SlideShare a Scribd company logo

Cloud Computing Security Challenges and Risks

•
•
Sweta Kumari Barnwal
Sweta Kumari Barnwal

This document discusses security considerations for cloud computing. It covers security challenges like privacy, portability, interoperability, reliability and availability. It also discusses security planning, boundaries based on infrastructure as a service (IaaS), platform as a service (PaaS) and software as a service (SaaS) models. Additional topics include data security, software as a service security, security monitoring, and security architecture design.

Engineering
1 of 14
Download to read offline
Module: 5 CLOUD COMPUTING SECURITY IN THE CLOUD: Security Overview, Cloud Security Challenges and Risks. Software- as-a-Service Security, Security Monitoring, Security Architecture Design, Data Security, Application Security, Virtual Machine Security, Identity Management and Access Control, Autonomic Security. Cloud Security Challenges and Risks Cloud computing, an emergent technology, has placed many challenges in different aspects of data and information handling. Some of these are shown in the following diagram: Security and Privacy Security and Privacy of information is the biggest challenge to cloud computing. Security and privacy issues can be overcome by employing encryption, security hardware and security applications. Portability This is another challenge to cloud computing that applications should easily be migrated from one cloud provider to another. There must not be vendor lock-in. However, it is not yet made possible because each of the cloud provider uses different standard languages for their platforms. Interoperability It means the application on one platform should be able to incorporate services from the other platforms. It is made possible via web services, but developing such web services is very complex.
Computing Performance Data intensive applications on cloud requires high network bandwidth, which results in high cost. Low bandwidth does not meet the desired computing performance of cloud application. Reliability and Availability It is necessary for cloud systems to be reliable and robust because most of the businesses are now becoming dependent on services provided by third-party. Security in cloud computing is a major concern. Data in cloud should be stored in encrypted form. To restrict client from accessing the shared data directly, proxy and brokerage services should be employed. Security Planning Before deploying a particular resource to cloud, one should need to analyze several aspects of the resource such as: • Select resource that needs to move to the cloud and analyze its sensitivity to risk. • Consider cloud service models such as IaaS, PaaS, and SaaS. These models require customer to be responsible for security at different levels of service. • Consider the cloud type to be used such as public, private, community or hybrid. • Understand the cloud service provider's system about data storage and its transfer into and out of the cloud. The risk in cloud deployment mainly depends upon the service models and cloud types. Understanding Security of Cloud Security Boundaries A particular service model defines the boundary between the responsibilities of service provider and customer. Cloud Security Alliance (CSA) stack model defines the boundaries between each service model and shows how different functional units relate to each other. The following diagram shows the CSA stack model:
Key Points to CSA Model • IaaS is the most basic level of service with PaaS and SaaS next two above levels of services. • Moving upwards, each of the service inherits capabilities and security concerns of the model beneath. • IaaS provides the infrastructure, PaaS provides platform development environment, and SaaS provides operating environment. • IaaS has the least level of integrated functionalities and integrated security while SaaS has the most. • This model describes the security boundaries at which cloud service provider's responsibilities end and the customer's responsibilities begin. • Any security mechanism below the security boundary must be built into the system and should be maintained by the customer. Although each service model has security mechanism, the security needs also depend upon where these services are located, in private, public, hybrid or community cloud. Understanding Data Security Since all the data is transferred using Internet, data security is of major concern in the cloud. Here are key mechanisms for protecting data. • Access Control
• Auditing • Authentication • Authorization All of the service models should incorporate security mechanism operating in all above- mentioned areas. Isolated Access to Data Since data stored in cloud can be accessed from anywhere, we must have a mechanism to isolate data and protect it from client’s direct access. Brokered Cloud Storage Access is an approach for isolating storage in the cloud. In this approach, two services are created: • A broker with full access to storage but no access to client. • A proxy with no access to storage but access to both client and broker. Working Of Brokered Cloud Storage Access System When the client issues request to access data: • The client data request goes to the external service interface of proxy. • The proxy forwards the request to the broker. • The broker requests the data from cloud storage system. • The cloud storage system returns the data to the broker. • The broker returns the data to proxy. • Finally the proxy sends the data to the client. All of the above steps are shown in the following diagram:
Encryption Encryption helps to protect data from being compromised. It protects data that is being transferred as well as data stored in the cloud. Although encryption helps to protect data from any unauthorized access, it does not prevent data loss. Software as a Service Security In Software as a Service (SaaS) model, the client needs to be dependent on the service provider for proper security measures of the system. The service provider must ensure that their multiple users don‘t get to see each other‘s private data. So, it becomes important to the user to ensure that right security measures are in place and also difficult to get an assurance that the application will be available when needed [15]. Cloud computing providers need to provide some solution to solve the common security challenges that traditional communication systems face. At the same time, they also have to deal with other issues inherently introduced by the cloud computing paradigm itself. A. Authentication and authorization: The authorization and authentication applications used in enterprise environments need to be changed, so that they can work with a safe cloud environment. Forensics tasks will become much more difficult since it will be very hard or maybe not possible for investigators may to access the system hardware physically. Data confidentiality: Confidentiality may refer to the prevention of unintentional or intentional unauthorized disclosure or distribution of secured private information. Confidentiality is closely related to the areas of encryption, intellectual property rights, traffic analysis, covert channels, and inference in cloud system. Whenever a business, an individual, a government agency, or any other entity wants to shares information over cloud, confidentiality or privacy is a questions nay need to be asked.
Availability: The availability ensures the reliable and timely access to cloud data or cloud computing resources by the appropriate personnel. The availability is one of the big concerns of cloud service providers, since if the cloud service is disrupted or compromised in any way; it affects large no. of customers than in the traditional model. Information Security: In the SaaS model, the data of enterprise is stored outside of the enterprise boundary, which is at the SaaS vendor premises. Consequently, these SaaS vendor needs to adopt additional security features to ensure data security and prevent breaches due to security vulnerabilities in the application or by malicious employees. This will need the use of very strong encryption techniques for data security and highly competent authorization to control access private data. Data Access: Data access issue is mainly related to security policies provided to the users while accessing the data. Organizations have their own security policies based on which each employee can have access to a particular set of data. These security policies must be adhered by the cloud to avoid intrusion of data by unauthorized users. The SaaS model must be flexible enough to incorporate the specific policies put forward by the organization. Network Security: In a SaaS deployment model, highly sensitive information is obtained from the various enterprises, then processed by the SaaS application and stored at the SaaS vendor‘s premises. All data flow over the network has to be secured in order to prevent leakage of sensitive information. Data breaches: Since data from various users and business organizations lie together in a cloud environment, breaching into this environment will potentially make the data of all the users vulnerable. Thus, the cloud becomes a high potential target. Identity management and sign-on process: Identity management (IdM) or ID management is an area that deals with identifying individuals in a system and controlling the access to the resources in that system by placing restrictions on the established identities. Aria of IdM is considered as one of the biggest challenges in information security. When a SaaS provider want to know how to control who has access to what systems within the enterprise it becomes a lot more challenging task. There are several research works happening in the area of cloud security. Several organization and groups are now interested in developing security solutions and standards for the cloud. The Cloud Security Alliance (CSA) is gathering solution providers, non- profits and individuals to enter into discussion about the current and future best practices for information assurance in the cloud. The Open Web Application Security Project (OWASP) maintains list of top vulnerabilities to cloud-based or SaaS models which is updated as the threat landscape changes. The Cloud Standards website collects and coordinates information about cloudrelated standards under development by the groups. The Open Grid Forum publishes documents to containing security and infrastructural specifications and information for grid computing developers and researchers. We will discuss a security checklist for SaaS which can be used. To assess the security threats or capabilities of third-party SaaS providers, all customers need to ask some right questions: What metrics can be used for reporting?
Will the service providers be able to present reports which will satisfy the CIO, the board and auditors that enterprise data is secured and meets regulatory requirements? What is the level of the access controls? The most established mechanism for data breaches now a day is through malicious or unintentional misuse of user access credentials. Visibility of the activity of individual users, which also includes administrative changes, is essential for data protection. Is provided data such that it can be easily adapted into internal monitoring tools, to preventing data silos? To make reporting simple and foolproof, you'll need to monitor enterprise‘s internal applications alongside SaaS applications, from a centralized dashboard. How important and critical the enterprise data is? Each SaaS application, must know the business criticality of the data involved. Is the SaaS application managing confidential customer data properly or not? You can then perform an inventory of the applicable compliance issues. Security Monitoring Cloud security monitoring is the practice of continuously supervising both virtual and physical servers to analyze data for threats and vulnerabilities. Cloud security monitoring solutions often rely on automation to measure and assess behaviors related to data, applications and infrastructure. Cloud security monitoring solutions can be built natively into the cloud server hosting infrastructure (like AWS’s CloudWatch, for example) or they can be third-party solutions that are added to an existing environment (like Blumira). Organizations can also perform cloud monitoring on premises using existing security management tools. Like a SIEM, cloud security monitoring works by collecting log data across servers. Advanced cloud monitoring solutions analyze and correlate gathered data for anomalous activity, then send alerts and enable incident response. A cloud security monitoring service will typically offer: Visibility. Moving to the cloud inherently lowers an organization’s visibility across their infrastructure, so cloud monitoring security tools should bring a single pane of glass to monitor application, user and file behavior to identify potential attacks.
