SlideShare a Scribd company logo

Security and Privacy Challenges in Cloud Computing Environments

Download as PPTX, PDF
E
Eyob Sisay

Unique Security and Privacy Implications, Analyzing Route Security Properties and Open Areas for Research in Cloud Computing starting from its characteristics like: on-demand (it functions when needed), rapid elasticity (scaling up or down) and resource utilization enhances by automated resource allocation, load balancing, and metering tools.

Technology
1 of 15
Security and Privacy Challenges in Cloud Computing Environments Presentation By: Mr. Eyob Sisay (RM0231/10), School of Electrical and Computer Engineering, Jimma Institute of Technology, Jimma University, Ethiopia W e l c o m e !
Discussion Points:  Introduction  Unique Security and Privacy Implications  Security and Privacy Challenges  Security and Privacy Approaches  Conclusions 8/16/2018Eyob S.
I n t r o d u c t i o n  Cloud computing could significantly enhance collaboration, agility, and scale, thus enabling global computing model.  Five Key Characteristics: 1. On demand self-service 2. Ubiquitous network access 3. Location independent resource pooling 4. Rapid elasticity 5. Measured service - automated resource allocation, load balancing, and metering tools. 18/16/2018Eyob S.
2 Cont.. 8/16/2018Eyob S.  The three key cloud delivery models: 1. Software as a Service (SaaS)  application software as on-demand services 2. Platform as a Service (PaaS)  programming environments 3. Infrastructure as a Service (IaaS)  virtualized infrastructural components: VMs, storages  Four Cloud deployment models:  public, private, community, and  hybrid clouds.
Unique Security and Privacy Implications in Cloud Computing  Outsourcing Data and Applications  only authorized entities can gain access  Clients need to have significant trust in their provider’s technical competence and economic stability.  Extensibility and Shared Responsibility  The sharing levels will differ for different delivery models  Issues: access policies, application deployment, and data access and protection to provide a secure, multi-tenant environment. 38/16/2018Eyob S.
4 Cont.. 8/16/2018Eyob S.  Service-Level Agreements  The on-demand service or utility-based economic model, dynamicity  to build a new layer to support a contract negotiation phase between service providers and consumers, to monitor contract enforcement.  Virtualization and Hypervisors  abstract infrastructure and resources exist to clients as isolated VMs.  multiple operating systems run on a host computer concurrently  Heterogeneity  a potential issue with vertical heterogeneity and multi-tenant env’t,  Compliance and Regulations  cloud services accessible from anywhere and at anytime.
Security and Privacy Challenges  Authentication and Identity Management  Existing password-based authentication has an inherited limitation  multi-jurisdiction, and providers must segregate customer identity  Access Control and Accounting  The access control models must capture relevant aspects of SLAs.  The utility model of clouds demands proper accounting of user and service activities. The outsourcing and multi-tenancy aspects of clouds could accelerate customers’ fears about accounting logs. 58/16/2018Eyob S.
6 Cont.. 8/16/2018Eyob S.  Trust Management and Policy Integration  mechanisms are necessary to ensure that a dynamic collaboration is handled securely and that security breaches are effectively monitored during the interoperation process.  Secure-Service Management  the traditional WSDL can’t fully meet the requirements of cloud computing services description.  Privacy and Data Protection  Many organizations aren’t comfortable storing their data and applications on systems that reside outside of their datacenters.  Organizational Security Management  Existing security mgn’t and information security life-cycle models significantly change when enterprises adopt cloud computing.
Security and Privacy Approaches  Authentication and Identity Management  Access Control Needs  Secure Interoperation  Secure-Service Provisioning and Composition  Trust Management Framework  Data-Centric Security and Privacy  Managing Semantic Heterogeneity 78/16/2018Eyob S.
8 Cont.. 8/16/2018Eyob S.  Authentication and Identity Management  mechanisms are necessary to ensure that a dynamic collaboration is handled securely and that security breaches are effectively monitored during the interoperation process.  Access Control Needs  the traditional WSDL can’t fully meet the requirements of cloud computing services description.  Secure Interoperation  Many organizations aren’t comfortable storing their data and applications on systems that reside outside of their datacenters.  Organizational Security Management  Existing security mgn’t and information security life-cycle models significantly change when enterprises adopt cloud computing.
9 Cont.. 8/16/2018Eyob S.  Trust Management and Policy Integration  mechanisms are necessary to ensure that a dynamic collaboration is handled securely and that security breaches are effectively monitored during the interoperation process.  Trust Management Framework  the traditional WSDL can’t fully meet the requirements of cloud computing services description.  Data-Centric Security and Privacy  Many organizations aren’t comfortable storing their data and applications on systems that reside outside of their datacenters.  Managing Semantic Heterogeneity  Existing security mgnt and information security life-cycle models significantly change when enterprises adopt cloud computing.
C o n c l u s i o n  The existing security and privacy solutions must be critically reevaluated with regard to their appropriateness for clouds.  Many enhancements in existing solutions and newer solutions are urgently needed to ensure that cloud computing benefits are fully realized as its adoption accelerates.  Cloud computing is still in its infancy, and changes in security and privacy landscape will impact its successful, widespread adoption. 8/16/2018Eyob S. 10
Source: 8/16/2018Eyob S. • Hassan Takabi and James Joshi • partially supported by US National Science Foundation grants NSF-IIS-0545912 and NSF-CCF-0720737. • Gail-Joon Ahn • partially supported by US National Science Foundation grants (NSF-IIS-0900970 and NSFCNS-0831360), and • Department of Energy grants (DESC0004308 and DE- FG02-03ER25565
8/16/2018Eyob S.

