Cloud Computing Security

1,353 views
1,277 views

Published on

http://www.zinatullin.com

Published in: Technology, Business
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
1,353
On SlideShare
0
From Embeds
0
Number of Embeds
806
Actions
Shares
0
Downloads
50
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide

Cloud Computing Security

  1. 1. Leron Zinatullin Cloud Computing Security www.zinatullin.com
  2. 2. Summary • Overview • Benefits • Concerns • Threats • Vulnerabilities • Countermeasures • Conclusion
  3. 3. Typical Network Security Threats
  4. 4. “I don’t understand what we would do differently in the light of cloud computing other than change the wording of some of our ads. ” Larry Ellison, CEO, Oracle
  5. 5. Cloud computing is a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction. Mell, Peter, and Timothy Grance. "The NIST definition of cloud computing." NIST special publication 800 (2011): 145.
  6. 6. Cloud Definition Framework
  7. 7. Benefits of Cloud Computing • Minimized capital expenditure • Location and device independence • Utilization and efficiency improvement • Very high scalability • High computing power
  8. 8. Concerns in using Cloud Computing
  9. 9. Aspects of Cloud Computing Security Pronemon Institute – April 2011 – Survey of 127 US and EU cloud service providers
  10. 10. Threats-Vulnerabilities- Countermeasures
  11. 11. Threats • Data Breaches • Data Loss • Account or Service Traffic Hijacking • Insecure APIs • Denial of Service (DoS) • Malicious insiders • Abuse of Nefarious Use • Insufficient due diligence • Shared Technology Vulnerabilities
  12. 12. Vulnerabilities • Session Riding and Hijacking • Reliability and Availability of Service • Insecure Cryptography • Data Protection and Portability • Virtual Machine Escape • Vendor Lock-in • Internet Dependency
  13. 13. Countermeasures • Policies and procedures • Software configurations • Encryption • Separation of duties • Identity management • Good Service Level Agreement
  14. 14. Pros and Cons CloudSecurityUpside CloudSecurityDownside StaffSkillsandSpecialization SystemComplexity PlatformStrength SharedMulti-tenantEnvironment RecourseAvailability Internet-facingServices BackupandRecovery LossofControl MobileEndpoints BotnetofHackers CrossDataCenterandCloud MechanismCracking NIST Guidelines on Security and Privacy in Public Cloud Computing
  15. 15. Summary • Overview • Benefits • Concerns • Threats • Vulnerabilities • Countermeasures • Conclusion
  16. 16. Thank you!
  17. 17. Questions?

×