Scalability. Cloud security monitoring tools should be able to monitor large amounts of data across a variety of distributed locations. Auditing. It’s a challenge for organizations to manage and meet compliance requirements, so cloud security monitoring tools should provide robust auditing and monitoring capabilities. Continuous monitoring. Advanced cloud security monitoring solutions should continuously monitor behavior in real time to quickly identify malicious activity and prevent an attack. Integration. To maximize visibility, a cloud monitoring solution should ideally integrate with an organization’s existing services, such as productivity suites (i.e. Microsoft 365 and G Suite), endpoint security solutions (i.e. Crowdstrike and VMware Carbon Black) and identity and authentication services (i.e. Duo and Okta). Benefits of Cloud Security Monitoring Cloud security monitoring provides the following benefits: Maintain compliance. Monitoring is a requirement for nearly every major regulation, from HIPAA to PCI DSS. Cloud-based organizations must use monitoring tools to avoid compliance violations and costly fees. Identify vulnerabilities. Automated monitoring solutions can quickly alert IT and security teams about anomalies and help identify patterns that point to risky or malicious behavior. Overall, this brings a deeper level of observability and visibility to cloud environments. Prevent loss of business. An overlooked security incident can be detrimental and even result in shutting down business operations, leading to a decrease in customer trust and satisfaction — especially if customer data was leaked. Cloud security monitoring can help with business continuity and data security, while avoiding a potentially catastrophic data breach. Increase security maturity. An organization with a mature infosec model has a proactive, multi-layered approach to security. A cloud monitoring solution enables organizations to include cloud as one of those layers and provides visibility into the overall environment.
Cloud Security Monitoring Challenges Lack of cloud security strategy. Many organizations hastily migrate to the cloud to support remote work without developing a clear cloud security strategy. Key stakeholders should know answers to questions such as: • How can we gain visibility into cloud policy changes or configurations? • How do we keep track of our assets in the cloud and who has access? • How will we approach backups? Will we have offsite copies? • Will our cloud provider have access to company data? If so, what can they do with it? Without a clear strategy, an organization will not be able to fully reap the benefits of a cloud security monitoring solution. Alert fatigue. Many cloud monitoring products are noisy, which can result in IT and security teams lacking insight into what’s important to focus on. A FireEye study revealed that some organizations receive up to 10,000 alerts per month from security products. Cloud monitoring solutions with prioritized alerts can reduce the noise and chances of receiving false positives, which provides higher security value. Lack of context. Logs and alerts are only valuable if an organization understands how to interpret them. Security teams should understand what they want to monitor and why; once they receive alerts, they should know which actions to take. A best-in-class threat detection and response platform will provide remediation steps and playbooks in addition to prioritized alerts. SECURITY ARCHITECTURE DESIGN A cloud security architecture (also sometimes called a “cloud computing security architecture”) is defined by the security layers, design, and structure of the platform, tools, software, infrastructure, and best practices that exist within a cloud security solution. A cloud security architecture provides the written and visual model to define how to configure and secure activities and operations within the cloud, including such things as identity and access management; methods and controls to protect applications and data; approaches to gain and maintain visibility into compliance, threat posture, and overall security; processes for instilling
security principles into cloud services development and operations; policies and governance to meet compliance standards; and physical infrastructure security components. Cloud security, in general, refers to the protection of information, applications, data, platforms, and infrastructure that operate or exist within the cloud. Cloud security is applicable to all types of cloud computing infrastructures, including public clouds, private clouds, and hybrid clouds. Cloud security is a type of cybersecurity. When developing a cloud security architecture several critical elements should be included: • Security at Each Layer • Centralized Management of Components • Redundant & Resilient Design • Elasticity & Scalability • Appropriate Storage for Deployments • Alerts & Notifications • Centralization, Standardization, & Automation Infrastructure-as-a-Service (IaaS) – IaaS is a cloud computing model that provides virtualized computing resources including networking, storage, and machines accessible through the internet. In IaaS, the Cloud Service Provider (CSP) is responsible for the controls that protect their underlying servers and data including security of servers, storage and networking hardware, virtualization, and the hypervisor. The enterprise’s security responsibilities include user access, data, applications, operating systems, and network traffic. According to Gartner, by 2021, 50% of enterprises will unknowingly and mistakenly have exposed some IaaS storage services, network segments, applications, or APIs directly to the public internet, up from 25% at YE18. IaaS cloud security models also require these security features: • Audit and monitor resources for misconfiguration • Automate policy corrections • Prevent data loss with DLP • Capture custom app activity and enforce controls
• Detect malicious user activity and behavior • Detect and remove malware • Discover rouge IaaS services and accounts • Identify provisioned user risk • Enrich native cloud platform forensics • Manage multiple IaaS providers According to Gartner, through 2023, at least 99% of cloud security failures will be the customer’s fault. Through 2024, workloads that leverage the programmability of cloud infrastructure to improve security protection will demonstrate improved compliance and at least 60% fewer security incidents than those in traditional data centers. As with on-premises data centers, the majority of successful cloud attacks are caused by mistakes, such as misconfiguration, missing patches, or mismanaged credentials. To achieve more secure cloud- based infrastructure and platform services, Gartner recommends a systematic and risk-based approach for IaaS/PaaS security using a set of layered capabilities. Platform-as-a-Service (PaaS) – The CSP secures a majority of a PaaS cloud service model, however, the enterprise is responsible for the security of its applications. PaaS builds upon IaaS deploying applications without taking on the cost and resources required to buy and manage hardware, software, and hosting capabilities. These features can include: • Cloud Access Security Brokers (CASB) • Cloud workload protection platforms (CWPP) • Cloud security posture management (CSPM) • Business analytics/intelligence • Logs • IP restrictions • API gateways • Internet of Things (IoT) Software-as-a-Service (SaaS) – Terms of security ownership within SaaS are negotiated with the CSP as part of their service contract. SaaS often hosts an enterprise’s physical, infrastructure, hypervisor, network traffic, and operating system. SaaS apps and infrastructure controls can include: • Enforce data loss prevention (DLP) • Prevent unauthorized sharing of sensitive data to wrong people • Block sync/download of corporate data to personal devices • Detect compromised account, insider threats, and malware • Gain visibility into unsanctioned applications • Audit for misconfiguration DATA SECURITY Cloud data protection is the practice of securing a company’s data in a cloud environment, wherever that data is located, whether it’s at rest or in motion, and whether it’s managed internally by the company or externally by a third party.
This practice has become increasingly important as more companies have switched from building and managing their own data centers to storing their applications and data in the cloud instead. A 2018 survey by IDG, a leading technology media company, stated that 73% of companies had applications or infrastructure in the cloud, with another 17% expected to make the move in the coming year Companies are collecting massive amounts of data, ranging from highly confidential business, financial and customer data to fairly unimportant information. They’re also moving more and more of their data to the cloud and storing it in more places than ever – public, private and hybrid clouds, cloud storage environments, software-as-a-service applications, and so on. As they do this, companies are discovering just how complicated protecting and securing all their data across multiple environments can be. For example: • They no longer know where all their applications and data are. • With most of their applications and data housed on third-party infrastructure, companies no longer have visibility into who is accessing and using their applications and data, which devices are being used for access, or how their data is potentially being used or shared. • They have no insight into how cloud providers are storing and securing their data. • Even though most cloud providers have state-of-the-art security, this security is limited. After all, companies and cloud providers share responsibilities for cloud security. • Different cloud providers have varying capabilities, which can result in inconsistent cloud data protection and security. On top of this, companies face a host of security challenges, including the potential for: • Security breaches • Loss or theft of sensitive data • Application vulnerabilities and malware propagation The Benefits of Cloud Data Protection
Among the benefits of cloud data protection, it enables companies to: • Secure applications and data across multiple environments while maintaining complete visibility into all user, folder and file activity. • Proactively identify and mitigate risks, such as security threats, suspicious user behavior, malware and others. • Better govern access. • Define policies. • Prevent and detect data loss and disruption. APPLICATION SECURITY Application security describes security measures at the application level that aim to prevent data or code within the app from being stolen or hijacked. It encompasses the security considerations that happen during application development and design, but it also involves systems and approaches to protect apps after they get deployed. Application security may include hardware, software, and procedures that identify or minimize security vulnerabilities. A router that prevents anyone from viewing a computer’s IP address from the Internet is a form of hardware application security. But security measures at the application level are also typically built into the software, such as an application firewall that strictly defines what activities are allowed and prohibited. Procedures can entail things like an application security routine that includes protocols such as regular testing. Why application security is important Application security is important because today’s applications are often available over various networks and connected to the cloud, increasing vulnerabilities to security threats and breaches. There is increasing pressure and incentive to not only ensure security at the network level but also within applications themselves. One reason for this is because hackers are going after apps with their attacks more today than in the past. Application security testing can reveal weaknesses at the application level, helping to prevent these attacks. Application security is the process of developing, adding, and testing security features within applications to prevent security vulnerabilities against threats such as unauthorized access and modification. Types of application security Different types of application security features include authentication, authorization, encryption, logging, and application security testing. Developers can also code applications to reduce security vulnerabilities.
Authentication: When software developers build procedures into an application to ensure that only authorized users gain access to it. Authentication procedures ensure that a user is who they say they are. This can be accomplished by requiring the user to provide a user name and password when logging in to an application. Multi-factor authentication requires more than one form of authentication—the factors might include something you know (a password), something you have (a mobile device), and something you are (a thumb print or facial recognition). Authorization: After a user has been authenticated, the user may be authorized to access and use the application. The system can validate that a user has permission to access the application by comparing the user’s identity with a list of authorized users. Authentication must happen before authorization so that the application matches only validated user credentials to the authorized user list. Encryption: After a user has been authenticated and is using the application, other security measures can protect sensitive data from being seen or even used by a cybercriminal. In cloud- based applications, where traffic containing sensitive data travels between the end user and the cloud, that traffic can be encrypted to keep the data safe. Logging: If there is a security breach in an application, logging can help identify who got access to the data and how. Application log files provide a time-stamped record of which aspects of the application were accessed and by whom. Application security testing: A necessary process to ensure that all of these security controls work properly. VIRTUAL MACHINE SECURITY IDENTITY MANAGEMENT AND ACCESS CONTROL AUTONOMIC SECURITY

