SlideShare a Scribd company logo

Cloud computing and data security

Mohammed Fazuluddin
Mohammed Fazuluddin

The document discusses cloud computing and data security. It provides an overview of cloud computing including deployment models, service models, and sub-service models. It also discusses key aspects of cloud data security such as authentication using OTP, encryption of data using strong algorithms, and ensuring data integrity through hashing. The proposed cloud data security model uses three levels of defense - strong authentication through OTP, automatic encryption of data using a fast and strong algorithm, and fast recovery of user data.

Technology
1 of 28
Cloud Computing and Data Security BASICS OF CLOUD COMPUTING AND DATA SECURITY @MOHAMMED FAZULUDDIN
Topics • Overview of Cloud Computing • Cloud Computing Providers • Cloud Computing Deployment Models • Cloud Computing Models • Cloud Computing Sub-services Models • Cloud Data Security
Overview of Cloud Computing • Cloud computing provides the ability to scale to tens of thousands of systems, as well as the ability to massively scale bandwidth and storage space. • Cloud computing might be confused with distributed system, grid computing, utility computing, service oriented architecture, web application, web 2.0, broadband network, browser as a platform,Virtualization and free/open software. • Cloud computing is a natural evolution of the widespread adoption of virtualization, service-oriented architecture, autonomic and utility computing. • Cloud services exhibit five essential characteristics that demonstrate their relation to, and differences from, traditional computing approaches such as on-demand self-service, broad network access, resource pooling, rapid elasticity and measured service. • Cloud computing often leverages massive scale, homogeneity, virtualization, resilient computing (no stop computing), low cost/free software, geographic distribution, service orientation software and advanced security technologies.
Overview of Cloud Computing • Lower computer costs, improved performance, reduced software costs, instant software updates, improved document format compatibility, unlimited storage capacity, device independence, and increased data reliability. • Cloud computing is based on five attributes… • Multi-tenancy (shared resources). • Massive scalability. • Elasticity. • Pay as you go . • Self-provisioning of resources. • It makes new improvements in processors,Virtualization technology, disk storage, broadband Internet connection, and combined fast, inexpensive servers to make the cloud to be a more compelling solution.
Overview of Cloud Computing • Multi-tenancy (shared resources): Cloud computing is based on a business model in which resources are shared (i.e., multiple users use the same resource) at the network level, host level and application level. • Multi-tenancy (shared resources): Cloud computing is based on a business model in which resources are shared (i.e., multiple users use the same resource) at the network level, host level and application level. • Massive scalability: Cloud computing provides the ability to scale to tens of thousands of systems, as well as the ability to massively scale bandwidth and storage space. • Elasticity: Users can rapidly increase and decrease their computing resources as needed; Pay as you used: Users to pay for only the resources they actually use and for only the time they require them. • Self-provisioning of resources: Users’ self-provision resources, such as additional systems (processing capability, software, storage) and network resources.
Overview of Cloud Computing
Cloud Computing Providers • Following are the list of cloud computing providers... • AWS (amazon web services)—includeAmazon S3, Amazon EC2, Amazon Simple- DB,Amazon SQS,Amazon FPS, and others. • Salesforce.com—Delivers businesses over the internet using the software as a service model. • GoogleApps—Software-as-a-service for business email, information sharing and security. • And others providers such as • Microsoft Azure Services Platform • Proof-point • Sun Open Cloud Platform • Workday, etc..
Cloud Computing Deployment Models • Private cloud : • This model doesn’t bring much in terms of cost efficiency, it is comparable to buying, building and managing your own infrastructure. • It brings in tremendous value from a security point of view. • Security concerns are addressed through secure-accessVPN or by the physical location within the client’s firewall system. • Community cloud: • In the community deployment model, the cloud infrastructure is shared by several organizations with the same policy and compliance considerations. • This helps to further reduce costs as compared to a private cloud, as it is shared by larger group.
Cloud Computing Deployment Models • Public cloud: • The public cloud deployment model represents true cloud hosting. • In this deployment model, services and infrastructure are provided to various clients, google is an example of a public cloud. • This service can be provided by a vendor free of charge or on the basis of a pay-per-user license policy. • Hybrid cloud: • This deployment model helps businesses to take advantage of secured applications and data hosting on a private cloud, while still enjoying cost benefits by keeping shared data and applications on the public cloud. • This model is also used for handling cloud bursting, which refers to a scenario where the existing private cloud infrastructure is not able to handle load spikes and requires a fallback option to support the load.
Cloud Computing Models • Cloud SaaS (software as a service): • Application and information clouds. • Use provider’s applications over a network, cloud provider examples Zoho, Salesforce.com, and Google Apps. • Cloud PaaS (platform as a service): • Development clouds. • Deploy customer-created applications to a cloud, cloud provider examplesWindows Azure, Google App Engine and Aptana Cloud. • Cloud IaaS (infrastructure as a service): • Infrastructure clouds. • Rent processing, storage. • network capacity. • Other fundamental computing resources like Dropbox, AmazonWeb Services, Mozy and Akamai.
Cloud Computing Sub-services Models • IaaS: DBaaS (database-as-a-service): DBaaS allows the access and use of a database management system as a service. • PaaS: STaaS (storage-as-a-service): STaaS involves the delivery of data storage as a service, including database-like services, often billed on a utility computing basis, e.g., per gigabyte per month. • SaaS: CaaS (communications-as-a-service): CaaS is the delivery of an enterprise communications solution, such asVoice over IP, instant messaging, and video conferencing applications as a service. • SaaS: SECaaS (security-as-a-service): SECaaS is the security of business networks and mobile networks through the Internet for events, database, application, transaction, and system incidents.
Cloud Computing Sub-services Models • SaaS: MaaS (monitoring-as-a-service): MaaS refers to the delivery of second-tier infrastructure components, such as log management and asset tracking, as a service. • PaaS: DTaaS (desktop-as-a-service): DTaaS is the decoupling of a user’s physical machine from the desktop and software he or she uses to work. • IaaS: CCaaS (compute capacity-as-a-service): CCaaS is the provision of “raw” computing resource, typically used in the execution of mathematically complex models from either a single “supercomputer” resource or a large number of distributed computing resources where the task performs well .
