SlideShare a Scribd company logo

Cloud security Presentation

Download as PPTX, PDF
A
Ajay p

The document discusses cloud computing security. It begins with an introduction to cloud computing that defines it and outlines its characteristics, service models, and deployment models. It then discusses common security concerns and attacks in cloud computing like DDoS attacks, side channel attacks, and attacks on management consoles. It provides best practices for different security domains like architecture, governance, compliance, and data security. It also discusses current industry initiatives in cloud security.

1 of 46
Downloaded 95 times
CLOUD COMPUTING SECURITYAjay Porus ISO27K LA,CPISIFounder & Director CSA Hyderabad ChapterLead Implementer Honey Net Project India1
AgendaIntroduction to Cloud ComputingCloud Architecture and CharacteristicsCloud Security Concerns and Attacks Different Security Domains Best PracticesWhat's going in Industry on Cloud 2
Introduction to Cloud ComputingIs It Really New?What is Cloud Computing?How Does it Evolve?What are the Characteristics of Cloud Computing?What is difference in Architecture from traditional Computing?What are different Services Delivery Models?What are different deployment models?Frame work of Cloud ComputingCloud Eco-System3
Is It Really New?No,its Not it’s the evolution of old technologies to a new level which bring together many technologies to provide huge computational powerFirst Cloud around networking (Network As a Cloud) as said ..”we Didn’t care where the message sent, the cloud had it from us” –Kevin Marks, GoogleSecond Cloud around Documents (WWW data abstraction)Third Cloud Present and future. This abstracts infrastructure complexities of servers, application, database and different platforms. (Amazon CEO)4
Cloud Computing DefinitionCloud computing is a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction. This cloud model promotes availability and is composed of Seven essential characteristics, three service models, and four deployment models5
How Does it Evolve?MainframesMini ComputerPersonal desktopsClient – ServerIp NetworksMobile DevicesCloud Computing6
Characteristics of Cloud ComputingMulti-tenancy (shared resources)Massive scalabilityRapid ElasticityMeasured service On-demand self-serviceBroad network access7
Traditional vs Cloud ComputingDedicated/traditionalHigh upfront IT investments for new builds High cost of reliable infrastructure High complexity of IT environment Complex infrastructure IT Cloud computingReliability built into the cloud architectureLow upfront IT investmentspay-for-use modelModular IT architecture environmentsNo infrastructure8
Services Delivery Models9
Deployment ModelsPublic Cloud Private CloudCommunity CloudHybrid Cloud10
Cloud Computing Framework11
Cloud Computing FrameworkHybrid CloudsDeploymentModelsCommunityCloudPublic CloudServiceModelsPrivate CloudEssentialCharacteristicsSoftware as a Service (SaaS)Platform as a Service (PaaS)Infrastructure as a Service (IaaS)On Demand Self-ServiceMassive ScaleResilient ComputingBroad Network AccessRapid ElasticityHomogeneityGeographic DistributionCommon CharacteristicsVirtualizationService OrientationResource PoolingMeasured ServiceLow Cost SoftwareAdvanced Security12
Cloud Eco-System13
Cloud Security Concerns & Attacks General Security ConcernsCloud Security ChallengesTop Threats to Cloud ComputingDDOS & EDOSSide Channel AttackMIM Crypto graphic AttackPoisoned VM’sAttack Against Management ConsoleAbusing Cloud Billing Models and Cloud PhishingDNS Cache poisoning AttacksAuthentication Attack14
General Security ConcernsTrusting vendor’s security modelCustomer inability to respond to audit findingsObtaining support for investigationsIndirect administrator accountabilityProprietary implementations can’t be examinedLoss of physical control15
Cloud Security ChallengesData dispersal and international privacy lawsNeed for isolation managementLogging challengesData ownership issues Using SLAs to obtain cloud securityDependence on secure hypervisorsAttraction to hackers (high value target)Encryption needs for cloud computingHandling compliance16
Top Threats to Cloud Computing Abuse and Nefarious Use of Cloud ComputingInsecure Interfaces and APIsMalicious InsidersShared Technology IssuesAccount or Service HijackingLoss of governanceLock-InCompliance risksManagement interface compromiseData protection (Data Loss or Leakage)17
DDOS & EDOSDistributed denial of service: An attack that make computer or network resources unavailable.Economic denial of service: A DDosattack that make large number of request for which cloud user have to pay (generally per 100oo request 1$ in Amazon) Originates majorly from compromised computers18
Side Channel AttackAttack based on information gained from the physical implementation of a cryptosystem.Timing AttackPower Consumption Attack - Simple Power Analysis Attack (SPA) - Differential Power Analysis Attack (DPA)Electromagnetic AttackAcoustic Crypto AnalysisCache AttackDifferential Fault Analysis19
MIM Crypto graphic AttackPhishing ScamAttack Communication Steal Private or public KeyAttacker’s eavesdropping between the two partiesSend and execute malicious codeGain access to Victim’s system20
Poisoned VM’sAdministrator with full access to configure VMAddition of malicious codeTampering with AMI(Amazon Machine Image)Isolation provided by CSPLaunch of Shared AMI Preconfigured Malicious Business LogicNo ways till this time to find out.21
Attack Against Management ConsoleProprietary console of CSPMost critical console as environment can be changedGoogle Made 2 management consoles- 1st console for normal administration2nd to upload apps to google apps by cmd python script Amazon shared domain of EC2 and amazon.comIf vulnerability found Like CSRF attack on secret keys Once keys hacked then management console can be hacked22
Abusing Billing Models & Cloud PhishingPhishing Scams for AmazonPhishing from Amazon cloud Blacklisting Amazon domain in phishing databaseOnce secret key hacked Cloud based DDOS very costlyMillion of poisoned VM initiate by 1 CSRFattackPayment for the network and CPU consumption23
DNS Cache Poisoning AttacksShared IP’s Once IP released take time to clear from cache & Arp tableTill cleared can be accessed with same IPLack of Knowledge for DNS cache & ARP tableWashigton post face d problem at Amazon EC2Even IP released but had access from internal network24
Authentication AttackWeak PasswordGoogle Hack DatabaseSql InjectionsCross site ScriptingMan in the MiddleBrute force AttackSession HijackingSocial Engineering25
Different Security Domains Best PracticesCloud Computing Architectural Framework .Governance and Enterprise Risk ManagementLegal and Electronic DiscoveryCompliance and AuditData Security LifecyclePortability and InteroperabilityTraditional Security, BCP & DRData Center OperationsIncident ManagementApplication SecurityEncryption and Key ManagementIdentity and Access ManagementVirtualization Security26
Cloud Architectural SecurityHardware Security (xeon 5600, AES and TXT Support)Virtualization Security (Hypervisor Hardening)Guest OS Security (Operating system Hardening)Platform Security ( Patches and Updates)Application Security ( Secure Development Lifecycle)Network Security ( Firewall, IDS, IPS, VPN, SSL/TLS)Cryptographic Security (PGP Keys, AES, 3DES, 2-DNF)27
Governance and Risk ManagementInvest some of saved money for SecurityRobust IS governance with defined roles & responsibilitiesCollaborative governance structure between provider & customer Assess for sufficiency, maturity, and consistency with the user’s ISMS.SLA should be added in Risk assessmentNew approach for risk assessment from both end’s.CSP include metrics and controls 28
Legal and Electronic DiscoveryMutual understanding of each other’s R&R related to electronic discovery, litigation & Laws.Responsive Information security system to preserve data to authentic & reliable.Providing equal guardianship as in owner’s hand.Pre-contract due diligence, contract term negotiation, post-contract monitoring, and contract termination Unified process for responding to subpoenas, service of process, and other legal requests.29
Compliance and AuditInvolve Legal and Contracts Teams in SLARight to Audit ClauseAnalyze Compliance ScopeAnalyze Impact of Regulations on Data SecurityReview Relevant Partners and Services ProvidersAnalyze Impact of Regulations on Provider InfrastructureAuditor Qualification and SelectionCloud Provider’s SAS 70 Type IICloud Provider’s ISO/IEC 27001/27002 Roadmap30
Data Security LifecycleMaintain CIA of data Security practices and proceduresStrong SLA with all area’s. System of service penalties in SLAData ClassificationEncryptionPerform Regular Backup31
Portability and InteroperabilityIdentify and eliminate any provider-specific extensions to the VM environment. Appropriate de-provisioning of VM imagesAppropriate de-provisioning of discs & storage device. Platform components with a standard syntaxUnderstand the impacts on performance and availability of the application. Consistency of control effectiveness across old and new providers. Vendor to test and evaluate the applications before migration32
Traditional Security, BCP & DRCentralization of dataAdopting as a security baselinePerform onsite inspections of cloud provider facilitiesCustomers should inspect cloud provider disaster recoveryBCP Policy approved by the provider’s board of directors33
Data Center Operationspermission to conduct customer or external third-party audits.Demonstrate compartmentalization of systems, networks, management, provisioning, and personnel.SLA should be clearly defined, measurable, enforceable, and adequate for your requirementsContinual improvement in policies, processes, procedures.24*7*365 days Technical support should be available.34
Incident ManagementDefine incident and event before SLA signoff to CSPWhat incident detection and analysis tools used by CSPConducting proper risk management to stop incidentsA robust Security Information and Event Management (SIEM) requiredDeliver snapshots of the customer’s entire virtual environmentWhole data should be encrypted 35
Application Security Application assessment tools Create trust boundaries for SDLCUse Own VM with configured policies in IAASUse best practice to harden system as in DMZMulti-tenancy in application threat modelSecuring inter host communicationMetrics to assess effectiveness of Security ProgramKeep cloud architecture in Mind. 36
Encryption & Key ManagementEncrypting data In transit (SSL/TLS, SSH)Encrypting data at rest (AES128, 3DES, 2DNF)Encrypting data on Backup mediaUse of encryption data separate then for use.Stipulate encryption in contractDefine secure key lifecycle managementUse industry level key management systemsMake keys secure, limited access to key store & key backup. 37
Identity and Access ManagementAvoid proprietary identity provisioning system Use 2 factor authenticationConsider user centric authentication (Google, live Id)Use open standard for authentication and VPNUse of federated identity and gateways like SAML Use mechanism to transmit user info from PIP to PDPUse IdaaS to have better security & risk mitigation38
Virtualization SecurityIdentify types of virtualization provided by CSPUnderstand hypervisor security and isolation mechanismUnderstand security to protect administrative interfaces (API, web-based)Strong authentication mechanism with tamper proof logging and integrity monitoring toolsExplore Efficiency and feasibility of segregating VMsStrong reporting mechanism for raising alert if compromised 39
What's going in Industry on Cloud Different Initiatives Fabric ComputingHomomorphic EncryptionFuture of Cloud –Mobile Computing40
Different Initiatives Cloud Security AllianceCloud CertCloud CAMM(Capability and Maturity Model)Cloud Audit A6CCM ( Cloud Control Matrix Tool)CAI (Consensus Assessment InitiativeCSA GRC StackTrusted Cloud InitiativeCCSK (Certificate of Cloud Security Knowledge)Cloud Metrics Research41
Fabric ComputingNext generation computing by interconnecting nodes like fabric (including various clouds)High performance computing by loosely coupled storage network devices and parallel processors42
Homomorphic & Predicate EncryptionProcessing of encrypted data very difficultIBM announced Homomorphic encryption (2DNF+)Enables Processing of encrypted data.Require immense computational power Predicate encryption No need to Decrypt whole dataDecrypt only requiredSupporting Disjunctions, Polynomial Equations, and Inner Products43
Future of Cloud –Mobile ComputingMobile computing increasing rapidlyAndroid Platform next generation mobile computingApplication to access cloud on mobile phoneWi-Fi and 3G connection enabling high bandwidthSSL/TLS and SSH from Phone web browser to VM Trusted certificate and private key on phone2 factor Authentication (Fingerprint and password)Different platforms to configure cloud API’s44
Questions?45
Thank YouContact:www.csaindia.inajayporus@csaindia.inhttp://in.linkedin.com/in/ajayporusSkype: ajayporus1Yahoo: ajayporus198646
Ad