Recommended

Research proposal on Computing Security and Reliability - Phdassistance.com
Research proposal on Computing Security and Reliability - Phdassistance.comResearch proposal on Computing Security and Reliability - Phdassistance.com
Research proposal on Computing Security and Reliability - Phdassistance.comPhD Assistance
 
Automation alley day in the cloud presentation - formatted
Automation alley day in the cloud presentation - formattedAutomation alley day in the cloud presentation - formatted
Automation alley day in the cloud presentation - formattedMatthew Moldvan
 
Information flow control for secure cloud computing
Information flow control for secure cloud computingInformation flow control for secure cloud computing
Information flow control for secure cloud computingNexgen Technology
 
BLOCKCHAIN BASED DATA SECURITY AS A SERVICE IN CLOUD PLATFORM SECURITY
BLOCKCHAIN BASED DATA SECURITY AS A SERVICE IN CLOUD PLATFORM SECURITYBLOCKCHAIN BASED DATA SECURITY AS A SERVICE IN CLOUD PLATFORM SECURITY
BLOCKCHAIN BASED DATA SECURITY AS A SERVICE IN CLOUD PLATFORM SECURITYijccsa
 
No More Dark Clouds: A Privacy Preserving Framework for the Cloud
No More Dark Clouds: A Privacy Preserving Framework for the CloudNo More Dark Clouds: A Privacy Preserving Framework for the Cloud
No More Dark Clouds: A Privacy Preserving Framework for the CloudPaaSword EU Project
 
Security Concerns in Cloud Computing
Security Concerns in Cloud ComputingSecurity Concerns in Cloud Computing
Security Concerns in Cloud Computingijtsrd
 
Data security in Hybrid Cloud Computing
Data security in Hybrid Cloud ComputingData security in Hybrid Cloud Computing
Data security in Hybrid Cloud ComputingAnushkae0001
 
Ohm2013 cloud security 101 slideshare
Ohm2013 cloud security 101 slideshareOhm2013 cloud security 101 slideshare
Ohm2013 cloud security 101 slidesharePeter HJ van Eijk
 

Recommended

Research proposal on Computing Security and Reliability - Phdassistance.com
Research proposal on Computing Security and Reliability - Phdassistance.comResearch proposal on Computing Security and Reliability - Phdassistance.com
Research proposal on Computing Security and Reliability - Phdassistance.comPhD Assistance
 
Automation alley day in the cloud presentation - formatted
Automation alley day in the cloud presentation - formattedAutomation alley day in the cloud presentation - formatted
Automation alley day in the cloud presentation - formattedMatthew Moldvan
 
Information flow control for secure cloud computing
Information flow control for secure cloud computingInformation flow control for secure cloud computing
Information flow control for secure cloud computingNexgen Technology
 
BLOCKCHAIN BASED DATA SECURITY AS A SERVICE IN CLOUD PLATFORM SECURITY
BLOCKCHAIN BASED DATA SECURITY AS A SERVICE IN CLOUD PLATFORM SECURITYBLOCKCHAIN BASED DATA SECURITY AS A SERVICE IN CLOUD PLATFORM SECURITY
BLOCKCHAIN BASED DATA SECURITY AS A SERVICE IN CLOUD PLATFORM SECURITYijccsa
 
No More Dark Clouds: A Privacy Preserving Framework for the Cloud
No More Dark Clouds: A Privacy Preserving Framework for the CloudNo More Dark Clouds: A Privacy Preserving Framework for the Cloud
No More Dark Clouds: A Privacy Preserving Framework for the CloudPaaSword EU Project
 
Security Concerns in Cloud Computing
Security Concerns in Cloud ComputingSecurity Concerns in Cloud Computing
Security Concerns in Cloud Computingijtsrd
 
Data security in Hybrid Cloud Computing
Data security in Hybrid Cloud ComputingData security in Hybrid Cloud Computing
Data security in Hybrid Cloud ComputingAnushkae0001
 
Ohm2013 cloud security 101 slideshare
Ohm2013 cloud security 101 slideshareOhm2013 cloud security 101 slideshare
Ohm2013 cloud security 101 slidesharePeter HJ van Eijk
 
Cloud computing & IAAS The Dual Edged Sword of New Technology
Cloud computing & IAAS The Dual Edged Sword of New Technology Cloud computing & IAAS The Dual Edged Sword of New Technology
Cloud computing & IAAS The Dual Edged Sword of New Technology Mekhi Da ‘Quay Daniels
 
Ariel Litvin - CCSK
Ariel Litvin - CCSKAriel Litvin - CCSK
Ariel Litvin - CCSKCSAIsrael
 
International Journal on Cloud Computing: Services and Architecture (IJCCSA)
International Journal on Cloud Computing: Services and Architecture (IJCCSA)International Journal on Cloud Computing: Services and Architecture (IJCCSA)
International Journal on Cloud Computing: Services and Architecture (IJCCSA)ijccsa
 
