTION MECHANISM FOR CLOUD STORAGE SYSTEM
TWO-FACTOR DATA SECURITY PROTECTION MECHANISM FOR CLOUD STORAGE SYSTEM
 
Data security in the cloud
Data security in the cloud Data security in the cloud
Data security in the cloud
 

Viewers also liked

Cloud computing-security-issues
Cloud computing-security-issuesCloud computing-security-issues
Cloud computing-security-issuesAleem Mohammed
 
Cloud Computing Security
Cloud Computing SecurityCloud Computing Security
Cloud Computing SecurityNinh Nguyen
 
Cloud Computing Security
Cloud Computing SecurityCloud Computing Security
Cloud Computing SecurityPiyush Mittal
 
Cloud computing & Security presentation
Cloud computing & Security presentationCloud computing & Security presentation
Cloud computing & Security presentationParveen Yadav
 
Cloud computing security - Insights
Cloud computing security - InsightsCloud computing security - Insights
Cloud computing security - Insightsgiorgiacaleffi
 
Cloud Computing - Security Benefits and Risks
Cloud Computing - Security Benefits and RisksCloud Computing - Security Benefits and Risks
Cloud Computing - Security Benefits and RisksWilliam McBorrough
 
Cloud Security - Security Aspects of Cloud Computing
Cloud Security - Security Aspects of Cloud ComputingCloud Security - Security Aspects of Cloud Computing
Cloud Security - Security Aspects of Cloud ComputingJim Geovedi
 
Cloud Computing Security
Cloud Computing SecurityCloud Computing Security
Cloud Computing SecurityDhaval Dave
 
2013 State of Cloud Survey SMB Results
2013 State of Cloud Survey SMB Results2013 State of Cloud Survey SMB Results
2013 State of Cloud Survey SMB ResultsSymantec
 
Breaking through the Clouds
Breaking through the CloudsBreaking through the Clouds
Breaking through the CloudsAndy Piper
 
2013 Future of Cloud Computing - 3rd Annual Survey Results
2013 Future of Cloud Computing - 3rd Annual Survey Results2013 Future of Cloud Computing - 3rd Annual Survey Results
2013 Future of Cloud Computing - 3rd Annual Survey ResultsMichael Skok
 
Intro to cloud computing — MegaCOMM 2013, Jerusalem
Intro to cloud computing — MegaCOMM 2013, JerusalemIntro to cloud computing — MegaCOMM 2013, Jerusalem
Intro to cloud computing — MegaCOMM 2013, JerusalemReuven Lerner
 
Can we hack open source #cloud platforms to help reduce emissions?
Can we hack open source #cloud platforms to help reduce emissions?Can we hack open source #cloud platforms to help reduce emissions?
Can we hack open source #cloud platforms to help reduce emissions?Tom Raftery
 
Summer School Scale Cloud Across the Enterprise
Summer School   Scale Cloud Across the EnterpriseSummer School   Scale Cloud Across the Enterprise
Summer School Scale Cloud Across the EnterpriseWSO2
 
Simplifying The Cloud Top 10 Questions By SMBs
Simplifying The Cloud Top 10 Questions By SMBsSimplifying The Cloud Top 10 Questions By SMBs
Simplifying The Cloud Top 10 Questions By SMBsSun Digital, Inc.
 
Penetrating the Cloud: Opportunities & Challenges for Businesses
Penetrating the Cloud: Opportunities & Challenges for BusinessesPenetrating the Cloud: Opportunities & Challenges for Businesses
Penetrating the Cloud: Opportunities & Challenges for BusinessesCompTIA
 
The Inevitable Cloud Outage
The Inevitable Cloud OutageThe Inevitable Cloud Outage
The Inevitable Cloud OutageNewvewm
 

Viewers also liked (20)

Cloud computing-security-issues
Cloud computing-security-issuesCloud computing-security-issues
Cloud computing-security-issues
 
Cloud Computing Security
Cloud Computing SecurityCloud Computing Security
Cloud Computing Security
 
Cloud Computing Security
Cloud Computing SecurityCloud Computing Security
Cloud Computing Security
 
Cloud computing & Security presentation
Cloud computing & Security presentationCloud computing & Security presentation
Cloud computing & Security presentation
 