Recommended

Cloud security
Cloud securityCloud security
Cloud security
Niharika Varshney
 
Cloud Security: A New Perspective
Cloud Security: A New PerspectiveCloud Security: A New Perspective
Cloud Security: A New Perspective
Wen-Pai Lu
 
Cloud Computing Security
Cloud Computing SecurityCloud Computing Security
Cloud Computing Security
Ninh Nguyen
 
Cloud security ppt
Cloud security pptCloud security ppt
Cloud security ppt
Venkatesh Chary
 
Cloud security and security architecture
Cloud security and security architectureCloud security and security architecture
Cloud security and security architecture
Vladimir Jirasek
 
Cloud computing simple ppt
Cloud computing simple pptCloud computing simple ppt
Cloud computing simple ppt
Agarwaljay
 
Cloud computing security issues and challenges
Cloud computing security issues and challengesCloud computing security issues and challenges
Cloud computing security issues and challenges
Dheeraj Negi
 
Introduction to Cloud Computing
Introduction to Cloud Computing Introduction to Cloud Computing
Introduction to Cloud Computing
CloudSyntrix
 
Cloud Security
Cloud SecurityCloud Security
Cloud Security
AWS User Group Bengaluru
 
Network Security Fundamentals
Network Security FundamentalsNetwork Security Fundamentals
Network Security Fundamentals
Rahmat Suhatman
 
Cloud Service Models
Cloud Service ModelsCloud Service Models
Cloud Service Models
Abhishek Pachisia
 
Cloud computing
Cloud computingCloud computing
Cloud computing
Shiva Prasad
 
Cloud Security Architecture.pptx
Cloud Security Architecture.pptxCloud Security Architecture.pptx
Cloud Security Architecture.pptx
Moshe Ferber
 
Cloud Security - Security Aspects of Cloud Computing
Cloud Security - Security Aspects of Cloud ComputingCloud Security - Security Aspects of Cloud Computing
Cloud Security - Security Aspects of Cloud Computing
Jim Geovedi
 
Cloud computing and data security
Cloud computing and data securityCloud computing and data security
Cloud computing and data security
Mohammed Fazuluddin
 
Cloud computing
Cloud computingCloud computing
Cloud computing
Aditya Dwivedi
 
Introduction to Cyber Security
Introduction to Cyber SecurityIntroduction to Cyber Security
Introduction to Cyber Security
Stephen Lahanas
 
Cloud computing
Cloud computingCloud computing
Cloud computing
DebrajKarmakar
 
Cloud security
Cloud securityCloud security
Cloud security
Tushar Kayande
 
Zero Trust Model Presentation
Zero Trust Model PresentationZero Trust Model Presentation
Zero Trust Model Presentation
Gowdhaman Jothilingam
 
Cloud Computing for college presenation project.
Cloud Computing for college presenation project.Cloud Computing for college presenation project.
Cloud Computing for college presenation project.
Mahesh Tibrewal
 
Cloud computing and Cloud security fundamentals
Cloud computing and Cloud security fundamentalsCloud computing and Cloud security fundamentals
Cloud computing and Cloud security fundamentals
Viresh Suri
 
Basics of Cloud Computing
Basics of Cloud ComputingBasics of Cloud Computing
Basics of Cloud Computing
Pranav Vashistha
 
Cloud Computing Service Models | IaaS PaaS SaaS Explained | Cloud Masters Pro...
Cloud Computing Service Models | IaaS PaaS SaaS Explained | Cloud Masters Pro...Cloud Computing Service Models | IaaS PaaS SaaS Explained | Cloud Masters Pro...
Cloud Computing Service Models | IaaS PaaS SaaS Explained | Cloud Masters Pro...
Edureka!
 
cloud security ppt
cloud security ppt cloud security ppt
cloud security ppt
Devyani Vaidya
 
Cloud computing
Cloud computingCloud computing
Cloud computing
Syam Lal
 
Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...
Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...
Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...
Edureka!
 