Challenges of Cloud Computing
Challenges of Cloud ComputingChallenges of Cloud Computing
Challenges of Cloud Computinglavanyamohan45
 
Cloud Security Governance
Cloud Security GovernanceCloud Security Governance
Cloud Security GovernanceBIJ MISHRA
 
Never Compromise Your Mission: 5 Ways to Strengthen Data and Network Security...
Never Compromise Your Mission: 5 Ways to Strengthen Data and Network Security...Never Compromise Your Mission: 5 Ways to Strengthen Data and Network Security...
Never Compromise Your Mission: 5 Ways to Strengthen Data and Network Security...Unisys Corporation
 
Cloud computing security
Cloud computing securityCloud computing security
Cloud computing securitygangal
 
IntelAdapt
IntelAdaptIntelAdapt
IntelAdaptMaggie Albrecht
 
ISACA Journal Publication - Does your Cloud have a Secure Lining? Shah Sheikh
ISACA Journal Publication - Does your Cloud have a Secure Lining? Shah SheikhISACA Journal Publication - Does your Cloud have a Secure Lining? Shah Sheikh
ISACA Journal Publication - Does your Cloud have a Secure Lining? Shah SheikhShah Sheikh
 
CCSK Certificate of Cloud Computing Knowledge - overview
CCSK Certificate of Cloud Computing Knowledge - overviewCCSK Certificate of Cloud Computing Knowledge - overview
CCSK Certificate of Cloud Computing Knowledge - overviewPeter HJ van Eijk
 
Turtles, Trust and The Future of Cybersecurity
Turtles, Trust and The Future of Cybersecurity Turtles, Trust and The Future of Cybersecurity
Turtles, Trust and The Future of Cybersecurity Digital Transformation EXPO Event Series
 
Secure the modern Enterprise
Secure the modern EnterpriseSecure the modern Enterprise
Secure the modern EnterpriseMicrosoft Österreich
 
3 rd International Conference on Cloud, Big Data and Web Services (CBW 2022)
3 rd International Conference on Cloud, Big Data and Web Services (CBW 2022)3 rd International Conference on Cloud, Big Data and Web Services (CBW 2022)
3 rd International Conference on Cloud, Big Data and Web Services (CBW 2022)ijait
 
Five cloud security tips
Five cloud security tipsFive cloud security tips
Five cloud security tipsServiceMesh
 
Getting Your IT Security Learners Ready for the Cloud with CCSK Certification
Getting Your IT Security Learners Ready for the Cloud with CCSK CertificationGetting Your IT Security Learners Ready for the Cloud with CCSK Certification
Getting Your IT Security Learners Ready for the Cloud with CCSK CertificationITpreneurs
 
Generic Security Framework for Multiple Heterogeneous Virtual Infrastructures
Generic Security Framework for Multiple Heterogeneous Virtual InfrastructuresGeneric Security Framework for Multiple Heterogeneous Virtual Infrastructures
Generic Security Framework for Multiple Heterogeneous Virtual InfrastructuresIJRES Journal
 
International Journal on Cloud Computing: Services and Architecture (IJCCSA)
International Journal on Cloud Computing: Services and Architecture (IJCCSA)International Journal on Cloud Computing: Services and Architecture (IJCCSA)
International Journal on Cloud Computing: Services and Architecture (IJCCSA)ijccsa
 
Security on distributed systems cloud security versus traditional it
Security on distributed systems cloud security versus traditional itSecurity on distributed systems cloud security versus traditional it
Security on distributed systems cloud security versus traditional itieeepondy
 
Manage Risk By Protecting the Apps and Data Infographic
Manage Risk By Protecting the Apps and Data InfographicManage Risk By Protecting the Apps and Data Infographic
Manage Risk By Protecting the Apps and Data InfographicCitrix
 
Top Trends in Cloud Computing for 2023.pptx
Top Trends in Cloud Computing for 2023.pptxTop Trends in Cloud Computing for 2023.pptx
Top Trends in Cloud Computing for 2023.pptxSaadZaman23
 
Design and implement a new cloud security method based on multi clouds on ope...
Design and implement a new cloud security method based on multi clouds on ope...Design and implement a new cloud security method based on multi clouds on ope...
Design and implement a new cloud security method based on multi clouds on ope...csandit
 
DESIGN AND IMPLEMENT A NEW CLOUD SECURITY METHOD BASED ON MULTI CLOUDS ON OPE...
DESIGN AND IMPLEMENT A NEW CLOUD SECURITY METHOD BASED ON MULTI CLOUDS ON OPE...DESIGN AND IMPLEMENT A NEW CLOUD SECURITY METHOD BASED ON MULTI CLOUDS ON OPE...
DESIGN AND IMPLEMENT A NEW CLOUD SECURITY METHOD BASED ON MULTI CLOUDS ON OPE...cscpconf
 

More Related Content

What's hot

Cloud computing & IAAS The Dual Edged Sword of New Technology
Cloud computing & IAAS The Dual Edged Sword of New Technology Cloud computing & IAAS The Dual Edged Sword of New Technology
Cloud computing & IAAS The Dual Edged Sword of New Technology Mekhi Da ‘Quay Daniels
 
Ariel Litvin - CCSK
Ariel Litvin - CCSKAriel Litvin - CCSK
Ariel Litvin - CCSKCSAIsrael
 
