SlideShare a Scribd company logo

Slides 530 a2

Download as PPTX, PDF
O
onlineservice530

The document discusses cloud computing, including its history, models (IaaS, PaaS, SaaS), deployment models (public, private, hybrid), advantages, and issues related to privacy, security, and laws/regulations. It provides recommendations for organizations adopting cloud computing like using encryption, private clouds, trusted providers, service agreements, and specifying country access in contracts.

1 of 20
SALEH ALGHAMDI-N26846627 VO HONG HANH –N7704283
 Introduction ◦ Scope ◦ Definition of key terms  History of cloud computing  Cloud service models  Cloud deployment models  Advantages of cloud computing  Issues ◦ Privacy and security  Confidentiality  Integrity  Availability ◦ Laws and regulations  Recommendations This image is taken from http://www.itp.net/584104-gartner-warns-of- cloud-service-contract-risks
 Cloud computing – a technology that provides web-based solutions and services to the public using networks, servers, data warehouses‟, software applications and internet services managed by a third party (Giard & Lessard, 2010).  Nowadays, cloud-based services are being adopted by organisations at a rapid rate.  Web 2.0 tools, social networking sites are all examples in which individuals are moving their activities to „the cloud‟  In 2010, Gartner predicted that cloud-based services generated more than $68 billion in worldwide revenue (Mielke, 2010). This image is taken from http://www.theindiagate.info/2011/04/regulations-for-the- cloud-ieee/
History of cloud computing  Back to the 1960s, computer scientist John McCarthy wrote that “computation may someday be organized as a public utility”  In 1997, the term was used for the first time in its current context by lecturer Ramnath Chellappa who defined it as a new “computing paradigm where the boundaries of computing will be determined by economic rationale rather than technical limits alone” (Biswas-a, 2011).  In 1999, Salesforce.com - one of the first movers in cloud computing, introduced the concept of delivering enterprise applications via a website.  Amazon launched Amazon Web Service in 2002, Google launched GoogleDocs in 2006  In 2007, an industry-wide collaboration between Google, IBM and a number of universities across the United States soon followed.  Microsoft‟s entry into cloud computing came in 2009 with the launch of Windows Azure  (Biswas, 2011)
Cloud service types There are 3 major models for cloud computing which are:  Infrastructure as a Service (IaaS)  Platform as a Service (PaaS)  Software as a Service (SaaS). This image is taken from: http://www.maintec.com/blog/cloud-computing-demystified/ /
IAAS IAAS – Infrastructure as a Service  IaaS involves physical computer hardware such as CPU processing, memory, data storage and network connectivity being provided by a vendor.  Example of an IaaS service vendor is Amazon Elastic Compute Cloud (EC2).  According to In-Stat, it is expected that IaaS spending will approach $4 billion from 2011 to 2014
PAAS PAAS –Platform as a Service  PaaS enables customers to use the vendor‟s cloud infrastructure to deploy web applications and other software developed by the customer using programming languages supported by the vendor .  Example of PaaS vendors: Google App Engine, Amazon Web Services Elastic Beanstalk and Microsoft Windows Auzre platform.  According to In-Stat, PaaS spending will increase 113 percent annually to approximately $460 million in 2014.
SAAS SAAS – Software as a service  The strongest cloud trend and services  The Application itself is provided by the service provider.  Examples: Google doc, Gmail, Hotmail, Flickr  From 2011 to 2014, SaaS spending is expected to grow 112 percent annually.
Cloud deployment models This image is taken from: https://wiki.cloudsecurityalliance.org/guidance/index.php/Cloud_Computing_Architectural_ Framework
Public cloud  The service are provided to the client from a third party service provider through the Internet.  Public clouds have a maximum potential in cost efficiencies  Security risks must be concerned  Examples: Amazon This image is taken from: http://www.definethecloud.net/tag/public-cloud/
Private cloud  A private cloud involves an organisation‟s exclusive use of cloud infrastructure and services located on premises or offsite which is then managed by the organisation or a selected vendor.  Reduced potential security concerns  Examples: HP Data Centers This image is taken from: http://www.hightechdad.com/2012/01/31/a-cloud-for-all-seasons- picking-the-right-cloud/
Hybrid cloud  Hybrid clouds attempt to obtain most of the security benefits of a private cloud, and most of the economic benefits of a public cloud. This image is taken from: http://www.cloudave.com/6/perform-the-hybrid-cloud-dance-easily- with-newscale-rpath-and-eucalyptus/
Cloud computing advantages • Cost savings • No maintenance issues • Simplicity This image is taken from http://www.dailyblogging.org/internet/cloud-computing-advantages/
Cloud computing issues Security/Privacy Laws and regulations This image is taken from http://www.gfi.com/blog/cloud-computing- security-implications-service-provider/ This image is taken from http://www.gfi.com/blog/cloud-computing- security-implications-service-provider/
Security/Privacy 1. Confidentiality privacy of information (Antonopoulos, et al., 2010). 2. Integrity the authorisation to modify assets in the cloud (Antonopoulos, et al., 2010). 3. Availability the availability of data when it is needed This image is taken from (Antonopoulos, et al., 2010). http://www.gfi.com/blog/cloud- computing-security-implications- service-provider/
1- Confidentiality The increased number of authorised parties to access the cloud computing makes the data more vulnerable to be compromised (Zissis, 2010). data requires high algorithm encryption before it is stored in the cloud. (Kalyani, Sonia, & Paikrao, 2012). This image is taken from http://www.corporatecomplianceinsights.com/company/cipher cloud/
2- Integrity Tampering QUT library data is most likely to cause daunting damage. This issue is greater in the public cloud than it is in private cloud. The private cloud is set up on private network, whereases; the public cloud is off-site (Kuyoro, et al., 2011). Therefore, private cloud is more secure for QUT library. This image is taken from http://patricksclouds.wordpress.com/2011/06/09/if-the- private-cloud-benefits-the-public-cloud-economic-model/
3- Availability cloud computing provider must be trusted party to deal with. Trusted third party is the one that is fully compliant in its financial, legal, and technical elements (Zissis, 2010). The protection of intellectual property within „the cloud‟ for QUT library should focus on creating a strong contract, ensuring that the business retains the rights to all data stored within the remote servers (LegalIQ, 2011). This image is taken from This image is taken from http://www.techrepublic.com/blog/cio- http://meship.com/Blog/2011/03/18/cloud- insights/cloud-computing-how-to-make- computing-contracts-and-services-whats- the-right-choices/39747431 really-happening/
Laws and regulations One feature of cloud computing is that data can be localised, shared and stored in several countries, depending on what the service provider decides. However, when QUT library opt for cloud computing services, they relinquish all control over its information (Giard & Lessard, 2010). Therefore, it is recommended that contract specify the countries that the information can be accessed and used from. This image is taken from http://www.gfi.com/blog/cloud-computing- security-implications-service-provider/
Recommendations for QUT library 1. Use complex algorithm encryption 2. Use the private cloud 3. Choose a trusted third party 4. Negotiate Service Level Agreement 5. In the contract, specify the countries in which the information can be accessed and used. This image is taken from http://www.tiptopcomputers.co.uk/recommendations.html