Cloud Computing Security Challenges
Cloud Computing Security ChallengesCloud Computing Security Challenges
Cloud Computing Security Challenges
Yateesh Yadav
 
Commercial T&C Mukul Draft
Commercial T&C Mukul DraftCommercial T&C Mukul Draft
Commercial T&C Mukul Draft
guest107b0
 
Verb To Bes
Verb To BesVerb To Bes
Verb To Bes
guest8560f
 
Ad

More Related Content

What's hot (20)

Cloud Security
Cloud SecurityCloud Security
Cloud Security
AWS User Group Bengaluru
 
Network Security Fundamentals
Network Security FundamentalsNetwork Security Fundamentals
Network Security Fundamentals
Rahmat Suhatman
 
Cloud Service Models
Cloud Service ModelsCloud Service Models
Cloud Service Models
Abhishek Pachisia
 
Cloud computing
Cloud computingCloud computing
Cloud computing
Shiva Prasad
 
Cloud Security Architecture.pptx
Cloud Security Architecture.pptxCloud Security Architecture.pptx
Cloud Security Architecture.pptx
Moshe Ferber
 
Cloud Security - Security Aspects of Cloud Computing
Cloud Security - Security Aspects of Cloud ComputingCloud Security - Security Aspects of Cloud Computing
Cloud Security - Security Aspects of Cloud Computing
Jim Geovedi
 
Cloud computing and data security
Cloud computing and data securityCloud computing and data security
Cloud computing and data security
Mohammed Fazuluddin
 
Cloud computing
Cloud computingCloud computing
Cloud computing
Aditya Dwivedi
 
Introduction to Cyber Security
Introduction to Cyber SecurityIntroduction to Cyber Security
Introduction to Cyber Security
Stephen Lahanas
 
Cloud computing
Cloud computingCloud computing
Cloud computing
DebrajKarmakar
 
Cloud security
Cloud securityCloud security
Cloud security
Tushar Kayande
 
Zero Trust Model Presentation
Zero Trust Model PresentationZero Trust Model Presentation
Zero Trust Model Presentation
Gowdhaman Jothilingam
 
Cloud Computing for college presenation project.
Cloud Computing for college presenation project.Cloud Computing for college presenation project.
Cloud Computing for college presenation project.
Mahesh Tibrewal
 
Cloud computing and Cloud security fundamentals
Cloud computing and Cloud security fundamentalsCloud computing and Cloud security fundamentals
Cloud computing and Cloud security fundamentals
Viresh Suri
 
Basics of Cloud Computing
Basics of Cloud ComputingBasics of Cloud Computing
Basics of Cloud Computing
Pranav Vashistha
 
Cloud Computing Service Models | IaaS PaaS SaaS Explained | Cloud Masters Pro...
Cloud Computing Service Models | IaaS PaaS SaaS Explained | Cloud Masters Pro...Cloud Computing Service Models | IaaS PaaS SaaS Explained | Cloud Masters Pro...
Cloud Computing Service Models | IaaS PaaS SaaS Explained | Cloud Masters Pro...
Edureka!
 
cloud security ppt
cloud security ppt cloud security ppt
cloud security ppt
Devyani Vaidya
 
Cloud computing
Cloud computingCloud computing
Cloud computing
Syam Lal
 
Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...
Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...
Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...
Edureka!
 
Cloud Computing Security Challenges
Cloud Computing Security ChallengesCloud Computing Security Challenges
Cloud Computing Security Challenges
Yateesh Yadav
 
Cloud Security
Cloud SecurityCloud Security
Cloud Security
AWS User Group Bengaluru
 
Network Security Fundamentals
Network Security FundamentalsNetwork Security Fundamentals
Network Security Fundamentals
Rahmat Suhatman
 
Cloud Service Models
Cloud Service ModelsCloud Service Models
Cloud Service Models
Abhishek Pachisia
 
Cloud computing
Cloud computingCloud computing
Cloud computing
Shiva Prasad
 
Cloud Security Architecture.pptx
Cloud Security Architecture.pptxCloud Security Architecture.pptx
Cloud Security Architecture.pptx
Moshe Ferber
 
Cloud Security - Security Aspects of Cloud Computing
Cloud Security - Security Aspects of Cloud ComputingCloud Security - Security Aspects of Cloud Computing
Cloud Security - Security Aspects of Cloud Computing
Jim Geovedi
 
Cloud computing and data security
Cloud computing and data securityCloud computing and data security
Cloud computing and data security
Mohammed Fazuluddin
 
Cloud computing
Cloud computingCloud computing
Cloud computing
Aditya Dwivedi
 
Introduction to Cyber Security
Introduction to Cyber SecurityIntroduction to Cyber Security
Introduction to Cyber Security
Stephen Lahanas
 
Cloud computing
Cloud computingCloud computing
Cloud computing
DebrajKarmakar
 
Cloud security
Cloud securityCloud security
Cloud security
Tushar Kayande
 
Zero Trust Model Presentation
Zero Trust Model PresentationZero Trust Model Presentation
Zero Trust Model Presentation
Gowdhaman Jothilingam
 
Cloud Computing for college presenation project.
Cloud Computing for college presenation project.Cloud Computing for college presenation project.
Cloud Computing for college presenation project.
Mahesh Tibrewal
 
Cloud computing and Cloud security fundamentals
Cloud computing and Cloud security fundamentalsCloud computing and Cloud security fundamentals
Cloud computing and Cloud security fundamentals
Viresh Suri
 
Basics of Cloud Computing
Basics of Cloud ComputingBasics of Cloud Computing
Basics of Cloud Computing
Pranav Vashistha
 
Cloud Computing Service Models | IaaS PaaS SaaS Explained | Cloud Masters Pro...
Cloud Computing Service Models | IaaS PaaS SaaS Explained | Cloud Masters Pro...Cloud Computing Service Models | IaaS PaaS SaaS Explained | Cloud Masters Pro...
Cloud Computing Service Models | IaaS PaaS SaaS Explained | Cloud Masters Pro...
Edureka!
 
cloud security ppt
cloud security ppt cloud security ppt
cloud security ppt
Devyani Vaidya
 
Cloud computing
Cloud computingCloud computing
Cloud computing
Syam Lal
 
Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...
Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...
Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...
Edureka!
 
