Cloud ComputingNetwork/SecurityThreatsAung Thu Rha Hein(g5536871)
AgendaCloud Computing• What is cloud computing?• Cloud Computing Infrastructure Models• Architecture layers of Cloud Compu...
What is Cloud Computing?• services that provide common business applications online,  which are accessed from a Web browse...
5th generation of Computing   1970s   •Monolithic  1980s    •Client-Server  1990s    •Web-based  2000s    •SOA   2010    •...
Cloud ComputingInfrastructure Models• Public Cloud   • AWS, Google App Engine     Win Azure• Private Cloud   • Premised or...
Architectural Layers of Cloud Computing• Saas (Software As A Service)   • Provides resources (apps or storage)   • Free or...
Cloud ComputingCharacteristics
Network/Security Aspects ofCloud Computing
Software As A Service                          Application  Application                          Middleware               ...
Platform As A Service                       Your Application  Application                          Middleware             ...
Infrastructure As A Service                       Your Application     Your                             Your              ...
Network Issues• DoS ( Denial of Service or Distributed denial-of-attack)   • overflows a server with      frequent request...
Network Issues(cont.)• Man in the Middle Attack   • An attacker splits connection and rejoin with the     attackers own co...
Network Issues(cont.)• Network Sniffing   • hack passwords that are not properly encrypted during     communication   • a ...
Network Issues(cont.)• Port Scanning   • sends client requests to a range of server port addresses     on a host   • To se...
Security Issues• XML Signature Element Wrapping (Wrapper attack)   • Attacker rewrite SOAP request that already signed by ...
Security Issues(cont.)• Cloud Malware Injection Attack   • Upload virus     Program to the cloud
Security Issues(cont.)• Data Stealing Problems   • User account and password are stolen by any means• Accountability Check...
Conclusion & Thank You!
Cloud computing security
Upcoming SlideShare
Loading in...5
×

Cloud computing security

734

Published on

network and security aspects related to cloud computing!!

Published in: Technology
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
734
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
43
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide
  • First part- intro about the architecture, infrastructure, characteristic of cloud computing.After that, explain about the security concerns of cloud computing
  • CC & Virtualization-buzz word in the world of web technologyCan access anywhere without no installationCentralized data storage and bandwidth
  • 1-monotholic2.Client server3.Web based4.SOA-serice oriented architecture: application to communicate over standard-based web protocols 2006-amazon web services 2007-resarch by google and ibm 2010-MS azure5.CC
  • Public clouds are run by third parties, and applications from different customers are likely to be mixed together on the cloud’s servers, storage systems, and networks. Public clouds are most often hosted away from customer premises, and they provide a way to reduce customer risk and cost by providing a flexible, even temporary extension to enterprise infrastructure.Private clouds are built for the exclusive use of one client, providing the utmost control over data, security, and quality of service. The company owns the infrastructure and has control over how applications are deployed on it. Private clouds may be deployed in an enterprise datacenter, and they also may be deployed at a co-location facility.Hybrid clouds combine both public and private cloud models. They can help to provide on-demand, externally provisioned scale. The ability to augment a private cloud with the resources of a public cloud can be used to maintain service levels in the face of rapid workload fluctuations.
  • Saas-broad market, most of the stuffs use by browser- SaaSUsers can access a software application hosted by the cloud vendor on pay-per-use basisIaas- hardware-server, storage
  • interxion1.Preventing data loss2. preventing outages3. keeping security up to dateAttack in cloudsMulti tanency and resource pooling modelsBased on the deployment models we choose, the problems or the component you have control over is different.Cloud computing runs on network infrastructure.so, it is open to network attack. some of the wellknown attacks are
  • Dos-Server can’t respond to normal userspurpose is to decrease server performance by using computational resources,Smurf attack- icmpflooding broadcast to a victim’s network using broadcast addressSyn- flood tcp/syn packets with a faked address, half-open connectionTeardrop-sending invalidpackets with overlapped ip fragment and crash the systemPrevent-setup firewall,IPS,switches,routers ,reduce the privileges of users
  • Man In the Middle attack refers to a technique where a malicious attacker splits a connection between two computers and rejoins the connections with the attackers own computer systemin this attack, the attacker takes over the role of a device between you and the system you are talking to. This device could be a router, where the attacker confuses the switch ARP table and has data destined for the router to be sent to her. Then she relays the data to the router.To prevent-use mutual authentication techniques such as PKI, one-time pads
  • It’s a diagnosis tool for network engineersmethods-install sniffing tool to network devices or programTo prevent: anti-sniffer software to find
  • Purpose is to find an active port Countermeasure -port scan attack detector and firewall
  • SOAP- envelope structured First, envelope with plain header and body requesting serverServer reply with header info and signatureHTTPS is hardly ever used when these methods of securing the data in transit are in place. It is also not very common for the whole request to be encrypted or signed because it can have an effect on performance.To fix this,  apply W3C’s “XML Signature Best Practices” and STAMP bit
  • Counter measure for this attack isauthenticity check for received messages.
  • Send email to customer every session ends with next login password
  • Cloud computing security

