Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                
SlideShare a Scribd company logo

Cloud computing 10 cloud security advantages and challenges

Download as PPTX, PDF
V
Vaibhav Khanna

Cloud security is the protection of data stored online via cloud computing platforms from theft, leakage, and deletion. Methods of providing cloud security include firewalls, penetration testing, obfuscation, tokenization, virtual private networks (VPN), and avoiding public internet connections

1 of 23
Cloud Computing: 10 Cloud Security Advantages and Challenges Prof Neeraj Bhargava Vaibhav Khanna Department of Computer Science School of Engineering and Systems Sciences Maharshi Dayanand Saraswati University Ajmer
Cloud Security Advantages • Data Fragmentation and Dispersal • Dedicated Security Team • Greater Investment in Security Infrastructure • Fault Tolerance and Reliability • Greater Resiliency • Hypervisor Protection Against Network Attacks • Possible Reduction of C&A Activities (Access to Pre-Accredited Clouds) 2
Cloud Security Advantages (Cont.) • Simplification of Compliance Analysis • Data Held by Unbiased Party (cloud vendor assertion) • Low-Cost Disaster Recovery and Data Storage Solutions • On-Demand Security Controls • Real-Time Detection of System Tampering • Rapid Re-Constitution of Services • Advanced Honeynet Capabilities 3
Cloud Security Challenges • Data dispersal and international privacy laws – EU Data Protection Directive and U.S. Safe Harbor program – Exposure of data to foreign government and data subpoenas – Data retention issues • Need for isolation management • Multi-tenancy • Logging challenges • Data ownership issues • Quality of service guarantees 4
Cloud Security Challenges (Cont.) • Dependence on secure hypervisors • Attraction to hackers (high value target) • Security of virtual OSs in the cloud • Possibility for massive outages • Encryption needs for cloud computing – Encrypting access to the cloud resource control interface – Encrypting administrative access to OS instances – Encrypting access to applications – Encrypting application data at rest • Public cloud vs internal cloud security • Lack of public SaaS version control 5
Additional Issues • Issues with moving PII and sensitive data to the cloud – Privacy impact assessments • Using SLAs to obtain cloud security – Suggested requirements for cloud SLAs – Issues with cloud forensics • Contingency planning and disaster recovery for cloud implementations • Handling compliance – FISMA – HIPAA – SOX – PCI – SAS 70 Audits 6
Obstacles & Opportunities 7
Security Implications 8
Security and Privacy Challenges • Authentication and Identity Management – interoperability – password-based: inherited limitation – How multi-tenancy can affect the privacy of identity information isn’t yet well understood. – multi-jurisdiction issue – integrated with other security components. 9
Security and Privacy Challenges • Access Control and Accounting – Heterogeneity and diversity of services, as well as the domains’ diverse access requirements – capture dynamic, context, or attribute- or credential-based access requirements – integrate privacy-protection requirements – interoperability – capture relevant aspects of SLAs 10
Security and Privacy Challenges • Trust Management and Policy Integration – compose multiple services to enable bigger application services – efficiently capturing a generic set of parameters required for establishing trust and to manage evolving trust and interaction/sharing requirements – address challenges such as semantic heterogeneity, secure interoperability, and policy- evolution management. 11
Security and Privacy Challenges • Secure-Service Management – WSDL can’t fully meet the requirements of cloud computing services description – issues such as quality of service, price, and SLAs – automatic and systematic service provisioning and composition framework that considers security and privacy issues 12
Security and Privacy Challenges • Privacy and Data Protection – storing data and applications on systems that reside outside of on-premise datacenters – shared infrastructure, risk of potential unauthorized access and exposure. – Privacy-protection mechanisms must be embedded in all security solutions. – Provenance – Balancing between data provenance and privacy 13
Security and Privacy Challenges • Organizational Security Management – shared governance can become a significant issue if not properly addressed – Dependence on external entities – the possibility of an insider threat is significantly extended when outsourcing data and processes to clouds. 14
15
Security and Privacy Approaches • Authentication and Identity Management – User-centric IDM – users control their digital identities and takes away the complexity of IDM from the enterprises – federated IDM solutions – privacy-preserving protocols to verify various identity attributes by using, for example, zero- knowledge proof-based techniques 16
Security and Privacy Approaches • Access Control Needs – RBAC – policy-integration needs – credential-based RBAC, GTRBAC,8 location-based RBAC 17
Security and Privacy Approaches • Secure Interoperation – Multi-domain – centralized approach – decentralized approaches – specification frameworks to ensure that the cross- domain accesses are properly specified, verified, and enforced – Policy engineering mechanisms 18
Security and Privacy Approaches • Secure-Service Provisioning and Composition – Open Services Gateway Initiative (OSGi) – Declarative OWL-based language can be used to provide a service definition manifest, including a list of distinct component types that make up the service, functional requirements, component grouping and topology instructions 19
Security and Privacy Approaches • Trust Management Framework – trust-based policy integration – Delegation – must be incorporated in service composition framework 20
Security and Privacy Approaches • Data-Centric Security and Privacy – shifts data protection from systems and applications – documents must be self-describing and defending regardless of their environments. 21
Security and Privacy Approaches • Managing Semantic Heterogeneity – semantic heterogeneity among policies – Use of an ontology is the most promising approach – policy framework and a policy enforcement architecture – inference engines 22
Assignment • What are the cloud security advantages and Challenges • Discuss the cloud security approaches

More Related Content

What's hot

Cloud Security Introduction
Cloud Security IntroductionCloud Security Introduction
Cloud Security Introduction
GLC Networks
 