Cloud computing security - Insights
Cloud computing security - InsightsCloud computing security - Insights
Cloud computing security - Insights
 
Cloud Computing - Security Benefits and Risks
Cloud Computing - Security Benefits and RisksCloud Computing - Security Benefits and Risks
Cloud Computing - Security Benefits and Risks
 
Cloud computing security
Cloud computing securityCloud computing security
Cloud computing security
 
Cloud Computing & Security Concerns
Cloud Computing & Security ConcernsCloud Computing & Security Concerns
Cloud Computing & Security Concerns
 
Cloud Security - Security Aspects of Cloud Computing
Cloud Security - Security Aspects of Cloud ComputingCloud Security - Security Aspects of Cloud Computing
Cloud Security - Security Aspects of Cloud Computing
 
Cloud Computing Security
Cloud Computing SecurityCloud Computing Security
Cloud Computing Security
 
2013 State of Cloud Survey SMB Results
2013 State of Cloud Survey SMB Results2013 State of Cloud Survey SMB Results
2013 State of Cloud Survey SMB Results
 
Breaking through the Clouds
Breaking through the CloudsBreaking through the Clouds
Breaking through the Clouds
 
2013 Future of Cloud Computing - 3rd Annual Survey Results
2013 Future of Cloud Computing - 3rd Annual Survey Results2013 Future of Cloud Computing - 3rd Annual Survey Results
2013 Future of Cloud Computing - 3rd Annual Survey Results
 
Intro to cloud computing — MegaCOMM 2013, Jerusalem
Intro to cloud computing — MegaCOMM 2013, JerusalemIntro to cloud computing — MegaCOMM 2013, Jerusalem
Intro to cloud computing — MegaCOMM 2013, Jerusalem
 
Cloud security ppt
Cloud security pptCloud security ppt
Cloud security ppt
 
Can we hack open source #cloud platforms to help reduce emissions?
Can we hack open source #cloud platforms to help reduce emissions?Can we hack open source #cloud platforms to help reduce emissions?
Can we hack open source #cloud platforms to help reduce emissions?
 
Summer School Scale Cloud Across the Enterprise
Summer School   Scale Cloud Across the EnterpriseSummer School   Scale Cloud Across the Enterprise
Summer School Scale Cloud Across the Enterprise
 
Simplifying The Cloud Top 10 Questions By SMBs
Simplifying The Cloud Top 10 Questions By SMBsSimplifying The Cloud Top 10 Questions By SMBs
Simplifying The Cloud Top 10 Questions By SMBs
 
Penetrating the Cloud: Opportunities & Challenges for Businesses
Penetrating the Cloud: Opportunities & Challenges for BusinessesPenetrating the Cloud: Opportunities & Challenges for Businesses
Penetrating the Cloud: Opportunities & Challenges for Businesses
 
The Inevitable Cloud Outage
The Inevitable Cloud OutageThe Inevitable Cloud Outage
The Inevitable Cloud Outage
 

Similar to Security in cloud computing

Cloud security issues and concerns
Cloud security   issues and concernsCloud security   issues and concerns
Cloud security issues and concernsMrinal Baowaly
 
Security Issues in Cloud Computing - A Review
Security Issues in Cloud Computing - A ReviewSecurity Issues in Cloud Computing - A Review
Security Issues in Cloud Computing - A ReviewEswar Publications
 
International journal of computer science and innovation vol 2015-n2-paper4
International journal of computer science and innovation  vol 2015-n2-paper4International journal of computer science and innovation  vol 2015-n2-paper4
International journal of computer science and innovation vol 2015-n2-paper4sophiabelthome
 
Solutions of cloud computing security issues
Solutions of cloud computing security issuesSolutions of cloud computing security issues
Solutions of cloud computing security issuesJahangeer Qadiree
 
Security Issues in Cloud Computing by rahul abhishek
Security Issues in Cloud Computing  by rahul abhishekSecurity Issues in Cloud Computing  by rahul abhishek
Security Issues in Cloud Computing by rahul abhishekEr. rahul abhishek
 
CLOUD COMPUTING.pdf
CLOUD COMPUTING.pdfCLOUD COMPUTING.pdf
CLOUD COMPUTING.pdfProtelion
 