Recommended

CLOUD ARCHITECTURE AND SERVICES.pptx
CLOUD ARCHITECTURE AND SERVICES.pptxCLOUD ARCHITECTURE AND SERVICES.pptx
CLOUD ARCHITECTURE AND SERVICES.pptxDr Geetha Mohan
 
Software as a service
Software as a serviceSoftware as a service
Software as a serviceDivya korrapati
 
Unit 4
Unit 4Unit 4
Unit 4Ravi Kumar
 
Cloud computing What Why How
Cloud computing What Why HowCloud computing What Why How
Cloud computing What Why HowAsian Institute of Technology (AIT)
 
Cloud Computing Security
Cloud Computing SecurityCloud Computing Security
Cloud Computing SecurityNinh Nguyen
 
Cloud adoption and rudiments
Cloud adoption and rudimentsCloud adoption and rudiments
Cloud adoption and rudimentsgaurav jain
 
Cloud computing ppt
Cloud computing pptCloud computing ppt
Cloud computing pptJagriti Rai
 
Cloud Reference Model
Cloud Reference ModelCloud Reference Model
Cloud Reference ModelDr. Ramkumar Lakshminarayanan
 

Recommended

CLOUD ARCHITECTURE AND SERVICES.pptx
CLOUD ARCHITECTURE AND SERVICES.pptxCLOUD ARCHITECTURE AND SERVICES.pptx
CLOUD ARCHITECTURE AND SERVICES.pptxDr Geetha Mohan
 
Software as a service
Software as a serviceSoftware as a service
Software as a serviceDivya korrapati
 
Unit 4
Unit 4Unit 4
Unit 4Ravi Kumar
 
Cloud computing What Why How
Cloud computing What Why HowCloud computing What Why How
Cloud computing What Why HowAsian Institute of Technology (AIT)
 
Cloud Computing Security
Cloud Computing SecurityCloud Computing Security
Cloud Computing SecurityNinh Nguyen
 
Cloud adoption and rudiments
Cloud adoption and rudimentsCloud adoption and rudiments
Cloud adoption and rudimentsgaurav jain
 
Cloud computing ppt
Cloud computing pptCloud computing ppt
Cloud computing pptJagriti Rai
 
Cloud Reference Model
Cloud Reference ModelCloud Reference Model
Cloud Reference ModelDr. Ramkumar Lakshminarayanan
 
Cloud Computing
Cloud ComputingCloud Computing
Cloud ComputingNaveed Farooq
 
INTRODUCTION TO CLOUD COMPUTING
INTRODUCTION TO CLOUD COMPUTINGINTRODUCTION TO CLOUD COMPUTING
INTRODUCTION TO CLOUD COMPUTINGTanmoy Barman
 
Cloud computing
Cloud computingCloud computing
Cloud computingAditya Dwivedi
 
Cloud Computing Architecture
Cloud Computing ArchitectureCloud Computing Architecture
Cloud Computing ArchitectureAnimesh Chaturvedi
 
Cloud Computing - An Introduction
Cloud Computing - An IntroductionCloud Computing - An Introduction
Cloud Computing - An IntroductionRavindra Dastikop
 
Cloud computing security issues and challenges
Cloud computing security issues and challengesCloud computing security issues and challenges
Cloud computing security issues and challengesDheeraj Negi
 
A brief history of cloud computing
A brief history of cloud computingA brief history of cloud computing
A brief history of cloud computingOneserve
 
Module 3-cloud computing
Module 3-cloud computingModule 3-cloud computing
Module 3-cloud computingSweta Kumari Barnwal
 
Cloud Computing Presentation
Cloud Computing PresentationCloud Computing Presentation
Cloud Computing PresentationVivek Ravindran
 
Cloud Computing An introduction
Cloud Computing An introductionCloud Computing An introduction
Cloud Computing An introductionSanjay Sharma
 
Multi Tenancy In The Cloud
Multi Tenancy In The CloudMulti Tenancy In The Cloud
Multi Tenancy In The Cloudrohit_ainapure
 
Cloud Service Models
Cloud Service ModelsCloud Service Models
Cloud Service ModelsAbhishek Pachisia
 
Cloud computing
Cloud computingCloud computing
Cloud computingShiva Prasad
 
NIST Cloud Computing Reference Architecture
NIST Cloud Computing Reference ArchitectureNIST Cloud Computing Reference Architecture
NIST Cloud Computing Reference ArchitectureThanakrit Lersmethasakul
 
Implementation levels of virtualization
Implementation levels of virtualizationImplementation levels of virtualization
Implementation levels of virtualizationGokulnath S
 
SaaS Presentation at SCIT Conference
SaaS Presentation at SCIT ConferenceSaaS Presentation at SCIT Conference
SaaS Presentation at SCIT ConferenceSuhas Kelkar
 
Cloud Resource Management
Cloud Resource ManagementCloud Resource Management
Cloud Resource ManagementNASIRSAYYED4
 
Cloud Computing for college presenation project.
Cloud Computing for college presenation project.Cloud Computing for college presenation project.
Cloud Computing for college presenation project.Mahesh Tibrewal
 
Cloud security
Cloud securityCloud security
Cloud securityNiharika Varshney
 
Service level agreement in cloud computing an overview
Service level agreement in cloud computing an overviewService level agreement in cloud computing an overview
Service level agreement in cloud computing an overviewDr Neelesh Jain
 
UNIT -V.docx
UNIT -V.docxUNIT -V.docx
UNIT -V.docxRevathiparamanathan
 
SaaS Security.pptx
SaaS Security.pptxSaaS Security.pptx
SaaS Security.pptxchelsi33
 

