Downloaded 156 times
Uploaded byNiki Upadhyay
Cloud with Cyber Security
This document proposes a cyber security model for cloud computing environments. It discusses key cloud concepts like service and deployment models. It then covers cyber security threats in cloud computing, including those originating from the host, between the customer and datacenter, and from virtual machines. The document also presents a mean failure cost approach to measure security and quantify risks through stakeholder, dependency, and impact matrices. Finally, it argues the model can support cloud business decisions by pricing security upgrades and assessing enhancement cost effectiveness.
More Related Content
Cloud with Cyber Security
- 1. A Cyber SecurityModel in Cloud Computing Environments Guided By: Presented By: Name Name
- 2. Content Cloud Computing Cyber Security Cyber Security in Cloud Computing Mean Failure Cost Security Requirements System Focus Security Threats Supporting Cloud Computing Business Model Conclusion
- 3. Cloud Computing CloudComputing is using the Internet to access someone else’s software running on someone else’s hardware in someone else’s data center. Cloud Architecture includes: Cloud Service Model Cloud Deployment Model Essential Characteristics of Cloud
- 4. Cloud Computing CloudService Model IaaS (Infrastructure as a Service) PaaS (Platform as a Service) SaaS (Software as a Service) Cloud Deployment Model Public Cloud Private Cloud Community Cloud Hybrid Cloud Essential Characteristic of Cloud On demand self service Broad Network Access Resource Pooling Rapid Elasticity Measured Service
- 5. Cyber Security CyberSecurity is the collection of tools, policies, security concepts, security safeguards, guidelines, risk management approaches, actions, training, best practices assurance & technologies that can be used to protect the cyber environment & organization and user’s assets. Provides measures to be taken to protect a computer or computer system against unauthorized access or attack when connected to Internet.
- 6. Cyber Security CyberCrime Includes: Illegal access Illegal Interception System Interference Data Interference Misuse of devices Fraud Cyber Security helps to defend from hacks and virus. Cyber security or Cyberspace security is the preservation of confidentiality, integrity and availability of information in the Cyberspace.
- 7. Cyber Security inCloud Computing Today all Individual & Organizations are moving towards cloud computing that has a direct impact on cyber security. It's a threat that's only getting bigger, the risk of hackers stealing data has grown exponentially.
- 8. Mean Failure Cost An MFC is a Measure of Cyber Security. Measures the security in terms of the loss that each stakeholder stands to sustain as a result of security breakdown. It uses 3 matrices to measure the cost or to estimate the risk, The Stakes matrix The Dependency matrix The Impact matrix
- 9.
- 10.
- 11. Mean Failure Cost Summarizing, Given Stakes matrix (ST), Dependability matrix (DP), Impact matrix (IM) & Threat vector (PT). The vector of Mean Failure Cost (MFC) can be derived by the following formula, MFC = ST . DP. IM . PT => MFC = ST . DP. PE => MFC = ST . PR Where, PR = Vector of Probability of failing security requirements PE = Vector of Probability of events
- 12. Security Requirements Stakeholderfocus Security Requirements Three class of stakeholders in cloud computing can be considered, The Service Provider The Corporate/ Organizational Subscribers The Individual Subscribers Three important pillars of Cloud Security S/W assurance, Availability Integrity Confidentiality
- 13. Security Requirements Availability Critical Data Archival Data Integrity Critical Data Archival Data Confidentiality Highly Classified Data Proprietary Data Public Data
- 14. System Focus CloudComputing System focuses on two parts, The Front End (Components) The Back End (Services) Front End is, The Client side & The Applications required to access the cloud system. Back End is, Cloud Section of the System with various services & servers, data storages, s/w and physical/ virtual computers. Cost is optimized by virtualization technique in cloud computing paradigm.
- 15. Security Threats Virtualizationcauses major security risks. It’s a s/w layer that emulates h/w to increase utilization and it ensures different instances are running on the same physical machine are isolated from each-other. Therefore cloud computing system in threaten by many types of attacks, which includes: Security Threats originating from the host (hypervisor) Security Threats originating between the customer & the datacenter Security Threats originating from the virtual machines
- 16. Security Threats SecurityThreats originating from the host (hypervisor), Monitoring virtual machines from host Virtual machine modification Threats on communications between virtual machines and host Placement of malicious VM images on physical systems
- 17. Security Threats SecurityThreats originating between the customer & the datacenter, Flooding attacks Denial of service (DoS) Data loss or leakage Malicious insiders Account, service and traffic hijacking Abuse and nefarious use of cloud computing Insecure application programing interfaces
- 18. Security Threats SecurityThreats originating from the virtual machines, Monitoring VMs from other VMs Virtual machine mobility Threats on communications between virtual machines
- 19. Supporting Cloud Computing BusinessModel The security cost model enables us to rationalized security related decision making. For example, Pricing Security Upgrade Judging the cost effectiveness security enhancement
- 20. Conclusion Cloud computingdoes not offer absolute security. But we can measure security by offering quantitative model that quantify the risks on the basis of analysis. The proposed matric offers: Security in economic term, enabling stakeholder to quantify risks. Depending on the stakes security value changes The value of MFC security matric reflects the heterogeneity of the security requirements.
- 21.