Recommended

Privacy and security in the cloud Challenges and solutions for our future inf...
Privacy and security in the cloud Challenges and solutions for our future inf...Privacy and security in the cloud Challenges and solutions for our future inf...
Privacy and security in the cloud Challenges and solutions for our future inf...
PRISMACLOUD Project
 
A STUDY OF THE ISSUES AND SECURITY OF CLOUD COMPUTING
A STUDY OF THE ISSUES AND SECURITY OF CLOUD COMPUTINGA STUDY OF THE ISSUES AND SECURITY OF CLOUD COMPUTING
A STUDY OF THE ISSUES AND SECURITY OF CLOUD COMPUTING
Er Piyush Gupta IN ⊞⌘
 
International Journal of Engineering Research and Development (IJERD)
International Journal of Engineering Research and Development (IJERD)International Journal of Engineering Research and Development (IJERD)
International Journal of Engineering Research and Development (IJERD)
IJERD Editor
 
A Survey on Cloud Computing Security – Challenges and Trust Issues
A Survey on Cloud Computing Security – Challenges and Trust IssuesA Survey on Cloud Computing Security – Challenges and Trust Issues
A Survey on Cloud Computing Security – Challenges and Trust Issues
IJCSIS Research Publications
 
Privacy in cloud computing
Privacy in cloud computingPrivacy in cloud computing
Privacy in cloud computing
Ahmed Nour
 