The Share Responsibility Model of Cloud Computing - ILTA Philadelphia
The Share Responsibility Model of Cloud Computing - ILTA PhiladelphiaThe Share Responsibility Model of Cloud Computing - ILTA Philadelphia
The Share Responsibility Model of Cloud Computing - ILTA Philadelphia
Patrick Sklodowski
 
Biznet GIO National Seminar on Digital Forensics
Biznet GIO National Seminar on Digital ForensicsBiznet GIO National Seminar on Digital Forensics
Biznet GIO National Seminar on Digital Forensics
Yusuf Hadiwinata Sutandar
 
Data security
Data securityData security
Data security
AbdulBasit938
 
Sensitive Data Exposure
Sensitive Data ExposureSensitive Data Exposure
Sensitive Data Exposure
abodiford
 
Information security group presentation ppt
Information security group presentation pptInformation security group presentation ppt
Information security group presentation ppt
vaishalshah01
 
Cloud security
Cloud securityCloud security
Cloud security
Jhanvi Dattani
 
It pp hybrid attribute- and re-encryption-based key management for secure and...
It pp hybrid attribute- and re-encryption-based key management for secure and...It pp hybrid attribute- and re-encryption-based key management for secure and...
It pp hybrid attribute- and re-encryption-based key management for secure and...
Papitha Velumani
 
Edge pereira oss304 tech ed australia regulatory compliance and microsoft off...
Edge pereira oss304 tech ed australia regulatory compliance and microsoft off...Edge pereira oss304 tech ed australia regulatory compliance and microsoft off...
Edge pereira oss304 tech ed australia regulatory compliance and microsoft off...
Edge Pereira
 
what is data security full ppt
what is data security full pptwhat is data security full ppt
what is data security full ppt
Shahbaz Khan
 
Web security
Web securityWeb security
Web security
Himanshu Tyagi
 
IEEE 2014 JAVA MOBILE COMPUTING PROJECTS Cloud assisted mobile-access of heal...
IEEE 2014 JAVA MOBILE COMPUTING PROJECTS Cloud assisted mobile-access of heal...IEEE 2014 JAVA MOBILE COMPUTING PROJECTS Cloud assisted mobile-access of heal...
IEEE 2014 JAVA MOBILE COMPUTING PROJECTS Cloud assisted mobile-access of heal...
IEEEFINALYEARSTUDENTPROJECTS
 
Development of Digital Identity Systems
Development of Digital Identity Systems Development of Digital Identity Systems
Development of Digital Identity Systems
Maganathin Veeraragaloo
 
Information Security Management.Introduction
Information Security Management.IntroductionInformation Security Management.Introduction
Information Security Management.Introduction
yuliana_mar
 
Novel cloud computingsecurity issues
Novel cloud computingsecurity issuesNovel cloud computingsecurity issues
Novel cloud computingsecurity issues
Joo Manthar
 
Uganda Cloud Computing Panel
Uganda Cloud Computing PanelUganda Cloud Computing Panel
Uganda Cloud Computing Panel
Commonwealth Telecommunications Organisation
 
Payment Card Industry Security Standards
Payment Card Industry Security StandardsPayment Card Industry Security Standards
Payment Card Industry Security Standards
Ashintha Rukmal
 
eHealth ….. How to trust a cloud?
eHealth ….. How to trust a cloud?eHealth ….. How to trust a cloud?
eHealth ….. How to trust a cloud?
Mario Drobics
 

What's hot (18)

Cloud Security Introduction
Cloud Security IntroductionCloud Security Introduction
Cloud Security Introduction
 
The Share Responsibility Model of Cloud Computing - ILTA Philadelphia
The Share Responsibility Model of Cloud Computing - ILTA PhiladelphiaThe Share Responsibility Model of Cloud Computing - ILTA Philadelphia
The Share Responsibility Model of Cloud Computing - ILTA Philadelphia
 
Biznet GIO National Seminar on Digital Forensics
Biznet GIO National Seminar on Digital ForensicsBiznet GIO National Seminar on Digital Forensics
Biznet GIO National Seminar on Digital Forensics
 
Data security
Data securityData security
Data security
 
Sensitive Data Exposure
Sensitive Data ExposureSensitive Data Exposure
Sensitive Data Exposure
 
Information security group presentation ppt
Information security group presentation pptInformation security group presentation ppt
Information security group presentation ppt
 
Cloud security
Cloud securityCloud security
Cloud security
 
It pp hybrid attribute- and re-encryption-based key management for secure and...
It pp hybrid attribute- and re-encryption-based key management for secure and...It pp hybrid attribute- and re-encryption-based key management for secure and...
It pp hybrid attribute- and re-encryption-based key management for secure and...
 
Edge pereira oss304 tech ed australia regulatory compliance and microsoft off...
Edge pereira oss304 tech ed australia regulatory compliance and microsoft off...Edge pereira oss304 tech ed australia regulatory compliance and microsoft off...
Edge pereira oss304 tech ed australia regulatory compliance and microsoft off...
 
what is data security full ppt
what is data security full pptwhat is data security full ppt
what is data security full ppt
 
Web security
Web securityWeb security
Web security
 
IEEE 2014 JAVA MOBILE COMPUTING PROJECTS Cloud assisted mobile-access of heal...
IEEE 2014 JAVA MOBILE COMPUTING PROJECTS Cloud assisted mobile-access of heal...IEEE 2014 JAVA MOBILE COMPUTING PROJECTS Cloud assisted mobile-access of heal...
IEEE 2014 JAVA MOBILE COMPUTING PROJECTS Cloud assisted mobile-access of heal...
 