Cloud Data Security • Cloud computing, all your data is stored on the cloud, so cloud users ask some questions like: How secure is the cloud? Can unauthorized users gain access to your confidential data?. • Cloud computing companies say that data is secure, but it is too early to be completely sure of that. Only time will tell if your data is secure in the cloud. • Cloud security concerns arising which both customer data and program are residing in provider premises. • While cost and ease of use are two great benefits of cloud computing, there are significant security concerns that need to be addressed when considering moving critical applications and sensitive data to public and shared cloud environments.
Cloud Data Security • To address these concerns, the cloud provider must develop sufficient controls to provide the same or a greater. • level of security than the organization would have if the cloud were not used. • There are three types of data in cloud computing • Data in transit (transmission data) • Data at rest (storage data) • Data in processing (processing data). • Clouds are massively complex systems can be reduced to simple primitives that are replicated thousands of times and common functional units. • These complexities create many issues related to security as well as all aspects of Cloud computing.
Cloud Data Security • Security of data and trust problem has always been a primary and challenging issue in cloud computing. • focuses on enhancing security by using… • OTP authentication system. • Check data integrity by using hashing algorithms. • Encrypt data automatically with the highest strong/ fast encryption algorithm and finally ensure the fast recovery of data. • Most cloud computing providers.. • Authenticates (e.g.,Transfer usernames and password) via secure connections and secondly, • Transfer (e.g., via HTTPS) data securely to/from their servers (so-called “data in transit encrypts stored data (so-called “data at rest”) automatically. • The authorization, the process of granting access to requested resources, is pointless without suitable authentication.
Cloud Data Security • In cloud computing, to ensure correctness of user data, in first, user must be make authentication. • Authentication is the process of validating or confirming that access credentials provided by a user (for instance, a user ID and password) are valid. • When organizations begin to utilize applications in the cloud, authenticating users in a trustworthy and manageable manner becomes an additional challenge. • Organizations must address authentication-related challenges such as credential management, strong authentication, delegated authentication, and trust across all types of cloud delivery models (SPI).
Cloud Data Security • data security model must ensure… • Data must be encrypted automatically • Use a strong encryption algorithm. • Use the strong encryption algorithm that must be fast to retrieve data faster. • Use strong authentication. • Ensure file integrity. • Amazon web services encourage user’s to encrypt sensitive data by using TrueCrypt software. • TrueCrypt is an outstanding encryption solution for anyone familiar with managing volumes and a slight knowledge of encryption technology.
Cloud Data Security • Any organization planning to deployTrueCrypt as a cloud-data protection solution must consider the cost and logistics of training and supporting users, managing versions, and recovering damages. • TrueCrypt is a computer software program whose primary purposes are to… • Secure data by encrypting it before it is written to a disk. • Decrypt encrypted data after it is read from the disk. • TrueCrypt uses only three methods (AES, Serpent andTwofish) to encrypt data.
Cloud Data Security • The proposed data security model uses three-level defense system structure… • Strong authentication is achieved by using OTP. • Data are encrypted automatically by using strong/fast encryption algorithm. • Fast recovery of user data.
Cloud Data Security Data Security Model In Cloud Computing
Cloud Data Security • OTP Authentication: • The users connect to the cloud provider.Then the user gets the username (e-mail), password and finally account password. • Users login to the cloud provider website by getting username (e-mail), password and account password. Cloud node controller verifies user info. • If user info is true, controller-node send that login authentication success and require OTP. • Users generate OTP by using MD5 hash function and sequence number based on user name, password and account password. • Then users login to cloud website with OTP . • The cloud controller node generates 1000 OTP based on user info by using the MD5 hash function.Then the cloud controller saves 1000 OTP in the temporary OTP database.
Cloud Data Security • OTP Authentication: • The cloud controller verifies user OTP from the temporary OTP database. • If OTP is true, send OTP login success.
Cloud Data Security • Evaluation Algorithm Results: • Select the strongest and the fastest encryption algorithm by proposing algorithm called “Evaluation algorithm”. • This algorithm used for selecting eight modern encryption techniques namely: RC4, RC6, MARS,AES, DES, 3DES,Two-Fish and Blowfish. • The evaluation has performed for those encryption algorithms according to randomness testing by using NIST statistical testing. • This evaluation algorithm performed at Amazon EC2 Micro Instance cloud computing environment. • RC4 has an advantage over other DES, RC6, MARS, 3DES andTwofish in terms of time consumption. • Twofish has low performance when compared with other algorithms.
Cloud Data Security Encryption and Decryption Process
Cloud Data Security • Ensuring Integrity: • This is an extra concern for customers that now they have to worry about how to keep data hidden from auditors. • This integrity check can be done by using cryptographic hash functions. • For integrity check, we have to think about a simple solution that is feasible and easy to implement for a common user. • The trust problem between Cloud storage and customer can be solved, if users can check the integrity of data themselves instead of renting an auditing service to do the same. • This can be achieved by hashing the data on user’s side and storing the hash values in the cloud with the original data.
Cloud Data Security • Ensuring Integrity: • Hashing technique steps… • The program takes file path which has to be accessed through cloud. • The program computes a four-hash values in this file based on the four hash functions (MD4, MD5, SHA-1 and SHA-2). • When users store data in cloud storage devices, server stores four hash values. • When a user retrieve data file from cloud, server generate four hash values. • Server check integrity by comparing new four hash values with stored four hash values.
Cloud Data Security Features Description Authentication OTP Authentication System (mathematical generation). Provider encryption Software implemented to select the highest security and faster encryption algorithm based on NIST statistical tests. Private user encryption TrueCrypt system or proposed software CloudCrypt v.10. Data integrity Hashing-MD5-MD4-SHA-1-SHA-2. Data fast recovery Based on decryption algorithm speed. Key management User keys not stored in provider control domain. High Level Summary of Cloud Data Security Features
THANKS