    1. 1. Cloud ComputingNetwork/SecurityThreatsAung Thu Rha Hein(g5536871)
    2. 2. AgendaCloud Computing• What is cloud computing?• Cloud Computing Infrastructure Models• Architecture layers of Cloud Computing• Cloud Computing characteristicsNetwork/Security Aspects of Cloud Computing• Network/Security issues based on architecture types• Network issues on cloud computing• Security issues on cloud computing
    3. 3. What is Cloud Computing?• services that provide common business applications online, which are accessed from a Web browser, while the software and data are stored on the servers; a style of computing in which dynamically scalable and often virtualized resources are provided as a service over the Internet Source: Wolfram Alpha• Cloud computing is the use of computing resources (hardware and software) that are delivered as a service over a network (typically the Internet). Source: Wikipedia
    4. 4. 5th generation of Computing 1970s •Monolithic 1980s •Client-Server 1990s •Web-based 2000s •SOA 2010 •Cloud Computing
    5. 5. Cloud ComputingInfrastructure Models• Public Cloud • AWS, Google App Engine Win Azure• Private Cloud • Premised or external hosted • For one client • Control data, security & QoS• Hybrid Cloud • Cloud Bursting • Provide on-demand, externaly provisioned scale
    6. 6. Architectural Layers of Cloud Computing• Saas (Software As A Service) • Provides resources (apps or storage) • Free or pay-per–usage model • Gmail, Github, Dropbox• PaaS (Platform As A Service) • Provides development platform • Heroku, OpenShift, Google App Engine, Win Azure• IaaS (Infrastructure As A Service) • Offer hardware related services • Amazon EC2, Rackspace, Flexiscale
    7. 7. Cloud ComputingCharacteristics
    8. 8. Network/Security Aspects ofCloud Computing
    9. 9. Software As A Service Application Application Middleware Database Server Operating System Hypervisor Storage CPU Networking Backup YOUR DATA Datacenter (Power, Cooling, Physical Security) Your Their Problem Problem
    10. 10. Platform As A Service Your Application Application Middleware Database Server Operating System Hypervisor CPU Networking Storage Backup Datacenter (Power, Cooling, Physical Security) Your Their Problem Problem
    11. 11. Infrastructure As A Service Your Application Your Your Your Application Middleware Database Server Your Operating System Hypervisor CPU Networking Storage Backup Datacenter (Power, Cooling, Physical Security) Your Their Problem Problem
    12. 12. Network Issues• DoS ( Denial of Service or Distributed denial-of-attack) • overflows a server with frequent request of services Methods - Smurf attack - SYN flood - Teardrop attacks
    13. 13. Network Issues(cont.)• Man in the Middle Attack • An attacker splits connection and rejoin with the attackers own computer system • SSL is not properly configured
    14. 14. Network Issues(cont.)• Network Sniffing • hack passwords that are not properly encrypted during communication • a self contained software program or a hardware device
    15. 15. Network Issues(cont.)• Port Scanning • sends client requests to a range of server port addresses on a host • To search an active port and vulnerable services
    16. 16. Security Issues• XML Signature Element Wrapping (Wrapper attack) • Attacker rewrite SOAP request that already signed by using a wrapper block • Well known web service attack
    17. 17. Security Issues(cont.)• Cloud Malware Injection Attack • Upload virus Program to the cloud
    18. 18. Security Issues(cont.)• Data Stealing Problems • User account and password are stolen by any means• Accountability Check Problem • “No use No bill” payment method • an attacker has engaged the cloud with a malicious service or runs malicious code
    19. 19. Conclusion & Thank You!
    1. A particular slide catching your eye?

      Clipping is a handy way to collect important slides you want to go back to later.

    ×