Development of Digital Identity Systems
Development of Digital Identity Systems Development of Digital Identity Systems
Development of Digital Identity Systems
 
Information Security Management.Introduction
Information Security Management.IntroductionInformation Security Management.Introduction
Information Security Management.Introduction
 
Novel cloud computingsecurity issues
Novel cloud computingsecurity issuesNovel cloud computingsecurity issues
Novel cloud computingsecurity issues
 
Uganda Cloud Computing Panel
Uganda Cloud Computing PanelUganda Cloud Computing Panel
Uganda Cloud Computing Panel
 
Payment Card Industry Security Standards
Payment Card Industry Security StandardsPayment Card Industry Security Standards
Payment Card Industry Security Standards
 
eHealth ….. How to trust a cloud?
eHealth ….. How to trust a cloud?eHealth ….. How to trust a cloud?
eHealth ….. How to trust a cloud?
 

Similar to Cloud computing 10 cloud security advantages and challenges

AFAC session 2 - September 8, 2014
AFAC session 2 - September 8, 2014AFAC session 2 - September 8, 2014
AFAC session 2 - September 8, 2014
KBIZEAU
 
Guide to security patterns for cloud systems and data security in aws and azure
Guide to security patterns for cloud systems and data security in aws and azureGuide to security patterns for cloud systems and data security in aws and azure
Guide to security patterns for cloud systems and data security in aws and azure
Abdul Khan
 
4831586.ppt
4831586.ppt4831586.ppt
4831586.ppt
ahmad21315
 
security and compliance in the cloud
security and compliance in the cloudsecurity and compliance in the cloud
security and compliance in the cloud
Ajay Rathi
 
Cloud Security Governance
Cloud Security GovernanceCloud Security Governance
Cloud Security Governance
Shankar Subramaniyan
 
Transforming cloud security into an advantage
Transforming cloud security into an advantageTransforming cloud security into an advantage
Transforming cloud security into an advantage
Moshe Ferber
 
Software Defined Networking in the ATMOSPHERE project
Software Defined Networking in the ATMOSPHERE projectSoftware Defined Networking in the ATMOSPHERE project
Software Defined Networking in the ATMOSPHERE project
ATMOSPHERE .
 
Lecture27 cc-security2
Lecture27 cc-security2Lecture27 cc-security2
Lecture27 cc-security2
Ankit Gupta
 
chapitre1-cloud security basics-23 (1).pptx
chapitre1-cloud security basics-23 (1).pptxchapitre1-cloud security basics-23 (1).pptx
chapitre1-cloud security basics-23 (1).pptx
GhofraneFerchichi2
 
cloud-complete.ppt
cloud-complete.pptcloud-complete.ppt
cloud-complete.ppt
ImpactGenshin3
 
Access Assurance in the Cloud
Access Assurance in the CloudAccess Assurance in the Cloud
Access Assurance in the Cloud
Courion Corporation
 
Cloud Security Standards: What to Expect and What to Negotiate V2.0
Cloud Security Standards: What to Expect and What to Negotiate V2.0Cloud Security Standards: What to Expect and What to Negotiate V2.0
Cloud Security Standards: What to Expect and What to Negotiate V2.0
Cloud Standards Customer Council
 
Security for Cloud Computing: 10 Steps to Ensure Success V3.0
Security for Cloud Computing: 10 Steps to Ensure Success V3.0Security for Cloud Computing: 10 Steps to Ensure Success V3.0
Security for Cloud Computing: 10 Steps to Ensure Success V3.0
Cloud Standards Customer Council
 
cloud-complete.ppt
cloud-complete.pptcloud-complete.ppt
cloud-complete.ppt
ARJUNMUKHERJEE27
 
cloud-complete.ppt
cloud-complete.pptcloud-complete.ppt
cloud-complete.ppt
ssuser3be95f
 
cloud-complete.ppt
cloud-complete.pptcloud-complete.ppt
cloud-complete.ppt
NaradaDilshan
 
cloud-complete.ppt
cloud-complete.pptcloud-complete.ppt
cloud-complete.ppt
Sameer Ali
 
Cloud complete
Cloud completeCloud complete
Cloud complete
Muhammad Rehan
 
cloud-complete power point presentation for digital signature
cloud-complete power point presentation for digital signaturecloud-complete power point presentation for digital signature
cloud-complete power point presentation for digital signature
ArunsunaiComputer
 
Cloud Security
Cloud SecurityCloud Security
Cloud Security
AWS User Group Bengaluru
 

Similar to Cloud computing 10 cloud security advantages and challenges (20)

AFAC session 2 - September 8, 2014
AFAC session 2 - September 8, 2014AFAC session 2 - September 8, 2014
AFAC session 2 - September 8, 2014
 
Guide to security patterns for cloud systems and data security in aws and azure
Guide to security patterns for cloud systems and data security in aws and azureGuide to security patterns for cloud systems and data security in aws and azure
Guide to security patterns for cloud systems and data security in aws and azure
 
4831586.ppt
4831586.ppt4831586.ppt
4831586.ppt
 
security and compliance in the cloud
security and compliance in the cloudsecurity and compliance in the cloud
security and compliance in the cloud
 
Cloud Security Governance
Cloud Security GovernanceCloud Security Governance
Cloud Security Governance
 
Transforming cloud security into an advantage
Transforming cloud security into an advantageTransforming cloud security into an advantage
Transforming cloud security into an advantage
 
Software Defined Networking in the ATMOSPHERE project
Software Defined Networking in the ATMOSPHERE projectSoftware Defined Networking in the ATMOSPHERE project
Software Defined Networking in the ATMOSPHERE project
 
