This document discusses current security issues for cloud computing. It begins by defining cloud computing and describing its key characteristics and delivery models. It then outlines the main security problems which stem from loss of control, lack of trust, and multi-tenancy in cloud environments. Specifically, it examines issues relating to network security, data security, virtualization, interfaces, and governance in cloud computing. It concludes that while cloud computing provides scalable resources, it also introduces both traditional and new security threats for users.

1. Current Security
Issues for cloud computing

2. Contents
• Introduction
• Cloud models
• Security Issues
• Conclusion
• References

3. WHAT IS CLOUD COMPUTING???
• Features
– Use of internet-based services to support business process
– Rent IT-services on a utility-like basis
• Attributes
– Rapid deployment
– Low startup costs/ capital investments
– Costs based on usage or subscription
– Multi-tenant sharing of services/ resources
• Essential characteristics
– On demand self-service(just-in-time availability of resources”)
– Ubiquitous network access
– Location independent resource pooling
– Rapid elasticity
– Measured service
Source: NIST

4. Cloud Models
• Delivery Models
– SaaS
– PaaS
– IaaS
• Deployment Models
• Public cloud:
• multiple customers share the computing resources provided by a single service
provider.
• Private cloud:
• computing resources are used and controlled by a private enterprise.
• Hybrid cloud:
• A third type can be hybrid cloud that is typical combination of public and private cloud.
• Community cloud:
• Several organizations jointly construct and share the same cloud .

6. Problems Associated with Cloud
Computing
• Most security problems stem from:
– Loss of control
– Lack of trust (mechanisms)
– Multi-tenancy
SECURITY ISSUES:
• Network security.
• Interfaces.
• Data Security.
• Virtualization.
• Governance

7. 1.Network security
Problems associated with network communications and configurations
regarding cloud computing infrastructures.
(a)Transfer security:
Distributed architectures,massive resource sharing and virtual machine(VM)
instances synchronization imply more data in transit in the cloud,VPN(virtual
private network)( mehanism.dropbox)
(b) Firewalling: (yotta networks)
Firewalls protect the provider’s internal cloud infrastructure against
insiders and outsiders.

8. 2.Data security
Is Data Secure???
Protection of data in terms of confidentiality.
(a) Cryptography:-Most employed practice to secure sensitive
data.
1.Keep cloud credentials safe.
2.Keep encrypted data.(encrytion keys).
(b) Redundancy: Essential to avoid data loss.
(c) Disposal:
Elementary data disposal techniques are the insufficient and commonly
referred a deletion .

9. 3.Virtualization
• Virtualization is an essential technological characteristic of clouds
which hides the technological complexity from the user and
enables enhanced flexibility (through Aggregation, Routing and
Translation).
• (a) Isolation:-Although logically isolated, all VMs share the same
hardware and consequently the same resources.
• (b) Data leakage: Exploit hypervisor vulnerabilities and lack of
isolation controls in order to leak data from virtualized infrastructures

10. .
(c) VM identification: Lack of controls for identifying virtual machines
that are being used for executing a specific process or for storing
files.
(d) Cross-VM attacks:-Includes attempts to estimate provider traffic
rates in order to steal cryptographic keys and increase chances of
VM placement attacks.

11. 4.Interfaces
Concentrates all issues related to user administrative.
(a) API:- Programming interfaces for accessing virtualized resources.
(b) Administrative interface:
Enables remote control of resources in an IaaS development
for PaaS and application tools for SaaS.
(c) User interface:-End-user interface for exploring provided resources
and tools(the service itself).
(d) Authentication:-Mechanisms required to enable access to the
Cloud.

12. 5.Governance
• Issues related to (losing) administrative and security cloud
computing solutions.
• (a) Data control:-
• Moving data to the cloud means losing control over redundancy.
– Data, applications, resources are located with provider
– User identity management is handled by the cloud
– User access control rules, security policies and enforcement are
managed by the cloud provider
– Consumer relies on provider to ensure
Data security and privacy
(b) Security control:-
Loss of governance over security mechanisms and policies.

13. • (c) Lock-in:
• User potential dependency on a particular service provider due to
lack of well-established standards ,consequently becoming
particularly vulnerable to migrations and service termination.

14. Conclusion
• Cloud computing is sometimes viewed as a reincarnation
of the classic mainframe client-server model
– However, resources are ubiquitous, scalable, highly virtualized
– Contains all the traditional threats, as well as new ones
• The main goal is to securely store and manage data that
is not controlled by the owner of the data

15. References
1. NIST (Authors: P. Mell and T. Grance), "The NIST Definition of
Cloud Computing (ver. 15)," National Institute of Standards and
Technology, Information Technology Laboratory (October 7
2009).
2. J. McDermott, (2009) "Security Requirements for Virtualization in
Cloud Computing," presented at the ACSAC Cloud Security
Workshop, Honolulu, Hawaii, USA, 2009.
3. J. Camp. (2001), “Trust and Risk in Internet Commerce,”