Security Concerns in Cloud Computing
Security Concerns in Cloud ComputingSecurity Concerns in Cloud Computing
Security Concerns in Cloud Computing
ijtsrd
 
Privacy Issues In Cloud Computing
Privacy Issues In Cloud ComputingPrivacy Issues In Cloud Computing
Privacy Issues In Cloud Computing
iosrjce
 
Data Protection Jurisdiction and International Transfers in Cloud Computing
Data Protection Jurisdiction and International Transfers in Cloud ComputingData Protection Jurisdiction and International Transfers in Cloud Computing
Data Protection Jurisdiction and International Transfers in Cloud Computing
Cloud Legal Project
 

Recommended

Privacy and security in the cloud Challenges and solutions for our future inf...
Privacy and security in the cloud Challenges and solutions for our future inf...Privacy and security in the cloud Challenges and solutions for our future inf...
Privacy and security in the cloud Challenges and solutions for our future inf...
PRISMACLOUD Project
 
A STUDY OF THE ISSUES AND SECURITY OF CLOUD COMPUTING
A STUDY OF THE ISSUES AND SECURITY OF CLOUD COMPUTINGA STUDY OF THE ISSUES AND SECURITY OF CLOUD COMPUTING
A STUDY OF THE ISSUES AND SECURITY OF CLOUD COMPUTING
Er Piyush Gupta IN ⊞⌘
 
International Journal of Engineering Research and Development (IJERD)
International Journal of Engineering Research and Development (IJERD)International Journal of Engineering Research and Development (IJERD)
International Journal of Engineering Research and Development (IJERD)
IJERD Editor
 
A Survey on Cloud Computing Security – Challenges and Trust Issues
A Survey on Cloud Computing Security – Challenges and Trust IssuesA Survey on Cloud Computing Security – Challenges and Trust Issues
A Survey on Cloud Computing Security – Challenges and Trust Issues
IJCSIS Research Publications
 
Privacy in cloud computing
Privacy in cloud computingPrivacy in cloud computing
Privacy in cloud computing
Ahmed Nour
 
Security Concerns in Cloud Computing
Security Concerns in Cloud ComputingSecurity Concerns in Cloud Computing
Security Concerns in Cloud Computing
ijtsrd
 
Privacy Issues In Cloud Computing
Privacy Issues In Cloud ComputingPrivacy Issues In Cloud Computing
Privacy Issues In Cloud Computing
iosrjce
 
Data Protection Jurisdiction and International Transfers in Cloud Computing
Data Protection Jurisdiction and International Transfers in Cloud ComputingData Protection Jurisdiction and International Transfers in Cloud Computing
Data Protection Jurisdiction and International Transfers in Cloud Computing
Cloud Legal Project
 
Briefing 47
Briefing 47Briefing 47
Briefing 47
Srinivas Reddy Manda
 
A220113
A220113A220113
A220113
irjes
 
Cloud computing
Cloud computingCloud computing
Cloud computing
Soumitra Halder
 
Security and Privacy in Cloud Computing - a High-level view
Security and Privacy in Cloud Computing - a High-level viewSecurity and Privacy in Cloud Computing - a High-level view
Security and Privacy in Cloud Computing - a High-level view
ragibhasan
 
Cloud versus cloud
Cloud versus cloudCloud versus cloud
Cloud versus cloud
Masoud Gholami
 
THE IMPACT OF EXISTING SOUTH AFRICAN ICT POLICIES AND REGULATORY LAWS ON CLOU...
THE IMPACT OF EXISTING SOUTH AFRICAN ICT POLICIES AND REGULATORY LAWS ON CLOU...THE IMPACT OF EXISTING SOUTH AFRICAN ICT POLICIES AND REGULATORY LAWS ON CLOU...
THE IMPACT OF EXISTING SOUTH AFRICAN ICT POLICIES AND REGULATORY LAWS ON CLOU...
csandit
 
Cloud computing..
Cloud computing..Cloud computing..
Cloud computing..
manoj kumar
 
Cloud computing: identifying and managing legal risks
Cloud computing: identifying and managing legal risksCloud computing: identifying and managing legal risks
Cloud computing: identifying and managing legal risks
Cloud Legal Project
 