International Journal on Cloud Computing: Services and Architecture (IJCCSA)
International Journal on Cloud Computing: Services and Architecture (IJCCSA)International Journal on Cloud Computing: Services and Architecture (IJCCSA)
International Journal on Cloud Computing: Services and Architecture (IJCCSA)ijccsa
 
Challenges of Cloud Computing
Challenges of Cloud ComputingChallenges of Cloud Computing
Challenges of Cloud Computinglavanyamohan45
 
Cloud Security Governance
Cloud Security GovernanceCloud Security Governance
Cloud Security GovernanceBIJ MISHRA
 
Never Compromise Your Mission: 5 Ways to Strengthen Data and Network Security...
Never Compromise Your Mission: 5 Ways to Strengthen Data and Network Security...Never Compromise Your Mission: 5 Ways to Strengthen Data and Network Security...
Never Compromise Your Mission: 5 Ways to Strengthen Data and Network Security...Unisys Corporation
 
Cloud computing security
Cloud computing securityCloud computing security
Cloud computing securitygangal
 
ISACA Journal Publication - Does your Cloud have a Secure Lining? Shah Sheikh
ISACA Journal Publication - Does your Cloud have a Secure Lining? Shah SheikhISACA Journal Publication - Does your Cloud have a Secure Lining? Shah Sheikh
ISACA Journal Publication - Does your Cloud have a Secure Lining? Shah SheikhShah Sheikh
 
CCSK Certificate of Cloud Computing Knowledge - overview
CCSK Certificate of Cloud Computing Knowledge - overviewCCSK Certificate of Cloud Computing Knowledge - overview
CCSK Certificate of Cloud Computing Knowledge - overviewPeter HJ van Eijk
 
3 rd International Conference on Cloud, Big Data and Web Services (CBW 2022)
3 rd International Conference on Cloud, Big Data and Web Services (CBW 2022)3 rd International Conference on Cloud, Big Data and Web Services (CBW 2022)
3 rd International Conference on Cloud, Big Data and Web Services (CBW 2022)ijait
 
Five cloud security tips
Five cloud security tipsFive cloud security tips
Five cloud security tipsServiceMesh
 
Getting Your IT Security Learners Ready for the Cloud with CCSK Certification
Getting Your IT Security Learners Ready for the Cloud with CCSK CertificationGetting Your IT Security Learners Ready for the Cloud with CCSK Certification
Getting Your IT Security Learners Ready for the Cloud with CCSK CertificationITpreneurs
 
Generic Security Framework for Multiple Heterogeneous Virtual Infrastructures
Generic Security Framework for Multiple Heterogeneous Virtual InfrastructuresGeneric Security Framework for Multiple Heterogeneous Virtual Infrastructures
Generic Security Framework for Multiple Heterogeneous Virtual InfrastructuresIJRES Journal
 
International Journal on Cloud Computing: Services and Architecture (IJCCSA)
International Journal on Cloud Computing: Services and Architecture (IJCCSA)International Journal on Cloud Computing: Services and Architecture (IJCCSA)
International Journal on Cloud Computing: Services and Architecture (IJCCSA)ijccsa
 
Security on distributed systems cloud security versus traditional it
Security on distributed systems cloud security versus traditional itSecurity on distributed systems cloud security versus traditional it
Security on distributed systems cloud security versus traditional itieeepondy
 
Manage Risk By Protecting the Apps and Data Infographic
Manage Risk By Protecting the Apps and Data InfographicManage Risk By Protecting the Apps and Data Infographic
Manage Risk By Protecting the Apps and Data InfographicCitrix
 

What's hot (19)

Cloud computing & IAAS The Dual Edged Sword of New Technology
Cloud computing & IAAS The Dual Edged Sword of New Technology Cloud computing & IAAS The Dual Edged Sword of New Technology
Cloud computing & IAAS The Dual Edged Sword of New Technology
 
Ariel Litvin - CCSK
Ariel Litvin - CCSKAriel Litvin - CCSK
Ariel Litvin - CCSK
 
International Journal on Cloud Computing: Services and Architecture (IJCCSA)
International Journal on Cloud Computing: Services and Architecture (IJCCSA)International Journal on Cloud Computing: Services and Architecture (IJCCSA)
International Journal on Cloud Computing: Services and Architecture (IJCCSA)
 
Challenges of Cloud Computing
Challenges of Cloud ComputingChallenges of Cloud Computing
Challenges of Cloud Computing
 
Cloud Security Governance
Cloud Security GovernanceCloud Security Governance
Cloud Security Governance
 
Never Compromise Your Mission: 5 Ways to Strengthen Data and Network Security...
Never Compromise Your Mission: 5 Ways to Strengthen Data and Network Security...Never Compromise Your Mission: 5 Ways to Strengthen Data and Network Security...
Never Compromise Your Mission: 5 Ways to Strengthen Data and Network Security...
 
