SlideShare a Scribd company logo

Cloud Computing Security

Download as PPTX, PDF
Nithin Raj
Nithin Raj

Cloud computing security is the set of control-based technologies and policies designed to adhere to regulatory compliance rules and protect information, data applications and infrastructure associated with cloud computing use

Technology
1 of 12
CLOUD SECURITY Nithin Raj Rahul N
Cloud Computing • Internet-based computing that provides shared processing resources and data to computers and other devices on demand. • Provide users and enterprises with various capabilities to store and process their data in third-party data-centers. • Availability of high-capacity networks, low-cost computers and storage devices and hardware virtualization have led to a growth in cloud computing. • Advantages are high computing power, cheap cost of services, high performance, scalability, accessibility and availability.
Service Models • Infrastructure as a service (IaaS) • Platform as a service (PaaS) • Software as a service (SaaS)
Deployment models • Private cloud • Public cloud • Hybrid cloud
Cloud Security • It refers to a broad set of policies, technologies, and controls deployed to protect data, applications, and the associated infrastructure of cloud computing. • Security issues fall into two categories : security issues faced by cloud providers and security issues faced by their customers
Cloud Computing Threats • Loss of governance : In a public cloud deployment, customers cede control to the cloud provider over a number of issues that may affect security. • Responsibility ambiguity : Responsibility over aspects of security may be split between the provider and the customer. • Authentication and Authorization : Accessing cloud resources from anywhere heightens the need for better authentication. • Isolation failure : It covers the failure of mechanisms separating the usage of storage, memory, routing and even reputation between tenants.
• Compliance and legal risks : The cloud customer’s interest may be lost if the cloud provider cannot provide evidence of their own compliance with the relevant requirements. • Handling of security incidents : If detection, reporting and subsequent management of security breaches is not done, it may have impact on customer. • Data protection : Exposure or release of sensitive data as well as the loss or unavailability of data. • Business failure of the provider : Lead to unavailability of data and application of customer over an extended period. • Service unavailability : This could be caused by hardware, software or communication network failures. • Insecure or incomplete data deletion : The termination of a contract with a provider may not result in deletion of the customer’s data.
Cloud Computing Security • Ensure effective governance, risk and compliance processes exist • Verify that agreement between the customer and the provider, along with associated documents, contain all their requirements(i.e, applications and data hosted are secured). • Cloud service providers should notify about the occurrence of any breach of their system, regardless of the parties or data directly impacted. • Servers hosting customer data may be located in multiple data centers within different jurisdictions. This influences the protection of personally identifiable information (PII) and legal and jurisdictional authority access to this data.
• Audit operational & business processes • Customers should expect to see a report of the cloud provider's operations by independent auditors. • Auditors may be employed by the customer or by the provider - but the key element is that they should be independent. • Audits should be carried out by appropriately skilled staff typically belonging to an independent auditing organization. • Manage people, roles and identities • Two sets of people : employees of the provider – access to the customer’s data and applications, and employees of the customer - perform operations on the provider’s systems. • Cloud providers must allow the customer to assign and manage the roles and associated levels of authorization for each of their users in accordance with their security policies.
• Ensure proper protection of data and information • Data Confidentiality : Outsourced data is stored in a cloud and out of the owners' direct control. Only authorized users can access the sensitive data while others. • Data Access Controllability : Legal users can be authorized by the owner to access the data, while others can not access it without permissions. • Data Integrity : Data should not be illegally tampered, improperly modified, deliberately deleted, or maliciously fabricated. If so, the owner should be able to detect the corruption or loss. • Ensure cloud networks and connections are secure • Provide tools to protect clients from one another, such as VPN, firewall, hypervisor. • Monitor for intrusion attempts using activity auditing and logging.
• Understand the security requirements of the exit process • The provider must ensure that any copies of the data are permanently erased from its environment, wherever they may have been stored. • The exit process must allow the customer to retrieve their data in a suitably secure form, backups must be retained for agreed periods before being eliminated
Thank You

Recommended

DATA STORAGE SECURITY CHALLENGES IN CLOUD COMPUTING
DATA STORAGE SECURITY CHALLENGES IN CLOUD COMPUTINGDATA STORAGE SECURITY CHALLENGES IN CLOUD COMPUTING
DATA STORAGE SECURITY CHALLENGES IN CLOUD COMPUTING
ijsptm
 
Cloud security Presentation
Cloud security PresentationCloud security Presentation
Cloud security Presentation
Ajay p
 