CLOUD COMPUTING.pdf
CLOUD COMPUTING.pdfCLOUD COMPUTING.pdf
CLOUD COMPUTING.pdfProtelion
 
Security Issues in Cloud Computing by rahul abhishek
Security Issues in Cloud Computing  by rahul abhishekSecurity Issues in Cloud Computing  by rahul abhishek
Security Issues in Cloud Computing by rahul abhishekEr. rahul abhishek
 
Encryption Technique for a Trusted Cloud Computing Environment
Encryption Technique for a Trusted Cloud Computing EnvironmentEncryption Technique for a Trusted Cloud Computing Environment
Encryption Technique for a Trusted Cloud Computing EnvironmentIOSR Journals
 
Encryption Technique for a Trusted Cloud Computing Environment
Encryption Technique for a Trusted Cloud Computing EnvironmentEncryption Technique for a Trusted Cloud Computing Environment
Encryption Technique for a Trusted Cloud Computing EnvironmentIOSR Journals
 
Encryption Technique for a Trusted Cloud Computing Environment
Encryption Technique for a Trusted Cloud Computing EnvironmentEncryption Technique for a Trusted Cloud Computing Environment
Encryption Technique for a Trusted Cloud Computing EnvironmentIOSR Journals
 
Insuring Security for Outsourced Data Stored in Cloud Environment
Insuring Security for Outsourced Data Stored in Cloud EnvironmentInsuring Security for Outsourced Data Stored in Cloud Environment
Insuring Security for Outsourced Data Stored in Cloud EnvironmentEditor IJCATR
 
Trust based Mechanism for Secure Cloud Computing Environment: A Survey
Trust based Mechanism for Secure Cloud Computing Environment: A SurveyTrust based Mechanism for Secure Cloud Computing Environment: A Survey
Trust based Mechanism for Secure Cloud Computing Environment: A Surveyinventionjournals
 

Similar to Security in cloud computing (20)

Cloud security issues and concerns
Cloud security   issues and concernsCloud security   issues and concerns
Cloud security issues and concerns
 
Security Issues in Cloud Computing - A Review
Security Issues in Cloud Computing - A ReviewSecurity Issues in Cloud Computing - A Review
Security Issues in Cloud Computing - A Review
 
Cloud security
Cloud securityCloud security
Cloud security
 
legal and ethical.ppt
legal and ethical.pptlegal and ethical.ppt
legal and ethical.ppt
 
International journal of computer science and innovation vol 2015-n2-paper4
International journal of computer science and innovation  vol 2015-n2-paper4International journal of computer science and innovation  vol 2015-n2-paper4
International journal of computer science and innovation vol 2015-n2-paper4
 
Solutions of cloud computing security issues
Solutions of cloud computing security issuesSolutions of cloud computing security issues
Solutions of cloud computing security issues
 
Security Issues in Cloud Computing by rahul abhishek
Security Issues in Cloud Computing  by rahul abhishekSecurity Issues in Cloud Computing  by rahul abhishek
Security Issues in Cloud Computing by rahul abhishek
 
C017421624
C017421624C017421624
C017421624
 
G033030035
G033030035G033030035
G033030035
 
Cloud slide
Cloud slideCloud slide
Cloud slide
 
CLOUD COMPUTING.pdf
CLOUD COMPUTING.pdfCLOUD COMPUTING.pdf
CLOUD COMPUTING.pdf
 
CLOUD COMPUTING.pdf
CLOUD COMPUTING.pdfCLOUD COMPUTING.pdf
CLOUD COMPUTING.pdf
 
CLOUD STEGANOGRAPHY- A REVIEW
CLOUD STEGANOGRAPHY- A REVIEWCLOUD STEGANOGRAPHY- A REVIEW
CLOUD STEGANOGRAPHY- A REVIEW
 
Security Issues in Cloud Computing by rahul abhishek
Security Issues in Cloud Computing  by rahul abhishekSecurity Issues in Cloud Computing  by rahul abhishek
Security Issues in Cloud Computing by rahul abhishek
 
H017155360
H017155360H017155360
H017155360
 
Encryption Technique for a Trusted Cloud Computing Environment
Encryption Technique for a Trusted Cloud Computing EnvironmentEncryption Technique for a Trusted Cloud Computing Environment
Encryption Technique for a Trusted Cloud Computing Environment
 