Cloud Computing Security Challenges
Cloud Computing Security ChallengesCloud Computing Security Challenges
Cloud Computing Security Challenges
Yateesh Yadav
 

Viewers also liked (16)

Commercial T&C Mukul Draft
Commercial T&C Mukul DraftCommercial T&C Mukul Draft
Commercial T&C Mukul Draft
guest107b0
 
Verb To Bes
Verb To BesVerb To Bes
Verb To Bes
guest8560f
 
Healthy Fruits
Healthy FruitsHealthy Fruits
Healthy Fruits
Niezzam Harun
 
Strategisk bruk av sosiale medier, foredrag hos Abelia 20.08.2009
Strategisk bruk av sosiale medier, foredrag hos Abelia 20.08.2009Strategisk bruk av sosiale medier, foredrag hos Abelia 20.08.2009
Strategisk bruk av sosiale medier, foredrag hos Abelia 20.08.2009
Merete Berg
 
Shift CD Presentation
Shift CD PresentationShift CD Presentation
Shift CD Presentation
guestb6e8f
 
Past Simple
Past SimplePast Simple
Past Simple
guest8560f
 
God kunnskapsledelse i praksis, foredrag for Dataforeningen Summit
God kunnskapsledelse i praksis, foredrag for Dataforeningen SummitGod kunnskapsledelse i praksis, foredrag for Dataforeningen Summit
God kunnskapsledelse i praksis, foredrag for Dataforeningen Summit
Merete Berg
 
Shift Profie
Shift ProfieShift Profie
Shift Profie
guestb6e8f
 
profit from the core
profit from the coreprofit from the core
profit from the core
Rink Tang
 
Print & Web Portfolio
Print & Web PortfolioPrint & Web Portfolio
Print & Web Portfolio
lukeddennis
 
HoCare Interreg Europe project
HoCare Interreg Europe projectHoCare Interreg Europe project
HoCare Interreg Europe project
Jan Kubalík
 
Presente Simple
Presente SimplePresente Simple
Presente Simple
guest8560f
 
Drms Inter Clinic Appointment
Drms Inter Clinic AppointmentDrms Inter Clinic Appointment
Drms Inter Clinic Appointment
Niezzam Harun
 
Why information security is becoming the most important for mid size business...
Why information security is becoming the most important for mid size business...Why information security is becoming the most important for mid size business...
Why information security is becoming the most important for mid size business...
Ajay p
 
Past Simple
Past SimplePast Simple
Past Simple
guest8560f
 
Verb To Be
Verb To BeVerb To Be
Verb To Be
guest8560f
 
Commercial T&C Mukul Draft
Commercial T&C Mukul DraftCommercial T&C Mukul Draft
Commercial T&C Mukul Draft
guest107b0
 
Verb To Bes
Verb To BesVerb To Bes
Verb To Bes
guest8560f
 
Healthy Fruits
Healthy FruitsHealthy Fruits
Healthy Fruits
Niezzam Harun
 
Strategisk bruk av sosiale medier, foredrag hos Abelia 20.08.2009
Strategisk bruk av sosiale medier, foredrag hos Abelia 20.08.2009Strategisk bruk av sosiale medier, foredrag hos Abelia 20.08.2009
Strategisk bruk av sosiale medier, foredrag hos Abelia 20.08.2009
Merete Berg
 
Shift CD Presentation
Shift CD PresentationShift CD Presentation
Shift CD Presentation
guestb6e8f
 
Past Simple
Past SimplePast Simple
Past Simple
guest8560f
 
God kunnskapsledelse i praksis, foredrag for Dataforeningen Summit
God kunnskapsledelse i praksis, foredrag for Dataforeningen SummitGod kunnskapsledelse i praksis, foredrag for Dataforeningen Summit
God kunnskapsledelse i praksis, foredrag for Dataforeningen Summit
Merete Berg
 
Shift Profie
Shift ProfieShift Profie
Shift Profie
guestb6e8f
 
profit from the core
profit from the coreprofit from the core
profit from the core
Rink Tang
 
Print & Web Portfolio
Print & Web PortfolioPrint & Web Portfolio
Print & Web Portfolio
lukeddennis
 
HoCare Interreg Europe project
HoCare Interreg Europe projectHoCare Interreg Europe project
HoCare Interreg Europe project
Jan Kubalík
 
Presente Simple
Presente SimplePresente Simple
Presente Simple
guest8560f
 
Drms Inter Clinic Appointment
Drms Inter Clinic AppointmentDrms Inter Clinic Appointment
Drms Inter Clinic Appointment
Niezzam Harun
 
Why information security is becoming the most important for mid size business...
Why information security is becoming the most important for mid size business...Why information security is becoming the most important for mid size business...
Why information security is becoming the most important for mid size business...
Ajay p
 
Past Simple
Past SimplePast Simple
Past Simple
guest8560f
 
Verb To Be
Verb To BeVerb To Be
Verb To Be
guest8560f
 
Ad

Similar to Cloud security Presentation (20)

Brighttalk Challenges In Cloud Security
Brighttalk Challenges In Cloud SecurityBrighttalk Challenges In Cloud Security
Brighttalk Challenges In Cloud Security
guestc416cd26
 
Effectively and Securely Using the Cloud Computing Paradigm
Effectively and Securely Using the Cloud Computing ParadigmEffectively and Securely Using the Cloud Computing Paradigm
Effectively and Securely Using the Cloud Computing Paradigm
fanc1985
 
cloud computing security in intenet.pptx
cloud computing security in intenet.pptxcloud computing security in intenet.pptx
cloud computing security in intenet.pptx
moromoro8
 
Cloud and the Future of Networked Systems
Cloud and the Future of Networked SystemsCloud and the Future of Networked Systems
Cloud and the Future of Networked Systems
James Urquhart
 
Security in cloud computing kashyap kunal
Security in cloud computing kashyap kunalSecurity in cloud computing kashyap kunal
Security in cloud computing kashyap kunal
Kashyap Kunal
 
Cloud Computing – Opportunities, Definitions, Options, and Risks (Part-1)
Cloud Computing – Opportunities, Definitions, Options, and Risks (Part-1)Cloud Computing – Opportunities, Definitions, Options, and Risks (Part-1)
Cloud Computing – Opportunities, Definitions, Options, and Risks (Part-1)
Manoj Kumar
 
Presentation On Effectively And Securely Using The Cloud Computing Paradigm V26
Presentation On Effectively And Securely Using The Cloud Computing Paradigm V26Presentation On Effectively And Securely Using The Cloud Computing Paradigm V26
Presentation On Effectively And Securely Using The Cloud Computing Paradigm V26
TT L
 
Presentation on Effectively and Securely Using the Cloud Computing Paradigm v26
Presentation on Effectively and Securely Using the Cloud Computing Paradigm v26Presentation on Effectively and Securely Using the Cloud Computing Paradigm v26
Presentation on Effectively and Securely Using the Cloud Computing Paradigm v26
Bill Annibell
 
Cloud Ecosystems A Perspective
Cloud Ecosystems A PerspectiveCloud Ecosystems A Perspective
Cloud Ecosystems A Perspective
jmcdaniel650
 
cloud computing models
cloud computing modelscloud computing models
cloud computing models
Kiran Kumar Anumandla
 
Salesforce - Introduction to Security & Access
Salesforce - Introduction to Security & Access Salesforce - Introduction to Security & Access
Salesforce - Introduction to Security & Access
Vibrant Technologies & Computers
 
htcia-5-2015
htcia-5-2015htcia-5-2015
htcia-5-2015
Tony Godfrey
 
Cloud computing
Cloud computingCloud computing
Cloud computing
Ashish Mishra
 
YURY_CHEMERKIN__I-Society_2013_Conference.pdf
YURY_CHEMERKIN__I-Society_2013_Conference.pdfYURY_CHEMERKIN__I-Society_2013_Conference.pdf
YURY_CHEMERKIN__I-Society_2013_Conference.pdf
Yury Chemerkin
 