Cloud security
Cloud securityCloud security
Cloud security
Niharika Varshney
 
Cloud security and security architecture
Cloud security and security architectureCloud security and security architecture
Cloud security and security architecture
Vladimir Jirasek
 
Security Issues of Cloud Computing
Security Issues of Cloud ComputingSecurity Issues of Cloud Computing
Security Issues of Cloud Computing
Falgun Rathod
 
Public cloud
Public cloudPublic cloud
Public cloud
Dr.Neeraj Kumar Pandey
 
Cloud Security - Security Aspects of Cloud Computing
Cloud Security - Security Aspects of Cloud ComputingCloud Security - Security Aspects of Cloud Computing
Cloud Security - Security Aspects of Cloud Computing
Jim Geovedi
 
Cyber security
Cyber securityCyber security
Cyber security
Bhavin Shah
 

Recommended

DATA STORAGE SECURITY CHALLENGES IN CLOUD COMPUTING
DATA STORAGE SECURITY CHALLENGES IN CLOUD COMPUTINGDATA STORAGE SECURITY CHALLENGES IN CLOUD COMPUTING
DATA STORAGE SECURITY CHALLENGES IN CLOUD COMPUTING
ijsptm
 
Cloud security Presentation
Cloud security PresentationCloud security Presentation
Cloud security Presentation
Ajay p
 
Cloud security
Cloud securityCloud security
Cloud security
Niharika Varshney
 
Cloud security and security architecture
Cloud security and security architectureCloud security and security architecture
Cloud security and security architecture
Vladimir Jirasek
 
Security Issues of Cloud Computing
Security Issues of Cloud ComputingSecurity Issues of Cloud Computing
Security Issues of Cloud Computing
Falgun Rathod
 
Public cloud
Public cloudPublic cloud
Public cloud
Dr.Neeraj Kumar Pandey
 
Cloud Security - Security Aspects of Cloud Computing
Cloud Security - Security Aspects of Cloud ComputingCloud Security - Security Aspects of Cloud Computing
Cloud Security - Security Aspects of Cloud Computing
Jim Geovedi
 
Cyber security
Cyber securityCyber security
Cyber security
Bhavin Shah
 
Cloud computing Risk management
Cloud computing Risk management Cloud computing Risk management
Cloud computing Risk management
Padma Jella
 
SolarWInds-Incident-ppt.pptx
SolarWInds-Incident-ppt.pptxSolarWInds-Incident-ppt.pptx
SolarWInds-Incident-ppt.pptx
TusharPuri20
 
Cloud computing
Cloud computingCloud computing
Cloud computing
MOHIT PANDEY
 
Cloud computing and data security
Cloud computing and data securityCloud computing and data security
Cloud computing and data security
Mohammed Fazuluddin
 
Basics of Information System Security
Basics of Information System SecurityBasics of Information System Security
Basics of Information System Security
chauhankapil
 
Cybersecurity 1. intro to cybersecurity
Cybersecurity 1. intro to cybersecurityCybersecurity 1. intro to cybersecurity
Cybersecurity 1. intro to cybersecurity
sommerville-videos
 
IaaS - Infrastructure as a Service
IaaS - Infrastructure as a ServiceIaaS - Infrastructure as a Service
IaaS - Infrastructure as a Service
Rajind Ruparathna
 
Cyber Security 2017 Challenges
Cyber Security 2017 ChallengesCyber Security 2017 Challenges
Cyber Security 2017 Challenges
Leandro Bennaton
 
2021/0/15 - Solarwinds supply chain attack: why we should take it sereously
2021/0/15 - Solarwinds supply chain attack: why we should take it sereously2021/0/15 - Solarwinds supply chain attack: why we should take it sereously
2021/0/15 - Solarwinds supply chain attack: why we should take it sereously
Sirris
 
cyber security
cyber securitycyber security
cyber security
abithajayavel
 
Cloud Computing Security Issues
Cloud Computing Security IssuesCloud Computing Security Issues
Cloud Computing Security Issues
Stelios Krasadakis
 
Mobile cloud Computing
Mobile cloud ComputingMobile cloud Computing
Mobile cloud Computing
Pooja Sharma
 
Cloud computing
Cloud computingCloud computing
Cloud computing
Aditya Dwivedi
 
Cloud security
Cloud securityCloud security
Cloud security
Tushar Kayande
 
DevSecOps 101
DevSecOps 101DevSecOps 101
DevSecOps 101
Narudom Roongsiriwong, CISSP
 
What is Zero Trust
What is Zero TrustWhat is Zero Trust
What is Zero Trust
Okta-Inc
 