Cloud computing security
Cloud computing securityCloud computing security
Cloud computing security
 
IntelAdapt
IntelAdaptIntelAdapt
IntelAdapt
 
ISACA Journal Publication - Does your Cloud have a Secure Lining? Shah Sheikh
ISACA Journal Publication - Does your Cloud have a Secure Lining? Shah SheikhISACA Journal Publication - Does your Cloud have a Secure Lining? Shah Sheikh
ISACA Journal Publication - Does your Cloud have a Secure Lining? Shah Sheikh
 
CCSK Certificate of Cloud Computing Knowledge - overview
CCSK Certificate of Cloud Computing Knowledge - overviewCCSK Certificate of Cloud Computing Knowledge - overview
CCSK Certificate of Cloud Computing Knowledge - overview
 
Turtles, Trust and The Future of Cybersecurity
Turtles, Trust and The Future of Cybersecurity Turtles, Trust and The Future of Cybersecurity
Turtles, Trust and The Future of Cybersecurity
 
Secure the modern Enterprise
Secure the modern EnterpriseSecure the modern Enterprise
Secure the modern Enterprise
 
3 rd International Conference on Cloud, Big Data and Web Services (CBW 2022)
3 rd International Conference on Cloud, Big Data and Web Services (CBW 2022)3 rd International Conference on Cloud, Big Data and Web Services (CBW 2022)
3 rd International Conference on Cloud, Big Data and Web Services (CBW 2022)
 
Five cloud security tips
Five cloud security tipsFive cloud security tips
Five cloud security tips
 
Getting Your IT Security Learners Ready for the Cloud with CCSK Certification
Getting Your IT Security Learners Ready for the Cloud with CCSK CertificationGetting Your IT Security Learners Ready for the Cloud with CCSK Certification
Getting Your IT Security Learners Ready for the Cloud with CCSK Certification
 
Generic Security Framework for Multiple Heterogeneous Virtual Infrastructures
Generic Security Framework for Multiple Heterogeneous Virtual InfrastructuresGeneric Security Framework for Multiple Heterogeneous Virtual Infrastructures
Generic Security Framework for Multiple Heterogeneous Virtual Infrastructures
 
International Journal on Cloud Computing: Services and Architecture (IJCCSA)
International Journal on Cloud Computing: Services and Architecture (IJCCSA)International Journal on Cloud Computing: Services and Architecture (IJCCSA)
International Journal on Cloud Computing: Services and Architecture (IJCCSA)
 
Security on distributed systems cloud security versus traditional it
Security on distributed systems cloud security versus traditional itSecurity on distributed systems cloud security versus traditional it
Security on distributed systems cloud security versus traditional it
 
Manage Risk By Protecting the Apps and Data Infographic
Manage Risk By Protecting the Apps and Data InfographicManage Risk By Protecting the Apps and Data Infographic
Manage Risk By Protecting the Apps and Data Infographic
 

Similar to Security and Privacy Challenges in Cloud Computing Environments

Top Trends in Cloud Computing for 2023.pptx
Top Trends in Cloud Computing for 2023.pptxTop Trends in Cloud Computing for 2023.pptx
Top Trends in Cloud Computing for 2023.pptxSaadZaman23
 
Design and implement a new cloud security method based on multi clouds on ope...
Design and implement a new cloud security method based on multi clouds on ope...Design and implement a new cloud security method based on multi clouds on ope...
Design and implement a new cloud security method based on multi clouds on ope...csandit
 
DESIGN AND IMPLEMENT A NEW CLOUD SECURITY METHOD BASED ON MULTI CLOUDS ON OPE...
DESIGN AND IMPLEMENT A NEW CLOUD SECURITY METHOD BASED ON MULTI CLOUDS ON OPE...DESIGN AND IMPLEMENT A NEW CLOUD SECURITY METHOD BASED ON MULTI CLOUDS ON OPE...
DESIGN AND IMPLEMENT A NEW CLOUD SECURITY METHOD BASED ON MULTI CLOUDS ON OPE...cscpconf
 
Strategies for assessing cloud security
Strategies for assessing cloud securityStrategies for assessing cloud security
Strategies for assessing cloud securityArun Gopinath
 
Ast 0064255 strategies-for_assessing_cloud_security
Ast 0064255 strategies-for_assessing_cloud_securityAst 0064255 strategies-for_assessing_cloud_security
Ast 0064255 strategies-for_assessing_cloud_securityAccenture
 
Security and Privacy Solutions in Cloud Computing at Openstack to Sustain Use...
Security and Privacy Solutions in Cloud Computing at Openstack to Sustain Use...Security and Privacy Solutions in Cloud Computing at Openstack to Sustain Use...
Security and Privacy Solutions in Cloud Computing at Openstack to Sustain Use...Zac Darcy
 
SECURITY AND PRIVACY SOLUTIONS IN CLOUD COMPUTING AT OPENSTACK TO SUSTAIN USE...
SECURITY AND PRIVACY SOLUTIONS IN CLOUD COMPUTING AT OPENSTACK TO SUSTAIN USE...SECURITY AND PRIVACY SOLUTIONS IN CLOUD COMPUTING AT OPENSTACK TO SUSTAIN USE...
SECURITY AND PRIVACY SOLUTIONS IN CLOUD COMPUTING AT OPENSTACK TO SUSTAIN USE...Zac Darcy
 
Module 5-cloud computing-SECURITY IN THE CLOUD
Module 5-cloud computing-SECURITY IN THE CLOUDModule 5-cloud computing-SECURITY IN THE CLOUD
Module 5-cloud computing-SECURITY IN THE CLOUDSweta Kumari Barnwal
 
Cloud is not an option, but is security?
Cloud is not an option, but is security?Cloud is not an option, but is security?
Cloud is not an option, but is security?Jody Keyser
 