Securing Your Public Cloud Infrastructure
Securing Your Public Cloud InfrastructureSecuring Your Public Cloud Infrastructure
Securing Your Public Cloud Infrastructure
Qualys
 
Cloud security for financial services
Cloud security for financial servicesCloud security for financial services
Cloud security for financial services
Moshe Ferber
 
Cloud computing – An Overview
Cloud computing – An OverviewCloud computing – An Overview
Cloud computing – An Overview
Kannan Subbiah
 
Cloud security v2
Cloud security v2Cloud security v2
Cloud security v2
Shahar Geiger Maor
 
Cloud Security using NIST guidelines
Cloud Security using NIST guidelinesCloud Security using NIST guidelines
Cloud Security using NIST guidelines
Srishti Ahuja
 
Cloud Security using NIST guidelines
Cloud Security using NIST guidelinesCloud Security using NIST guidelines
Cloud Security using NIST guidelines
Srishti Ahuja
 
Brighttalk Challenges In Cloud Security
Brighttalk Challenges In Cloud SecurityBrighttalk Challenges In Cloud Security
Brighttalk Challenges In Cloud Security
guestc416cd26
 
Effectively and Securely Using the Cloud Computing Paradigm
Effectively and Securely Using the Cloud Computing ParadigmEffectively and Securely Using the Cloud Computing Paradigm
Effectively and Securely Using the Cloud Computing Paradigm
fanc1985
 
cloud computing security in intenet.pptx
cloud computing security in intenet.pptxcloud computing security in intenet.pptx
cloud computing security in intenet.pptx
moromoro8
 
Cloud and the Future of Networked Systems
Cloud and the Future of Networked SystemsCloud and the Future of Networked Systems
Cloud and the Future of Networked Systems
James Urquhart
 
Security in cloud computing kashyap kunal
Security in cloud computing kashyap kunalSecurity in cloud computing kashyap kunal
Security in cloud computing kashyap kunal
Kashyap Kunal
 
Cloud Computing – Opportunities, Definitions, Options, and Risks (Part-1)
Cloud Computing – Opportunities, Definitions, Options, and Risks (Part-1)Cloud Computing – Opportunities, Definitions, Options, and Risks (Part-1)
Cloud Computing – Opportunities, Definitions, Options, and Risks (Part-1)
Manoj Kumar
 
Presentation On Effectively And Securely Using The Cloud Computing Paradigm V26
Presentation On Effectively And Securely Using The Cloud Computing Paradigm V26Presentation On Effectively And Securely Using The Cloud Computing Paradigm V26
Presentation On Effectively And Securely Using The Cloud Computing Paradigm V26
TT L
 
Presentation on Effectively and Securely Using the Cloud Computing Paradigm v26
Presentation on Effectively and Securely Using the Cloud Computing Paradigm v26Presentation on Effectively and Securely Using the Cloud Computing Paradigm v26
Presentation on Effectively and Securely Using the Cloud Computing Paradigm v26
Bill Annibell
 
Cloud Ecosystems A Perspective
Cloud Ecosystems A PerspectiveCloud Ecosystems A Perspective
Cloud Ecosystems A Perspective
jmcdaniel650
 
cloud computing models
cloud computing modelscloud computing models
cloud computing models
Kiran Kumar Anumandla
 
Salesforce - Introduction to Security & Access
Salesforce - Introduction to Security & Access Salesforce - Introduction to Security & Access
Salesforce - Introduction to Security & Access
Vibrant Technologies & Computers
 
htcia-5-2015
htcia-5-2015htcia-5-2015
htcia-5-2015
Tony Godfrey
 
Cloud computing
Cloud computingCloud computing
Cloud computing
Ashish Mishra
 
YURY_CHEMERKIN__I-Society_2013_Conference.pdf
YURY_CHEMERKIN__I-Society_2013_Conference.pdfYURY_CHEMERKIN__I-Society_2013_Conference.pdf
YURY_CHEMERKIN__I-Society_2013_Conference.pdf
Yury Chemerkin
 
Securing Your Public Cloud Infrastructure
Securing Your Public Cloud InfrastructureSecuring Your Public Cloud Infrastructure
Securing Your Public Cloud Infrastructure
Qualys
 
Cloud security for financial services
Cloud security for financial servicesCloud security for financial services
Cloud security for financial services
Moshe Ferber
 
Cloud computing – An Overview
Cloud computing – An OverviewCloud computing – An Overview
Cloud computing – An Overview
Kannan Subbiah
 
Cloud security v2
Cloud security v2Cloud security v2
Cloud security v2
Shahar Geiger Maor
 
Cloud Security using NIST guidelines
Cloud Security using NIST guidelinesCloud Security using NIST guidelines
Cloud Security using NIST guidelines
Srishti Ahuja
 
Cloud Security using NIST guidelines
Cloud Security using NIST guidelinesCloud Security using NIST guidelines
Cloud Security using NIST guidelines
Srishti Ahuja
 
Ad

Recently uploaded (20)

World war-1(Causes & impacts at a glance) PPT by Simanchala Sarab(BABed,sem-4...
World war-1(Causes & impacts at a glance) PPT by Simanchala Sarab(BABed,sem-4...World war-1(Causes & impacts at a glance) PPT by Simanchala Sarab(BABed,sem-4...
World war-1(Causes & impacts at a glance) PPT by Simanchala Sarab(BABed,sem-4...
larencebapu132
 
How to Subscribe Newsletter From Odoo 18 Website
How to Subscribe Newsletter From Odoo 18 WebsiteHow to Subscribe Newsletter From Odoo 18 Website
How to Subscribe Newsletter From Odoo 18 Website
Celine George
 
GDGLSPGCOER - Git and GitHub Workshop.pptx
GDGLSPGCOER - Git and GitHub Workshop.pptxGDGLSPGCOER - Git and GitHub Workshop.pptx
GDGLSPGCOER - Git and GitHub Workshop.pptx
azeenhodekar
 
New Microsoft PowerPoint Presentation.pptx
New Microsoft PowerPoint Presentation.pptxNew Microsoft PowerPoint Presentation.pptx
New Microsoft PowerPoint Presentation.pptx
milanasargsyan5
 
How to track Cost and Revenue using Analytic Accounts in odoo Accounting, App...
How to track Cost and Revenue using Analytic Accounts in odoo Accounting, App...How to track Cost and Revenue using Analytic Accounts in odoo Accounting, App...
How to track Cost and Revenue using Analytic Accounts in odoo Accounting, App...
Celine George
 
Marie Boran Special Collections Librarian Hardiman Library, University of Gal...
Marie Boran Special Collections Librarian Hardiman Library, University of Gal...Marie Boran Special Collections Librarian Hardiman Library, University of Gal...
Marie Boran Special Collections Librarian Hardiman Library, University of Gal...
Library Association of Ireland
 
Stein, Hunt, Green letter to Congress April 2025
Stein, Hunt, Green letter to Congress April 2025Stein, Hunt, Green letter to Congress April 2025
Stein, Hunt, Green letter to Congress April 2025
Mebane Rash
 
Sinhala_Male_Names.pdf Sinhala_Male_Name
Sinhala_Male_Names.pdf Sinhala_Male_NameSinhala_Male_Names.pdf Sinhala_Male_Name
Sinhala_Male_Names.pdf Sinhala_Male_Name
keshanf79
 
Anti-Depressants pharmacology 1slide.pptx
Anti-Depressants pharmacology 1slide.pptxAnti-Depressants pharmacology 1slide.pptx
Anti-Depressants pharmacology 1slide.pptx
Mayuri Chavan
 
Political History of Pala dynasty Pala Rulers NEP.pptx
Political History of Pala dynasty Pala Rulers NEP.pptxPolitical History of Pala dynasty Pala Rulers NEP.pptx
Political History of Pala dynasty Pala Rulers NEP.pptx
Arya Mahila P. G. College, Banaras Hindu University, Varanasi, India.
 