Chap 6 cloud security
Chap 6 cloud securityChap 6 cloud security
Chap 6 cloud security
Raj Sarode
 
Cloud storage advantages vs disadvantages
Cloud storage advantages vs disadvantagesCloud storage advantages vs disadvantages
Cloud storage advantages vs disadvantages
realtycabinet
 
Cloud security
Cloud security Cloud security
Cloud security
Mohamed Shalash
 
Infrastructure as a Service ( IaaS)
Infrastructure as a Service ( IaaS)Infrastructure as a Service ( IaaS)
Infrastructure as a Service ( IaaS)
Ravindra Dastikop
 
Cloud security ppt
Cloud security pptCloud security ppt
Cloud security ppt
Venkatesh Chary
 
Attaining data security in cloud computing
Attaining data security in cloud computingAttaining data security in cloud computing
Attaining data security in cloud computing
Gopinath Muthusamy
 

More Related Content

What's hot

Cloud computing Risk management
Cloud computing Risk management Cloud computing Risk management
Cloud computing Risk management
Padma Jella
 
SolarWInds-Incident-ppt.pptx
SolarWInds-Incident-ppt.pptxSolarWInds-Incident-ppt.pptx
SolarWInds-Incident-ppt.pptx
TusharPuri20
 
Cloud computing
Cloud computingCloud computing
Cloud computing
MOHIT PANDEY
 
Cloud computing and data security
Cloud computing and data securityCloud computing and data security
Cloud computing and data security
Mohammed Fazuluddin
 
Basics of Information System Security
Basics of Information System SecurityBasics of Information System Security
Basics of Information System Security
chauhankapil
 
Cybersecurity 1. intro to cybersecurity
Cybersecurity 1. intro to cybersecurityCybersecurity 1. intro to cybersecurity
Cybersecurity 1. intro to cybersecurity
sommerville-videos
 
IaaS - Infrastructure as a Service
IaaS - Infrastructure as a ServiceIaaS - Infrastructure as a Service
IaaS - Infrastructure as a Service
Rajind Ruparathna
 
Cyber Security 2017 Challenges
Cyber Security 2017 ChallengesCyber Security 2017 Challenges
Cyber Security 2017 Challenges
Leandro Bennaton
 
2021/0/15 - Solarwinds supply chain attack: why we should take it sereously
2021/0/15 - Solarwinds supply chain attack: why we should take it sereously2021/0/15 - Solarwinds supply chain attack: why we should take it sereously
2021/0/15 - Solarwinds supply chain attack: why we should take it sereously
Sirris
 
cyber security
cyber securitycyber security
cyber security
abithajayavel
 
Cloud Computing Security Issues
Cloud Computing Security IssuesCloud Computing Security Issues
Cloud Computing Security Issues
Stelios Krasadakis
 
Mobile cloud Computing
Mobile cloud ComputingMobile cloud Computing
Mobile cloud Computing
Pooja Sharma
 
Cloud computing
Cloud computingCloud computing
Cloud computing
Aditya Dwivedi
 
Cloud security
Cloud securityCloud security
Cloud security
Tushar Kayande
 
DevSecOps 101
DevSecOps 101DevSecOps 101
DevSecOps 101
Narudom Roongsiriwong, CISSP
 
What is Zero Trust
What is Zero TrustWhat is Zero Trust
What is Zero Trust
Okta-Inc
 
Chap 6 cloud security
Chap 6 cloud securityChap 6 cloud security
Chap 6 cloud security
Raj Sarode
 
Cloud storage advantages vs disadvantages
Cloud storage advantages vs disadvantagesCloud storage advantages vs disadvantages
Cloud storage advantages vs disadvantages
realtycabinet
 
Cloud security
Cloud security Cloud security
Cloud security
Mohamed Shalash
 
Infrastructure as a Service ( IaaS)
Infrastructure as a Service ( IaaS)Infrastructure as a Service ( IaaS)
Infrastructure as a Service ( IaaS)
Ravindra Dastikop
 

What's hot (20)

Cloud computing Risk management
Cloud computing Risk management Cloud computing Risk management
Cloud computing Risk management
 
SolarWInds-Incident-ppt.pptx
SolarWInds-Incident-ppt.pptxSolarWInds-Incident-ppt.pptx
SolarWInds-Incident-ppt.pptx
 
Cloud computing
Cloud computingCloud computing
Cloud computing
 
Cloud computing and data security
Cloud computing and data securityCloud computing and data security
Cloud computing and data security
 
Basics of Information System Security
Basics of Information System SecurityBasics of Information System Security
Basics of Information System Security
 
