0% found this document useful (0 votes)
21 views30 pages

Unit-4 Cloud Computing-05-02-2024

Uploaded by

l2845610
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
0% found this document useful (0 votes)
21 views30 pages

Unit-4 Cloud Computing-05-02-2024

Uploaded by

l2845610
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 30

CORE COURSE- XI :

23PCA11- CLOUD COMPUTING

Dr. A. Kangaiammal, MCA, M.Phil., M.E., Ph.D.


AP/Computer Applications & Head
Government Arts College(Autonomous)
Salem – 636 007.
COURSE OBJECTIVES
At the end of this the learners will :
– Understand the current trends and basics of Cloud
computing.
– Know the types of virtualization.
– Understand the role and state of security in Cloud
Computing
– Understand the ways and means to manage
Security in Cloud.
– Explore the Cloud Migration solutions and
challenges
COURSE OUTCOMES
On successful completion of the course, the
students will be able to:
– Collaborate the cloud services to any device.
– Implement virtualization.
– Explain the role and state of security in Cloud
Computing
– Outline the ways and means to manage Security in
Cloud.
– Connect the Cloud Migration solutions and
challenges
UNIT IV
Security Issues and Challenges in Cloud
Computing: Introduction – Security Issues and
Challenges in Cloud Computing – Information
Security in Cloud Computing.
Security Management: Introduction – Security
Reference Architecture –Security Issues in Cloud
Computing – Types of Attackers- Security Risks in
Cloud Computing - Security Threats against Cloud
Computing – Novel Security Approaches –
Emerging Trends in Security and Privacy.
REFERENCE BOOKS:
V.K. Pachghare, “Cloud Computing”, PHI, 2012.
Introduction
• Every system has some loopholes with
respect tot security.
• Security in cloud is as in traditional systems.
• These security services are very important in
CC to protect the data.
• Challenges are well-defined security policies,
models and protocols.
• Privacy and Trust are most important which
is subjected for lot of vulnerabilities and
threats.
Security Challenges in CC
• CC introduces new concepts such as resource
sharing, outsourcing the computation, etc.
which increases the security concern.
• Attackers part is easy due to the use of
mobile use and direct cloud access.
• Challenges to CSPs and Users.
• Public, Private and Hybrid offers security.
• In Ex. SSL in web browser usage at SaaS level.
Security Challenges in CC
• Security Challenges:
– To investigate different security attributes.
– To identify the security requirements of cloud
model.
– To correctly identify the different parties involved
and their roles in CC.
– Aware of effects of security policies on different
models.
– Trade-offs are in terms of integrated functionality,
scalability, and security.
Security Challenges in CC
• In Saas Model, the security, observance,
authority and accountability of the
services be defined.
• In PaaS and IaaS models, user or
organization is responsible for the
security aspect.
Security Issues in CC
• Standards for Security
• Network
• Access Control
• Cloud Infrastructure
• Data
Security Issues in CC
• Standards for Security:
– Guarantee of security and Bodies to frame security policies
– SLAs and agreements among users, CSPs and orgns.
– In SLA, the relationship b/w the CSPs and users or organization are defined.
• Network:
– Medium of connection between users in network category like web
browsers, internet, etc. which involves attacks like DoS.
– Attackers come as legitimate users.
• Access Control:
– User authentication, authorization and identification.
– Hijacking, phishing, etc. – attackers capture credentials.
– Damages the integrity, availability and confidentiality of data.
• Cloud Infrastructure
– Related with virtualization – due to insecure API interface, QoS, sharing
technical flaws, multi-tenancy and the location of server and storage.
• Data
– Integrity and confidentiality of data. – issues like redundancy, loss/leakage,
location, recovery, availability, privacy and protection of data.
Information Security in CC
• Properties of secured software:
– Dependability – even when attacks then also same performance
– Trustworthiness – works without threats
– Survivability – resistance power, possibility to recover.
• Services that offer assurance for:
– Security
– Confidentiality
– Authentication
– Integrity
– Access control
– Privacy
– Availability, etc.
Information Security in CC
– Confidentiality
• IPR
• Covert channels
• Traffic Analysis
• Encryption
• Inference
– Integrity
– Availability
– Authentication
– Authorization
– Auditing
– Accountability
Security, Privacy and Trust
• Security
– Services for Protecting the data.
• Unauthorized access or disclosure.
• Destruction