Legal And Regulatory Issues Cloud Computing...V2.0
Legal And Regulatory Issues Cloud Computing...V2.0Legal And Regulatory Issues Cloud Computing...V2.0
Legal And Regulatory Issues Cloud Computing...V2.0David Spinks
 
SECURITY CONCERN ON CLOUD BASED ON ATTRIBUTES: AN SURVEY
SECURITY CONCERN ON CLOUD BASED ON ATTRIBUTES: AN SURVEYSECURITY CONCERN ON CLOUD BASED ON ATTRIBUTES: AN SURVEY
SECURITY CONCERN ON CLOUD BASED ON ATTRIBUTES: AN SURVEYEditor Jacotech
 
Cloud computing risk assesment report
Cloud computing risk assesment reportCloud computing risk assesment report
Cloud computing risk assesment reportAhmad El Tawil
 
The Management of Security in Cloud Computing Ramgovind.docx
The Management of Security in Cloud Computing Ramgovind.docxThe Management of Security in Cloud Computing Ramgovind.docx
The Management of Security in Cloud Computing Ramgovind.docxcherry686017
 
glenn_amblercloud_security_ncc_event_22-may-2012_v1 (9)
glenn_amblercloud_security_ncc_event_22-may-2012_v1 (9)glenn_amblercloud_security_ncc_event_22-may-2012_v1 (9)
glenn_amblercloud_security_ncc_event_22-may-2012_v1 (9)Glenn Ambler
 

Similar to Security and Privacy Challenges in Cloud Computing Environments (20)

Top Trends in Cloud Computing for 2023.pptx
Top Trends in Cloud Computing for 2023.pptxTop Trends in Cloud Computing for 2023.pptx
Top Trends in Cloud Computing for 2023.pptx
 
Design and implement a new cloud security method based on multi clouds on ope...
Design and implement a new cloud security method based on multi clouds on ope...Design and implement a new cloud security method based on multi clouds on ope...
Design and implement a new cloud security method based on multi clouds on ope...
 
DESIGN AND IMPLEMENT A NEW CLOUD SECURITY METHOD BASED ON MULTI CLOUDS ON OPE...
DESIGN AND IMPLEMENT A NEW CLOUD SECURITY METHOD BASED ON MULTI CLOUDS ON OPE...DESIGN AND IMPLEMENT A NEW CLOUD SECURITY METHOD BASED ON MULTI CLOUDS ON OPE...
DESIGN AND IMPLEMENT A NEW CLOUD SECURITY METHOD BASED ON MULTI CLOUDS ON OPE...
 
Cloud Computing & Security Concerns
Cloud Computing & Security ConcernsCloud Computing & Security Concerns
Cloud Computing & Security Concerns
 
Strategies for assessing cloud security
Strategies for assessing cloud securityStrategies for assessing cloud security
Strategies for assessing cloud security
 
Strategies for assessing cloud security
Strategies for assessing cloud securityStrategies for assessing cloud security
Strategies for assessing cloud security
 
Ast 0064255 strategies-for_assessing_cloud_security
Ast 0064255 strategies-for_assessing_cloud_securityAst 0064255 strategies-for_assessing_cloud_security
Ast 0064255 strategies-for_assessing_cloud_security
 
Security and Privacy Solutions in Cloud Computing at Openstack to Sustain Use...
Security and Privacy Solutions in Cloud Computing at Openstack to Sustain Use...Security and Privacy Solutions in Cloud Computing at Openstack to Sustain Use...
Security and Privacy Solutions in Cloud Computing at Openstack to Sustain Use...
 
SECURITY AND PRIVACY SOLUTIONS IN CLOUD COMPUTING AT OPENSTACK TO SUSTAIN USE...
SECURITY AND PRIVACY SOLUTIONS IN CLOUD COMPUTING AT OPENSTACK TO SUSTAIN USE...SECURITY AND PRIVACY SOLUTIONS IN CLOUD COMPUTING AT OPENSTACK TO SUSTAIN USE...
SECURITY AND PRIVACY SOLUTIONS IN CLOUD COMPUTING AT OPENSTACK TO SUSTAIN USE...
 
Ad4502189193
Ad4502189193Ad4502189193
Ad4502189193
 
Module 5-cloud computing-SECURITY IN THE CLOUD
Module 5-cloud computing-SECURITY IN THE CLOUDModule 5-cloud computing-SECURITY IN THE CLOUD
Module 5-cloud computing-SECURITY IN THE CLOUD
 
Cloud is not an option, but is security?
Cloud is not an option, but is security?Cloud is not an option, but is security?
Cloud is not an option, but is security?
 