Security of Data in Cloud Environment Using DPaaS
Security of Data in Cloud Environment Using DPaaSSecurity of Data in Cloud Environment Using DPaaS
Security of Data in Cloud Environment Using DPaaS
IJMER
 
Teja pp matter
Teja pp matterTeja pp matter
Teja pp matter
9505567198
 
Study on Secure Cryptographic Techniques in Cloud
Study on Secure Cryptographic Techniques in CloudStudy on Secure Cryptographic Techniques in Cloud
Study on Secure Cryptographic Techniques in Cloud
ijtsrd
 
Cloud Computing & ITSM - For Better of for Worse?
Cloud Computing & ITSM - For Better of for Worse?Cloud Computing & ITSM - For Better of for Worse?
Cloud Computing & ITSM - For Better of for Worse?
ITpreneurs
 
Cloud computing seminar report
Cloud computing seminar reportCloud computing seminar report
Cloud computing seminar report
shafzonly
 
Cloud Computing and Security Issues
Cloud Computing and Security IssuesCloud Computing and Security Issues
Cloud Computing and Security Issues
IJERA Editor
 
Final Year IEEE Project 2013-2014 - Cloud Computing Project Title and Abstract
Final Year IEEE Project 2013-2014 - Cloud Computing Project Title and AbstractFinal Year IEEE Project 2013-2014 - Cloud Computing Project Title and Abstract
Final Year IEEE Project 2013-2014 - Cloud Computing Project Title and Abstract
elysiumtechnologies
 
B042306013
B042306013B042306013
B042306013
ijceronline
 
Data Security Model Enhancement In Cloud Environment
Data Security Model Enhancement In Cloud EnvironmentData Security Model Enhancement In Cloud Environment
Data Security Model Enhancement In Cloud Environment
IOSR Journals
 
Cloud Computing on ISO/IEC JTC 1
Cloud Computing on ISO/IEC JTC 1Cloud Computing on ISO/IEC JTC 1
Cloud Computing on ISO/IEC JTC 1
Seungyun Lee
 
H046053944
H046053944H046053944
H046053944
IJERA Editor
 
IRJET- Nebula and Cloud Computing – Analyzing all Aspects of Both Entities
IRJET- Nebula and Cloud Computing – Analyzing all Aspects of Both EntitiesIRJET- Nebula and Cloud Computing – Analyzing all Aspects of Both Entities
IRJET- Nebula and Cloud Computing – Analyzing all Aspects of Both Entities
IRJET Journal
 
Cloud Computing & Security Concerns
Cloud Computing & Security ConcernsCloud Computing & Security Concerns
Cloud Computing & Security Concerns
University of San Francisco
 
The Nitty Gritty of Cloud Computing
The Nitty Gritty of Cloud ComputingThe Nitty Gritty of Cloud Computing
The Nitty Gritty of Cloud Computing
Mike Tase
 

More Related Content

What's hot

Briefing 47
Briefing 47Briefing 47
Briefing 47
Srinivas Reddy Manda
 
A220113
A220113A220113
A220113
irjes
 
Cloud computing
Cloud computingCloud computing
Cloud computing
Soumitra Halder
 
Security and Privacy in Cloud Computing - a High-level view
Security and Privacy in Cloud Computing - a High-level viewSecurity and Privacy in Cloud Computing - a High-level view
Security and Privacy in Cloud Computing - a High-level view
ragibhasan
 
Cloud versus cloud
Cloud versus cloudCloud versus cloud
Cloud versus cloud
Masoud Gholami
 
THE IMPACT OF EXISTING SOUTH AFRICAN ICT POLICIES AND REGULATORY LAWS ON CLOU...
THE IMPACT OF EXISTING SOUTH AFRICAN ICT POLICIES AND REGULATORY LAWS ON CLOU...THE IMPACT OF EXISTING SOUTH AFRICAN ICT POLICIES AND REGULATORY LAWS ON CLOU...
THE IMPACT OF EXISTING SOUTH AFRICAN ICT POLICIES AND REGULATORY LAWS ON CLOU...
csandit
 
Cloud computing..
Cloud computing..Cloud computing..
Cloud computing..
manoj kumar
 
Cloud computing: identifying and managing legal risks
Cloud computing: identifying and managing legal risksCloud computing: identifying and managing legal risks
Cloud computing: identifying and managing legal risks
Cloud Legal Project
 