More Related Content

What's hot

Cloud Computing
Cloud ComputingCloud Computing
Cloud ComputingNaveed Farooq
 
INTRODUCTION TO CLOUD COMPUTING
INTRODUCTION TO CLOUD COMPUTINGINTRODUCTION TO CLOUD COMPUTING
INTRODUCTION TO CLOUD COMPUTINGTanmoy Barman
 
Cloud Computing Architecture
Cloud Computing ArchitectureCloud Computing Architecture
Cloud Computing ArchitectureAnimesh Chaturvedi
 
Cloud Computing - An Introduction
Cloud Computing - An IntroductionCloud Computing - An Introduction
Cloud Computing - An IntroductionRavindra Dastikop
 
Cloud computing security issues and challenges
Cloud computing security issues and challengesCloud computing security issues and challenges
Cloud computing security issues and challengesDheeraj Negi
 
A brief history of cloud computing
A brief history of cloud computingA brief history of cloud computing
A brief history of cloud computingOneserve
 
Cloud Computing Presentation
Cloud Computing PresentationCloud Computing Presentation
Cloud Computing PresentationVivek Ravindran
 
Cloud Computing An introduction
Cloud Computing An introductionCloud Computing An introduction
Cloud Computing An introductionSanjay Sharma
 
Multi Tenancy In The Cloud
Multi Tenancy In The CloudMulti Tenancy In The Cloud
Multi Tenancy In The Cloudrohit_ainapure
 
Cloud computing
Cloud computingCloud computing
Cloud computingShiva Prasad
 
NIST Cloud Computing Reference Architecture
NIST Cloud Computing Reference ArchitectureNIST Cloud Computing Reference Architecture
NIST Cloud Computing Reference ArchitectureThanakrit Lersmethasakul
 
Implementation levels of virtualization
Implementation levels of virtualizationImplementation levels of virtualization
Implementation levels of virtualizationGokulnath S
 
SaaS Presentation at SCIT Conference
SaaS Presentation at SCIT ConferenceSaaS Presentation at SCIT Conference
SaaS Presentation at SCIT ConferenceSuhas Kelkar
 
Cloud Resource Management
Cloud Resource ManagementCloud Resource Management
Cloud Resource ManagementNASIRSAYYED4
 
Cloud Computing for college presenation project.
Cloud Computing for college presenation project.Cloud Computing for college presenation project.
Cloud Computing for college presenation project.Mahesh Tibrewal
 
Service level agreement in cloud computing an overview
Service level agreement in cloud computing an overviewService level agreement in cloud computing an overview
Service level agreement in cloud computing an overviewDr Neelesh Jain
 

What's hot (20)

Cloud Computing
Cloud ComputingCloud Computing
Cloud Computing
 
INTRODUCTION TO CLOUD COMPUTING
INTRODUCTION TO CLOUD COMPUTINGINTRODUCTION TO CLOUD COMPUTING
INTRODUCTION TO CLOUD COMPUTING
 
Cloud computing
Cloud computingCloud computing
Cloud computing
 
Cloud Computing Architecture
Cloud Computing ArchitectureCloud Computing Architecture
Cloud Computing Architecture
 
Cloud Computing - An Introduction
Cloud Computing - An IntroductionCloud Computing - An Introduction
Cloud Computing - An Introduction
 
Cloud computing security issues and challenges
Cloud computing security issues and challengesCloud computing security issues and challenges
Cloud computing security issues and challenges
 
A brief history of cloud computing
A brief history of cloud computingA brief history of cloud computing
A brief history of cloud computing
 
Module 3-cloud computing
Module 3-cloud computingModule 3-cloud computing
Module 3-cloud computing
 
Cloud Computing Presentation
Cloud Computing PresentationCloud Computing Presentation
Cloud Computing Presentation
 
Cloud Computing An introduction
Cloud Computing An introductionCloud Computing An introduction
Cloud Computing An introduction
 
Multi Tenancy In The Cloud
Multi Tenancy In The CloudMulti Tenancy In The Cloud
Multi Tenancy In The Cloud
 
Cloud Service Models
Cloud Service ModelsCloud Service Models
Cloud Service Models
 
Cloud computing
Cloud computingCloud computing
Cloud computing
 
NIST Cloud Computing Reference Architecture
NIST Cloud Computing Reference ArchitectureNIST Cloud Computing Reference Architecture
NIST Cloud Computing Reference Architecture
 
Implementation levels of virtualization
Implementation levels of virtualizationImplementation levels of virtualization
Implementation levels of virtualization
 
SaaS Presentation at SCIT Conference
SaaS Presentation at SCIT ConferenceSaaS Presentation at SCIT Conference
SaaS Presentation at SCIT Conference
 
Cloud Resource Management
Cloud Resource ManagementCloud Resource Management
Cloud Resource Management
 
Cloud Computing for college presenation project.
Cloud Computing for college presenation project.Cloud Computing for college presenation project.
Cloud Computing for college presenation project.
 
Cloud security
Cloud securityCloud security
Cloud security
 
Service level agreement in cloud computing an overview
Service level agreement in cloud computing an overviewService level agreement in cloud computing an overview
Service level agreement in cloud computing an overview
 

Similar to Cloud Computing Security Challenges and Risks

SaaS Security.pptx
SaaS Security.pptxSaaS Security.pptx
SaaS Security.pptxchelsi33
 
saassecurity-230424030940-08314322.pdf
saassecurity-230424030940-08314322.pdfsaassecurity-230424030940-08314322.pdf
saassecurity-230424030940-08314322.pdfSahilSingh316535
 
Security Issues in Cloud Computing by rahul abhishek
Security Issues in Cloud Computing by rahul abhishekSecurity Issues in Cloud Computing by rahul abhishek
Security Issues in Cloud Computing by rahul abhishekEr. rahul abhishek
 
Cloud computing seminar report
Cloud computing seminar reportCloud computing seminar report
Cloud computing seminar reportshafzonly
 
Cloud Security - Types, Common Threats & Tips To Mitigate.pdf
Cloud Security - Types, Common Threats & Tips To Mitigate.pdfCloud Security - Types, Common Threats & Tips To Mitigate.pdf
Cloud Security - Types, Common Threats & Tips To Mitigate.pdfDataSpace Academy
 
the_role_of_resilience_data_in_ensuring_cloud_security.pdf
the_role_of_resilience_data_in_ensuring_cloud_security.pdfthe_role_of_resilience_data_in_ensuring_cloud_security.pdf
the_role_of_resilience_data_in_ensuring_cloud_security.pdfsarah david
 
Encryption Technique for a Trusted Cloud Computing Environment
Encryption Technique for a Trusted Cloud Computing EnvironmentEncryption Technique for a Trusted Cloud Computing Environment
Encryption Technique for a Trusted Cloud Computing EnvironmentIOSR Journals
 
Encryption Technique for a Trusted Cloud Computing Environment
Encryption Technique for a Trusted Cloud Computing EnvironmentEncryption Technique for a Trusted Cloud Computing Environment
Encryption Technique for a Trusted Cloud Computing EnvironmentIOSR Journals
 
Encryption Technique for a Trusted Cloud Computing Environment
Encryption Technique for a Trusted Cloud Computing EnvironmentEncryption Technique for a Trusted Cloud Computing Environment
Encryption Technique for a Trusted Cloud Computing EnvironmentIOSR Journals
 
the_role_of_resilience_data_in_ensuring_cloud_security.pptx
the_role_of_resilience_data_in_ensuring_cloud_security.pptxthe_role_of_resilience_data_in_ensuring_cloud_security.pptx
the_role_of_resilience_data_in_ensuring_cloud_security.pptxsarah david
 
Data security in cloud computing
Data security in cloud computingData security in cloud computing
Data security in cloud computingPrince Chandu
 
Security and Privacy Issues of Cloud Computing; Solutions and Secure Framework
Security and Privacy Issues of Cloud Computing; Solutions and Secure FrameworkSecurity and Privacy Issues of Cloud Computing; Solutions and Secure Framework
Security and Privacy Issues of Cloud Computing; Solutions and Secure FrameworkIOSR Journals
 
Cloud Application Security --Symantec
Cloud Application Security --Symantec Cloud Application Security --Symantec
Cloud Application Security --SymantecAbhishek Sood
 