Lecture27 cc-security2
Lecture27 cc-security2Lecture27 cc-security2
Lecture27 cc-security2
 
chapitre1-cloud security basics-23 (1).pptx
chapitre1-cloud security basics-23 (1).pptxchapitre1-cloud security basics-23 (1).pptx
chapitre1-cloud security basics-23 (1).pptx
 
cloud-complete.ppt
cloud-complete.pptcloud-complete.ppt
cloud-complete.ppt
 
Access Assurance in the Cloud
Access Assurance in the CloudAccess Assurance in the Cloud
Access Assurance in the Cloud
 
Cloud Security Standards: What to Expect and What to Negotiate V2.0
Cloud Security Standards: What to Expect and What to Negotiate V2.0Cloud Security Standards: What to Expect and What to Negotiate V2.0
Cloud Security Standards: What to Expect and What to Negotiate V2.0
 
Security for Cloud Computing: 10 Steps to Ensure Success V3.0
Security for Cloud Computing: 10 Steps to Ensure Success V3.0Security for Cloud Computing: 10 Steps to Ensure Success V3.0
Security for Cloud Computing: 10 Steps to Ensure Success V3.0
 
cloud-complete.ppt
cloud-complete.pptcloud-complete.ppt
cloud-complete.ppt
 
cloud-complete.ppt
cloud-complete.pptcloud-complete.ppt
cloud-complete.ppt
 
cloud-complete.ppt
cloud-complete.pptcloud-complete.ppt
cloud-complete.ppt
 
cloud-complete.ppt
cloud-complete.pptcloud-complete.ppt
cloud-complete.ppt
 
Cloud complete
Cloud completeCloud complete
Cloud complete
 
cloud-complete power point presentation for digital signature
cloud-complete power point presentation for digital signaturecloud-complete power point presentation for digital signature
cloud-complete power point presentation for digital signature
 
Cloud Security
Cloud SecurityCloud Security
Cloud Security
 

More from Vaibhav Khanna

Information and network security 47 authentication applications
Information and network security 47 authentication applicationsInformation and network security 47 authentication applications
Information and network security 47 authentication applications
Vaibhav Khanna
 
Information and network security 46 digital signature algorithm
Information and network security 46 digital signature algorithmInformation and network security 46 digital signature algorithm
Information and network security 46 digital signature algorithm
Vaibhav Khanna
 
Information and network security 45 digital signature standard
Information and network security 45 digital signature standardInformation and network security 45 digital signature standard
Information and network security 45 digital signature standard
Vaibhav Khanna
 
Information and network security 44 direct digital signatures
Information and network security 44 direct digital signaturesInformation and network security 44 direct digital signatures
Information and network security 44 direct digital signatures
Vaibhav Khanna
 
Information and network security 43 digital signatures
Information and network security 43 digital signaturesInformation and network security 43 digital signatures
Information and network security 43 digital signatures
Vaibhav Khanna
 
Information and network security 42 security of message authentication code
Information and network security 42 security of message authentication codeInformation and network security 42 security of message authentication code
Information and network security 42 security of message authentication code
Vaibhav Khanna
 
Information and network security 41 message authentication code
Information and network security 41 message authentication codeInformation and network security 41 message authentication code
Information and network security 41 message authentication code
Vaibhav Khanna
 
Information and network security 40 sha3 secure hash algorithm
Information and network security 40 sha3 secure hash algorithmInformation and network security 40 sha3 secure hash algorithm
Information and network security 40 sha3 secure hash algorithm
Vaibhav Khanna
 
Information and network security 39 secure hash algorithm
Information and network security 39 secure hash algorithmInformation and network security 39 secure hash algorithm
Information and network security 39 secure hash algorithm
Vaibhav Khanna
 
Information and network security 38 birthday attacks and security of hash fun...
Information and network security 38 birthday attacks and security of hash fun...Information and network security 38 birthday attacks and security of hash fun...
Information and network security 38 birthday attacks and security of hash fun...
Vaibhav Khanna
 
Information and network security 37 hash functions and message authentication
Information and network security 37 hash functions and message authenticationInformation and network security 37 hash functions and message authentication
Information and network security 37 hash functions and message authentication
Vaibhav Khanna
 
Information and network security 35 the chinese remainder theorem
Information and network security 35 the chinese remainder theoremInformation and network security 35 the chinese remainder theorem
Information and network security 35 the chinese remainder theorem
Vaibhav Khanna
 
Information and network security 34 primality
Information and network security 34 primalityInformation and network security 34 primality
Information and network security 34 primality
Vaibhav Khanna
 
Information and network security 33 rsa algorithm
Information and network security 33 rsa algorithmInformation and network security 33 rsa algorithm
Information and network security 33 rsa algorithm
Vaibhav Khanna
 
Information and network security 32 principles of public key cryptosystems
Information and network security 32 principles of public key cryptosystemsInformation and network security 32 principles of public key cryptosystems
Information and network security 32 principles of public key cryptosystems
Vaibhav Khanna
 
Information and network security 31 public key cryptography
Information and network security 31 public key cryptographyInformation and network security 31 public key cryptography
Information and network security 31 public key cryptography
Vaibhav Khanna
 
Information and network security 30 random numbers
Information and network security 30 random numbersInformation and network security 30 random numbers
Information and network security 30 random numbers
Vaibhav Khanna
 
Information and network security 29 international data encryption algorithm
Information and network security 29 international data encryption algorithmInformation and network security 29 international data encryption algorithm
Information and network security 29 international data encryption algorithm
Vaibhav Khanna
 
Information and network security 28 blowfish
Information and network security 28 blowfishInformation and network security 28 blowfish
Information and network security 28 blowfish
Vaibhav Khanna
 
Information and network security 27 triple des
Information and network security 27 triple desInformation and network security 27 triple des
Information and network security 27 triple des
Vaibhav Khanna
 

More from Vaibhav Khanna (20)