Encryption Technique for a Trusted Cloud Computing Environment
Encryption Technique for a Trusted Cloud Computing EnvironmentEncryption Technique for a Trusted Cloud Computing Environment
Encryption Technique for a Trusted Cloud Computing Environment
 
Encryption Technique for a Trusted Cloud Computing Environment
Encryption Technique for a Trusted Cloud Computing EnvironmentEncryption Technique for a Trusted Cloud Computing Environment
Encryption Technique for a Trusted Cloud Computing Environment
 
Insuring Security for Outsourced Data Stored in Cloud Environment
Insuring Security for Outsourced Data Stored in Cloud EnvironmentInsuring Security for Outsourced Data Stored in Cloud Environment
Insuring Security for Outsourced Data Stored in Cloud Environment
 
Trust based Mechanism for Secure Cloud Computing Environment: A Survey
Trust based Mechanism for Secure Cloud Computing Environment: A SurveyTrust based Mechanism for Secure Cloud Computing Environment: A Survey
Trust based Mechanism for Secure Cloud Computing Environment: A Survey
 

Recently uploaded

Human-AI Co-Creation of Worked Examples for Programming Classes
Human-AI Co-Creation of Worked Examples for Programming ClassesHuman-AI Co-Creation of Worked Examples for Programming Classes
Human-AI Co-Creation of Worked Examples for Programming ClassesMohammad Hassany
 
Clinical Pharmacy Introduction to Clinical Pharmacy, Concept of clinical pptx
Clinical Pharmacy  Introduction to Clinical Pharmacy, Concept of clinical pptxClinical Pharmacy  Introduction to Clinical Pharmacy, Concept of clinical pptx
Clinical Pharmacy Introduction to Clinical Pharmacy, Concept of clinical pptxraviapr7
 
Presentation on the Basics of Writing. Writing a Paragraph
Presentation on the Basics of Writing. Writing a ParagraphPresentation on the Basics of Writing. Writing a Paragraph
Presentation on the Basics of Writing. Writing a ParagraphNetziValdelomar1
 
CHUYÊN ĐỀ DẠY THÊM TIẾNG ANH LỚP 11 - GLOBAL SUCCESS - NĂM HỌC 2023-2024 - HK...
CHUYÊN ĐỀ DẠY THÊM TIẾNG ANH LỚP 11 - GLOBAL SUCCESS - NĂM HỌC 2023-2024 - HK...CHUYÊN ĐỀ DẠY THÊM TIẾNG ANH LỚP 11 - GLOBAL SUCCESS - NĂM HỌC 2023-2024 - HK...
CHUYÊN ĐỀ DẠY THÊM TIẾNG ANH LỚP 11 - GLOBAL SUCCESS - NĂM HỌC 2023-2024 - HK...Nguyen Thanh Tu Collection
 
How to Add Existing Field in One2Many Tree View in Odoo 17
How to Add Existing Field in One2Many Tree View in Odoo 17How to Add Existing Field in One2Many Tree View in Odoo 17
How to Add Existing Field in One2Many Tree View in Odoo 17Celine George
 
AUDIENCE THEORY -- FANDOM -- JENKINS.pptx
AUDIENCE THEORY -- FANDOM -- JENKINS.pptxAUDIENCE THEORY -- FANDOM -- JENKINS.pptx
AUDIENCE THEORY -- FANDOM -- JENKINS.pptxiammrhaywood
 
3.21.24 The Origins of Black Power.pptx
3.21.24  The Origins of Black Power.pptx3.21.24  The Origins of Black Power.pptx
3.21.24 The Origins of Black Power.pptxmary850239
 
2024.03.23 What do successful readers do - Sandy Millin for PARK.pptx
2024.03.23 What do successful readers do - Sandy Millin for PARK.pptx2024.03.23 What do successful readers do - Sandy Millin for PARK.pptx
2024.03.23 What do successful readers do - Sandy Millin for PARK.pptxSandy Millin
 
How to Make a Field read-only in Odoo 17
How to Make a Field read-only in Odoo 17How to Make a Field read-only in Odoo 17
How to Make a Field read-only in Odoo 17Celine George
 