Cybersecurity 1. intro to cybersecurity
Cybersecurity 1. intro to cybersecurityCybersecurity 1. intro to cybersecurity
Cybersecurity 1. intro to cybersecurity
 
IaaS - Infrastructure as a Service
IaaS - Infrastructure as a ServiceIaaS - Infrastructure as a Service
IaaS - Infrastructure as a Service
 
Cyber Security 2017 Challenges
Cyber Security 2017 ChallengesCyber Security 2017 Challenges
Cyber Security 2017 Challenges
 
2021/0/15 - Solarwinds supply chain attack: why we should take it sereously
2021/0/15 - Solarwinds supply chain attack: why we should take it sereously2021/0/15 - Solarwinds supply chain attack: why we should take it sereously
2021/0/15 - Solarwinds supply chain attack: why we should take it sereously
 
cyber security
cyber securitycyber security
cyber security
 
Cloud Computing Security Issues
Cloud Computing Security IssuesCloud Computing Security Issues
Cloud Computing Security Issues
 
Mobile cloud Computing
Mobile cloud ComputingMobile cloud Computing
Mobile cloud Computing
 
Cloud computing
Cloud computingCloud computing
Cloud computing
 
Cloud security
Cloud securityCloud security
Cloud security
 
DevSecOps 101
DevSecOps 101DevSecOps 101
DevSecOps 101
 
What is Zero Trust
What is Zero TrustWhat is Zero Trust
What is Zero Trust
 
Chap 6 cloud security
Chap 6 cloud securityChap 6 cloud security
Chap 6 cloud security
 
Cloud storage advantages vs disadvantages
Cloud storage advantages vs disadvantagesCloud storage advantages vs disadvantages
Cloud storage advantages vs disadvantages
 
Cloud security
Cloud security Cloud security
Cloud security
 
Infrastructure as a Service ( IaaS)
Infrastructure as a Service ( IaaS)Infrastructure as a Service ( IaaS)
Infrastructure as a Service ( IaaS)
 

Viewers also liked

Cloud security ppt
Cloud security pptCloud security ppt
Cloud security ppt
Venkatesh Chary
 
Attaining data security in cloud computing
Attaining data security in cloud computingAttaining data security in cloud computing
Attaining data security in cloud computing
Gopinath Muthusamy
 
Enhancing Cloud Computing Security for Data Sharing Within Group Members
Enhancing Cloud Computing Security for Data Sharing Within Group MembersEnhancing Cloud Computing Security for Data Sharing Within Group Members
Enhancing Cloud Computing Security for Data Sharing Within Group Members
iosrjce
 
Ensuring data storage security in cloud computing
Ensuring data storage security in cloud computingEnsuring data storage security in cloud computing
Ensuring data storage security in cloud computing
Uday Wankar
 
Enhancing Data Storage Security in Cloud Computing Through Steganography
Enhancing Data Storage Security in Cloud Computing Through SteganographyEnhancing Data Storage Security in Cloud Computing Through Steganography
Enhancing Data Storage Security in Cloud Computing Through Steganography
IDES Editor
 
Data storage security in cloud computing
Data storage security in cloud computingData storage security in cloud computing
Data storage security in cloud computing
Sonali Jain
 
CLOUD CPOMPUTING SECURITY
CLOUD CPOMPUTING SECURITYCLOUD CPOMPUTING SECURITY
CLOUD CPOMPUTING SECURITYShivananda Rai
 
Cloud Computing & Security
Cloud Computing & SecurityCloud Computing & Security
Cloud Computing & Security
Awais Mansoor Chohan
 
Cloud Computing Security (Final Year Project) by Pavlos Stefanis
Cloud Computing Security (Final Year Project) by Pavlos StefanisCloud Computing Security (Final Year Project) by Pavlos Stefanis
Cloud Computing Security (Final Year Project) by Pavlos StefanisPavlos Stefanis
 
Ensuring data security in cloud computing. - Anusha Tuke
Ensuring data security in cloud computing. - Anusha TukeEnsuring data security in cloud computing. - Anusha Tuke
Ensuring data security in cloud computing. - Anusha Tuke
Anusha Chavan
 
Working in the Cloud: An Overview
Working in the Cloud: An OverviewWorking in the Cloud: An Overview
Working in the Cloud: An Overview
Jose Briones
 
Cloud Computing and Security - ISACA Hyderabad Chapter Presentation
Cloud Computing and Security - ISACA Hyderabad Chapter PresentationCloud Computing and Security - ISACA Hyderabad Chapter Presentation
Cloud Computing and Security - ISACA Hyderabad Chapter Presentation
Venkateswar Reddy Melachervu
 
