Cloud Computing has emerged as the premier infrastructure for creating affordable, scalable and reliable IT solutions for companies of all sizes. However, as with all new technologies, Cloud Computing poses many demanding security considerations, and each must be addressed to ensure the confidentiality, integrity, availability, authenticity, and privacy of a developer’s product.
/:Call Girls In Jaypee Siddharth - 5 Star Hotel New Delhi ➥9990211544 Top Esc...
Slides for CC & IAAS
1. Cloud Computing:
Infrastructure As A Service -
The Dual-Edged Sword of
New Technology
By Mekhi D., Tyler L., William M.
Network Management
Spring 2019
Bill McLuckie, Mehki Daniels, Tyler Lawton
Network Management
Spring 2019
10. Cryptography
● Cryptography is a science that employs mathematical logic to keep
information secure and includes techniques such as hiding
information in images (steganography), hiding information in
storage, or in transit. [10]
● Digital Certificates
● Encryption
● Hardware Security Modules
● Store and transmit data securely over insecure networks
11. Need for Cryptography
● Public Key Infrastructure (PKI)
● Secure Shell (SSH)
● Confidentiality- only authorized users have access
● Authentication- user actually is who they say they are
● Integrity- accuracy of information over time
● Nonrepudiation- cannot deny actions in electronic communications
● Digital Signatures- another form to prove identity
● Reduces risk of MITM attacks
12. Asymmetric vs Symmetric
● Asymmetric cryptography uses two keys
○ Public key
○ Private key
○ Each user in communication has their own set
● Symmetric cryptography uses the same key for encryption and
decryption of data
13. Encryption
● Scrambling data to make it unreadable to an unauthorized party
● Many different algorithms
○ Advanced Encryption Standard (AES)
○ Rivest Shamir Adleman (RSA)
● Takes plaintext data-->runs through algorithm-->ciphertext
● Stream Cipher vs Block Cipher
14. Digital Certificates
● Authenticates a user before electronic transaction
○ Driver’s license
● Placed on a web server (port 443)
● Other certificate resides on end user’s machine
○ TLS Handshake
● SSL vs TLS
15. Public Key Infrastructure (PKI)
● Many Iaas solutions are virtualized now
○ Leads to organizations utilizing PKI
● Requires dedicated team to manage certificates
● Requires hardware secure modules to store encryption keys
● Uses asymmetric cryptography
16. Hardware Security Modules (HSM)
● Equipment in server racks that store encryption keys
● Pin Entry Device (PED) to login to an HSM
● Requires several team members to access
○ Separation of duties
● PCI, key mgmt, federal regulations
● Can be virtualized
● Tamper proof
● Firewall controls
17. Crypto in the Cloud
● How can we utilize cloud computing while remaining secure?
● HSMs can solve our problem
● End to end communication between an organization and the cloud
application pass through an HSM for encryption
● If cloud provider gets breached, our data is safe because it is
encrypted through the HSM
● Cloud provider cannot tamper with our data