5 charts on South Africa as a source country for international student recrui...
5 charts on South Africa as a source country for international student recrui...5 charts on South Africa as a source country for international student recrui...
5 charts on South Africa as a source country for international student recrui...CaraSkikne1
 
In - Vivo and In - Vitro Correlation.pptx
In - Vivo and In - Vitro Correlation.pptxIn - Vivo and In - Vitro Correlation.pptx
In - Vivo and In - Vitro Correlation.pptxAditiChauhan701637
 
Philosophy of Education and Educational Philosophy
Philosophy of Education  and Educational PhilosophyPhilosophy of Education  and Educational Philosophy
Philosophy of Education and Educational PhilosophyShuvankar Madhu
 
Prescribed medication order and communication skills.pptx
Prescribed medication order and communication skills.pptxPrescribed medication order and communication skills.pptx
Prescribed medication order and communication skills.pptxraviapr7
 
PISA-VET launch_El Iza Mohamedou_19 March 2024.pptx
PISA-VET launch_El Iza Mohamedou_19 March 2024.pptxPISA-VET launch_El Iza Mohamedou_19 March 2024.pptx
PISA-VET launch_El Iza Mohamedou_19 March 2024.pptxEduSkills OECD
 
How to Manage Cross-Selling in Odoo 17 Sales
How to Manage Cross-Selling in Odoo 17 SalesHow to Manage Cross-Selling in Odoo 17 Sales
How to Manage Cross-Selling in Odoo 17 SalesCeline George
 
Easter in the USA presentation by Chloe.
Easter in the USA presentation by Chloe.Easter in the USA presentation by Chloe.
Easter in the USA presentation by Chloe.EnglishCEIPdeSigeiro
 
Ultra structure and life cycle of Plasmodium.pptx
Ultra structure and life cycle of Plasmodium.pptxUltra structure and life cycle of Plasmodium.pptx
Ultra structure and life cycle of Plasmodium.pptxDr. Asif Anas
 
Quality Assurance_GOOD LABORATORY PRACTICE
Quality Assurance_GOOD LABORATORY PRACTICEQuality Assurance_GOOD LABORATORY PRACTICE
Quality Assurance_GOOD LABORATORY PRACTICESayali Powar
 

Recently uploaded (20)

Human-AI Co-Creation of Worked Examples for Programming Classes
Human-AI Co-Creation of Worked Examples for Programming ClassesHuman-AI Co-Creation of Worked Examples for Programming Classes
Human-AI Co-Creation of Worked Examples for Programming Classes
 
Clinical Pharmacy Introduction to Clinical Pharmacy, Concept of clinical pptx
Clinical Pharmacy  Introduction to Clinical Pharmacy, Concept of clinical pptxClinical Pharmacy  Introduction to Clinical Pharmacy, Concept of clinical pptx
Clinical Pharmacy Introduction to Clinical Pharmacy, Concept of clinical pptx
 
Presentation on the Basics of Writing. Writing a Paragraph
Presentation on the Basics of Writing. Writing a ParagraphPresentation on the Basics of Writing. Writing a Paragraph
Presentation on the Basics of Writing. Writing a Paragraph
 
CHUYÊN ĐỀ DẠY THÊM TIẾNG ANH LỚP 11 - GLOBAL SUCCESS - NĂM HỌC 2023-2024 - HK...
CHUYÊN ĐỀ DẠY THÊM TIẾNG ANH LỚP 11 - GLOBAL SUCCESS - NĂM HỌC 2023-2024 - HK...CHUYÊN ĐỀ DẠY THÊM TIẾNG ANH LỚP 11 - GLOBAL SUCCESS - NĂM HỌC 2023-2024 - HK...
CHUYÊN ĐỀ DẠY THÊM TIẾNG ANH LỚP 11 - GLOBAL SUCCESS - NĂM HỌC 2023-2024 - HK...
 