Recommended

Cloud Computing Security
Cloud Computing SecurityCloud Computing Security
Cloud Computing Security
Ninh Nguyen
 
Security Issues of Cloud Computing
Security Issues of Cloud ComputingSecurity Issues of Cloud Computing
Security Issues of Cloud Computing
Falgun Rathod
 
Cloud security
Cloud securityCloud security
Cloud security
Tushar Kayande
 
Cloud computing
Cloud computingCloud computing
Cloud computing
Aditya Dwivedi
 
Cloud security Presentation
Cloud security PresentationCloud security Presentation
Cloud security Presentation
Ajay p
 
Cloud security
Cloud security Cloud security
Cloud security
Mohamed Shalash
 
Cloud security and security architecture
Cloud security and security architectureCloud security and security architecture
Cloud security and security architecture
Vladimir Jirasek
 
Data security in cloud computing
Data security in cloud computingData security in cloud computing
Data security in cloud computingPrince Chandu
 

Recommended

Cloud Computing Security
Cloud Computing SecurityCloud Computing Security
Cloud Computing Security
Ninh Nguyen
 
Security Issues of Cloud Computing
Security Issues of Cloud ComputingSecurity Issues of Cloud Computing
Security Issues of Cloud Computing
Falgun Rathod
 
Cloud security
Cloud securityCloud security
Cloud security
Tushar Kayande
 
Cloud computing
Cloud computingCloud computing
Cloud computing
Aditya Dwivedi
 
Cloud security Presentation
Cloud security PresentationCloud security Presentation
Cloud security Presentation
Ajay p
 
Cloud security
Cloud security Cloud security
Cloud security
Mohamed Shalash
 
Cloud security and security architecture
Cloud security and security architectureCloud security and security architecture
Cloud security and security architecture
Vladimir Jirasek
 
Data security in cloud computing
Data security in cloud computingData security in cloud computing
Data security in cloud computingPrince Chandu
 
Cloud computing
Cloud computingCloud computing
Cloud computing
MOHIT PANDEY
 
Cloud Security
Cloud SecurityCloud Security
Cloud Security
AWS User Group Bengaluru
 
Cloud Security
Cloud SecurityCloud Security
Cloud Security
AWS User Group Bengaluru
 
Cloud security
Cloud securityCloud security
Cloud security
Niharika Varshney
 
Cloud Computing
Cloud ComputingCloud Computing
Cloud Computing
International School Of Management Excellence
 
Cloud Computing and Services | PPT
Cloud Computing and Services | PPTCloud Computing and Services | PPT
Cloud Computing and Services | PPT
Seminar Links
 
Mobile cloud Computing
Mobile cloud ComputingMobile cloud Computing
Mobile cloud Computing
Pooja Sharma
 
Cloud Service Models
Cloud Service ModelsCloud Service Models
Cloud Service ModelsAbhishek Pachisia
 
Cloud Computing - An Introduction
Cloud Computing - An IntroductionCloud Computing - An Introduction
Cloud Computing - An Introduction
Ravindra Dastikop
 
Cloud computing writeup
Cloud computing writeupCloud computing writeup
Cloud computing writeupselvavijay1987
 
Introduction to public cloud
Introduction to public cloudIntroduction to public cloud
Introduction to public cloud
gangal
 
cloud computing
cloud computingcloud computing
cloud computing
Yasir Hilal
 
Cloud Computing Security Challenges
Cloud Computing Security ChallengesCloud Computing Security Challenges
Cloud Computing Security Challenges
Yateesh Yadav
 
Cloud computing-security-issues
Cloud computing-security-issuesCloud computing-security-issues
Cloud computing-security-issues
Aleem Mohammed
 
Cloud computing and service models
Cloud computing and service modelsCloud computing and service models
Cloud computing and service models
Prateek Soni
 
Cloud computing
Cloud computingCloud computing
Cloud computing
Syam Lal
 
What Is Cloud Computing? | Cloud Computing For Beginners | Cloud Computing Tr...
What Is Cloud Computing? | Cloud Computing For Beginners | Cloud Computing Tr...What Is Cloud Computing? | Cloud Computing For Beginners | Cloud Computing Tr...
What Is Cloud Computing? | Cloud Computing For Beginners | Cloud Computing Tr...
Simplilearn
 
Security in cloud computing
Security in cloud computingSecurity in cloud computing
Security in cloud computing
veena venugopal
 
Cloud computing and its security issues
Cloud computing and its security issuesCloud computing and its security issues
Cloud computing and its security issues
Jyoti Srivastava
 
INTRODUCTION TO CLOUD COMPUTING
INTRODUCTION TO CLOUD COMPUTINGINTRODUCTION TO CLOUD COMPUTING
INTRODUCTION TO CLOUD COMPUTING
Tanmoy Barman
 
Introduction to Cloud Computing.pptx
Introduction to Cloud Computing.pptxIntroduction to Cloud Computing.pptx
Introduction to Cloud Computing.pptx
sarahabbas40
 
CLOUD COMPUTING.ppt
CLOUD COMPUTING.pptCLOUD COMPUTING.ppt
CLOUD COMPUTING.ppt
Dss
 

More Related Content

What's hot

Cloud computing
Cloud computingCloud computing
Cloud computing
MOHIT PANDEY
 
Cloud Security
Cloud SecurityCloud Security
Cloud Security
AWS User Group Bengaluru
 
Cloud Security
Cloud SecurityCloud Security
Cloud Security
AWS User Group Bengaluru
 
Cloud security
Cloud securityCloud security
Cloud security
Niharika Varshney
 
Cloud Computing
Cloud ComputingCloud Computing
Cloud Computing
International School Of Management Excellence
 