Information and network security 47 authentication applications
Information and network security 47 authentication applicationsInformation and network security 47 authentication applications
Information and network security 47 authentication applications
 
Information and network security 46 digital signature algorithm
Information and network security 46 digital signature algorithmInformation and network security 46 digital signature algorithm
Information and network security 46 digital signature algorithm
 
Information and network security 45 digital signature standard
Information and network security 45 digital signature standardInformation and network security 45 digital signature standard
Information and network security 45 digital signature standard
 
Information and network security 44 direct digital signatures
Information and network security 44 direct digital signaturesInformation and network security 44 direct digital signatures
Information and network security 44 direct digital signatures
 
Information and network security 43 digital signatures
Information and network security 43 digital signaturesInformation and network security 43 digital signatures
Information and network security 43 digital signatures
 
Information and network security 42 security of message authentication code
Information and network security 42 security of message authentication codeInformation and network security 42 security of message authentication code
Information and network security 42 security of message authentication code
 
Information and network security 41 message authentication code
Information and network security 41 message authentication codeInformation and network security 41 message authentication code
Information and network security 41 message authentication code
 
Information and network security 40 sha3 secure hash algorithm
Information and network security 40 sha3 secure hash algorithmInformation and network security 40 sha3 secure hash algorithm
Information and network security 40 sha3 secure hash algorithm
 
Information and network security 39 secure hash algorithm
Information and network security 39 secure hash algorithmInformation and network security 39 secure hash algorithm
Information and network security 39 secure hash algorithm
 
Information and network security 38 birthday attacks and security of hash fun...
Information and network security 38 birthday attacks and security of hash fun...Information and network security 38 birthday attacks and security of hash fun...
Information and network security 38 birthday attacks and security of hash fun...
 
Information and network security 37 hash functions and message authentication
Information and network security 37 hash functions and message authenticationInformation and network security 37 hash functions and message authentication
Information and network security 37 hash functions and message authentication
 
Information and network security 35 the chinese remainder theorem
Information and network security 35 the chinese remainder theoremInformation and network security 35 the chinese remainder theorem
Information and network security 35 the chinese remainder theorem
 
Information and network security 34 primality
Information and network security 34 primalityInformation and network security 34 primality
Information and network security 34 primality
 
Information and network security 33 rsa algorithm
Information and network security 33 rsa algorithmInformation and network security 33 rsa algorithm
Information and network security 33 rsa algorithm
 
Information and network security 32 principles of public key cryptosystems
Information and network security 32 principles of public key cryptosystemsInformation and network security 32 principles of public key cryptosystems
Information and network security 32 principles of public key cryptosystems
 
Information and network security 31 public key cryptography
Information and network security 31 public key cryptographyInformation and network security 31 public key cryptography
Information and network security 31 public key cryptography
 
Information and network security 30 random numbers
Information and network security 30 random numbersInformation and network security 30 random numbers
Information and network security 30 random numbers
 
Information and network security 29 international data encryption algorithm
Information and network security 29 international data encryption algorithmInformation and network security 29 international data encryption algorithm
Information and network security 29 international data encryption algorithm
 
Information and network security 28 blowfish
Information and network security 28 blowfishInformation and network security 28 blowfish
Information and network security 28 blowfish
 
Information and network security 27 triple des
Information and network security 27 triple desInformation and network security 27 triple des
Information and network security 27 triple des
 

Recently uploaded

WEBINAR SLIDES: CCX for Cloud Service Providers
WEBINAR SLIDES: CCX for Cloud Service ProvidersWEBINAR SLIDES: CCX for Cloud Service Providers
WEBINAR SLIDES: CCX for Cloud Service Providers
Severalnines
 
Abortion pills in Fujairah *((+971588192166*)☎️)¥) **Effective Abortion Pills...
Abortion pills in Fujairah *((+971588192166*)☎️)¥) **Effective Abortion Pills...Abortion pills in Fujairah *((+971588192166*)☎️)¥) **Effective Abortion Pills...
Abortion pills in Fujairah *((+971588192166*)☎️)¥) **Effective Abortion Pills...
Medical / Health Care (+971588192166) Mifepristone and Misoprostol tablets 200mg
 
ENISA Threat Landscape 2023 documentation
ENISA Threat Landscape 2023 documentationENISA Threat Landscape 2023 documentation
ENISA Threat Landscape 2023 documentation
sofiafernandezon
 
Major Outages in Major Enterprises Payara Conference
Major Outages in Major Enterprises Payara ConferenceMajor Outages in Major Enterprises Payara Conference
Major Outages in Major Enterprises Payara Conference
Tier1 app
 
WhatsApp Tracker - Tracking WhatsApp to Boost Online Safety.pdf
WhatsApp Tracker - Tracking WhatsApp to Boost Online Safety.pdfWhatsApp Tracker - Tracking WhatsApp to Boost Online Safety.pdf
WhatsApp Tracker - Tracking WhatsApp to Boost Online Safety.pdf
onemonitarsoftware
 
dachnug51 - HCL Domino Roadmap .pdf
dachnug51 - HCL Domino Roadmap .pdfdachnug51 - HCL Domino Roadmap .pdf
dachnug51 - HCL Domino Roadmap .pdf
DNUG e.V.
 
Alluxio Webinar | 10x Faster Trino Queries on Your Data Platform
Alluxio Webinar | 10x Faster Trino Queries on Your Data PlatformAlluxio Webinar | 10x Faster Trino Queries on Your Data Platform
Alluxio Webinar | 10x Faster Trino Queries on Your Data Platform
Alluxio, Inc.
 
