Unique Security and Privacy Implications, Analyzing Route Security Properties and Open Areas for Research in Cloud Computing starting from its characteristics like: on-demand (it functions when needed), rapid elasticity (scaling up or down) and resource utilization enhances by automated resource allocation, load balancing, and metering tools.
Presentation on how to chat with PDF using ChatGPT code interpreter
Security and Privacy Challenges in Cloud Computing Environments
1.
2. Security and Privacy Challenges in
Cloud Computing Environments
Presentation
By: Mr. Eyob Sisay (RM0231/10),
School of Electrical and Computer Engineering,
Jimma Institute of Technology,
Jimma University,
Ethiopia
W e l c o m e !
3. Discussion Points:
Introduction
Unique Security and Privacy Implications
Security and Privacy Challenges
Security and Privacy Approaches
Conclusions
8/16/2018Eyob S.
4. I n t r o d u c t i o n
Cloud computing could significantly enhance collaboration,
agility, and scale, thus enabling global computing model.
Five Key Characteristics:
1. On demand self-service
2. Ubiquitous network access
3. Location independent resource pooling
4. Rapid elasticity
5. Measured service - automated resource allocation, load balancing, and metering tools.
18/16/2018Eyob S.
5. 2
Cont..
8/16/2018Eyob S.
The three key cloud delivery models:
1. Software as a Service (SaaS)
application software as on-demand services
2. Platform as a Service (PaaS)
programming environments
3. Infrastructure as a Service (IaaS)
virtualized infrastructural components: VMs, storages
Four Cloud deployment models:
public, private, community, and
hybrid clouds.
6. Unique Security and Privacy
Implications in Cloud Computing
Outsourcing Data and Applications
only authorized entities can gain access
Clients need to have significant trust in their provider’s technical
competence and economic stability.
Extensibility and Shared Responsibility
The sharing levels will differ for different delivery models
Issues: access policies, application deployment, and data access and
protection to provide a secure, multi-tenant environment.
38/16/2018Eyob S.
7. 4
Cont..
8/16/2018Eyob S.
Service-Level Agreements
The on-demand service or utility-based economic model, dynamicity
to build a new layer to support a contract negotiation phase between
service providers and consumers, to monitor contract enforcement.
Virtualization and Hypervisors
abstract infrastructure and resources exist to clients as isolated VMs.
multiple operating systems run on a host computer concurrently
Heterogeneity
a potential issue with vertical heterogeneity and multi-tenant env’t,
Compliance and Regulations
cloud services accessible from anywhere and at anytime.
8. Security and Privacy Challenges
Authentication and Identity Management
Existing password-based authentication has an inherited limitation
multi-jurisdiction, and providers must segregate customer identity
Access Control and Accounting
The access control models must capture relevant aspects of SLAs.
The utility model of clouds demands proper accounting of user and
service activities. The outsourcing and multi-tenancy aspects of
clouds could accelerate customers’ fears about accounting logs.
58/16/2018Eyob S.
9. 6
Cont..
8/16/2018Eyob S.
Trust Management and Policy Integration
mechanisms are necessary to ensure that a dynamic collaboration is
handled securely and that security breaches are effectively monitored
during the interoperation process.
Secure-Service Management
the traditional WSDL can’t fully meet the requirements of cloud
computing services description.
Privacy and Data Protection
Many organizations aren’t comfortable storing their data and
applications on systems that reside outside of their datacenters.
Organizational Security Management
Existing security mgn’t and information security life-cycle models
significantly change when enterprises adopt cloud computing.
10. Security and Privacy Approaches
Authentication and Identity Management
Access Control Needs
Secure Interoperation
Secure-Service Provisioning and Composition
Trust Management Framework
Data-Centric Security and Privacy
Managing Semantic Heterogeneity
78/16/2018Eyob S.
11. 8
Cont..
8/16/2018Eyob S.
Authentication and Identity Management
mechanisms are necessary to ensure that a dynamic collaboration is
handled securely and that security breaches are effectively monitored
during the interoperation process.
Access Control Needs
the traditional WSDL can’t fully meet the requirements of cloud
computing services description.
Secure Interoperation
Many organizations aren’t comfortable storing their data and
applications on systems that reside outside of their datacenters.
Organizational Security Management
Existing security mgn’t and information security life-cycle models
significantly change when enterprises adopt cloud computing.
12. 9
Cont..
8/16/2018Eyob S.
Trust Management and Policy Integration
mechanisms are necessary to ensure that a dynamic collaboration is
handled securely and that security breaches are effectively monitored
during the interoperation process.
Trust Management Framework
the traditional WSDL can’t fully meet the requirements of cloud
computing services description.
Data-Centric Security and Privacy
Many organizations aren’t comfortable storing their data and
applications on systems that reside outside of their datacenters.
Managing Semantic Heterogeneity
Existing security mgnt and information security life-cycle models
significantly change when enterprises adopt cloud computing.
13. C o n c l u s i o n
The existing security and privacy solutions must be critically
reevaluated with regard to their appropriateness for clouds.
Many enhancements in existing solutions and newer solutions
are urgently needed to ensure that cloud computing benefits
are fully realized as its adoption accelerates.
Cloud computing is still in its infancy, and changes in
security and privacy landscape will impact its successful,
widespread adoption.
8/16/2018Eyob S.
10
14. Source:
8/16/2018Eyob S.
• Hassan Takabi and James Joshi
• partially supported by US National Science Foundation
grants NSF-IIS-0545912 and NSF-CCF-0720737.
• Gail-Joon Ahn
• partially supported by US National Science Foundation
grants (NSF-IIS-0900970 and NSFCNS-0831360), and
• Department of Energy grants (DESC0004308 and DE-
FG02-03ER25565
cloud service providers control and optimize the use
of computing resources through automated resource
allocation, load balancing, and metering tools.
Outsourcing Data and Applications
only authorized entities can gain access to the data.
Clients need to have significant trust in their provider’s technical competence and economic stability.
Multi-tenancy - allows cloud providers to manage resource utilization by partitioning a virtualized, shared infrastructure among various customers.
It records a common understanding about services, priorities, responsibilities, guarantees, and warranties.
- trust framework and maintain trust to adaptively support policy integration.
- many cloud service providers use the Web Services Description Language(WSDL)