Cloud Computing and Services | PPT
Cloud Computing and Services | PPTCloud Computing and Services | PPT
Cloud Computing and Services | PPT
Seminar Links
 
Mobile cloud Computing
Mobile cloud ComputingMobile cloud Computing
Mobile cloud Computing
Pooja Sharma
 
Cloud Computing - An Introduction
Cloud Computing - An IntroductionCloud Computing - An Introduction
Cloud Computing - An Introduction
Ravindra Dastikop
 
Cloud computing writeup
Cloud computing writeupCloud computing writeup
Cloud computing writeupselvavijay1987
 
Introduction to public cloud
Introduction to public cloudIntroduction to public cloud
Introduction to public cloud
gangal
 
cloud computing
cloud computingcloud computing
cloud computing
Yasir Hilal
 
Cloud Computing Security Challenges
Cloud Computing Security ChallengesCloud Computing Security Challenges
Cloud Computing Security Challenges
Yateesh Yadav
 
Cloud computing-security-issues
Cloud computing-security-issuesCloud computing-security-issues
Cloud computing-security-issues
Aleem Mohammed
 
Cloud computing and service models
Cloud computing and service modelsCloud computing and service models
Cloud computing and service models
Prateek Soni
 
Cloud computing
Cloud computingCloud computing
Cloud computing
Syam Lal
 
What Is Cloud Computing? | Cloud Computing For Beginners | Cloud Computing Tr...
What Is Cloud Computing? | Cloud Computing For Beginners | Cloud Computing Tr...What Is Cloud Computing? | Cloud Computing For Beginners | Cloud Computing Tr...
What Is Cloud Computing? | Cloud Computing For Beginners | Cloud Computing Tr...
Simplilearn
 
Security in cloud computing
Security in cloud computingSecurity in cloud computing
Security in cloud computing
veena venugopal
 
Cloud computing and its security issues
Cloud computing and its security issuesCloud computing and its security issues
Cloud computing and its security issues
Jyoti Srivastava
 
INTRODUCTION TO CLOUD COMPUTING
INTRODUCTION TO CLOUD COMPUTINGINTRODUCTION TO CLOUD COMPUTING
INTRODUCTION TO CLOUD COMPUTING
Tanmoy Barman
 

What's hot (20)

Cloud computing
Cloud computingCloud computing
Cloud computing
 
Cloud Security
Cloud SecurityCloud Security
Cloud Security
 
Cloud Security
Cloud SecurityCloud Security
Cloud Security
 
Cloud security
Cloud securityCloud security
Cloud security
 
Cloud Computing
Cloud ComputingCloud Computing
Cloud Computing
 
Cloud Computing and Services | PPT
Cloud Computing and Services | PPTCloud Computing and Services | PPT
Cloud Computing and Services | PPT
 
Mobile cloud Computing
Mobile cloud ComputingMobile cloud Computing
Mobile cloud Computing
 
Cloud Service Models
Cloud Service ModelsCloud Service Models
Cloud Service Models
 
Cloud Computing - An Introduction
Cloud Computing - An IntroductionCloud Computing - An Introduction
Cloud Computing - An Introduction
 
Cloud computing writeup
Cloud computing writeupCloud computing writeup
Cloud computing writeup
 
Introduction to public cloud
Introduction to public cloudIntroduction to public cloud
Introduction to public cloud
 
cloud computing
cloud computingcloud computing
cloud computing
 
Cloud Computing Security Challenges
Cloud Computing Security ChallengesCloud Computing Security Challenges
Cloud Computing Security Challenges
 
Cloud computing-security-issues
Cloud computing-security-issuesCloud computing-security-issues
Cloud computing-security-issues
 
Cloud computing and service models
Cloud computing and service modelsCloud computing and service models
Cloud computing and service models
 
Cloud computing
Cloud computingCloud computing
Cloud computing
 
What Is Cloud Computing? | Cloud Computing For Beginners | Cloud Computing Tr...
What Is Cloud Computing? | Cloud Computing For Beginners | Cloud Computing Tr...What Is Cloud Computing? | Cloud Computing For Beginners | Cloud Computing Tr...
What Is Cloud Computing? | Cloud Computing For Beginners | Cloud Computing Tr...
 
Security in cloud computing
Security in cloud computingSecurity in cloud computing
Security in cloud computing
 
Cloud computing and its security issues
Cloud computing and its security issuesCloud computing and its security issues
Cloud computing and its security issues
 
INTRODUCTION TO CLOUD COMPUTING
INTRODUCTION TO CLOUD COMPUTINGINTRODUCTION TO CLOUD COMPUTING
INTRODUCTION TO CLOUD COMPUTING
 

Similar to Cloud computing and data security

Introduction to Cloud Computing.pptx
Introduction to Cloud Computing.pptxIntroduction to Cloud Computing.pptx
Introduction to Cloud Computing.pptx
sarahabbas40
 
CLOUD COMPUTING.ppt
CLOUD COMPUTING.pptCLOUD COMPUTING.ppt
CLOUD COMPUTING.ppt
Dss
 
cloud computing
cloud computing cloud computing
cloud computing
Tapesh Chalisgaonkar
 
Cloud Storage and Cloud Computing.pptx
Cloud Storage and Cloud Computing.pptxCloud Storage and Cloud Computing.pptx
Cloud Storage and Cloud Computing.pptx
ANALEESUAREZ2
 
The wonders of Cloud Computing.pptx
The wonders of Cloud Computing.pptxThe wonders of Cloud Computing.pptx
The wonders of Cloud Computing.pptx
OmSatpathy
 
Presentation on Cloud Computing
Presentation on Cloud ComputingPresentation on Cloud Computing
Presentation on Cloud Computing
HarpreetKaur1382
 
Presentation on Cloud Computing (CE).pptx
Presentation on Cloud Computing (CE).pptxPresentation on Cloud Computing (CE).pptx
Presentation on Cloud Computing (CE).pptx
HarpreetKaur1382
 
