Scribd Logo
Upload

Welcome to Scribd!

  • Cloud Security

    Uploaded by

    Angelo Barbardo
    41 views16 pages
    Cloud concepts

    Copyright

    © © All Rights Reserved

    Available Formats

    PPTX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    Cloud concepts

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    41 views16 pages

    Cloud Security

    Uploaded by

    Angelo Barbardo
    Cloud concepts

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 16

    SECURITY

    CLOUD COMPUTING

    Angelo Barbardo

    CIS-611 Cloud Computing

    INTRODUCTION
    Cloud computing offers the ability to customize, create, and
    configure applications over the internet. Provides
    organization user access to database resources and
    information anytime anywhere.
    Rather it be Public or Private Cloud there is still
    controversy concerning security related to confidentiality,
    integrity, availability, authentication, authorization, and
    accountability.
    Angelo Barbardo

    CIS-611 Cloud Computing

    CONCEPTS
    Cloud is based off of models that are not seen by the user
    (behind the scene activity). They are categorized as:
    Deployment Model
    Delivery Model (service)

    Angelo Barbardo

    CIS-611 Cloud Computing

    DEPLOYMENT MODEL
    Public Cloud
    - Third party managed and available to multiple customers
    using a common infrastructure. Security level is low
    Private Cloud
    - Managed internal by Organization or external by third party
    service provider. Customer control. Increased security
    Hybrid Cloud
    - Combination of both public and private cloud. Provides
    flexibility. Security is based on critical activity performed
    Angelo Barbardo

    CIS-611 Cloud Computing

    DELIVERY MODEL
    Infrastructure as a service (IaaS)
    - Provides a standard service with basic storage and
    computing environment.
    Software as a service (SaaS)
    - Software is offered as a service on demand and
    delivered through a browser.
    Platform as a service (PaaS)
    - developers ability to write and install applications on
    local system and host in the cloud (providers
    infrastructure)
    Angelo Barbardo

    CIS-611 Cloud Computing

    SECURE CLOUD PRINCIPLES


    Confidentiality:
    Prevention and disclosure of unauthorized information (intentionally or unintentionally).
    Integrity:
    Prevention of authorized and unauthorized users modification of data
    Availability:
    Data and resources are accessible when needed.
    Authentication:
    Testing and validating users identity.
    Authorization:
    Granted access privileges to data and resources per individual user or multiple users.
    Accountability:
    Behavior or action of an individual user.
    Angelo Barbardo

    CIS-611 Cloud Computing

    INFRASTRUCTURE SECURITY
    Network Level
    Host Level
    Application Level

    Angelo Barbardo

    CIS-611 Cloud Computing

    NETWORK LEVEL SECURITY


    Increase confidentiality and integrity of information relayed
    between the organization and CSP.
    Implement user access control by incorporating authentication
    and authorization security measures to organizations data
    stored in the CSP.
    Internet availability and the associated factors that may effect
    resources.

    Angelo Barbardo

    CIS-611 Cloud Computing

    NETWORK LEVEL THREATS


    Eavesdropping
    - Network traffic interception caused by unauthorized access
    Replay attack
    - maliciously or fraudulently repeated data transmission
    DNS Attacks
    - IP address diverted to different host CSP

    Angelo Barbardo

    CIS-611 Cloud Computing

    HOST LEVEL SECURITY


    Based off the delivery models and development models
    -IaaS, responsibility of the customer securing
    --ensure hypervisor software is updated concerning
    integrity and availability
    -PaaS and SaaS, responsibly of the CSP securing
    --verify with the CSP the level hosted security
    -Secure the software layer between hardware and virtual
    servers.
    Angelo Barbardo

    CIS-611 Cloud Computing

    HOST LEVEL THREATS


    Attacker vulnerably controls hypervisor caused by out of date
    software and insufficient lock down.
    Increased security issues with multiple OS running on a
    single hardware platform.

    Angelo Barbardo

    CIS-611 Cloud Computing

    APPLICATION LEVEL SECURITY


    Risks associated with Web applications deployed in the cloud
    is the responsibility of the customer
    Customer and CSP share responsibly, concerning the scope of
    security, cloud delivery model dependent
    User access management is controlled by the customer

    Angelo Barbardo

    CIS-611 Cloud Computing

    APPLICATION LEVEL THREATS


    SQL Injection
    - Inserted a malicious code to gain access of the data base
    Cross-site scripting
    -utilizes script tags embedded in URLs
    Cookie Poisoning
    -User IDs are stored on the client hard-drive or in memory
    Man in the middle
    -connection between two users is setup and provides false
    information to collect data.

    Angelo Barbardo

    CIS-611 Cloud Computing

    Cloud security is the number one concern when considering to


    adopt this paradigm. There are many security threats and risks
    concerning each service delivery model. However,
    organizations may be familiar with the majority, when
    evaluating internal and external threats in the in-house
    infrastructure.

    Questions

    Angelo Barbardo

    CIS-611 Cloud Computing

    REFERENCES
    R. Charanya, M.Aramudhan, K. Mohan, S. Nithya, (2013) Levels of Security Issues in Cloud
    Computing, International Journal of Engineering and Technology (IJET). Retrieved from
    http://www.google.com/url?
    sa=t&rct=j&q=&esrc=s&source=web&cd=1&ved=0ahUKEwi3mpjUipbKAhVGthoKHV0kAW4QFggzMAA&url
    =http%3A%2F%2Fwww.enggjournals.com%2Fijet%2Fdocs%2FIJET13-05-02199.pdf&usg=AFQjCNFGCsmt2o86imz9lqlN3AVgCCZ7Yw
    Sen Jaydip, (n/a) Security and Privacy Issues in Cloud Computing. Retrieved from
    http://www.google.com/url?
    sa=t&rct=j&q=&esrc=s&source=web&cd=3&ved=0ahUKEwiy_MKEipbKAhXJnBoKHTc3BosQFghEMAI&url=
    http%3A%2F%2Farxiv.org%2Fpdf%2F1303.4814&usg=AFQjCNHks5i2-9WHTWRqI-SPIIuf348ASQ

    Angelo Barbardo

    CIS-611 Cloud Computing

    You might also like