Hybrid & Multi-cloud Environment.pdf
Hybrid & Multi-cloud Environment.pdfHybrid & Multi-cloud Environment.pdf
Hybrid & Multi-cloud Environment.pdfmanoharparakh
 

Similar to Cloud Computing Security Challenges and Risks (20)

UNIT -V.docx
UNIT -V.docxUNIT -V.docx
UNIT -V.docx
 
SaaS Security.pptx
SaaS Security.pptxSaaS Security.pptx
SaaS Security.pptx
 
saassecurity-230424030940-08314322.pdf
saassecurity-230424030940-08314322.pdfsaassecurity-230424030940-08314322.pdf
saassecurity-230424030940-08314322.pdf
 
Cloud Security
Cloud SecurityCloud Security
Cloud Security
 
Security Issues in Cloud Computing by rahul abhishek
Security Issues in Cloud Computing by rahul abhishekSecurity Issues in Cloud Computing by rahul abhishek
Security Issues in Cloud Computing by rahul abhishek
 
cloud1_aggy.pdf
cloud1_aggy.pdfcloud1_aggy.pdf
cloud1_aggy.pdf
 
Cloud computing seminar report
Cloud computing seminar reportCloud computing seminar report
Cloud computing seminar report
 
Cloud Security - Types, Common Threats & Tips To Mitigate.pdf
Cloud Security - Types, Common Threats & Tips To Mitigate.pdfCloud Security - Types, Common Threats & Tips To Mitigate.pdf
Cloud Security - Types, Common Threats & Tips To Mitigate.pdf
 
the_role_of_resilience_data_in_ensuring_cloud_security.pdf
the_role_of_resilience_data_in_ensuring_cloud_security.pdfthe_role_of_resilience_data_in_ensuring_cloud_security.pdf
the_role_of_resilience_data_in_ensuring_cloud_security.pdf
 
Encryption Technique for a Trusted Cloud Computing Environment
Encryption Technique for a Trusted Cloud Computing EnvironmentEncryption Technique for a Trusted Cloud Computing Environment
Encryption Technique for a Trusted Cloud Computing Environment
 
Encryption Technique for a Trusted Cloud Computing Environment
Encryption Technique for a Trusted Cloud Computing EnvironmentEncryption Technique for a Trusted Cloud Computing Environment
Encryption Technique for a Trusted Cloud Computing Environment
 
H017155360
H017155360H017155360
H017155360
 
Encryption Technique for a Trusted Cloud Computing Environment
Encryption Technique for a Trusted Cloud Computing EnvironmentEncryption Technique for a Trusted Cloud Computing Environment
Encryption Technique for a Trusted Cloud Computing Environment
 
the_role_of_resilience_data_in_ensuring_cloud_security.pptx
the_role_of_resilience_data_in_ensuring_cloud_security.pptxthe_role_of_resilience_data_in_ensuring_cloud_security.pptx
the_role_of_resilience_data_in_ensuring_cloud_security.pptx
 
SECURING THE CLOUD DATA LAKES
SECURING THE CLOUD DATA LAKESSECURING THE CLOUD DATA LAKES
SECURING THE CLOUD DATA LAKES
 
Data security in cloud computing
Data security in cloud computingData security in cloud computing
Data security in cloud computing
 
Cloud Security
Cloud SecurityCloud Security
Cloud Security
 
Security and Privacy Issues of Cloud Computing; Solutions and Secure Framework
Security and Privacy Issues of Cloud Computing; Solutions and Secure FrameworkSecurity and Privacy Issues of Cloud Computing; Solutions and Secure Framework
Security and Privacy Issues of Cloud Computing; Solutions and Secure Framework
 
Cloud Application Security --Symantec
Cloud Application Security --Symantec Cloud Application Security --Symantec
Cloud Application Security --Symantec
 
Hybrid & Multi-cloud Environment.pdf
Hybrid & Multi-cloud Environment.pdfHybrid & Multi-cloud Environment.pdf
Hybrid & Multi-cloud Environment.pdf
 

More from Sweta Kumari Barnwal

MODULE-2-Cloud Computing.docx.pdf
MODULE-2-Cloud Computing.docx.pdfMODULE-2-Cloud Computing.docx.pdf
MODULE-2-Cloud Computing.docx.pdfSweta Kumari Barnwal
 
Cloud Computing_Module-1.pdf
Cloud Computing_Module-1.pdfCloud Computing_Module-1.pdf
Cloud Computing_Module-1.pdfSweta Kumari Barnwal
 
Computer Network-Data Link Layer-Module-2.pdf
Computer Network-Data Link Layer-Module-2.pdfComputer Network-Data Link Layer-Module-2.pdf
Computer Network-Data Link Layer-Module-2.pdfSweta Kumari Barnwal
 
Sensors in Different Applications Area.pdf
Sensors in Different Applications Area.pdfSensors in Different Applications Area.pdf
Sensors in Different Applications Area.pdfSweta Kumari Barnwal
 
Sensor technology module-3-interface electronic circuits
Sensor technology module-3-interface electronic circuitsSensor technology module-3-interface electronic circuits
Sensor technology module-3-interface electronic circuitsSweta Kumari Barnwal
 
Sensors fundamentals and characteristics, physical principle of sensing
Sensors fundamentals and characteristics, physical principle of sensingSensors fundamentals and characteristics, physical principle of sensing
Sensors fundamentals and characteristics, physical principle of sensingSweta Kumari Barnwal
 
Operating system and services
Operating system and servicesOperating system and services
Operating system and servicesSweta Kumari Barnwal
 
Network Layer & Transport Layer
Network Layer & Transport LayerNetwork Layer & Transport Layer
Network Layer & Transport LayerSweta Kumari Barnwal
 
Unit ii-hackers and cyber crimes
Unit ii-hackers and cyber crimesUnit ii-hackers and cyber crimes
Unit ii-hackers and cyber crimesSweta Kumari Barnwal
 
Virtualization - cloud computing
Virtualization - cloud computingVirtualization - cloud computing
Virtualization - cloud computingSweta Kumari Barnwal
 
Process improvement & service oriented software engineering
Process improvement & service oriented software engineeringProcess improvement & service oriented software engineering
Process improvement & service oriented software engineeringSweta Kumari Barnwal
 

More from Sweta Kumari Barnwal (20)

UNIT-1 Start Learning R.pdf
UNIT-1 Start Learning R.pdfUNIT-1 Start Learning R.pdf
UNIT-1 Start Learning R.pdf
 
MODULE-2-Cloud Computing.docx.pdf
MODULE-2-Cloud Computing.docx.pdfMODULE-2-Cloud Computing.docx.pdf
MODULE-2-Cloud Computing.docx.pdf
 
Number System.pdf
Number System.pdfNumber System.pdf
Number System.pdf
 
Cloud Computing_Module-1.pdf
Cloud Computing_Module-1.pdfCloud Computing_Module-1.pdf
Cloud Computing_Module-1.pdf
 
Computer Network-Data Link Layer-Module-2.pdf
Computer Network-Data Link Layer-Module-2.pdfComputer Network-Data Link Layer-Module-2.pdf
Computer Network-Data Link Layer-Module-2.pdf
 
Sensors in Different Applications Area.pdf
Sensors in Different Applications Area.pdfSensors in Different Applications Area.pdf
Sensors in Different Applications Area.pdf
 
Sensor technology module-3-interface electronic circuits
Sensor technology module-3-interface electronic circuitsSensor technology module-3-interface electronic circuits
Sensor technology module-3-interface electronic circuits
 
Sensors fundamentals and characteristics, physical principle of sensing
Sensors fundamentals and characteristics, physical principle of sensingSensors fundamentals and characteristics, physical principle of sensing
Sensors fundamentals and characteristics, physical principle of sensing
 
Logic gates
Logic gatesLogic gates
Logic gates
 
Basic computer system
Basic computer systemBasic computer system
Basic computer system
 
Features of windows
Features of windowsFeatures of windows
Features of windows
 
Operating system and services
Operating system and servicesOperating system and services
Operating system and services
 
Introduction to computers
Introduction to computersIntroduction to computers
Introduction to computers
 
Application Layer
Application LayerApplication Layer
Application Layer
 
Network Layer & Transport Layer
Network Layer & Transport LayerNetwork Layer & Transport Layer
Network Layer & Transport Layer
 
Module 3-cyber security
Module 3-cyber securityModule 3-cyber security
Module 3-cyber security
 