• Modification of data
• Unauthorized use of data
– Security mechanisms focus on protection
mechanisms.
• Authentication, confidentiality, access controls,
integrity, availability, storage, backup, recovery of data
and incident response.
Security, Privacy and Trust
• Privacy:
– Relevant with data/information collection, use of
data, disclosure of information, protection and
storage and destruction of individual sensitive
data.
• Trust:
– Act of reliance and confidence
– Soft trust
– Hard trust
Security Management
Security Reference Architecture –
Security Issues in Cloud Computing
– Types of Attackers- Security Risks
in Cloud Computing - Security
Threats against Cloud Computing –
Novel Security Approaches –
Emerging Trends in Security and
Privacy.
Introduction
• Data transmitted, processed and stored
at the CSPs site.
• Security is the major concern of owner.
• Target of attackers is this data.
• Attackers try to break the confidentiality
and privacy.
• These issues and solutions need to be
studied.
Security Reference Architecture
• SRA addresses relationships of different
components with respect to their locations
and role in cloud computing.
• Issues are:
– Reduce or eliminate the vulnerabilities and.
– Performance of the software.
• Many tasks by CSP to provide services:
– Catalogue of services by CSP.
– Providing different resources-VMS, storages, LBs,
– Maintain the account of services provided
Security Reference Architecture
Security Reference Architecture
• Other tasks part of cloud security team:
– Network Management
– Reporting
– Patch and Change management
– System Management
– Configuration Management
– Application Management
Security Architecture
• With respect to CC platform, the parts
are:
– Authentication of users
– Incident response
– Security of data in transit
– Cloud legal and regulatory issues
– Security of data at rest
– Robust partition between data of different
users.
Security Issues in Cloud Computing
• Security issues in CC Environment:
– Security threats against information access
– Emerging Security Risk
– Attackers type and their attacking
capability.
• Threats to CC Services:
– Confidentiality
– Data Integrity
– Data Availability
Classification of Security Issues
• Traditional Security Issues
– VM level attacks
– CSP’s Vulnerabilities
– Phishing Attack
– Expanded network attack surface
– Authentication and Authorization
– Forensics in the Cloud
• Availability Issues
• Data Control by Third Party
– Due carefulness
– Auditability
– Contractual Obligations
– CSP surveillance
– Transitive Nature of Contracts
Types of Attackers
• Internal attackers
– Part of cloud system (employees of CSP, Users or 3rd
party)
– More access with existing privileges
– Create Attacks against integrity, confidentiality and
availability of data in cloud environment
• External attackers
– Attacks on CSPs, Users and 3rd party.
– Attacks by exploiting operational, technical and social
engineering vulnerabilities.
– Create Attacks against integrity, confidentiality and
availability of data in cloud environment
Types of Attackers
• External attackers
– Threat types:
• Random
– Most commonly used technique.
• Weak
– Customizing existing tools;
– Create advanced attacks using existing tools.
• Strong
– Group of well-organized, well- financed and skilled attackers.
– Large scale attackers, attacking specific applications.
• Substantial
– Very strong, not easily detected by cyber security team even.
– High intelligence and specialist resources required to detect.
Security Risks in Cloud Computing
• Data Location and Segregation
• E-investigation and Protective
Monitoring
• Privileged User Access
• Data Disposal
• Assuring Cloud Security
Security Threats against CC
• DoS attacks
• Side Channel attacks
• Authentication attacks
• Man-in-the-middle attacks
• Insider and organized crime threat
• Social networking attacks
• Attack through mobile devices
• Cheap data and data analysis
• Cost effective defense of availability
• Mash-up authorization
Novel Security Approaches
• Information-Centric Security
– Intelligence inside the data itself for protection
• High-assurance Remote Server Attestation
– Remove or avoid, poor or no transparency
– Audit required
• Privacy-enhanced Business intelligence
– Encryption is for control of data.
– Stops use of data.
– Identity spoofing, data tempering, repudiation,
disclosure of information, DoS, Privilege Elevation
Emerging Trends in Security and Privacy

• Security and Privacy issues:


– Trust Management and Policy Integration
– Organizational Security Management
– Authentication and Identity Management
– Privacy and Data Protection
– Access Control and Accounting
– Secure Service Management
Thank you

You might also like