SPRING FESTIVITIES - UK AND USA -
SPRING FESTIVITIES - UK AND USA -SPRING FESTIVITIES - UK AND USA -
SPRING FESTIVITIES - UK AND USA -
Colégio Santa Teresinha
 
Ultimate VMware 2V0-11.25 Exam Dumps for Exam Success
Ultimate VMware 2V0-11.25 Exam Dumps for Exam SuccessUltimate VMware 2V0-11.25 Exam Dumps for Exam Success
Ultimate VMware 2V0-11.25 Exam Dumps for Exam Success
Mark Soia
 
K12 Tableau Tuesday - Algebra Equity and Access in Atlanta Public Schools
K12 Tableau Tuesday - Algebra Equity and Access in Atlanta Public SchoolsK12 Tableau Tuesday - Algebra Equity and Access in Atlanta Public Schools
K12 Tableau Tuesday - Algebra Equity and Access in Atlanta Public Schools
dogden2
 
YSPH VMOC Special Report - Measles Outbreak Southwest US 5-3-2025.pptx
YSPH VMOC Special Report - Measles Outbreak Southwest US 5-3-2025.pptxYSPH VMOC Special Report - Measles Outbreak Southwest US 5-3-2025.pptx
YSPH VMOC Special Report - Measles Outbreak Southwest US 5-3-2025.pptx
Yale School of Public Health - The Virtual Medical Operations Center (VMOC)
 
How to Manage Opening & Closing Controls in Odoo 17 POS
How to Manage Opening & Closing Controls in Odoo 17 POSHow to Manage Opening & Closing Controls in Odoo 17 POS
How to Manage Opening & Closing Controls in Odoo 17 POS
Celine George
 
Presentation on Tourism Product Development By Md Shaifullar Rabbi
Presentation on Tourism Product Development By Md Shaifullar RabbiPresentation on Tourism Product Development By Md Shaifullar Rabbi
Presentation on Tourism Product Development By Md Shaifullar Rabbi
Md Shaifullar Rabbi
 
Unit 6_Introduction_Phishing_Password Cracking.pdf
Unit 6_Introduction_Phishing_Password Cracking.pdfUnit 6_Introduction_Phishing_Password Cracking.pdf
Unit 6_Introduction_Phishing_Password Cracking.pdf
KanchanPatil34
 
SCI BIZ TECH QUIZ (OPEN) PRELIMS XTASY 2025.pptx
SCI BIZ TECH QUIZ (OPEN) PRELIMS XTASY 2025.pptxSCI BIZ TECH QUIZ (OPEN) PRELIMS XTASY 2025.pptx
SCI BIZ TECH QUIZ (OPEN) PRELIMS XTASY 2025.pptx
Ronisha Das
 
UNIT 3 NATIONAL HEALTH PROGRAMMEE. SOCIAL AND PREVENTIVE PHARMACY
UNIT 3 NATIONAL HEALTH PROGRAMMEE. SOCIAL AND PREVENTIVE PHARMACYUNIT 3 NATIONAL HEALTH PROGRAMMEE. SOCIAL AND PREVENTIVE PHARMACY
UNIT 3 NATIONAL HEALTH PROGRAMMEE. SOCIAL AND PREVENTIVE PHARMACY
DR.PRISCILLA MARY J
 
2541William_McCollough_DigitalDetox.docx
2541William_McCollough_DigitalDetox.docx2541William_McCollough_DigitalDetox.docx
2541William_McCollough_DigitalDetox.docx
contactwilliamm2546
 
World war-1(Causes & impacts at a glance) PPT by Simanchala Sarab(BABed,sem-4...
World war-1(Causes & impacts at a glance) PPT by Simanchala Sarab(BABed,sem-4...World war-1(Causes & impacts at a glance) PPT by Simanchala Sarab(BABed,sem-4...
World war-1(Causes & impacts at a glance) PPT by Simanchala Sarab(BABed,sem-4...
larencebapu132
 
How to Subscribe Newsletter From Odoo 18 Website
How to Subscribe Newsletter From Odoo 18 WebsiteHow to Subscribe Newsletter From Odoo 18 Website
How to Subscribe Newsletter From Odoo 18 Website
Celine George
 
GDGLSPGCOER - Git and GitHub Workshop.pptx
GDGLSPGCOER - Git and GitHub Workshop.pptxGDGLSPGCOER - Git and GitHub Workshop.pptx
GDGLSPGCOER - Git and GitHub Workshop.pptx
azeenhodekar
 
New Microsoft PowerPoint Presentation.pptx
New Microsoft PowerPoint Presentation.pptxNew Microsoft PowerPoint Presentation.pptx
New Microsoft PowerPoint Presentation.pptx
milanasargsyan5
 
How to track Cost and Revenue using Analytic Accounts in odoo Accounting, App...
How to track Cost and Revenue using Analytic Accounts in odoo Accounting, App...How to track Cost and Revenue using Analytic Accounts in odoo Accounting, App...
How to track Cost and Revenue using Analytic Accounts in odoo Accounting, App...
Celine George
 
Marie Boran Special Collections Librarian Hardiman Library, University of Gal...
Marie Boran Special Collections Librarian Hardiman Library, University of Gal...Marie Boran Special Collections Librarian Hardiman Library, University of Gal...
Marie Boran Special Collections Librarian Hardiman Library, University of Gal...
Library Association of Ireland
 
Stein, Hunt, Green letter to Congress April 2025
Stein, Hunt, Green letter to Congress April 2025Stein, Hunt, Green letter to Congress April 2025
Stein, Hunt, Green letter to Congress April 2025
Mebane Rash
 
Sinhala_Male_Names.pdf Sinhala_Male_Name
Sinhala_Male_Names.pdf Sinhala_Male_NameSinhala_Male_Names.pdf Sinhala_Male_Name
Sinhala_Male_Names.pdf Sinhala_Male_Name
keshanf79
 
Anti-Depressants pharmacology 1slide.pptx
Anti-Depressants pharmacology 1slide.pptxAnti-Depressants pharmacology 1slide.pptx
Anti-Depressants pharmacology 1slide.pptx
Mayuri Chavan
 
Political History of Pala dynasty Pala Rulers NEP.pptx
Political History of Pala dynasty Pala Rulers NEP.pptxPolitical History of Pala dynasty Pala Rulers NEP.pptx
Political History of Pala dynasty Pala Rulers NEP.pptx
Arya Mahila P. G. College, Banaras Hindu University, Varanasi, India.
 