Cloud Computing
Cloud ComputingCloud Computing
Cloud Computingnitinw25
 
Cloud computing
Cloud computing Cloud computing
Cloud computing
Muhammad Yaqoob
 
Cloud computing presentation
Cloud computing presentationCloud computing presentation
Cloud computing presentationAkash Tripathi
 
Cloud computing
Cloud computing Cloud computing
Cloud computing
ananyaakk
 
cloudintro-lec018.1.ppt
cloudintro-lec018.1.pptcloudintro-lec018.1.ppt
cloudintro-lec018.1.ppt
gunvinit931
 
Cloud Computing (Lecture 1 & 2).pptx
Cloud Computing (Lecture 1 & 2).pptxCloud Computing (Lecture 1 & 2).pptx
Cloud Computing (Lecture 1 & 2).pptx
MuhammadArslan799356
 
Unit iii virtualitation
Unit iii virtualitationUnit iii virtualitation
Unit iii virtualitation
rajmurugaaa
 
Cloud Computing.pptx
Cloud Computing.pptxCloud Computing.pptx
Cloud Computing.pptx
raghurajsingh51
 
Cloud computing by G.SASHIDHAR
Cloud computing by G.SASHIDHARCloud computing by G.SASHIDHAR
Cloud computing by G.SASHIDHAR
sashi29
 
cloudcomputing.pptx
cloudcomputing.pptxcloudcomputing.pptx
cloudcomputing.pptx
ahmedsamir339466
 
Basics of cloud Computing and various concepts.pptx
Basics of cloud Computing and various concepts.pptxBasics of cloud Computing and various concepts.pptx
Basics of cloud Computing and various concepts.pptx
AmberAbbas11
 
Cloud computing
Cloud computingCloud computing
Cloud computing
Zubair Arshad
 

Similar to Cloud computing and data security (20)

Introduction to Cloud Computing.pptx
Introduction to Cloud Computing.pptxIntroduction to Cloud Computing.pptx
Introduction to Cloud Computing.pptx
 
CLOUD COMPUTING.ppt
CLOUD COMPUTING.pptCLOUD COMPUTING.ppt
CLOUD COMPUTING.ppt
 
cloud computing
cloud computing cloud computing
cloud computing
 
Cloud Storage and Cloud Computing.pptx
Cloud Storage and Cloud Computing.pptxCloud Storage and Cloud Computing.pptx
Cloud Storage and Cloud Computing.pptx
 
The wonders of Cloud Computing.pptx
The wonders of Cloud Computing.pptxThe wonders of Cloud Computing.pptx
The wonders of Cloud Computing.pptx
 
Presentation on Cloud Computing
Presentation on Cloud ComputingPresentation on Cloud Computing
Presentation on Cloud Computing
 
Presentation on Cloud Computing (CE).pptx
Presentation on Cloud Computing (CE).pptxPresentation on Cloud Computing (CE).pptx
Presentation on Cloud Computing (CE).pptx
 
Cloud Computing
Cloud ComputingCloud Computing
Cloud Computing
 
Cloud computing
Cloud computing Cloud computing
Cloud computing
 
Cloud computing presentation
Cloud computing presentationCloud computing presentation
Cloud computing presentation
 
Cloud computing
Cloud computing Cloud computing
Cloud computing
 
cloudintro-lec018.1.ppt
cloudintro-lec018.1.pptcloudintro-lec018.1.ppt
cloudintro-lec018.1.ppt
 
Cloud Computing (Lecture 1 & 2).pptx
Cloud Computing (Lecture 1 & 2).pptxCloud Computing (Lecture 1 & 2).pptx
Cloud Computing (Lecture 1 & 2).pptx
 
Unit iii virtualitation
Unit iii virtualitationUnit iii virtualitation
Unit iii virtualitation
 
Cloud Computing.pptx
Cloud Computing.pptxCloud Computing.pptx
Cloud Computing.pptx
 
Cloud computing by G.SASHIDHAR
Cloud computing by G.SASHIDHARCloud computing by G.SASHIDHAR
Cloud computing by G.SASHIDHAR
 
cloudcomputing.pptx
cloudcomputing.pptxcloudcomputing.pptx
cloudcomputing.pptx
 
Basics of cloud Computing and various concepts.pptx
Basics of cloud Computing and various concepts.pptxBasics of cloud Computing and various concepts.pptx
Basics of cloud Computing and various concepts.pptx
 
IT4.pptx
IT4.pptxIT4.pptx
IT4.pptx
 
Cloud computing
Cloud computingCloud computing
Cloud computing
 

More from Mohammed Fazuluddin

SQL Injection Introduction and Prevention
SQL Injection Introduction and PreventionSQL Injection Introduction and Prevention
SQL Injection Introduction and Prevention
Mohammed Fazuluddin
 
DOMAIN DRIVER DESIGN
DOMAIN DRIVER DESIGNDOMAIN DRIVER DESIGN
DOMAIN DRIVER DESIGN
Mohammed Fazuluddin
 
New Relic Basics
New Relic BasicsNew Relic Basics
New Relic Basics
Mohammed Fazuluddin
 
Terraform Basics
Terraform BasicsTerraform Basics
Terraform Basics
Mohammed Fazuluddin
 
Rest API Security - A quick understanding of Rest API Security
Rest API Security - A quick understanding of Rest API SecurityRest API Security - A quick understanding of Rest API Security
Rest API Security - A quick understanding of Rest API Security
Mohammed Fazuluddin
 
Software architectural patterns - A Quick Understanding Guide
Software architectural patterns - A Quick Understanding GuideSoftware architectural patterns - A Quick Understanding Guide
Software architectural patterns - A Quick Understanding Guide
Mohammed Fazuluddin
 
Mule ESB - An Enterprise Service Bus
Mule ESB - An Enterprise Service BusMule ESB - An Enterprise Service Bus
Mule ESB - An Enterprise Service Bus
Mohammed Fazuluddin
 