Cloud Computing - Benefits and Risks
Cloud Computing - Benefits and RisksCloud Computing - Benefits and Risks
Cloud Computing - Benefits and Risks
Michael Yung
 
Security in Cloud Computing
Security in Cloud ComputingSecurity in Cloud Computing
Security in Cloud Computing
Rohit Buddabathina
 
Dissertation on MF
Dissertation on MFDissertation on MF
Dissertation on MF
PIYUSH JAIN
 
Green cloud computing
Green cloud computingGreen cloud computing
Green cloud computing
Shreyas Khare
 
Mobile Cloud Computing Challenges and Security
Mobile Cloud Computing Challenges and SecurityMobile Cloud Computing Challenges and Security
Mobile Cloud Computing Challenges and SecurityJohn Paul Prassanna
 
I'm Cloud Confused!
I'm Cloud Confused!I'm Cloud Confused!
I'm Cloud Confused!
Andy Harjanto
 
Cloud Computing Security Issues
Cloud Computing Security Issues Cloud Computing Security Issues
Cloud Computing Security Issues
Discover Cloud Computing
 

Viewers also liked (20)

Cloud security ppt
Cloud security pptCloud security ppt
Cloud security ppt
 
Attaining data security in cloud computing
Attaining data security in cloud computingAttaining data security in cloud computing
Attaining data security in cloud computing
 
Enhancing Cloud Computing Security for Data Sharing Within Group Members
Enhancing Cloud Computing Security for Data Sharing Within Group MembersEnhancing Cloud Computing Security for Data Sharing Within Group Members
Enhancing Cloud Computing Security for Data Sharing Within Group Members
 
Ensuring data storage security in cloud computing
Ensuring data storage security in cloud computingEnsuring data storage security in cloud computing
Ensuring data storage security in cloud computing
 
Enhancing Data Storage Security in Cloud Computing Through Steganography
Enhancing Data Storage Security in Cloud Computing Through SteganographyEnhancing Data Storage Security in Cloud Computing Through Steganography
Enhancing Data Storage Security in Cloud Computing Through Steganography
 
Data storage security in cloud computing
Data storage security in cloud computingData storage security in cloud computing
Data storage security in cloud computing
 
CLOUD CPOMPUTING SECURITY
CLOUD CPOMPUTING SECURITYCLOUD CPOMPUTING SECURITY
CLOUD CPOMPUTING SECURITY
 
Cloud Computing & Security
Cloud Computing & SecurityCloud Computing & Security
Cloud Computing & Security
 
Cloud Computing Security (Final Year Project) by Pavlos Stefanis
Cloud Computing Security (Final Year Project) by Pavlos StefanisCloud Computing Security (Final Year Project) by Pavlos Stefanis
Cloud Computing Security (Final Year Project) by Pavlos Stefanis
 
Ensuring data security in cloud computing. - Anusha Tuke
Ensuring data security in cloud computing. - Anusha TukeEnsuring data security in cloud computing. - Anusha Tuke
Ensuring data security in cloud computing. - Anusha Tuke
 
Working in the Cloud: An Overview
Working in the Cloud: An OverviewWorking in the Cloud: An Overview
Working in the Cloud: An Overview
 
Cloud Computing and Security - ISACA Hyderabad Chapter Presentation
Cloud Computing and Security - ISACA Hyderabad Chapter PresentationCloud Computing and Security - ISACA Hyderabad Chapter Presentation
Cloud Computing and Security - ISACA Hyderabad Chapter Presentation
 
Cloud Computing - Benefits and Risks
Cloud Computing - Benefits and RisksCloud Computing - Benefits and Risks
Cloud Computing - Benefits and Risks
 
Security in Cloud Computing
Security in Cloud ComputingSecurity in Cloud Computing
Security in Cloud Computing
 
Dissertation on MF
Dissertation on MFDissertation on MF
Dissertation on MF
 
Green cloud computing
Green cloud computingGreen cloud computing
Green cloud computing
 
Mobile Cloud Computing Challenges and Security
Mobile Cloud Computing Challenges and SecurityMobile Cloud Computing Challenges and Security
Mobile Cloud Computing Challenges and Security
 
I'm Cloud Confused!
I'm Cloud Confused!I'm Cloud Confused!
I'm Cloud Confused!
 