SPRING FESTIVITIES - UK AND USA -
SPRING FESTIVITIES - UK AND USA -SPRING FESTIVITIES - UK AND USA -
SPRING FESTIVITIES - UK AND USA -
Colégio Santa Teresinha
 
Ultimate VMware 2V0-11.25 Exam Dumps for Exam Success
Ultimate VMware 2V0-11.25 Exam Dumps for Exam SuccessUltimate VMware 2V0-11.25 Exam Dumps for Exam Success
Ultimate VMware 2V0-11.25 Exam Dumps for Exam Success
Mark Soia
 
K12 Tableau Tuesday - Algebra Equity and Access in Atlanta Public Schools
K12 Tableau Tuesday - Algebra Equity and Access in Atlanta Public SchoolsK12 Tableau Tuesday - Algebra Equity and Access in Atlanta Public Schools
K12 Tableau Tuesday - Algebra Equity and Access in Atlanta Public Schools
dogden2
 
YSPH VMOC Special Report - Measles Outbreak Southwest US 5-3-2025.pptx
YSPH VMOC Special Report - Measles Outbreak Southwest US 5-3-2025.pptxYSPH VMOC Special Report - Measles Outbreak Southwest US 5-3-2025.pptx
YSPH VMOC Special Report - Measles Outbreak Southwest US 5-3-2025.pptx
Yale School of Public Health - The Virtual Medical Operations Center (VMOC)
 
How to Manage Opening & Closing Controls in Odoo 17 POS
How to Manage Opening & Closing Controls in Odoo 17 POSHow to Manage Opening & Closing Controls in Odoo 17 POS
How to Manage Opening & Closing Controls in Odoo 17 POS
Celine George
 
Presentation on Tourism Product Development By Md Shaifullar Rabbi
Presentation on Tourism Product Development By Md Shaifullar RabbiPresentation on Tourism Product Development By Md Shaifullar Rabbi
Presentation on Tourism Product Development By Md Shaifullar Rabbi
Md Shaifullar Rabbi
 
Unit 6_Introduction_Phishing_Password Cracking.pdf
Unit 6_Introduction_Phishing_Password Cracking.pdfUnit 6_Introduction_Phishing_Password Cracking.pdf
Unit 6_Introduction_Phishing_Password Cracking.pdf
KanchanPatil34
 
SCI BIZ TECH QUIZ (OPEN) PRELIMS XTASY 2025.pptx
SCI BIZ TECH QUIZ (OPEN) PRELIMS XTASY 2025.pptxSCI BIZ TECH QUIZ (OPEN) PRELIMS XTASY 2025.pptx
SCI BIZ TECH QUIZ (OPEN) PRELIMS XTASY 2025.pptx
Ronisha Das
 
UNIT 3 NATIONAL HEALTH PROGRAMMEE. SOCIAL AND PREVENTIVE PHARMACY
UNIT 3 NATIONAL HEALTH PROGRAMMEE. SOCIAL AND PREVENTIVE PHARMACYUNIT 3 NATIONAL HEALTH PROGRAMMEE. SOCIAL AND PREVENTIVE PHARMACY
UNIT 3 NATIONAL HEALTH PROGRAMMEE. SOCIAL AND PREVENTIVE PHARMACY
DR.PRISCILLA MARY J
 
2541William_McCollough_DigitalDetox.docx
2541William_McCollough_DigitalDetox.docx2541William_McCollough_DigitalDetox.docx
2541William_McCollough_DigitalDetox.docx
contactwilliamm2546
 

