DEPARTMENT OF INFORMATICS

COLLEGE OF ENGINEERING AND INFORMATICS

UNIVERSITAS MULTIMEDIA NUSANTARA
ACADEMIC YEAR 2022-2023

IF674 - Cybersecurity: Cloud and

Operations Security
Topic: Cloud Computing Model and Shared
Responsibility

Yaman Khaeruzzaman, M.Sc.

IF674 - Cybersecurity: Cloud and Operation Security 1
Course Learning Objective (Sub-CLO):
Sub-CLO 02: Students are able to understand and describe
cloud computing models and Shared Responsibility (C2)

IF674 - Cybersecurity: Cloud and Operation Security 2

OUTLINE

▪ Cloud Computing Models

▪ The Shared Responsibility
▪ Cloud Computing Security Enhancement

IF674 - Cybersecurity: Cloud and Operation Security 3

Cloud Computing Models
▪ SaaS: Software as a Service
Customers / users using the provider software or application without
knowing how the software running or maintaining => web-based
email service, social media, etc.
▪ PaaS: Platform as a Service
Customers / users install and maintain their application using the
vendor infrastructure => Microsoft Azure, Amazon Aws, etc.
▪ IaaS: Infrastructure as a Service
Customers / users install and maintain their operating system and
applications on the vendor virtual machine => Google Could
Platform
IF674 - Cybersecurity: Cloud and Operation Security 4
The Shared Responsibility Concept

The Shared responsibility model has been customized by each provider to define
security responsibilities and commitments for three basic entities:

The Provider The Corporate customer The End user

IF674 - Cybersecurity: Cloud and Operation Security 5

The Shared Responsibility Models
▪ A Shared Responsibility Model is a cloud security framework that
dictates the security obligations of a cloud computing provider, its
corporate customers, and its users.
▪ defines and ensures accountability at each level.
▪ service providers generally agree to adhere to certain collective
statements of shared responsibility
▪ each provider retains authorship to define the provider’s as well as
the customer’s and end user’s responsibilities
▪ Security responsibilities are different for each of the typical cloud
service models, IaaS, PaaS, and SaaS
IF674 - Cybersecurity: Cloud and Operation Security 6
The Shared Responsibility Models

IF674 - Cybersecurity: Cloud and Operation Security 7

The Shared Responsibility Models

IF674 - Cybersecurity: Cloud and Operation Security 8

The Shared Responsibility Models

▪ Provider supports a network and bare metal virtual

machine environment only.
▪ Provider is responsible for securing the basic cloud
infra-structure components (virtual machines, disks,
networks) and operating systems, applications, or data
structures.
▪ Delineation of responsibility can be different for
different service offerings.
IF674 - Cybersecurity: Cloud and Operation Security 9
The Shared Responsibility Models

▪ Provider’s service offering to include an operating

environment, and possibly a service architecture.
▪ Shared Responsibility Model extends the service
provider's responsibilities to include backup,
availability, and updating and patching.

IF674 - Cybersecurity: Cloud and Operation Security 10

The Shared Responsibility Models

▪ Provider is primarily responsible for securing the

infrastructure, operating platform, and also the
application or software stack.
▪ Customer has restricted access to these services
▪ Customer is responsible for securing only their own
data.

IF674 - Cybersecurity: Cloud and Operation Security 11

Cloud Customer Responsibilities
▪ Companies and end users will be responsible for the security and
integrity of their own data.
▪ End user should always assume responsibility for ensuring that any
data they publish to a cloud environment is free from malware and is
properly backed up.
▪ Company and user cloud responsibilities may overlap and become
complicated in the following areas:
▪ Adhering to security policies including password management
▪ Meeting regulatory and compliance requirements
▪ Managing personal data and data with PII (Personally Identifiable
Information) classifications
▪ Applying legal, HR, and other company data and security policies
IF674 - Cybersecurity: Cloud and Operation Security 12
Cloud Customer Responsibilities

IF674 - Cybersecurity: Cloud and Operation Security 13

Cloud Computing Security Enhancement
Consistency
• can save, clone, update, and port virtual data
and application structures across different
platforms
• simplify the task of maintaining uniform
security postures across the enterprise
• in a hybrid cloud deployment virtual servers
can be designed to publish security updates
and configurations to their physical server
counterparts.
IF674 - Cybersecurity: Cloud and Operation Security 14
Cloud Computing Security Enhancement
Segmentation Policies
• apply the zero-trust principle of “never trust,
always verify.”
• easier to scale and maintain a zero-trust
security model in the cloud because providers
can extend or clone your virtual data and
application services to additional virtual
servers.
• Easy to apply uniform security policies at the
same time.
IF674 - Cybersecurity: Cloud and Operation Security 15
Cloud Computing Security Enhancement
Centralized Management
• improve administrator’s capabilities by
extending their vision touch across cloud-
based networks
• Access to secure cloud-based management
services for real-time application performance
and availability information, including threat
metrics.

IF674 - Cybersecurity: Cloud and Operation Security 16

NEXT DISCUSSION OUTLINE
▪ Cloud native technologies

IF674 - Cybersecurity: Cloud and Operation Security 17

REFERENCES
▪ Brooks, Charles J ., Grow, Christopher, Craig, Philip, and Short, Donald, 2018,
Cybersecurity Essential, John Wiley & Sons, Inc.,
▪ Miller, Lawrence C., 2016, Cybersecurity For Dummies®, Palo Alto Networks,
2nd Edition, John Wiley & Sons, Inc.
▪ Miller, Lawrence C., 2018, Cybersecurity Survival Guide: Principles & Best
Practices, Third Edition, Palo Alto Networks, Inc.

IF674 - Cybersecurity: Cloud and Operation Security 18

Visi
Menjadi Program Studi Strata Satu Informatika unggulan yang menghasilkan lulusan
INFORMATIKA

berwawasan internasional yang kompeten di bidang Ilmu Komputer (Computer

Science), berjiwa wirausaha dan berbudi pekerti luhur.

Misi
1. Menyelenggarakan pembelajaran dengan teknologi dan kurikulum terbaik serta didukung
tenaga pengajar profesional.
2. Melaksanakan kegiatan penelitian di bidang Informatika untuk memajukan ilmu dan
teknologi Informatika.
3. Melaksanakan kegiatan pengabdian kepada masyarakat berbasis ilmu dan teknologi
Informatika dalam rangka mengamalkan ilmu dan teknologi Informatika.