Unit ii-hackers and cyber crimes
Unit ii-hackers and cyber crimesUnit ii-hackers and cyber crimes
Unit ii-hackers and cyber crimes
 
Virtualization - cloud computing
Virtualization - cloud computingVirtualization - cloud computing
Virtualization - cloud computing
 
Process improvement & service oriented software engineering
Process improvement & service oriented software engineeringProcess improvement & service oriented software engineering
Process improvement & service oriented software engineering
 
Introduction to computers i
Introduction to computers iIntroduction to computers i
Introduction to computers i
 

Recently uploaded

Model Call Girl in Narela Delhi reach out to us at 🔝8264348440🔝
Model Call Girl in Narela Delhi reach out to us at 🔝8264348440🔝Model Call Girl in Narela Delhi reach out to us at 🔝8264348440🔝
Model Call Girl in Narela Delhi reach out to us at 🔝8264348440🔝soniya singh
 
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escortsranjana rawat
 
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...Soham Mondal
 
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...Dr.Costas Sachpazis
 
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...ranjana rawat
 
Processing & Properties of Floor and Wall Tiles.pptx
Processing & Properties of Floor and Wall Tiles.pptxProcessing & Properties of Floor and Wall Tiles.pptx
Processing & Properties of Floor and Wall Tiles.pptxpranjaldaimarysona
 
APPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICS
APPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICSAPPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICS
APPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICSKurinjimalarL3
 
Coefficient of Thermal Expansion and their Importance.pptx
Coefficient of Thermal Expansion and their Importance.pptxCoefficient of Thermal Expansion and their Importance.pptx
Coefficient of Thermal Expansion and their Importance.pptxAsutosh Ranjan
 
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...Dr.Costas Sachpazis
 
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur EscortsHigh Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escortsranjana rawat
 
What are the advantages and disadvantages of membrane structures.pptx
What are the advantages and disadvantages of membrane structures.pptxWhat are the advantages and disadvantages of membrane structures.pptx
What are the advantages and disadvantages of membrane structures.pptxwendy cai
 
Porous Ceramics seminar and technical writing
Porous Ceramics seminar and technical writingPorous Ceramics seminar and technical writing
Porous Ceramics seminar and technical writingrakeshbaidya232001
 
Microscopic Analysis of Ceramic Materials.pptx
Microscopic Analysis of Ceramic Materials.pptxMicroscopic Analysis of Ceramic Materials.pptx
Microscopic Analysis of Ceramic Materials.pptxpurnimasatapathy1234
 
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur EscortsHigh Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur EscortsCall Girls in Nagpur High Profile
 
VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130
VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130
VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130Suhani Kapoor
 
Analog to Digital and Digital to Analog Converter
Analog to Digital and Digital to Analog ConverterAnalog to Digital and Digital to Analog Converter
Analog to Digital and Digital to Analog ConverterAbhinavSharma374939
 
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINE
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINEMANUFACTURING PROCESS-II UNIT-2 LATHE MACHINE
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINESIVASHANKAR N
 
(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...
(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...
(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...ranjana rawat
 

Recently uploaded (20)

Model Call Girl in Narela Delhi reach out to us at 🔝8264348440🔝
Model Call Girl in Narela Delhi reach out to us at 🔝8264348440🔝Model Call Girl in Narela Delhi reach out to us at 🔝8264348440🔝
Model Call Girl in Narela Delhi reach out to us at 🔝8264348440🔝
 
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
 
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...
 
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
 
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
 
Processing & Properties of Floor and Wall Tiles.pptx
Processing & Properties of Floor and Wall Tiles.pptxProcessing & Properties of Floor and Wall Tiles.pptx
Processing & Properties of Floor and Wall Tiles.pptx
 
APPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICS
APPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICSAPPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICS
APPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICS
 
Coefficient of Thermal Expansion and their Importance.pptx
Coefficient of Thermal Expansion and their Importance.pptxCoefficient of Thermal Expansion and their Importance.pptx
Coefficient of Thermal Expansion and their Importance.pptx
 
★ CALL US 9953330565 ( HOT Young Call Girls In Badarpur delhi NCR
★ CALL US 9953330565 ( HOT Young Call Girls In Badarpur delhi NCR★ CALL US 9953330565 ( HOT Young Call Girls In Badarpur delhi NCR
★ CALL US 9953330565 ( HOT Young Call Girls In Badarpur delhi NCR
 
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...
 
Roadmap to Membership of RICS - Pathways and Routes
Roadmap to Membership of RICS - Pathways and RoutesRoadmap to Membership of RICS - Pathways and Routes
Roadmap to Membership of RICS - Pathways and Routes
 
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur EscortsHigh Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
 
What are the advantages and disadvantages of membrane structures.pptx
What are the advantages and disadvantages of membrane structures.pptxWhat are the advantages and disadvantages of membrane structures.pptx
What are the advantages and disadvantages of membrane structures.pptx
 
Porous Ceramics seminar and technical writing
Porous Ceramics seminar and technical writingPorous Ceramics seminar and technical writing
Porous Ceramics seminar and technical writing
 
Microscopic Analysis of Ceramic Materials.pptx
Microscopic Analysis of Ceramic Materials.pptxMicroscopic Analysis of Ceramic Materials.pptx
Microscopic Analysis of Ceramic Materials.pptx
 
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur EscortsHigh Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur Escorts
 
VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130
VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130
VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130
 
Analog to Digital and Digital to Analog Converter
Analog to Digital and Digital to Analog ConverterAnalog to Digital and Digital to Analog Converter
Analog to Digital and Digital to Analog Converter
 
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINE
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINEMANUFACTURING PROCESS-II UNIT-2 LATHE MACHINE
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINE
 
(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...
(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...
(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...
 