How to Add Existing Field in One2Many Tree View in Odoo 17
How to Add Existing Field in One2Many Tree View in Odoo 17How to Add Existing Field in One2Many Tree View in Odoo 17
How to Add Existing Field in One2Many Tree View in Odoo 17
 
AUDIENCE THEORY -- FANDOM -- JENKINS.pptx
AUDIENCE THEORY -- FANDOM -- JENKINS.pptxAUDIENCE THEORY -- FANDOM -- JENKINS.pptx
AUDIENCE THEORY -- FANDOM -- JENKINS.pptx
 
3.21.24 The Origins of Black Power.pptx
3.21.24  The Origins of Black Power.pptx3.21.24  The Origins of Black Power.pptx
3.21.24 The Origins of Black Power.pptx
 
2024.03.23 What do successful readers do - Sandy Millin for PARK.pptx
2024.03.23 What do successful readers do - Sandy Millin for PARK.pptx2024.03.23 What do successful readers do - Sandy Millin for PARK.pptx
2024.03.23 What do successful readers do - Sandy Millin for PARK.pptx
 
How to Make a Field read-only in Odoo 17
How to Make a Field read-only in Odoo 17How to Make a Field read-only in Odoo 17
How to Make a Field read-only in Odoo 17
 
5 charts on South Africa as a source country for international student recrui...
5 charts on South Africa as a source country for international student recrui...5 charts on South Africa as a source country for international student recrui...
5 charts on South Africa as a source country for international student recrui...
 
Personal Resilience in Project Management 2 - TV Edit 1a.pdf
Personal Resilience in Project Management 2 - TV Edit 1a.pdfPersonal Resilience in Project Management 2 - TV Edit 1a.pdf
Personal Resilience in Project Management 2 - TV Edit 1a.pdf
 
In - Vivo and In - Vitro Correlation.pptx
In - Vivo and In - Vitro Correlation.pptxIn - Vivo and In - Vitro Correlation.pptx
In - Vivo and In - Vitro Correlation.pptx
 
Philosophy of Education and Educational Philosophy
Philosophy of Education  and Educational PhilosophyPhilosophy of Education  and Educational Philosophy
Philosophy of Education and Educational Philosophy
 
Prescribed medication order and communication skills.pptx
Prescribed medication order and communication skills.pptxPrescribed medication order and communication skills.pptx
Prescribed medication order and communication skills.pptx
 
PISA-VET launch_El Iza Mohamedou_19 March 2024.pptx
PISA-VET launch_El Iza Mohamedou_19 March 2024.pptxPISA-VET launch_El Iza Mohamedou_19 March 2024.pptx
PISA-VET launch_El Iza Mohamedou_19 March 2024.pptx
 
How to Manage Cross-Selling in Odoo 17 Sales
How to Manage Cross-Selling in Odoo 17 SalesHow to Manage Cross-Selling in Odoo 17 Sales
How to Manage Cross-Selling in Odoo 17 Sales
 
Easter in the USA presentation by Chloe.
Easter in the USA presentation by Chloe.Easter in the USA presentation by Chloe.
Easter in the USA presentation by Chloe.
 
Ultra structure and life cycle of Plasmodium.pptx
Ultra structure and life cycle of Plasmodium.pptxUltra structure and life cycle of Plasmodium.pptx
Ultra structure and life cycle of Plasmodium.pptx
 
Quality Assurance_GOOD LABORATORY PRACTICE
Quality Assurance_GOOD LABORATORY PRACTICEQuality Assurance_GOOD LABORATORY PRACTICE
Quality Assurance_GOOD LABORATORY PRACTICE
 
Prelims of Kant get Marx 2.0: a general politics quiz
Prelims of Kant get Marx 2.0: a general politics quizPrelims of Kant get Marx 2.0: a general politics quiz
Prelims of Kant get Marx 2.0: a general politics quiz
 