Security of Data in Cloud Environment Using DPaaS
Security of Data in Cloud Environment Using DPaaSSecurity of Data in Cloud Environment Using DPaaS
Security of Data in Cloud Environment Using DPaaS
IJMER
 
Teja pp matter
Teja pp matterTeja pp matter
Teja pp matter
9505567198
 
Study on Secure Cryptographic Techniques in Cloud
Study on Secure Cryptographic Techniques in CloudStudy on Secure Cryptographic Techniques in Cloud
Study on Secure Cryptographic Techniques in Cloud
ijtsrd
 
Cloud Computing & ITSM - For Better of for Worse?
Cloud Computing & ITSM - For Better of for Worse?Cloud Computing & ITSM - For Better of for Worse?
Cloud Computing & ITSM - For Better of for Worse?
ITpreneurs
 
Cloud computing seminar report
Cloud computing seminar reportCloud computing seminar report
Cloud computing seminar report
shafzonly
 
Cloud Computing and Security Issues
Cloud Computing and Security IssuesCloud Computing and Security Issues
Cloud Computing and Security Issues
IJERA Editor
 
Final Year IEEE Project 2013-2014 - Cloud Computing Project Title and Abstract
Final Year IEEE Project 2013-2014 - Cloud Computing Project Title and AbstractFinal Year IEEE Project 2013-2014 - Cloud Computing Project Title and Abstract
Final Year IEEE Project 2013-2014 - Cloud Computing Project Title and Abstract
elysiumtechnologies
 
B042306013
B042306013B042306013
B042306013
ijceronline
 
Data Security Model Enhancement In Cloud Environment
Data Security Model Enhancement In Cloud EnvironmentData Security Model Enhancement In Cloud Environment
Data Security Model Enhancement In Cloud Environment
IOSR Journals
 
Cloud Computing on ISO/IEC JTC 1
Cloud Computing on ISO/IEC JTC 1Cloud Computing on ISO/IEC JTC 1
Cloud Computing on ISO/IEC JTC 1
Seungyun Lee
 
H046053944
H046053944H046053944
H046053944
IJERA Editor
 
IRJET- Nebula and Cloud Computing – Analyzing all Aspects of Both Entities
IRJET- Nebula and Cloud Computing – Analyzing all Aspects of Both EntitiesIRJET- Nebula and Cloud Computing – Analyzing all Aspects of Both Entities
IRJET- Nebula and Cloud Computing – Analyzing all Aspects of Both Entities
IRJET Journal
 

What's hot (20)

Briefing 47
Briefing 47Briefing 47
Briefing 47
 
A220113
A220113A220113
A220113
 
Cloud computing
Cloud computingCloud computing
Cloud computing
 
Security and Privacy in Cloud Computing - a High-level view
Security and Privacy in Cloud Computing - a High-level viewSecurity and Privacy in Cloud Computing - a High-level view
Security and Privacy in Cloud Computing - a High-level view
 
Cloud versus cloud
Cloud versus cloudCloud versus cloud
Cloud versus cloud
 
THE IMPACT OF EXISTING SOUTH AFRICAN ICT POLICIES AND REGULATORY LAWS ON CLOU...
THE IMPACT OF EXISTING SOUTH AFRICAN ICT POLICIES AND REGULATORY LAWS ON CLOU...THE IMPACT OF EXISTING SOUTH AFRICAN ICT POLICIES AND REGULATORY LAWS ON CLOU...
THE IMPACT OF EXISTING SOUTH AFRICAN ICT POLICIES AND REGULATORY LAWS ON CLOU...
 
Cloud computing..
Cloud computing..Cloud computing..
Cloud computing..
 
Cloud computing: identifying and managing legal risks
Cloud computing: identifying and managing legal risksCloud computing: identifying and managing legal risks
Cloud computing: identifying and managing legal risks
 
Security of Data in Cloud Environment Using DPaaS
Security of Data in Cloud Environment Using DPaaSSecurity of Data in Cloud Environment Using DPaaS
Security of Data in Cloud Environment Using DPaaS
 
Teja pp matter
Teja pp matterTeja pp matter
Teja pp matter
 
Study on Secure Cryptographic Techniques in Cloud
Study on Secure Cryptographic Techniques in CloudStudy on Secure Cryptographic Techniques in Cloud
Study on Secure Cryptographic Techniques in Cloud
 
Cloud Computing & ITSM - For Better of for Worse?
Cloud Computing & ITSM - For Better of for Worse?Cloud Computing & ITSM - For Better of for Worse?
Cloud Computing & ITSM - For Better of for Worse?
 