Development of Chatbot Using AI\ML Technologies
Development of Chatbot Using AI\ML TechnologiesDevelopment of Chatbot Using AI\ML Technologies
Development of Chatbot Using AI\ML Technologies
MaisnamLuwangPibarel
 
@Call @Girls in Kolkata 🐱‍🐉 XXXXXXXXXX 🐱‍🐉 Best High Class Kolkata Avaulable
@Call @Girls in Kolkata 🐱‍🐉 XXXXXXXXXX 🐱‍🐉 Best High Class Kolkata Avaulable @Call @Girls in Kolkata 🐱‍🐉 XXXXXXXXXX 🐱‍🐉 Best High Class Kolkata Avaulable
@Call @Girls in Kolkata 🐱‍🐉 XXXXXXXXXX 🐱‍🐉 Best High Class Kolkata Avaulable
DiyaSharma6551
 
Kolkata @Call @Girls 🐱‍🐉 XXXXXXXXXX 🐱‍🐉 Genuine WhatsApp Number for Real Meet
Kolkata @Call @Girls 🐱‍🐉 XXXXXXXXXX 🐱‍🐉 Genuine WhatsApp Number for Real MeetKolkata @Call @Girls 🐱‍🐉 XXXXXXXXXX 🐱‍🐉 Genuine WhatsApp Number for Real Meet
Kolkata @Call @Girls 🐱‍🐉 XXXXXXXXXX 🐱‍🐉 Genuine WhatsApp Number for Real Meet
lovelykumarilk789
 
Ghatkopar @Call @Girls 🛴 9930687706 🛴 Aaradhaya Best High Class Mumbai Available
Ghatkopar @Call @Girls 🛴 9930687706 🛴 Aaradhaya Best High Class Mumbai AvailableGhatkopar @Call @Girls 🛴 9930687706 🛴 Aaradhaya Best High Class Mumbai Available
Ghatkopar @Call @Girls 🛴 9930687706 🛴 Aaradhaya Best High Class Mumbai Available
aviva54
 
Shivam Pandit working on Php Web Developer.
Shivam Pandit working on Php Web Developer.Shivam Pandit working on Php Web Developer.
Shivam Pandit working on Php Web Developer.
shivamt017
 
ANSYS Mechanical APDL Introductory Tutorials.pdf
ANSYS Mechanical APDL Introductory Tutorials.pdfANSYS Mechanical APDL Introductory Tutorials.pdf
ANSYS Mechanical APDL Introductory Tutorials.pdf
sachin chaurasia
 
Kolkata @ℂall @Girls ꧁❤ 000000000 ❤꧂@ℂall @Girls Service Vip Top Model Safe
Kolkata @ℂall @Girls ꧁❤ 000000000 ❤꧂@ℂall @Girls Service Vip Top Model SafeKolkata @ℂall @Girls ꧁❤ 000000000 ❤꧂@ℂall @Girls Service Vip Top Model Safe
Kolkata @ℂall @Girls ꧁❤ 000000000 ❤꧂@ℂall @Girls Service Vip Top Model Safe
Misti Soneji
 
Panvel @Call @Girls Whatsapp 9833363713 With High Profile Offer
Panvel @Call @Girls Whatsapp 9833363713 With High Profile OfferPanvel @Call @Girls Whatsapp 9833363713 With High Profile Offer
Panvel @Call @Girls Whatsapp 9833363713 With High Profile Offer
$A19
 
@Call @Girls in Aligarh 🐱‍🐉 XXXXXXXXXX 🐱‍🐉 Tanisha Sharma Best High Class A...
@Call @Girls in Aligarh 🐱‍🐉 XXXXXXXXXX 🐱‍🐉 Tanisha Sharma Best High Class A... @Call @Girls in Aligarh 🐱‍🐉 XXXXXXXXXX 🐱‍🐉 Tanisha Sharma Best High Class A...
@Call @Girls in Aligarh 🐱‍🐉 XXXXXXXXXX 🐱‍🐉 Tanisha Sharma Best High Class A...
msriya3
 
Folding Cheat Sheet #7 - seventh in a series
Folding Cheat Sheet #7 - seventh in a seriesFolding Cheat Sheet #7 - seventh in a series
Folding Cheat Sheet #7 - seventh in a series
Philip Schwarz
 
₹Call ₹Girls Andheri West 09967584737 Deshi Chori Near You
₹Call ₹Girls Andheri West 09967584737 Deshi Chori Near You₹Call ₹Girls Andheri West 09967584737 Deshi Chori Near You
₹Call ₹Girls Andheri West 09967584737 Deshi Chori Near You
shristi verma
 
Software development... for all? (keynote at ICSOFT'2024)
Software development... for all? (keynote at ICSOFT'2024)Software development... for all? (keynote at ICSOFT'2024)
Software development... for all? (keynote at ICSOFT'2024)
miso_uam
 
Migrate your Infrastructure to the AWS Cloud
Migrate your Infrastructure to the AWS CloudMigrate your Infrastructure to the AWS Cloud
Migrate your Infrastructure to the AWS Cloud
Ortus Solutions, Corp
 

Recently uploaded (20)

WEBINAR SLIDES: CCX for Cloud Service Providers
WEBINAR SLIDES: CCX for Cloud Service ProvidersWEBINAR SLIDES: CCX for Cloud Service Providers
WEBINAR SLIDES: CCX for Cloud Service Providers
 
Abortion pills in Fujairah *((+971588192166*)☎️)¥) **Effective Abortion Pills...
Abortion pills in Fujairah *((+971588192166*)☎️)¥) **Effective Abortion Pills...Abortion pills in Fujairah *((+971588192166*)☎️)¥) **Effective Abortion Pills...
Abortion pills in Fujairah *((+971588192166*)☎️)¥) **Effective Abortion Pills...
 