Security in cloud computing

  • 1. 3/11/2013 Security in Cloud Computing 1 SECURITY IN CLOUD COMPUTING ABHISHEK KUMAR SINHA MIT,Manipal University
  • 2. 3/11/2013 Security in Cloud Computing 2 Content Introduction to Cloud Computing Cloud Storage Cloud Services Who Consume Cloud Services? Why protection against Cloud? Cloud computing and Security Privacy in Cloud Computing Survey on Cloud Infrastructure Cloud Cryptography Examine the IBM Security Framework Guide to implementing a secure cloud Conclusion
  • 3. 3/11/2013 Security in Cloud Computing 3 Introduction to Cloud Computing • Cloud computing is a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minima management effort or service provider interaction [1].
  • 10. 3/11/2013 Security in Cloud Computing 10 Cloud computing and Security [3] • Cloud computing presents an added level of risk because essential services are often outsourced to a third party. • The externalized aspect of outsourcing makes it harder to maintain data integrity and privacy, support data and ser- vice availability, and demonstrate compliance. • Inside the cloud, it is difficult to physically locate where data is stored.
  • 11. 3/11/2013 Security in Cloud Computing 11 Cloud computing and Security… • In addition, the massive sharing of infrastructure with cloud computing creates a significant difference between cloud security and security in more traditional IT environments. • Users spanning different corporations and trust levels often interact with the same set of compute resources. • At the same time, workload balancing, changing service- level agreements (SLAs) and other aspects of todays dynamic IT environments create even more opportunities for misconfiguration, data compromise and malicious conduct.
  • 12. 3/11/2013 12 Privacy in Cloud Computing • Search history (Google, Yahoo, AOL) • Emails (Yahoo, Microsoft, Google) • Documents, Medical history! (Google) • Photos (Flickr, Google) • Video watching history (YouTube, Google) • Web browsing history (DoubleClick, Google) • Social networks (Facebook, MySpace, Google)
  • 13. 3/11/2013 13
  • 14. 3/11/2013 14 Cloud Cryptography • Homomorphic encryption • Searchable/Structured encryption • Proofs of storage • Server-aided secure computation
  • 15. 3/11/2013 15 Homomorphic encryption • Homomorphic encryption is a form of encryption which allows specific types of computations to be carried out on ciphertext and obtain an encrypted result which is the ciphertext of the result of operations performed on the plaintext. • E.g.one person could add two encrypted numbers and then another person could decrypt the result, without either of them being able to find the value of the individual numbers.
  • 16. 3/11/2013 16
  • 17. 3/11/2013 17 Searchable Encryption • Encryption that supports search on encrypted text Symmetric key [SWP01,Goh03,CM05,CGKO06] Public key [BDOP06, BKOS07,…] • Guarantees that: Cloud never sees documents Cloud never sees search keywords • Pros Symmetric variant is very efficient! • Cons Reveals access and search patterns Shows how to hide this but it is expensive
  • 18. 3/11/2013 18
  • 19. 3/11/2013 19 Proofs of Storage •Tamper detection without knowing original file: Symmetric-key Public-key •Guarantees that: Cloud will be caught if it tampers with data • Pros Symmetric variant is efficient! Verification does not require copy of original data
  • 20. 3/11/2013 20
  • 21. 3/11/2013 21 Server-aided secure computation • Joint computation w/o revealing inputs (plain) secure computation •Guarantees that: Parties will not learn each other’s inputs Cloud will not learn parties’ inputs • Pros General-purpose (e.g., data mining,voting,negotiations,…) Efficient
  • 22. 3/11/2013 22
  • 23. 3/11/2013 Security in Cloud Computing 23 Examine the IBM Security Framework [3] • The IBM Security Framework was developed to describe security in terms of the business resources that need to be protected, and it looks at the different resource domains from a business point of view. • Based on the IBM Security Framework and informed by extensive discussions with IBM clients,IBM provide a host of major security requirements in enterprise-class cloud computing.
  • 24. 3/11/2013 Security in Cloud Computing 24
  • 25. 3/11/2013 Security in Cloud Computing 25 Cont’d… • People and identity: Cloud environments usually support a large and diverse community of users, so these controls are even more critical. In addition, clouds introduce a new tier of privileged users: administrators working for the cloud provider. Privileged-user monitoring, including logging activities, becomes an important requirement. This monitoring should include physical monitoring and background checking.
  • 26. 3/11/2013 Security in Cloud Computing 26 Cont’d… • Data and information: Most organizations cite data protection as their most important security issue. Typical concerns include the way in which data is stored and accessed, compliance and audit requirements, and business issues involving the cost of data breaches, notification requirements, and damage to brand value. • All sensitive or regulated data needs to be properly segregated on the cloud storage infrastructure, including archived data. • Encrypting and managing encryption keys of data in transit to the cloud or data at rest in the service provider's data center is critical to protecting data privacy and complying with compliance mandates.