Cloud Computing Security Issues
Cloud Computing Security Issues Cloud Computing Security Issues
Cloud Computing Security Issues
 
Cloud Computing by AGDMOUN Khalid
Cloud Computing by AGDMOUN KhalidCloud Computing by AGDMOUN Khalid
Cloud Computing by AGDMOUN Khalid
 

Similar to Cloud Computing Security

Computer security concepts
Computer security conceptsComputer security concepts
Computer security concepts
G Prachi
 
Software Defined Networking in the ATMOSPHERE project
Software Defined Networking in the ATMOSPHERE projectSoftware Defined Networking in the ATMOSPHERE project
Software Defined Networking in the ATMOSPHERE project
ATMOSPHERE .
 
Cloud security
Cloud securityCloud security
Cloud security
Adeel Javaid
 
Lecture27 cc-security2
Lecture27 cc-security2Lecture27 cc-security2
Lecture27 cc-security2
Ankit Gupta
 
Securing Apps & Data in the Cloud by Spyders & Netskope
Securing Apps & Data in the Cloud by Spyders & NetskopeSecuring Apps & Data in the Cloud by Spyders & Netskope
Securing Apps & Data in the Cloud by Spyders & Netskope
Ahmad Abdalla
 
Chapter_5_Security_CC.pptx
Chapter_5_Security_CC.pptxChapter_5_Security_CC.pptx
Chapter_5_Security_CC.pptx
LokNathRegmi1
 
Securing Apps and Data in the Cloud - July 23 2014 Toronto Board of Trade
Securing Apps and Data in the Cloud - July 23 2014 Toronto Board of TradeSecuring Apps and Data in the Cloud - July 23 2014 Toronto Board of Trade
Securing Apps and Data in the Cloud - July 23 2014 Toronto Board of TradeLisa Abe-Oldenburg, B.Comm., JD.
 
Cloud Security: A matter of trust?
Cloud Security: A matter of trust?Cloud Security: A matter of trust?
Cloud Security: A matter of trust?
Mark Williams
 
Cloud Computing Legal Risks And Best Practices
Cloud Computing Legal Risks And Best PracticesCloud Computing Legal Risks And Best Practices
Cloud Computing Legal Risks And Best Practices
lisaabe
 
Cloud Security
Cloud SecurityCloud Security
Cloud Security
Pyingkodi Maran
 
Cloud security issues and concerns
Cloud security issues and concernsCloud security issues and concerns
Cloud security issues and concerns
Mrinal Baowaly
 
Cloud Security
Cloud SecurityCloud Security
Cloud Security
Pyingkodi Maran
 
Managing Trustworthy Big-data Applications in the Cloud with the ATMOSPHERE P...
Managing Trustworthy Big-data Applications in the Cloud with the ATMOSPHERE P...Managing Trustworthy Big-data Applications in the Cloud with the ATMOSPHERE P...
Managing Trustworthy Big-data Applications in the Cloud with the ATMOSPHERE P...
ATMOSPHERE .
 
Lecture Cloud Security.pptx
Lecture Cloud Security.pptxLecture Cloud Security.pptx
Lecture Cloud Security.pptx
ShimoFcis
 
MISA Cloud Workshop_ ipc privacy in the cloud
MISA Cloud Workshop_ ipc privacy in the cloudMISA Cloud Workshop_ ipc privacy in the cloud
MISA Cloud Workshop_ ipc privacy in the cloudMISA Ontario Cloud SIG
 
Guide to security patterns for cloud systems and data security in aws and azure
Guide to security patterns for cloud systems and data security in aws and azureGuide to security patterns for cloud systems and data security in aws and azure
Guide to security patterns for cloud systems and data security in aws and azure
Abdul Khan
 
Access Assurance in the Cloud
Access Assurance in the CloudAccess Assurance in the Cloud
Access Assurance in the Cloud
Courion Corporation
 
Unit 9 Technological trends in Information Technology By Sulav Acharya
Unit 9 Technological trends in Information Technology By Sulav AcharyaUnit 9 Technological trends in Information Technology By Sulav Acharya
Unit 9 Technological trends in Information Technology By Sulav Acharya
AchSulav
 
Unit 9 Technological trends in Information Technology By Sulav Acharya
Unit 9 Technological trends in Information Technology By Sulav AcharyaUnit 9 Technological trends in Information Technology By Sulav Acharya
Unit 9 Technological trends in Information Technology By Sulav Acharya
AchSulav
 

Similar to Cloud Computing Security (20)

Computer security concepts
Computer security conceptsComputer security concepts
Computer security concepts
 
Software Defined Networking in the ATMOSPHERE project
Software Defined Networking in the ATMOSPHERE projectSoftware Defined Networking in the ATMOSPHERE project
Software Defined Networking in the ATMOSPHERE project
 