ENISA Threat Landscape 2023 documentation
ENISA Threat Landscape 2023 documentationENISA Threat Landscape 2023 documentation
ENISA Threat Landscape 2023 documentation
 
Major Outages in Major Enterprises Payara Conference
Major Outages in Major Enterprises Payara ConferenceMajor Outages in Major Enterprises Payara Conference
Major Outages in Major Enterprises Payara Conference
 
WhatsApp Tracker - Tracking WhatsApp to Boost Online Safety.pdf
WhatsApp Tracker - Tracking WhatsApp to Boost Online Safety.pdfWhatsApp Tracker - Tracking WhatsApp to Boost Online Safety.pdf
WhatsApp Tracker - Tracking WhatsApp to Boost Online Safety.pdf
 
dachnug51 - HCL Domino Roadmap .pdf
dachnug51 - HCL Domino Roadmap .pdfdachnug51 - HCL Domino Roadmap .pdf
dachnug51 - HCL Domino Roadmap .pdf
 
Alluxio Webinar | 10x Faster Trino Queries on Your Data Platform
Alluxio Webinar | 10x Faster Trino Queries on Your Data PlatformAlluxio Webinar | 10x Faster Trino Queries on Your Data Platform
Alluxio Webinar | 10x Faster Trino Queries on Your Data Platform
 
Development of Chatbot Using AI\ML Technologies
Development of Chatbot Using AI\ML TechnologiesDevelopment of Chatbot Using AI\ML Technologies
Development of Chatbot Using AI\ML Technologies
 
@Call @Girls in Kolkata 🐱‍🐉 XXXXXXXXXX 🐱‍🐉 Best High Class Kolkata Avaulable
@Call @Girls in Kolkata 🐱‍🐉 XXXXXXXXXX 🐱‍🐉 Best High Class Kolkata Avaulable @Call @Girls in Kolkata 🐱‍🐉 XXXXXXXXXX 🐱‍🐉 Best High Class Kolkata Avaulable
@Call @Girls in Kolkata 🐱‍🐉 XXXXXXXXXX 🐱‍🐉 Best High Class Kolkata Avaulable
 
Kolkata @Call @Girls 🐱‍🐉 XXXXXXXXXX 🐱‍🐉 Genuine WhatsApp Number for Real Meet
Kolkata @Call @Girls 🐱‍🐉 XXXXXXXXXX 🐱‍🐉 Genuine WhatsApp Number for Real MeetKolkata @Call @Girls 🐱‍🐉 XXXXXXXXXX 🐱‍🐉 Genuine WhatsApp Number for Real Meet
Kolkata @Call @Girls 🐱‍🐉 XXXXXXXXXX 🐱‍🐉 Genuine WhatsApp Number for Real Meet
 
Ghatkopar @Call @Girls 🛴 9930687706 🛴 Aaradhaya Best High Class Mumbai Available
Ghatkopar @Call @Girls 🛴 9930687706 🛴 Aaradhaya Best High Class Mumbai AvailableGhatkopar @Call @Girls 🛴 9930687706 🛴 Aaradhaya Best High Class Mumbai Available
Ghatkopar @Call @Girls 🛴 9930687706 🛴 Aaradhaya Best High Class Mumbai Available
 
Shivam Pandit working on Php Web Developer.
Shivam Pandit working on Php Web Developer.Shivam Pandit working on Php Web Developer.
Shivam Pandit working on Php Web Developer.
 
ANSYS Mechanical APDL Introductory Tutorials.pdf
ANSYS Mechanical APDL Introductory Tutorials.pdfANSYS Mechanical APDL Introductory Tutorials.pdf
ANSYS Mechanical APDL Introductory Tutorials.pdf
 
Kolkata @ℂall @Girls ꧁❤ 000000000 ❤꧂@ℂall @Girls Service Vip Top Model Safe
Kolkata @ℂall @Girls ꧁❤ 000000000 ❤꧂@ℂall @Girls Service Vip Top Model SafeKolkata @ℂall @Girls ꧁❤ 000000000 ❤꧂@ℂall @Girls Service Vip Top Model Safe
Kolkata @ℂall @Girls ꧁❤ 000000000 ❤꧂@ℂall @Girls Service Vip Top Model Safe
 
Panvel @Call @Girls Whatsapp 9833363713 With High Profile Offer
Panvel @Call @Girls Whatsapp 9833363713 With High Profile OfferPanvel @Call @Girls Whatsapp 9833363713 With High Profile Offer
Panvel @Call @Girls Whatsapp 9833363713 With High Profile Offer
 
@Call @Girls in Aligarh 🐱‍🐉 XXXXXXXXXX 🐱‍🐉 Tanisha Sharma Best High Class A...
@Call @Girls in Aligarh 🐱‍🐉 XXXXXXXXXX 🐱‍🐉 Tanisha Sharma Best High Class A... @Call @Girls in Aligarh 🐱‍🐉 XXXXXXXXXX 🐱‍🐉 Tanisha Sharma Best High Class A...
@Call @Girls in Aligarh 🐱‍🐉 XXXXXXXXXX 🐱‍🐉 Tanisha Sharma Best High Class A...
 