  • 27. 3/11/2013 Security in Cloud Computing 27 Cont’d… • Application and process: Clients typically consider cloud application security requirements in terms of image security. • All of the typical application security requirements still apply to the applications in the cloud,but they also carry over to the images that host those applications • The cloud provider needs to follow and support a secure development process.
  • 28. 3/11/2013 Security in Cloud Computing 28 Cont’d… • Network, server, and endpoint: In the shared cloud environment, clients want to ensure that all tenant domains are properly isolated and that no possibility exists for data or transactions to leak from one tenant domain into the next. • To help achieve this, clients need the ability to configure trusted virtual domains or policy-based security zones. • As data moves further from the client's control, they expect capabilities like Intrusion • Detection and Prevention systems to be built into the environment.
  • 29. 3/11/2013 Security in Cloud Computing 29 Cont’d… • Physical infrastructure: The cloud's infrastructure, including servers, routers, storage devices, power supplies, and other components that support operations, should be physically secure. • Safeguards include the adequate control and monitoring of physical access using biometric access control measures and closed circuit television (CCTV) monitoring.
  • 30. 3/11/2013 Security in Cloud Computing 30 Guide to implementing a secure cloud • Implement and maintain a security program: • A security program can provide the structure for managing information security, and the risks and threats to the target environment. • In the event of a security breach, the security program can provide crucial information as to how the cloud is protected, responses to threats, and a line of accountability for management of events.
  • 31. 3/11/2013 Security in Cloud Computing 31 Cont’d… • Build and maintain a secure cloud infrastructure: • A secure infrastructure helps provide cloud resiliency and the confidence that the information stored in the cloud is adequately protected. • Organizations must ensure that the vendor can meet all business requirements, demonstrates an understanding of all legal, regulatory, industry, and customer specific requirements, and has the capacity to meet those requirements in a satisfactory manner.
  • 32. 3/11/2013 Security in Cloud Computing 32 Cont’d… • Ensure confidential data protection: • Data protection is a core principle of information security. All of the prevalent information security regulations and standards, as well as the majority of industry best practices, require that sensitive information be adequately protected in order to preserve confidentiality. • Confidentiality of such data is required no matter where that data is resident in the chain of custody, including the cloud environment.
  • 33. 3/11/2013 Security in Cloud Computing 33 Cont’d… • Implement strong access and identity management: • Access and identity management are critical to cloud security. • They limit access to data and applications to authorized and appropriate users. • Establish application and environment provisioning: • In a centrally managed cloud environment, it is essential to have automated provisioning functionality in place.
  • 34. 3/11/2013 Security in Cloud Computing 34 Cont’d… • Implement a governance and audit management program: • To be prepared for regulatory or internal audits, you need to have a program in place that defines when, how, and where to collect log and audit information.
  • 35. 3/11/2013 Security in Cloud Computing 35 Cont’d… • Implement a vulnerability and intrusion management program: • In a trusted cloud environment, you have to implement a strict vulnerability management program and mechanisms such as intrusion detection systems (IDS) and intrusion prevention systems (IPS) to ensure that IT resources (servers, network, infrastructure components, and endpoints) are constantly monitored for vulnerabilities and breaches.
  • 36. 3/11/2013 Security in Cloud Computing 36 Cont’d… • Maintain environment testing and validation: • In order to maintain an intact cloud IT environment, you have to employ different mechanisms • for testing and validation.
  • 37. 3/11/2013 Security in Cloud Computing 37 Conclusion • Cloud computing provides an efficient, scalable, and cost- effective way for today’s organizations to deliver business or consumer IT services over the Internet. • Cloud computing is often provided as a service, so control over data and operations is shifted to third-party service providers, requiring their clients to establish trust relationships with their providers and develop security solutions that take this relationship into account.
  • 38. 3/11/2013 Security in Cloud Computing 38 Reference [1] “The NIST Definition of Cloud Computing”, Reports on Computer Systems Technology, National Institute of Standards and Technology Special Publication 800- 145,September 2011. [2] “IBM Point of View: Security and Cloud Computing”, Cloud computing White paper, November 2009. [3] “Cloud Security Guidance IBM Recommendations for the Implementation of Cloud Security”, IBM RedBooks.