Cloud Computing Security Challenges and Risks

  • 1. Module: 5 CLOUD COMPUTING SECURITY IN THE CLOUD: Security Overview, Cloud Security Challenges and Risks. Software- as-a-Service Security, Security Monitoring, Security Architecture Design, Data Security, Application Security, Virtual Machine Security, Identity Management and Access Control, Autonomic Security. Cloud Security Challenges and Risks Cloud computing, an emergent technology, has placed many challenges in different aspects of data and information handling. Some of these are shown in the following diagram: Security and Privacy Security and Privacy of information is the biggest challenge to cloud computing. Security and privacy issues can be overcome by employing encryption, security hardware and security applications. Portability This is another challenge to cloud computing that applications should easily be migrated from one cloud provider to another. There must not be vendor lock-in. However, it is not yet made possible because each of the cloud provider uses different standard languages for their platforms. Interoperability It means the application on one platform should be able to incorporate services from the other platforms. It is made possible via web services, but developing such web services is very complex.
  • 2. Computing Performance Data intensive applications on cloud requires high network bandwidth, which results in high cost. Low bandwidth does not meet the desired computing performance of cloud application. Reliability and Availability It is necessary for cloud systems to be reliable and robust because most of the businesses are now becoming dependent on services provided by third-party. Security in cloud computing is a major concern. Data in cloud should be stored in encrypted form. To restrict client from accessing the shared data directly, proxy and brokerage services should be employed. Security Planning Before deploying a particular resource to cloud, one should need to analyze several aspects of the resource such as: • Select resource that needs to move to the cloud and analyze its sensitivity to risk. • Consider cloud service models such as IaaS, PaaS, and SaaS. These models require customer to be responsible for security at different levels of service. • Consider the cloud type to be used such as public, private, community or hybrid. • Understand the cloud service provider's system about data storage and its transfer into and out of the cloud. The risk in cloud deployment mainly depends upon the service models and cloud types. Understanding Security of Cloud Security Boundaries A particular service model defines the boundary between the responsibilities of service provider and customer. Cloud Security Alliance (CSA) stack model defines the boundaries between each service model and shows how different functional units relate to each other. The following diagram shows the CSA stack model:
  • 3. Key Points to CSA Model • IaaS is the most basic level of service with PaaS and SaaS next two above levels of services. • Moving upwards, each of the service inherits capabilities and security concerns of the model beneath. • IaaS provides the infrastructure, PaaS provides platform development environment, and SaaS provides operating environment. • IaaS has the least level of integrated functionalities and integrated security while SaaS has the most. • This model describes the security boundaries at which cloud service provider's responsibilities end and the customer's responsibilities begin. • Any security mechanism below the security boundary must be built into the system and should be maintained by the customer. Although each service model has security mechanism, the security needs also depend upon where these services are located, in private, public, hybrid or community cloud. Understanding Data Security Since all the data is transferred using Internet, data security is of major concern in the cloud. Here are key mechanisms for protecting data. • Access Control
  • 4. • Auditing • Authentication • Authorization All of the service models should incorporate security mechanism operating in all above- mentioned areas. Isolated Access to Data Since data stored in cloud can be accessed from anywhere, we must have a mechanism to isolate data and protect it from client’s direct access. Brokered Cloud Storage Access is an approach for isolating storage in the cloud. In this approach, two services are created: • A broker with full access to storage but no access to client. • A proxy with no access to storage but access to both client and broker. Working Of Brokered Cloud Storage Access System When the client issues request to access data: • The client data request goes to the external service interface of proxy. • The proxy forwards the request to the broker. • The broker requests the data from cloud storage system. • The cloud storage system returns the data to the broker. • The broker returns the data to proxy. • Finally the proxy sends the data to the client. All of the above steps are shown in the following diagram:
  • 5. Encryption Encryption helps to protect data from being compromised. It protects data that is being transferred as well as data stored in the cloud. Although encryption helps to protect data from any unauthorized access, it does not prevent data loss. Software as a Service Security In Software as a Service (SaaS) model, the client needs to be dependent on the service provider for proper security measures of the system. The service provider must ensure that their multiple users don‘t get to see each other‘s private data. So, it becomes important to the user to ensure that right security measures are in place and also difficult to get an assurance that the application will be available when needed [15]. Cloud computing providers need to provide some solution to solve the common security challenges that traditional communication systems face. At the same time, they also have to deal with other issues inherently introduced by the cloud computing paradigm itself. A. Authentication and authorization: The authorization and authentication applications used in enterprise environments need to be changed, so that they can work with a safe cloud environment. Forensics tasks will become much more difficult since it will be very hard or maybe not possible for investigators may to access the system hardware physically. Data confidentiality: Confidentiality may refer to the prevention of unintentional or intentional unauthorized disclosure or distribution of secured private information. Confidentiality is closely related to the areas of encryption, intellectual property rights, traffic analysis, covert channels, and inference in cloud system. Whenever a business, an individual, a government agency, or any other entity wants to shares information over cloud, confidentiality or privacy is a questions nay need to be asked.
  • 6. Availability: The availability ensures the reliable and timely access to cloud data or cloud computing resources by the appropriate personnel. The availability is one of the big concerns of cloud service providers, since if the cloud service is disrupted or compromised in any way; it affects large no. of customers than in the traditional model. Information Security: In the SaaS model, the data of enterprise is stored outside of the enterprise boundary, which is at the SaaS vendor premises. Consequently, these SaaS vendor needs to adopt additional security features to ensure data security and prevent breaches due to security vulnerabilities in the application or by malicious employees. This will need the use of very strong encryption techniques for data security and highly competent authorization to control access private data. Data Access: Data access issue is mainly related to security policies provided to the users while accessing the data. Organizations have their own security policies based on which each employee can have access to a particular set of data. These security policies must be adhered by the cloud to avoid intrusion of data by unauthorized users. The SaaS model must be flexible enough to incorporate the specific policies put forward by the organization. Network Security: In a SaaS deployment model, highly sensitive information is obtained from the various enterprises, then processed by the SaaS application and stored at the SaaS vendor‘s premises. All data flow over the network has to be secured in order to prevent leakage of sensitive information. Data breaches: Since data from various users and business organizations lie together in a cloud environment, breaching into this environment will potentially make the data of all the users vulnerable. Thus, the cloud becomes a high potential target. Identity management and sign-on process: Identity management (IdM) or ID management is an area that deals with identifying individuals in a system and controlling the access to the resources in that system by placing restrictions on the established identities. Aria of IdM is considered as one of the biggest challenges in information security. When a SaaS provider want to know how to control who has access to what systems within the enterprise it becomes a lot more challenging task. There are several research works happening in the area of cloud security. Several organization and groups are now interested in developing security solutions and standards for the cloud. The Cloud Security Alliance (CSA) is gathering solution providers, non- profits and individuals to enter into discussion about the current and future best practices for information assurance in the cloud. The Open Web Application Security Project (OWASP) maintains list of top vulnerabilities to cloud-based or SaaS models which is updated as the threat landscape changes. The Cloud Standards website collects and coordinates information about cloudrelated standards under development by the groups. The Open Grid Forum publishes documents to containing security and infrastructural specifications and information for grid computing developers and researchers. We will discuss a security checklist for SaaS which can be used. To assess the security threats or capabilities of third-party SaaS providers, all customers need to ask some right questions: What metrics can be used for reporting?
  • 7. Will the service providers be able to present reports which will satisfy the CIO, the board and auditors that enterprise data is secured and meets regulatory requirements? What is the level of the access controls? The most established mechanism for data breaches now a day is through malicious or unintentional misuse of user access credentials. Visibility of the activity of individual users, which also includes administrative changes, is essential for data protection. Is provided data such that it can be easily adapted into internal monitoring tools, to preventing data silos? To make reporting simple and foolproof, you'll need to monitor enterprise‘s internal applications alongside SaaS applications, from a centralized dashboard. How important and critical the enterprise data is? Each SaaS application, must know the business criticality of the data involved. Is the SaaS application managing confidential customer data properly or not? You can then perform an inventory of the applicable compliance issues. Security Monitoring Cloud security monitoring is the practice of continuously supervising both virtual and physical servers to analyze data for threats and vulnerabilities. Cloud security monitoring solutions often rely on automation to measure and assess behaviors related to data, applications and infrastructure. Cloud security monitoring solutions can be built natively into the cloud server hosting infrastructure (like AWS’s CloudWatch, for example) or they can be third-party solutions that are added to an existing environment (like Blumira). Organizations can also perform cloud monitoring on premises using existing security management tools. Like a SIEM, cloud security monitoring works by collecting log data across servers. Advanced cloud monitoring solutions analyze and correlate gathered data for anomalous activity, then send alerts and enable incident response. A cloud security monitoring service will typically offer: Visibility. Moving to the cloud inherently lowers an organization’s visibility across their infrastructure, so cloud monitoring security tools should bring a single pane of glass to monitor application, user and file behavior to identify potential attacks.