Cloud security
Cloud securityCloud security
Cloud security
 
Lecture27 cc-security2
Lecture27 cc-security2Lecture27 cc-security2
Lecture27 cc-security2
 
Securing Apps & Data in the Cloud by Spyders & Netskope
Securing Apps & Data in the Cloud by Spyders & NetskopeSecuring Apps & Data in the Cloud by Spyders & Netskope
Securing Apps & Data in the Cloud by Spyders & Netskope
 
Chapter_5_Security_CC.pptx
Chapter_5_Security_CC.pptxChapter_5_Security_CC.pptx
Chapter_5_Security_CC.pptx
 
Securing Apps and Data in the Cloud - July 23 2014 Toronto Board of Trade
Securing Apps and Data in the Cloud - July 23 2014 Toronto Board of TradeSecuring Apps and Data in the Cloud - July 23 2014 Toronto Board of Trade
Securing Apps and Data in the Cloud - July 23 2014 Toronto Board of Trade
 
Cloud Security: A matter of trust?
Cloud Security: A matter of trust?Cloud Security: A matter of trust?
Cloud Security: A matter of trust?
 
Cloud Computing Legal Risks And Best Practices
Cloud Computing Legal Risks And Best PracticesCloud Computing Legal Risks And Best Practices
Cloud Computing Legal Risks And Best Practices
 
Cloud Security
Cloud SecurityCloud Security
Cloud Security
 
Cloud security issues and concerns
Cloud security issues and concernsCloud security issues and concerns
Cloud security issues and concerns
 
Risks and Benefits of Cloud Computing
Risks and Benefits of Cloud ComputingRisks and Benefits of Cloud Computing
Risks and Benefits of Cloud Computing
 
Cloud Security
Cloud SecurityCloud Security
Cloud Security
 
Managing Trustworthy Big-data Applications in the Cloud with the ATMOSPHERE P...
Managing Trustworthy Big-data Applications in the Cloud with the ATMOSPHERE P...Managing Trustworthy Big-data Applications in the Cloud with the ATMOSPHERE P...
Managing Trustworthy Big-data Applications in the Cloud with the ATMOSPHERE P...
 
Lecture Cloud Security.pptx
Lecture Cloud Security.pptxLecture Cloud Security.pptx
Lecture Cloud Security.pptx
 
MISA Cloud Workshop_ ipc privacy in the cloud
MISA Cloud Workshop_ ipc privacy in the cloudMISA Cloud Workshop_ ipc privacy in the cloud
MISA Cloud Workshop_ ipc privacy in the cloud
 
Guide to security patterns for cloud systems and data security in aws and azure
Guide to security patterns for cloud systems and data security in aws and azureGuide to security patterns for cloud systems and data security in aws and azure
Guide to security patterns for cloud systems and data security in aws and azure
 
Access Assurance in the Cloud
Access Assurance in the CloudAccess Assurance in the Cloud
Access Assurance in the Cloud
 
Unit 9 Technological trends in Information Technology By Sulav Acharya
Unit 9 Technological trends in Information Technology By Sulav AcharyaUnit 9 Technological trends in Information Technology By Sulav Acharya
Unit 9 Technological trends in Information Technology By Sulav Acharya
 
Unit 9 Technological trends in Information Technology By Sulav Acharya
Unit 9 Technological trends in Information Technology By Sulav AcharyaUnit 9 Technological trends in Information Technology By Sulav Acharya
Unit 9 Technological trends in Information Technology By Sulav Acharya
 

Recently uploaded

The Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and SalesThe Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and Sales
Laura Byrne
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance
 
Knowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and backKnowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and back
Elena Simperl
 
UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4
DianaGray10
 
How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...
Product School
 
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
Product School
 
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Product School
 
Neuro-symbolic is not enough, we need neuro-*semantic*
Neuro-symbolic is not enough, we need neuro-*semantic*Neuro-symbolic is not enough, we need neuro-*semantic*
Neuro-symbolic is not enough, we need neuro-*semantic*
Frank van Harmelen
 
Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........
Alison B. Lowndes
 
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Jeffrey Haguewood
 
DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
Kari Kakkonen
 
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Tobias Schneck
 
JMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and GrafanaJMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and Grafana
RTTS
 
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 previewState of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
Prayukth K V
 
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdfFIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance
 
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMsTo Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
Paul Groth
 
Key Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdfKey Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdf
Cheryl Hung
 
Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...
Product School
 
Elevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object CalisthenicsElevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object Calisthenics
Dorra BARTAGUIZ
 
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
Sri Ambati
 

Recently uploaded (20)

The Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and SalesThe Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and Sales
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
 
Knowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and backKnowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and back
 
UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4
 
How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...
 