Docker - A Quick Introduction Guide
Docker - A Quick Introduction GuideDocker - A Quick Introduction Guide
Docker - A Quick Introduction Guide
Mohammed Fazuluddin
 
Cassandra - A Basic Introduction Guide
Cassandra - A Basic Introduction GuideCassandra - A Basic Introduction Guide
Cassandra - A Basic Introduction Guide
Mohammed Fazuluddin
 
React JS - A quick introduction tutorial
React JS - A quick introduction tutorialReact JS - A quick introduction tutorial
React JS - A quick introduction tutorial
Mohammed Fazuluddin
 
Rest API Design Rules
Rest API Design RulesRest API Design Rules
Rest API Design Rules
Mohammed Fazuluddin
 
Scrum process framework
Scrum process frameworkScrum process framework
Scrum process framework
Mohammed Fazuluddin
 
DevOps and Tools
DevOps and ToolsDevOps and Tools
DevOps and Tools
Mohammed Fazuluddin
 
UI architecture & designing
UI architecture & designingUI architecture & designing
UI architecture & designing
Mohammed Fazuluddin
 
Data streaming fundamentals
Data streaming fundamentalsData streaming fundamentals
Data streaming fundamentals
Mohammed Fazuluddin
 
Microservice's in detailed
Microservice's in detailedMicroservice's in detailed
Microservice's in detailed
Mohammed Fazuluddin
 
Java performance tuning
Java performance tuningJava performance tuning
Java performance tuning
Mohammed Fazuluddin
 
Java workflow engines
Java workflow enginesJava workflow engines
Java workflow engines
Mohammed Fazuluddin
 
Selecting the right cache framework
Selecting the right cache frameworkSelecting the right cache framework
Selecting the right cache framework
Mohammed Fazuluddin
 
Java Security Framework's
Java Security Framework'sJava Security Framework's
Java Security Framework's
Mohammed Fazuluddin
 

More from Mohammed Fazuluddin (20)

SQL Injection Introduction and Prevention
SQL Injection Introduction and PreventionSQL Injection Introduction and Prevention
SQL Injection Introduction and Prevention
 
DOMAIN DRIVER DESIGN
DOMAIN DRIVER DESIGNDOMAIN DRIVER DESIGN
DOMAIN DRIVER DESIGN
 
New Relic Basics
New Relic BasicsNew Relic Basics
New Relic Basics
 
Terraform Basics
Terraform BasicsTerraform Basics
Terraform Basics
 
Rest API Security - A quick understanding of Rest API Security
Rest API Security - A quick understanding of Rest API SecurityRest API Security - A quick understanding of Rest API Security
Rest API Security - A quick understanding of Rest API Security
 
Software architectural patterns - A Quick Understanding Guide
Software architectural patterns - A Quick Understanding GuideSoftware architectural patterns - A Quick Understanding Guide
Software architectural patterns - A Quick Understanding Guide
 
Mule ESB - An Enterprise Service Bus
Mule ESB - An Enterprise Service BusMule ESB - An Enterprise Service Bus
Mule ESB - An Enterprise Service Bus
 
Docker - A Quick Introduction Guide
Docker - A Quick Introduction GuideDocker - A Quick Introduction Guide
Docker - A Quick Introduction Guide
 
Cassandra - A Basic Introduction Guide
Cassandra - A Basic Introduction GuideCassandra - A Basic Introduction Guide
Cassandra - A Basic Introduction Guide
 
React JS - A quick introduction tutorial
React JS - A quick introduction tutorialReact JS - A quick introduction tutorial
React JS - A quick introduction tutorial
 
Rest API Design Rules
Rest API Design RulesRest API Design Rules
Rest API Design Rules
 
Scrum process framework
Scrum process frameworkScrum process framework
Scrum process framework
 
DevOps and Tools
DevOps and ToolsDevOps and Tools
DevOps and Tools
 
UI architecture & designing
UI architecture & designingUI architecture & designing
UI architecture & designing
 
Data streaming fundamentals
Data streaming fundamentalsData streaming fundamentals
Data streaming fundamentals
 
Microservice's in detailed
Microservice's in detailedMicroservice's in detailed
Microservice's in detailed
 
Java performance tuning
Java performance tuningJava performance tuning
Java performance tuning
 
Java workflow engines
Java workflow enginesJava workflow engines
Java workflow engines
 
Selecting the right cache framework
Selecting the right cache frameworkSelecting the right cache framework
Selecting the right cache framework
 
Java Security Framework's
Java Security Framework'sJava Security Framework's
Java Security Framework's
 

Recently uploaded

Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...
Product School
 
GraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge GraphGraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge Graph
Guy Korland
 
Essentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with ParametersEssentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with Parameters
Safe Software
 
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMsTo Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
Paul Groth
 
Key Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdfKey Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdf
Cheryl Hung
 
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance
 
Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........
Alison B. Lowndes
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance
 
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
Product School
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
James Anderson
 
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Jeffrey Haguewood
 
Knowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and backKnowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and back
Elena Simperl
 
Connector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a buttonConnector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a button
DianaGray10
 
JMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and GrafanaJMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and Grafana
RTTS
 
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
DanBrown980551
 
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdfFIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance
 
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
Product School
 
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Product School
 
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Albert Hoitingh
 
How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...
Product School
 

Recently uploaded (20)

Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...
 
GraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge GraphGraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge Graph
 
Essentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with ParametersEssentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with Parameters
 
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMsTo Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
 
Key Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdfKey Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdf
 
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdf
 
Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
 
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
 
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
 
Knowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and backKnowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and back
 
Connector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a buttonConnector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a button
 
JMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and GrafanaJMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and Grafana
 
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
 
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdfFIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
 
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
 
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
 
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
 
How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...
 