Legal And Regulatory Issues Cloud Computing...V2.0
Legal And Regulatory Issues Cloud Computing...V2.0Legal And Regulatory Issues Cloud Computing...V2.0
Legal And Regulatory Issues Cloud Computing...V2.0
 
SECURITY CONCERN ON CLOUD BASED ON ATTRIBUTES: AN SURVEY
SECURITY CONCERN ON CLOUD BASED ON ATTRIBUTES: AN SURVEYSECURITY CONCERN ON CLOUD BASED ON ATTRIBUTES: AN SURVEY
SECURITY CONCERN ON CLOUD BASED ON ATTRIBUTES: AN SURVEY
 
1376843836 94879193
1376843836 948791931376843836 94879193
1376843836 94879193
 
1376843836 94879193
1376843836 948791931376843836 94879193
1376843836 94879193
 
Cloud computing risk assesment report
Cloud computing risk assesment reportCloud computing risk assesment report
Cloud computing risk assesment report
 
J3602068071
J3602068071J3602068071
J3602068071
 
The Management of Security in Cloud Computing Ramgovind.docx
The Management of Security in Cloud Computing Ramgovind.docxThe Management of Security in Cloud Computing Ramgovind.docx
The Management of Security in Cloud Computing Ramgovind.docx
 
glenn_amblercloud_security_ncc_event_22-may-2012_v1 (9)
glenn_amblercloud_security_ncc_event_22-may-2012_v1 (9)glenn_amblercloud_security_ncc_event_22-may-2012_v1 (9)
glenn_amblercloud_security_ncc_event_22-may-2012_v1 (9)
 

More from Eyob Sisay

Lec 9 conclusion
Lec 9 conclusionLec 9 conclusion
Lec 9 conclusionEyob Sisay
 
Lec 8 ai implementation
Lec 8 ai implementationLec 8 ai implementation
Lec 8 ai implementationEyob Sisay
 
Lec 7 genetic algorithms
Lec 7 genetic algorithmsLec 7 genetic algorithms
Lec 7 genetic algorithmsEyob Sisay
 
Lec 6 learning
Lec 6 learningLec 6 learning
Lec 6 learningEyob Sisay
 
Lec 5 uncertainty
Lec 5 uncertaintyLec 5 uncertainty
Lec 5 uncertaintyEyob Sisay
 
Lec 4 expert systems
Lec 4 expert systemsLec 4 expert systems
Lec 4 expert systemsEyob Sisay
 
Lec 3 1 reasoning
Lec 3 1 reasoningLec 3 1 reasoning
Lec 3 1 reasoningEyob Sisay
 
Lec 3 knowledge acquisition representation and inference
Lec 3 knowledge acquisition representation and inferenceLec 3 knowledge acquisition representation and inference
Lec 3 knowledge acquisition representation and inferenceEyob Sisay
 
Lec 2 1 informed search
Lec 2 1 informed searchLec 2 1 informed search
Lec 2 1 informed searchEyob Sisay
 
Lec 0 about the course
Lec 0 about the courseLec 0 about the course
Lec 0 about the courseEyob Sisay
 
Lec 1 introduction
Lec 1 introductionLec 1 introduction
Lec 1 introductionEyob Sisay
 
A Survey on Wireless Mesh Networks (WMN)
A Survey on Wireless Mesh Networks (WMN)A Survey on Wireless Mesh Networks (WMN)
A Survey on Wireless Mesh Networks (WMN)Eyob Sisay
 

More from Eyob Sisay (13)

Lec 9 conclusion
Lec 9 conclusionLec 9 conclusion
Lec 9 conclusion
 
Lec 8 ai implementation
Lec 8 ai implementationLec 8 ai implementation
Lec 8 ai implementation
 
Lec 7 genetic algorithms
Lec 7 genetic algorithmsLec 7 genetic algorithms
Lec 7 genetic algorithms
 
Lec 6 learning
Lec 6 learningLec 6 learning
Lec 6 learning
 
Lec 5 uncertainty
Lec 5 uncertaintyLec 5 uncertainty
Lec 5 uncertainty
 
Lec 4 expert systems
Lec 4 expert systemsLec 4 expert systems
Lec 4 expert systems
 
Lec 3 1 reasoning
Lec 3 1 reasoningLec 3 1 reasoning
Lec 3 1 reasoning
 
Lec 3 knowledge acquisition representation and inference
Lec 3 knowledge acquisition representation and inferenceLec 3 knowledge acquisition representation and inference
Lec 3 knowledge acquisition representation and inference
 
Lec 2 1 informed search
Lec 2 1 informed searchLec 2 1 informed search
Lec 2 1 informed search
 
Lec 2 agents
Lec 2 agentsLec 2 agents
Lec 2 agents
 
Lec 0 about the course
Lec 0 about the courseLec 0 about the course
Lec 0 about the course
 
Lec 1 introduction
Lec 1 introductionLec 1 introduction
Lec 1 introduction
 
A Survey on Wireless Mesh Networks (WMN)
A Survey on Wireless Mesh Networks (WMN)A Survey on Wireless Mesh Networks (WMN)
A Survey on Wireless Mesh Networks (WMN)
 

Recently uploaded

Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)wesley chun
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUK Journal
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 

Recently uploaded (20)

Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 

Security and Privacy Challenges in Cloud Computing Environments

  • 1.
  • 2. Security and Privacy Challenges in Cloud Computing Environments Presentation By: Mr. Eyob Sisay (RM0231/10), School of Electrical and Computer Engineering, Jimma Institute of Technology, Jimma University, Ethiopia W e l c o m e !
  • 3. Discussion Points:  Introduction  Unique Security and Privacy Implications  Security and Privacy Challenges  Security and Privacy Approaches  Conclusions 8/16/2018Eyob S.
  • 4. I n t r o d u c t i o n  Cloud computing could significantly enhance collaboration, agility, and scale, thus enabling global computing model.  Five Key Characteristics: 1. On demand self-service 2. Ubiquitous network access 3. Location independent resource pooling 4. Rapid elasticity 5. Measured service - automated resource allocation, load balancing, and metering tools. 18/16/2018Eyob S.
  • 5. 2 Cont.. 8/16/2018Eyob S.  The three key cloud delivery models: 1. Software as a Service (SaaS)  application software as on-demand services 2. Platform as a Service (PaaS)  programming environments 3. Infrastructure as a Service (IaaS)  virtualized infrastructural components: VMs, storages  Four Cloud deployment models:  public, private, community, and  hybrid clouds.
  • 6. Unique Security and Privacy Implications in Cloud Computing  Outsourcing Data and Applications  only authorized entities can gain access  Clients need to have significant trust in their provider’s technical competence and economic stability.  Extensibility and Shared Responsibility  The sharing levels will differ for different delivery models  Issues: access policies, application deployment, and data access and protection to provide a secure, multi-tenant environment. 38/16/2018Eyob S.
  • 7. 4 Cont.. 8/16/2018Eyob S.  Service-Level Agreements  The on-demand service or utility-based economic model, dynamicity  to build a new layer to support a contract negotiation phase between service providers and consumers, to monitor contract enforcement.  Virtualization and Hypervisors  abstract infrastructure and resources exist to clients as isolated VMs.  multiple operating systems run on a host computer concurrently  Heterogeneity  a potential issue with vertical heterogeneity and multi-tenant env’t,  Compliance and Regulations  cloud services accessible from anywhere and at anytime.
  • 8. Security and Privacy Challenges  Authentication and Identity Management  Existing password-based authentication has an inherited limitation  multi-jurisdiction, and providers must segregate customer identity  Access Control and Accounting  The access control models must capture relevant aspects of SLAs.  The utility model of clouds demands proper accounting of user and service activities. The outsourcing and multi-tenancy aspects of clouds could accelerate customers’ fears about accounting logs. 58/16/2018Eyob S.
  • 9. 6 Cont.. 8/16/2018Eyob S.  Trust Management and Policy Integration  mechanisms are necessary to ensure that a dynamic collaboration is handled securely and that security breaches are effectively monitored during the interoperation process.  Secure-Service Management  the traditional WSDL can’t fully meet the requirements of cloud computing services description.  Privacy and Data Protection  Many organizations aren’t comfortable storing their data and applications on systems that reside outside of their datacenters.  Organizational Security Management  Existing security mgn’t and information security life-cycle models significantly change when enterprises adopt cloud computing.
  • 10. Security and Privacy Approaches  Authentication and Identity Management  Access Control Needs  Secure Interoperation  Secure-Service Provisioning and Composition  Trust Management Framework  Data-Centric Security and Privacy  Managing Semantic Heterogeneity 78/16/2018Eyob S.
  • 11. 8 Cont.. 8/16/2018Eyob S.  Authentication and Identity Management  mechanisms are necessary to ensure that a dynamic collaboration is handled securely and that security breaches are effectively monitored during the interoperation process.  Access Control Needs  the traditional WSDL can’t fully meet the requirements of cloud computing services description.  Secure Interoperation  Many organizations aren’t comfortable storing their data and applications on systems that reside outside of their datacenters.  Organizational Security Management  Existing security mgn’t and information security life-cycle models significantly change when enterprises adopt cloud computing.
  • 12. 9 Cont.. 8/16/2018Eyob S.  Trust Management and Policy Integration  mechanisms are necessary to ensure that a dynamic collaboration is handled securely and that security breaches are effectively monitored during the interoperation process.  Trust Management Framework  the traditional WSDL can’t fully meet the requirements of cloud computing services description.  Data-Centric Security and Privacy  Many organizations aren’t comfortable storing their data and applications on systems that reside outside of their datacenters.  Managing Semantic Heterogeneity  Existing security mgnt and information security life-cycle models significantly change when enterprises adopt cloud computing.
  • 13. C o n c l u s i o n  The existing security and privacy solutions must be critically reevaluated with regard to their appropriateness for clouds.  Many enhancements in existing solutions and newer solutions are urgently needed to ensure that cloud computing benefits are fully realized as its adoption accelerates.  Cloud computing is still in its infancy, and changes in security and privacy landscape will impact its successful, widespread adoption. 8/16/2018Eyob S. 10
  • 14. Source: 8/16/2018Eyob S. • Hassan Takabi and James Joshi • partially supported by US National Science Foundation grants NSF-IIS-0545912 and NSF-CCF-0720737. • Gail-Joon Ahn • partially supported by US National Science Foundation grants (NSF-IIS-0900970 and NSFCNS-0831360), and • Department of Energy grants (DESC0004308 and DE- FG02-03ER25565

Editor's Notes

  1. cloud service providers control and optimize the use of computing resources through automated resource allocation, load balancing, and metering tools.
  2. Outsourcing Data and Applications only authorized entities can gain access to the data. Clients need to have significant trust in their provider’s technical competence and economic stability. Multi-tenancy - allows cloud providers to manage resource utilization by partitioning a virtualized, shared infrastructure among various customers.
  3. It records a common understanding about services, priorities, responsibilities, guarantees, and warranties.
  4. - trust framework and maintain trust to adaptively support policy integration. - many cloud service providers use the Web Services Description Language(WSDL)