Folding Cheat Sheet #7 - seventh in a series
Folding Cheat Sheet #7 - seventh in a seriesFolding Cheat Sheet #7 - seventh in a series
Folding Cheat Sheet #7 - seventh in a series
 
₹Call ₹Girls Andheri West 09967584737 Deshi Chori Near You
₹Call ₹Girls Andheri West 09967584737 Deshi Chori Near You₹Call ₹Girls Andheri West 09967584737 Deshi Chori Near You
₹Call ₹Girls Andheri West 09967584737 Deshi Chori Near You
 
Software development... for all? (keynote at ICSOFT'2024)
Software development... for all? (keynote at ICSOFT'2024)Software development... for all? (keynote at ICSOFT'2024)
Software development... for all? (keynote at ICSOFT'2024)
 
Migrate your Infrastructure to the AWS Cloud
Migrate your Infrastructure to the AWS CloudMigrate your Infrastructure to the AWS Cloud
Migrate your Infrastructure to the AWS Cloud
 

Cloud computing 10 cloud security advantages and challenges

  • 1. Cloud Computing: 10 Cloud Security Advantages and Challenges Prof Neeraj Bhargava Vaibhav Khanna Department of Computer Science School of Engineering and Systems Sciences Maharshi Dayanand Saraswati University Ajmer
  • 2. Cloud Security Advantages • Data Fragmentation and Dispersal • Dedicated Security Team • Greater Investment in Security Infrastructure • Fault Tolerance and Reliability • Greater Resiliency • Hypervisor Protection Against Network Attacks • Possible Reduction of C&A Activities (Access to Pre-Accredited Clouds) 2
  • 3. Cloud Security Advantages (Cont.) • Simplification of Compliance Analysis • Data Held by Unbiased Party (cloud vendor assertion) • Low-Cost Disaster Recovery and Data Storage Solutions • On-Demand Security Controls • Real-Time Detection of System Tampering • Rapid Re-Constitution of Services • Advanced Honeynet Capabilities 3
  • 4. Cloud Security Challenges • Data dispersal and international privacy laws – EU Data Protection Directive and U.S. Safe Harbor program – Exposure of data to foreign government and data subpoenas – Data retention issues • Need for isolation management • Multi-tenancy • Logging challenges • Data ownership issues • Quality of service guarantees 4
  • 5. Cloud Security Challenges (Cont.) • Dependence on secure hypervisors • Attraction to hackers (high value target) • Security of virtual OSs in the cloud • Possibility for massive outages • Encryption needs for cloud computing – Encrypting access to the cloud resource control interface – Encrypting administrative access to OS instances – Encrypting access to applications – Encrypting application data at rest • Public cloud vs internal cloud security • Lack of public SaaS version control 5
  • 6. Additional Issues • Issues with moving PII and sensitive data to the cloud – Privacy impact assessments • Using SLAs to obtain cloud security – Suggested requirements for cloud SLAs – Issues with cloud forensics • Contingency planning and disaster recovery for cloud implementations • Handling compliance – FISMA – HIPAA – SOX – PCI – SAS 70 Audits 6
  • 9. Security and Privacy Challenges • Authentication and Identity Management – interoperability – password-based: inherited limitation – How multi-tenancy can affect the privacy of identity information isn’t yet well understood. – multi-jurisdiction issue – integrated with other security components. 9
  • 10. Security and Privacy Challenges • Access Control and Accounting – Heterogeneity and diversity of services, as well as the domains’ diverse access requirements – capture dynamic, context, or attribute- or credential-based access requirements – integrate privacy-protection requirements – interoperability – capture relevant aspects of SLAs 10
  • 11. Security and Privacy Challenges • Trust Management and Policy Integration – compose multiple services to enable bigger application services – efficiently capturing a generic set of parameters required for establishing trust and to manage evolving trust and interaction/sharing requirements – address challenges such as semantic heterogeneity, secure interoperability, and policy- evolution management. 11
  • 12. Security and Privacy Challenges • Secure-Service Management – WSDL can’t fully meet the requirements of cloud computing services description – issues such as quality of service, price, and SLAs – automatic and systematic service provisioning and composition framework that considers security and privacy issues 12
  • 13. Security and Privacy Challenges • Privacy and Data Protection – storing data and applications on systems that reside outside of on-premise datacenters – shared infrastructure, risk of potential unauthorized access and exposure. – Privacy-protection mechanisms must be embedded in all security solutions. – Provenance – Balancing between data provenance and privacy 13
  • 14. Security and Privacy Challenges • Organizational Security Management – shared governance can become a significant issue if not properly addressed – Dependence on external entities – the possibility of an insider threat is significantly extended when outsourcing data and processes to clouds. 14
  • 15. 15
  • 16. Security and Privacy Approaches • Authentication and Identity Management – User-centric IDM – users control their digital identities and takes away the complexity of IDM from the enterprises – federated IDM solutions – privacy-preserving protocols to verify various identity attributes by using, for example, zero- knowledge proof-based techniques 16
  • 17. Security and Privacy Approaches • Access Control Needs – RBAC – policy-integration needs – credential-based RBAC, GTRBAC,8 location-based RBAC 17
  • 18. Security and Privacy Approaches • Secure Interoperation – Multi-domain – centralized approach – decentralized approaches – specification frameworks to ensure that the cross- domain accesses are properly specified, verified, and enforced – Policy engineering mechanisms 18
  • 19. Security and Privacy Approaches • Secure-Service Provisioning and Composition – Open Services Gateway Initiative (OSGi) – Declarative OWL-based language can be used to provide a service definition manifest, including a list of distinct component types that make up the service, functional requirements, component grouping and topology instructions 19
  • 20. Security and Privacy Approaches • Trust Management Framework – trust-based policy integration – Delegation – must be incorporated in service composition framework 20
  • 21. Security and Privacy Approaches • Data-Centric Security and Privacy – shifts data protection from systems and applications – documents must be self-describing and defending regardless of their environments. 21
  • 22. Security and Privacy Approaches • Managing Semantic Heterogeneity – semantic heterogeneity among policies – Use of an ontology is the most promising approach – policy framework and a policy enforcement architecture – inference engines 22
  • 23. Assignment • What are the cloud security advantages and Challenges • Discuss the cloud security approaches