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
 
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
 
Neuro-symbolic is not enough, we need neuro-*semantic*
Neuro-symbolic is not enough, we need neuro-*semantic*Neuro-symbolic is not enough, we need neuro-*semantic*
Neuro-symbolic is not enough, we need neuro-*semantic*
 
Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........
 
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
 
DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
 
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
 
JMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and GrafanaJMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and Grafana
 
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 previewState of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
 
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdfFIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
 
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMsTo Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
 
Key Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdfKey Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdf
 
Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...
 
Elevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object CalisthenicsElevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object Calisthenics
 
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
 

Cloud Computing Security

  • 2. Cloud Computing • Internet-based computing that provides shared processing resources and data to computers and other devices on demand. • Provide users and enterprises with various capabilities to store and process their data in third-party data-centers. • Availability of high-capacity networks, low-cost computers and storage devices and hardware virtualization have led to a growth in cloud computing. • Advantages are high computing power, cheap cost of services, high performance, scalability, accessibility and availability.
  • 3. Service Models • Infrastructure as a service (IaaS) • Platform as a service (PaaS) • Software as a service (SaaS)
  • 4. Deployment models • Private cloud • Public cloud • Hybrid cloud
  • 5. Cloud Security • It refers to a broad set of policies, technologies, and controls deployed to protect data, applications, and the associated infrastructure of cloud computing. • Security issues fall into two categories : security issues faced by cloud providers and security issues faced by their customers
  • 6. Cloud Computing Threats • Loss of governance : In a public cloud deployment, customers cede control to the cloud provider over a number of issues that may affect security. • Responsibility ambiguity : Responsibility over aspects of security may be split between the provider and the customer. • Authentication and Authorization : Accessing cloud resources from anywhere heightens the need for better authentication. • Isolation failure : It covers the failure of mechanisms separating the usage of storage, memory, routing and even reputation between tenants.
  • 7. • Compliance and legal risks : The cloud customer’s interest may be lost if the cloud provider cannot provide evidence of their own compliance with the relevant requirements. • Handling of security incidents : If detection, reporting and subsequent management of security breaches is not done, it may have impact on customer. • Data protection : Exposure or release of sensitive data as well as the loss or unavailability of data. • Business failure of the provider : Lead to unavailability of data and application of customer over an extended period. • Service unavailability : This could be caused by hardware, software or communication network failures. • Insecure or incomplete data deletion : The termination of a contract with a provider may not result in deletion of the customer’s data.
  • 8. Cloud Computing Security • Ensure effective governance, risk and compliance processes exist • Verify that agreement between the customer and the provider, along with associated documents, contain all their requirements(i.e, applications and data hosted are secured). • Cloud service providers should notify about the occurrence of any breach of their system, regardless of the parties or data directly impacted. • Servers hosting customer data may be located in multiple data centers within different jurisdictions. This influences the protection of personally identifiable information (PII) and legal and jurisdictional authority access to this data.
  • 9. • Audit operational & business processes • Customers should expect to see a report of the cloud provider's operations by independent auditors. • Auditors may be employed by the customer or by the provider - but the key element is that they should be independent. • Audits should be carried out by appropriately skilled staff typically belonging to an independent auditing organization. • Manage people, roles and identities • Two sets of people : employees of the provider – access to the customer’s data and applications, and employees of the customer - perform operations on the provider’s systems. • Cloud providers must allow the customer to assign and manage the roles and associated levels of authorization for each of their users in accordance with their security policies.
  • 10. • Ensure proper protection of data and information • Data Confidentiality : Outsourced data is stored in a cloud and out of the owners' direct control. Only authorized users can access the sensitive data while others. • Data Access Controllability : Legal users can be authorized by the owner to access the data, while others can not access it without permissions. • Data Integrity : Data should not be illegally tampered, improperly modified, deliberately deleted, or maliciously fabricated. If so, the owner should be able to detect the corruption or loss. • Ensure cloud networks and connections are secure • Provide tools to protect clients from one another, such as VPN, firewall, hypervisor. • Monitor for intrusion attempts using activity auditing and logging.
  • 11. • Understand the security requirements of the exit process • The provider must ensure that any copies of the data are permanently erased from its environment, wherever they may have been stored. • The exit process must allow the customer to retrieve their data in a suitably secure form, backups must be retained for agreed periods before being eliminated