Cloud security Presentation

  • 1. CLOUD COMPUTING SECURITYAjay Porus ISO27K LA,CPISIFounder & Director CSA Hyderabad ChapterLead Implementer Honey Net Project India1
  • 2. AgendaIntroduction to Cloud ComputingCloud Architecture and CharacteristicsCloud Security Concerns and Attacks Different Security Domains Best PracticesWhat's going in Industry on Cloud 2
  • 3. Introduction to Cloud ComputingIs It Really New?What is Cloud Computing?How Does it Evolve?What are the Characteristics of Cloud Computing?What is difference in Architecture from traditional Computing?What are different Services Delivery Models?What are different deployment models?Frame work of Cloud ComputingCloud Eco-System3
  • 4. Is It Really New?No,its Not it’s the evolution of old technologies to a new level which bring together many technologies to provide huge computational powerFirst Cloud around networking (Network As a Cloud) as said ..”we Didn’t care where the message sent, the cloud had it from us” –Kevin Marks, GoogleSecond Cloud around Documents (WWW data abstraction)Third Cloud Present and future. This abstracts infrastructure complexities of servers, application, database and different platforms. (Amazon CEO)4
  • 5. Cloud Computing DefinitionCloud computing is a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction. This cloud model promotes availability and is composed of Seven essential characteristics, three service models, and four deployment models5
  • 6. How Does it Evolve?MainframesMini ComputerPersonal desktopsClient – ServerIp NetworksMobile DevicesCloud Computing6
  • 7. Characteristics of Cloud ComputingMulti-tenancy (shared resources)Massive scalabilityRapid ElasticityMeasured service On-demand self-serviceBroad network access7
  • 8. Traditional vs Cloud ComputingDedicated/traditionalHigh upfront IT investments for new builds High cost of reliable infrastructure High complexity of IT environment Complex infrastructure IT Cloud computingReliability built into the cloud architectureLow upfront IT investmentspay-for-use modelModular IT architecture environmentsNo infrastructure8
  • 10. Deployment ModelsPublic Cloud Private CloudCommunity CloudHybrid Cloud10
  • 12. Cloud Computing FrameworkHybrid CloudsDeploymentModelsCommunityCloudPublic CloudServiceModelsPrivate CloudEssentialCharacteristicsSoftware as a Service (SaaS)Platform as a Service (PaaS)Infrastructure as a Service (IaaS)On Demand Self-ServiceMassive ScaleResilient ComputingBroad Network AccessRapid ElasticityHomogeneityGeographic DistributionCommon CharacteristicsVirtualizationService OrientationResource PoolingMeasured ServiceLow Cost SoftwareAdvanced Security12
  • 14. Cloud Security Concerns & Attacks General Security ConcernsCloud Security ChallengesTop Threats to Cloud ComputingDDOS & EDOSSide Channel AttackMIM Crypto graphic AttackPoisoned VM’sAttack Against Management ConsoleAbusing Cloud Billing Models and Cloud PhishingDNS Cache poisoning AttacksAuthentication Attack14
  • 15. General Security ConcernsTrusting vendor’s security modelCustomer inability to respond to audit findingsObtaining support for investigationsIndirect administrator accountabilityProprietary implementations can’t be examinedLoss of physical control15
  • 16. Cloud Security ChallengesData dispersal and international privacy lawsNeed for isolation managementLogging challengesData ownership issues Using SLAs to obtain cloud securityDependence on secure hypervisorsAttraction to hackers (high value target)Encryption needs for cloud computingHandling compliance16
  • 17. Top Threats to Cloud Computing Abuse and Nefarious Use of Cloud ComputingInsecure Interfaces and APIsMalicious InsidersShared Technology IssuesAccount or Service HijackingLoss of governanceLock-InCompliance risksManagement interface compromiseData protection (Data Loss or Leakage)17
  • 18. DDOS & EDOSDistributed denial of service: An attack that make computer or network resources unavailable.Economic denial of service: A DDosattack that make large number of request for which cloud user have to pay (generally per 100oo request 1$ in Amazon) Originates majorly from compromised computers18
  • 19. Side Channel AttackAttack based on information gained from the physical implementation of a cryptosystem.Timing AttackPower Consumption Attack - Simple Power Analysis Attack (SPA) - Differential Power Analysis Attack (DPA)Electromagnetic AttackAcoustic Crypto AnalysisCache AttackDifferential Fault Analysis19
  • 20. MIM Crypto graphic AttackPhishing ScamAttack Communication Steal Private or public KeyAttacker’s eavesdropping between the two partiesSend and execute malicious codeGain access to Victim’s system20
  • 21. Poisoned VM’sAdministrator with full access to configure VMAddition of malicious codeTampering with AMI(Amazon Machine Image)Isolation provided by CSPLaunch of Shared AMI Preconfigured Malicious Business LogicNo ways till this time to find out.21
  • 22. Attack Against Management ConsoleProprietary console of CSPMost critical console as environment can be changedGoogle Made 2 management consoles- 1st console for normal administration2nd to upload apps to google apps by cmd python script Amazon shared domain of EC2 and amazon.comIf vulnerability found Like CSRF attack on secret keys Once keys hacked then management console can be hacked22
  • 23. Abusing Billing Models & Cloud PhishingPhishing Scams for AmazonPhishing from Amazon cloud Blacklisting Amazon domain in phishing databaseOnce secret key hacked Cloud based DDOS very costlyMillion of poisoned VM initiate by 1 CSRFattackPayment for the network and CPU consumption23
  • 24. DNS Cache Poisoning AttacksShared IP’s Once IP released take time to clear from cache & Arp tableTill cleared can be accessed with same IPLack of Knowledge for DNS cache & ARP tableWashigton post face d problem at Amazon EC2Even IP released but had access from internal network24
  • 25. Authentication AttackWeak PasswordGoogle Hack DatabaseSql InjectionsCross site ScriptingMan in the MiddleBrute force AttackSession HijackingSocial Engineering25
  • 26. Different Security Domains Best PracticesCloud Computing Architectural Framework .Governance and Enterprise Risk ManagementLegal and Electronic DiscoveryCompliance and AuditData Security LifecyclePortability and InteroperabilityTraditional Security, BCP & DRData Center OperationsIncident ManagementApplication SecurityEncryption and Key ManagementIdentity and Access ManagementVirtualization Security26
  • 27. Cloud Architectural SecurityHardware Security (xeon 5600, AES and TXT Support)Virtualization Security (Hypervisor Hardening)Guest OS Security (Operating system Hardening)Platform Security ( Patches and Updates)Application Security ( Secure Development Lifecycle)Network Security ( Firewall, IDS, IPS, VPN, SSL/TLS)Cryptographic Security (PGP Keys, AES, 3DES, 2-DNF)27
  • 28. Governance and Risk ManagementInvest some of saved money for SecurityRobust IS governance with defined roles & responsibilitiesCollaborative governance structure between provider & customer Assess for sufficiency, maturity, and consistency with the user’s ISMS.SLA should be added in Risk assessmentNew approach for risk assessment from both end’s.CSP include metrics and controls 28
  • 29. Legal and Electronic DiscoveryMutual understanding of each other’s R&R related to electronic discovery, litigation & Laws.Responsive Information security system to preserve data to authentic & reliable.Providing equal guardianship as in owner’s hand.Pre-contract due diligence, contract term negotiation, post-contract monitoring, and contract termination Unified process for responding to subpoenas, service of process, and other legal requests.29
  • 30. Compliance and AuditInvolve Legal and Contracts Teams in SLARight to Audit ClauseAnalyze Compliance ScopeAnalyze Impact of Regulations on Data SecurityReview Relevant Partners and Services ProvidersAnalyze Impact of Regulations on Provider InfrastructureAuditor Qualification and SelectionCloud Provider’s SAS 70 Type IICloud Provider’s ISO/IEC 27001/27002 Roadmap30
  • 31. Data Security LifecycleMaintain CIA of data Security practices and proceduresStrong SLA with all area’s. System of service penalties in SLAData ClassificationEncryptionPerform Regular Backup31
  • 32. Portability and InteroperabilityIdentify and eliminate any provider-specific extensions to the VM environment. Appropriate de-provisioning of VM imagesAppropriate de-provisioning of discs & storage device. Platform components with a standard syntaxUnderstand the impacts on performance and availability of the application. Consistency of control effectiveness across old and new providers. Vendor to test and evaluate the applications before migration32
  • 33. Traditional Security, BCP & DRCentralization of dataAdopting as a security baselinePerform onsite inspections of cloud provider facilitiesCustomers should inspect cloud provider disaster recoveryBCP Policy approved by the provider’s board of directors33
  • 34. Data Center Operationspermission to conduct customer or external third-party audits.Demonstrate compartmentalization of systems, networks, management, provisioning, and personnel.SLA should be clearly defined, measurable, enforceable, and adequate for your requirementsContinual improvement in policies, processes, procedures.24*7*365 days Technical support should be available.34
  • 35. Incident ManagementDefine incident and event before SLA signoff to CSPWhat incident detection and analysis tools used by CSPConducting proper risk management to stop incidentsA robust Security Information and Event Management (SIEM) requiredDeliver snapshots of the customer’s entire virtual environmentWhole data should be encrypted 35
  • 36. Application Security Application assessment tools Create trust boundaries for SDLCUse Own VM with configured policies in IAASUse best practice to harden system as in DMZMulti-tenancy in application threat modelSecuring inter host communicationMetrics to assess effectiveness of Security ProgramKeep cloud architecture in Mind. 36
  • 37. Encryption & Key ManagementEncrypting data In transit (SSL/TLS, SSH)Encrypting data at rest (AES128, 3DES, 2DNF)Encrypting data on Backup mediaUse of encryption data separate then for use.Stipulate encryption in contractDefine secure key lifecycle managementUse industry level key management systemsMake keys secure, limited access to key store & key backup. 37
  • 38. Identity and Access ManagementAvoid proprietary identity provisioning system Use 2 factor authenticationConsider user centric authentication (Google, live Id)Use open standard for authentication and VPNUse of federated identity and gateways like SAML Use mechanism to transmit user info from PIP to PDPUse IdaaS to have better security & risk mitigation38
  • 39. Virtualization SecurityIdentify types of virtualization provided by CSPUnderstand hypervisor security and isolation mechanismUnderstand security to protect administrative interfaces (API, web-based)Strong authentication mechanism with tamper proof logging and integrity monitoring toolsExplore Efficiency and feasibility of segregating VMsStrong reporting mechanism for raising alert if compromised 39
  • 40. What's going in Industry on Cloud Different Initiatives Fabric ComputingHomomorphic EncryptionFuture of Cloud –Mobile Computing40
  • 41. Different Initiatives Cloud Security AllianceCloud CertCloud CAMM(Capability and Maturity Model)Cloud Audit A6CCM ( Cloud Control Matrix Tool)CAI (Consensus Assessment InitiativeCSA GRC StackTrusted Cloud InitiativeCCSK (Certificate of Cloud Security Knowledge)Cloud Metrics Research41
  • 42. Fabric ComputingNext generation computing by interconnecting nodes like fabric (including various clouds)High performance computing by loosely coupled storage network devices and parallel processors42
  • 43. Homomorphic & Predicate EncryptionProcessing of encrypted data very difficultIBM announced Homomorphic encryption (2DNF+)Enables Processing of encrypted data.Require immense computational power Predicate encryption No need to Decrypt whole dataDecrypt only requiredSupporting Disjunctions, Polynomial Equations, and Inner Products43
  • 44. Future of Cloud –Mobile ComputingMobile computing increasing rapidlyAndroid Platform next generation mobile computingApplication to access cloud on mobile phoneWi-Fi and 3G connection enabling high bandwidthSSL/TLS and SSH from Phone web browser to VM Trusted certificate and private key on phone2 factor Authentication (Fingerprint and password)Different platforms to configure cloud API’s44

Editor's Notes

  • #39: PIP policy information point pdp policy decision point