Cloud computing and data security

  • 1. Cloud Computing and Data Security BASICS OF CLOUD COMPUTING AND DATA SECURITY @MOHAMMED FAZULUDDIN
  • 2. Topics • Overview of Cloud Computing • Cloud Computing Providers • Cloud Computing Deployment Models • Cloud Computing Models • Cloud Computing Sub-services Models • Cloud Data Security
  • 3. Overview of Cloud Computing • Cloud computing provides the ability to scale to tens of thousands of systems, as well as the ability to massively scale bandwidth and storage space. • Cloud computing might be confused with distributed system, grid computing, utility computing, service oriented architecture, web application, web 2.0, broadband network, browser as a platform,Virtualization and free/open software. • Cloud computing is a natural evolution of the widespread adoption of virtualization, service-oriented architecture, autonomic and utility computing. • Cloud services exhibit five essential characteristics that demonstrate their relation to, and differences from, traditional computing approaches such as on-demand self-service, broad network access, resource pooling, rapid elasticity and measured service. • Cloud computing often leverages massive scale, homogeneity, virtualization, resilient computing (no stop computing), low cost/free software, geographic distribution, service orientation software and advanced security technologies.
  • 4. Overview of Cloud Computing • Lower computer costs, improved performance, reduced software costs, instant software updates, improved document format compatibility, unlimited storage capacity, device independence, and increased data reliability. • Cloud computing is based on five attributes… • Multi-tenancy (shared resources). • Massive scalability. • Elasticity. • Pay as you go . • Self-provisioning of resources. • It makes new improvements in processors,Virtualization technology, disk storage, broadband Internet connection, and combined fast, inexpensive servers to make the cloud to be a more compelling solution.
  • 5. Overview of Cloud Computing • Multi-tenancy (shared resources): Cloud computing is based on a business model in which resources are shared (i.e., multiple users use the same resource) at the network level, host level and application level. • Multi-tenancy (shared resources): Cloud computing is based on a business model in which resources are shared (i.e., multiple users use the same resource) at the network level, host level and application level. • Massive scalability: Cloud computing provides the ability to scale to tens of thousands of systems, as well as the ability to massively scale bandwidth and storage space. • Elasticity: Users can rapidly increase and decrease their computing resources as needed; Pay as you used: Users to pay for only the resources they actually use and for only the time they require them. • Self-provisioning of resources: Users’ self-provision resources, such as additional systems (processing capability, software, storage) and network resources.
  • 6. Overview of Cloud Computing
  • 7. Cloud Computing Providers • Following are the list of cloud computing providers... • AWS (amazon web services)—includeAmazon S3, Amazon EC2, Amazon Simple- DB,Amazon SQS,Amazon FPS, and others. • Salesforce.com—Delivers businesses over the internet using the software as a service model. • GoogleApps—Software-as-a-service for business email, information sharing and security. • And others providers such as • Microsoft Azure Services Platform • Proof-point • Sun Open Cloud Platform • Workday, etc..
  • 8. Cloud Computing Deployment Models • Private cloud : • This model doesn’t bring much in terms of cost efficiency, it is comparable to buying, building and managing your own infrastructure. • It brings in tremendous value from a security point of view. • Security concerns are addressed through secure-accessVPN or by the physical location within the client’s firewall system. • Community cloud: • In the community deployment model, the cloud infrastructure is shared by several organizations with the same policy and compliance considerations. • This helps to further reduce costs as compared to a private cloud, as it is shared by larger group.
  • 9. Cloud Computing Deployment Models • Public cloud: • The public cloud deployment model represents true cloud hosting. • In this deployment model, services and infrastructure are provided to various clients, google is an example of a public cloud. • This service can be provided by a vendor free of charge or on the basis of a pay-per-user license policy. • Hybrid cloud: • This deployment model helps businesses to take advantage of secured applications and data hosting on a private cloud, while still enjoying cost benefits by keeping shared data and applications on the public cloud. • This model is also used for handling cloud bursting, which refers to a scenario where the existing private cloud infrastructure is not able to handle load spikes and requires a fallback option to support the load.
  • 10. Cloud Computing Models • Cloud SaaS (software as a service): • Application and information clouds. • Use provider’s applications over a network, cloud provider examples Zoho, Salesforce.com, and Google Apps. • Cloud PaaS (platform as a service): • Development clouds. • Deploy customer-created applications to a cloud, cloud provider examplesWindows Azure, Google App Engine and Aptana Cloud. • Cloud IaaS (infrastructure as a service): • Infrastructure clouds. • Rent processing, storage. • network capacity. • Other fundamental computing resources like Dropbox, AmazonWeb Services, Mozy and Akamai.
  • 11. Cloud Computing Sub-services Models • IaaS: DBaaS (database-as-a-service): DBaaS allows the access and use of a database management system as a service. • PaaS: STaaS (storage-as-a-service): STaaS involves the delivery of data storage as a service, including database-like services, often billed on a utility computing basis, e.g., per gigabyte per month. • SaaS: CaaS (communications-as-a-service): CaaS is the delivery of an enterprise communications solution, such asVoice over IP, instant messaging, and video conferencing applications as a service. • SaaS: SECaaS (security-as-a-service): SECaaS is the security of business networks and mobile networks through the Internet for events, database, application, transaction, and system incidents.
  • 12. Cloud Computing Sub-services Models • SaaS: MaaS (monitoring-as-a-service): MaaS refers to the delivery of second-tier infrastructure components, such as log management and asset tracking, as a service. • PaaS: DTaaS (desktop-as-a-service): DTaaS is the decoupling of a user’s physical machine from the desktop and software he or she uses to work. • IaaS: CCaaS (compute capacity-as-a-service): CCaaS is the provision of “raw” computing resource, typically used in the execution of mathematically complex models from either a single “supercomputer” resource or a large number of distributed computing resources where the task performs well .
