Cloud Computing Security Breaches
Cloud Computing Security Breaches
Sahil
What is Cloud Security ?
Cloud security is an evolving sub-domain of
computer security, network security, and, more
broadly, information security. It refers to a broad set
of policies, technologies, and controls deployed to
protect data, applications, and the associated
infrastructure of cloud computing.
Security Issues in the Cloud
LossofControl
Takebackcontrol
Dataandappsmaystillneedtobeonthecloud
Butcantheybemanagedinsomewaybytheconsumer?
Lackoftrust
Increasetrust(mechanisms)
Technology
Policy,regulation
Contracts(incentives):topicofafuturetalk
Multi-tenancy
Privatecloud
Takesawaythereasonstouseacloudinthefirstplace
Strongseparation
Example :
Lack of Trust in the Cloud
Abriefdeviationfromthetalk
(Butstillrelated)
Trustingathirdpartyrequirestakingrisks
Definingtrustandrisk
Oppositesidesofthesamecoin(J.Camp)
Peopleonlytrustwhenitpays
Needfortrustarisesonlyinriskysituations
Defunctthirdpartymanagementschemes
Hardtobalancetrustandrisk
e.g.KeyEscrow(Clipperchip)
Isthecloudheadedtowardthesamepath?
Multi-tenancy Issues in the Cloud
Conflictbetweentenantsopposinggoals
Tenantsshareapoolofresourcesandhave
opposinggoals
Howdoesmulti-tenancydealwithconflictof
interest?
Cantenantsgetalongtogetherandplaynicely
?
Iftheycant,canweisolatethem?
Howtoprovideseparationbetween
tenants?