  • 8. Scalability. Cloud security monitoring tools should be able to monitor large amounts of data across a variety of distributed locations. Auditing. It’s a challenge for organizations to manage and meet compliance requirements, so cloud security monitoring tools should provide robust auditing and monitoring capabilities. Continuous monitoring. Advanced cloud security monitoring solutions should continuously monitor behavior in real time to quickly identify malicious activity and prevent an attack. Integration. To maximize visibility, a cloud monitoring solution should ideally integrate with an organization’s existing services, such as productivity suites (i.e. Microsoft 365 and G Suite), endpoint security solutions (i.e. Crowdstrike and VMware Carbon Black) and identity and authentication services (i.e. Duo and Okta). Benefits of Cloud Security Monitoring Cloud security monitoring provides the following benefits: Maintain compliance. Monitoring is a requirement for nearly every major regulation, from HIPAA to PCI DSS. Cloud-based organizations must use monitoring tools to avoid compliance violations and costly fees. Identify vulnerabilities. Automated monitoring solutions can quickly alert IT and security teams about anomalies and help identify patterns that point to risky or malicious behavior. Overall, this brings a deeper level of observability and visibility to cloud environments. Prevent loss of business. An overlooked security incident can be detrimental and even result in shutting down business operations, leading to a decrease in customer trust and satisfaction — especially if customer data was leaked. Cloud security monitoring can help with business continuity and data security, while avoiding a potentially catastrophic data breach. Increase security maturity. An organization with a mature infosec model has a proactive, multi-layered approach to security. A cloud monitoring solution enables organizations to include cloud as one of those layers and provides visibility into the overall environment.
  • 9. Cloud Security Monitoring Challenges Lack of cloud security strategy. Many organizations hastily migrate to the cloud to support remote work without developing a clear cloud security strategy. Key stakeholders should know answers to questions such as: • How can we gain visibility into cloud policy changes or configurations? • How do we keep track of our assets in the cloud and who has access? • How will we approach backups? Will we have offsite copies? • Will our cloud provider have access to company data? If so, what can they do with it? Without a clear strategy, an organization will not be able to fully reap the benefits of a cloud security monitoring solution. Alert fatigue. Many cloud monitoring products are noisy, which can result in IT and security teams lacking insight into what’s important to focus on. A FireEye study revealed that some organizations receive up to 10,000 alerts per month from security products. Cloud monitoring solutions with prioritized alerts can reduce the noise and chances of receiving false positives, which provides higher security value. Lack of context. Logs and alerts are only valuable if an organization understands how to interpret them. Security teams should understand what they want to monitor and why; once they receive alerts, they should know which actions to take. A best-in-class threat detection and response platform will provide remediation steps and playbooks in addition to prioritized alerts. SECURITY ARCHITECTURE DESIGN A cloud security architecture (also sometimes called a “cloud computing security architecture”) is defined by the security layers, design, and structure of the platform, tools, software, infrastructure, and best practices that exist within a cloud security solution. A cloud security architecture provides the written and visual model to define how to configure and secure activities and operations within the cloud, including such things as identity and access management; methods and controls to protect applications and data; approaches to gain and maintain visibility into compliance, threat posture, and overall security; processes for instilling
  • 10. security principles into cloud services development and operations; policies and governance to meet compliance standards; and physical infrastructure security components. Cloud security, in general, refers to the protection of information, applications, data, platforms, and infrastructure that operate or exist within the cloud. Cloud security is applicable to all types of cloud computing infrastructures, including public clouds, private clouds, and hybrid clouds. Cloud security is a type of cybersecurity. When developing a cloud security architecture several critical elements should be included: • Security at Each Layer • Centralized Management of Components • Redundant & Resilient Design • Elasticity & Scalability • Appropriate Storage for Deployments • Alerts & Notifications • Centralization, Standardization, & Automation Infrastructure-as-a-Service (IaaS) – IaaS is a cloud computing model that provides virtualized computing resources including networking, storage, and machines accessible through the internet. In IaaS, the Cloud Service Provider (CSP) is responsible for the controls that protect their underlying servers and data including security of servers, storage and networking hardware, virtualization, and the hypervisor. The enterprise’s security responsibilities include user access, data, applications, operating systems, and network traffic. According to Gartner, by 2021, 50% of enterprises will unknowingly and mistakenly have exposed some IaaS storage services, network segments, applications, or APIs directly to the public internet, up from 25% at YE18. IaaS cloud security models also require these security features: • Audit and monitor resources for misconfiguration • Automate policy corrections • Prevent data loss with DLP • Capture custom app activity and enforce controls
  • 11. • Detect malicious user activity and behavior • Detect and remove malware • Discover rouge IaaS services and accounts • Identify provisioned user risk • Enrich native cloud platform forensics • Manage multiple IaaS providers According to Gartner, through 2023, at least 99% of cloud security failures will be the customer’s fault. Through 2024, workloads that leverage the programmability of cloud infrastructure to improve security protection will demonstrate improved compliance and at least 60% fewer security incidents than those in traditional data centers. As with on-premises data centers, the majority of successful cloud attacks are caused by mistakes, such as misconfiguration, missing patches, or mismanaged credentials. To achieve more secure cloud- based infrastructure and platform services, Gartner recommends a systematic and risk-based approach for IaaS/PaaS security using a set of layered capabilities. Platform-as-a-Service (PaaS) – The CSP secures a majority of a PaaS cloud service model, however, the enterprise is responsible for the security of its applications. PaaS builds upon IaaS deploying applications without taking on the cost and resources required to buy and manage hardware, software, and hosting capabilities. These features can include: • Cloud Access Security Brokers (CASB) • Cloud workload protection platforms (CWPP) • Cloud security posture management (CSPM) • Business analytics/intelligence • Logs • IP restrictions • API gateways • Internet of Things (IoT) Software-as-a-Service (SaaS) – Terms of security ownership within SaaS are negotiated with the CSP as part of their service contract. SaaS often hosts an enterprise’s physical, infrastructure, hypervisor, network traffic, and operating system. SaaS apps and infrastructure controls can include: • Enforce data loss prevention (DLP) • Prevent unauthorized sharing of sensitive data to wrong people • Block sync/download of corporate data to personal devices • Detect compromised account, insider threats, and malware • Gain visibility into unsanctioned applications • Audit for misconfiguration DATA SECURITY Cloud data protection is the practice of securing a company’s data in a cloud environment, wherever that data is located, whether it’s at rest or in motion, and whether it’s managed internally by the company or externally by a third party.
  • 12. This practice has become increasingly important as more companies have switched from building and managing their own data centers to storing their applications and data in the cloud instead. A 2018 survey by IDG, a leading technology media company, stated that 73% of companies had applications or infrastructure in the cloud, with another 17% expected to make the move in the coming year Companies are collecting massive amounts of data, ranging from highly confidential business, financial and customer data to fairly unimportant information. They’re also moving more and more of their data to the cloud and storing it in more places than ever – public, private and hybrid clouds, cloud storage environments, software-as-a-service applications, and so on. As they do this, companies are discovering just how complicated protecting and securing all their data across multiple environments can be. For example: • They no longer know where all their applications and data are. • With most of their applications and data housed on third-party infrastructure, companies no longer have visibility into who is accessing and using their applications and data, which devices are being used for access, or how their data is potentially being used or shared. • They have no insight into how cloud providers are storing and securing their data. • Even though most cloud providers have state-of-the-art security, this security is limited. After all, companies and cloud providers share responsibilities for cloud security. • Different cloud providers have varying capabilities, which can result in inconsistent cloud data protection and security. On top of this, companies face a host of security challenges, including the potential for: • Security breaches • Loss or theft of sensitive data • Application vulnerabilities and malware propagation The Benefits of Cloud Data Protection
  • 13. Among the benefits of cloud data protection, it enables companies to: • Secure applications and data across multiple environments while maintaining complete visibility into all user, folder and file activity. • Proactively identify and mitigate risks, such as security threats, suspicious user behavior, malware and others. • Better govern access. • Define policies. • Prevent and detect data loss and disruption. APPLICATION SECURITY Application security describes security measures at the application level that aim to prevent data or code within the app from being stolen or hijacked. It encompasses the security considerations that happen during application development and design, but it also involves systems and approaches to protect apps after they get deployed. Application security may include hardware, software, and procedures that identify or minimize security vulnerabilities. A router that prevents anyone from viewing a computer’s IP address from the Internet is a form of hardware application security. But security measures at the application level are also typically built into the software, such as an application firewall that strictly defines what activities are allowed and prohibited. Procedures can entail things like an application security routine that includes protocols such as regular testing. Why application security is important Application security is important because today’s applications are often available over various networks and connected to the cloud, increasing vulnerabilities to security threats and breaches. There is increasing pressure and incentive to not only ensure security at the network level but also within applications themselves. One reason for this is because hackers are going after apps with their attacks more today than in the past. Application security testing can reveal weaknesses at the application level, helping to prevent these attacks. Application security is the process of developing, adding, and testing security features within applications to prevent security vulnerabilities against threats such as unauthorized access and modification. Types of application security Different types of application security features include authentication, authorization, encryption, logging, and application security testing. Developers can also code applications to reduce security vulnerabilities.
  • 14. Authentication: When software developers build procedures into an application to ensure that only authorized users gain access to it. Authentication procedures ensure that a user is who they say they are. This can be accomplished by requiring the user to provide a user name and password when logging in to an application. Multi-factor authentication requires more than one form of authentication—the factors might include something you know (a password), something you have (a mobile device), and something you are (a thumb print or facial recognition). Authorization: After a user has been authenticated, the user may be authorized to access and use the application. The system can validate that a user has permission to access the application by comparing the user’s identity with a list of authorized users. Authentication must happen before authorization so that the application matches only validated user credentials to the authorized user list. Encryption: After a user has been authenticated and is using the application, other security measures can protect sensitive data from being seen or even used by a cybercriminal. In cloud- based applications, where traffic containing sensitive data travels between the end user and the cloud, that traffic can be encrypted to keep the data safe. Logging: If there is a security breach in an application, logging can help identify who got access to the data and how. Application log files provide a time-stamped record of which aspects of the application were accessed and by whom. Application security testing: A necessary process to ensure that all of these security controls work properly. VIRTUAL MACHINE SECURITY IDENTITY MANAGEMENT AND ACCESS CONTROL AUTONOMIC SECURITY