  • 13. Cloud Data Security • Cloud computing, all your data is stored on the cloud, so cloud users ask some questions like: How secure is the cloud? Can unauthorized users gain access to your confidential data?. • Cloud computing companies say that data is secure, but it is too early to be completely sure of that. Only time will tell if your data is secure in the cloud. • Cloud security concerns arising which both customer data and program are residing in provider premises. • While cost and ease of use are two great benefits of cloud computing, there are significant security concerns that need to be addressed when considering moving critical applications and sensitive data to public and shared cloud environments.
  • 14. Cloud Data Security • To address these concerns, the cloud provider must develop sufficient controls to provide the same or a greater. • level of security than the organization would have if the cloud were not used. • There are three types of data in cloud computing • Data in transit (transmission data) • Data at rest (storage data) • Data in processing (processing data). • Clouds are massively complex systems can be reduced to simple primitives that are replicated thousands of times and common functional units. • These complexities create many issues related to security as well as all aspects of Cloud computing.
  • 15. Cloud Data Security • Security of data and trust problem has always been a primary and challenging issue in cloud computing. • focuses on enhancing security by using… • OTP authentication system. • Check data integrity by using hashing algorithms. • Encrypt data automatically with the highest strong/ fast encryption algorithm and finally ensure the fast recovery of data. • Most cloud computing providers.. • Authenticates (e.g.,Transfer usernames and password) via secure connections and secondly, • Transfer (e.g., via HTTPS) data securely to/from their servers (so-called “data in transit encrypts stored data (so-called “data at rest”) automatically. • The authorization, the process of granting access to requested resources, is pointless without suitable authentication.
  • 16. Cloud Data Security • In cloud computing, to ensure correctness of user data, in first, user must be make authentication. • Authentication is the process of validating or confirming that access credentials provided by a user (for instance, a user ID and password) are valid. • When organizations begin to utilize applications in the cloud, authenticating users in a trustworthy and manageable manner becomes an additional challenge. • Organizations must address authentication-related challenges such as credential management, strong authentication, delegated authentication, and trust across all types of cloud delivery models (SPI).
  • 17. Cloud Data Security • data security model must ensure… • Data must be encrypted automatically • Use a strong encryption algorithm. • Use the strong encryption algorithm that must be fast to retrieve data faster. • Use strong authentication. • Ensure file integrity. • Amazon web services encourage user’s to encrypt sensitive data by using TrueCrypt software. • TrueCrypt is an outstanding encryption solution for anyone familiar with managing volumes and a slight knowledge of encryption technology.
  • 18. Cloud Data Security • Any organization planning to deployTrueCrypt as a cloud-data protection solution must consider the cost and logistics of training and supporting users, managing versions, and recovering damages. • TrueCrypt is a computer software program whose primary purposes are to… • Secure data by encrypting it before it is written to a disk. • Decrypt encrypted data after it is read from the disk. • TrueCrypt uses only three methods (AES, Serpent andTwofish) to encrypt data.
  • 19. Cloud Data Security • The proposed data security model uses three-level defense system structure… • Strong authentication is achieved by using OTP. • Data are encrypted automatically by using strong/fast encryption algorithm. • Fast recovery of user data.
  • 20. Cloud Data Security Data Security Model In Cloud Computing
  • 21. Cloud Data Security • OTP Authentication: • The users connect to the cloud provider.Then the user gets the username (e-mail), password and finally account password. • Users login to the cloud provider website by getting username (e-mail), password and account password. Cloud node controller verifies user info. • If user info is true, controller-node send that login authentication success and require OTP. • Users generate OTP by using MD5 hash function and sequence number based on user name, password and account password. • Then users login to cloud website with OTP . • The cloud controller node generates 1000 OTP based on user info by using the MD5 hash function.Then the cloud controller saves 1000 OTP in the temporary OTP database.
  • 22. Cloud Data Security • OTP Authentication: • The cloud controller verifies user OTP from the temporary OTP database. • If OTP is true, send OTP login success.
  • 23. Cloud Data Security • Evaluation Algorithm Results: • Select the strongest and the fastest encryption algorithm by proposing algorithm called “Evaluation algorithm”. • This algorithm used for selecting eight modern encryption techniques namely: RC4, RC6, MARS,AES, DES, 3DES,Two-Fish and Blowfish. • The evaluation has performed for those encryption algorithms according to randomness testing by using NIST statistical testing. • This evaluation algorithm performed at Amazon EC2 Micro Instance cloud computing environment. • RC4 has an advantage over other DES, RC6, MARS, 3DES andTwofish in terms of time consumption. • Twofish has low performance when compared with other algorithms.
  • 24. Cloud Data Security Encryption and Decryption Process
  • 25. Cloud Data Security • Ensuring Integrity: • This is an extra concern for customers that now they have to worry about how to keep data hidden from auditors. • This integrity check can be done by using cryptographic hash functions. • For integrity check, we have to think about a simple solution that is feasible and easy to implement for a common user. • The trust problem between Cloud storage and customer can be solved, if users can check the integrity of data themselves instead of renting an auditing service to do the same. • This can be achieved by hashing the data on user’s side and storing the hash values in the cloud with the original data.
  • 26. Cloud Data Security • Ensuring Integrity: • Hashing technique steps… • The program takes file path which has to be accessed through cloud. • The program computes a four-hash values in this file based on the four hash functions (MD4, MD5, SHA-1 and SHA-2). • When users store data in cloud storage devices, server stores four hash values. • When a user retrieve data file from cloud, server generate four hash values. • Server check integrity by comparing new four hash values with stored four hash values.
  • 27. Cloud Data Security Features Description Authentication OTP Authentication System (mathematical generation). Provider encryption Software implemented to select the highest security and faster encryption algorithm based on NIST statistical tests. Private user encryption TrueCrypt system or proposed software CloudCrypt v.10. Data integrity Hashing-MD5-MD4-SHA-1-SHA-2. Data fast recovery Based on decryption algorithm speed. Key management User keys not stored in provider control domain. High Level Summary of Cloud Data Security Features