Cloud computing seminar report
Cloud computing seminar reportCloud computing seminar report
Cloud computing seminar report
 
Cloud Computing and Security Issues
Cloud Computing and Security IssuesCloud Computing and Security Issues
Cloud Computing and Security Issues
 
Final Year IEEE Project 2013-2014 - Cloud Computing Project Title and Abstract
Final Year IEEE Project 2013-2014 - Cloud Computing Project Title and AbstractFinal Year IEEE Project 2013-2014 - Cloud Computing Project Title and Abstract
Final Year IEEE Project 2013-2014 - Cloud Computing Project Title and Abstract
 
B042306013
B042306013B042306013
B042306013
 
Data Security Model Enhancement In Cloud Environment
Data Security Model Enhancement In Cloud EnvironmentData Security Model Enhancement In Cloud Environment
Data Security Model Enhancement In Cloud Environment
 
Cloud Computing on ISO/IEC JTC 1
Cloud Computing on ISO/IEC JTC 1Cloud Computing on ISO/IEC JTC 1
Cloud Computing on ISO/IEC JTC 1
 
H046053944
H046053944H046053944
H046053944
 
IRJET- Nebula and Cloud Computing – Analyzing all Aspects of Both Entities
IRJET- Nebula and Cloud Computing – Analyzing all Aspects of Both EntitiesIRJET- Nebula and Cloud Computing – Analyzing all Aspects of Both Entities
IRJET- Nebula and Cloud Computing – Analyzing all Aspects of Both Entities
 

Similar to Slides 530 a2

Cloud Computing & Security Concerns
Cloud Computing & Security ConcernsCloud Computing & Security Concerns
Cloud Computing & Security Concerns
University of San Francisco
 
The Nitty Gritty of Cloud Computing
The Nitty Gritty of Cloud ComputingThe Nitty Gritty of Cloud Computing
The Nitty Gritty of Cloud Computing
Mike Tase
 
Cloud Computing Security Issues and Challenges
Cloud Computing Security Issues and ChallengesCloud Computing Security Issues and Challenges
Cloud Computing Security Issues and Challenges
CSCJournals
 
The Management of Security in Cloud Computing Ramgovind.docx
The Management of Security in Cloud Computing Ramgovind.docxThe Management of Security in Cloud Computing Ramgovind.docx
The Management of Security in Cloud Computing Ramgovind.docx
cherry686017
 
Eb31854857
Eb31854857Eb31854857
Eb31854857
IJERA Editor
 
fog computing provide security to the data in cloud
fog computing provide security to the data in cloudfog computing provide security to the data in cloud
fog computing provide security to the data in cloud
priyanka reddy
 
Fog doc
Fog doc Fog doc
Fog doc
priyanka reddy
 
Dr.M.Florence Dayana-Cloud Computing-Unit - 1.pdf
Dr.M.Florence Dayana-Cloud Computing-Unit - 1.pdfDr.M.Florence Dayana-Cloud Computing-Unit - 1.pdf
Dr.M.Florence Dayana-Cloud Computing-Unit - 1.pdf
Dr.Florence Dayana
 
What is cloud computing technology
What is cloud computing technologyWhat is cloud computing technology
What is cloud computing technology
NIDHI SHARMA
 
akashgupta(2).pptx
akashgupta(2).pptxakashgupta(2).pptx
akashgupta(2).pptx
SiddhantPandey67
 
Solutions of cloud computing security issues
Solutions of cloud computing security issuesSolutions of cloud computing security issues
Solutions of cloud computing security issues
Jahangeer Qadiree
 
Ad4502189193
Ad4502189193Ad4502189193
Ad4502189193
IJERA Editor
 
CLOUD STEGANOGRAPHY- A REVIEW
CLOUD STEGANOGRAPHY- A REVIEWCLOUD STEGANOGRAPHY- A REVIEW
CLOUD STEGANOGRAPHY- A REVIEW
Journal For Research
 
Security Issues in Cloud Computing by rahul abhishek
Security Issues in Cloud Computing by rahul abhishekSecurity Issues in Cloud Computing by rahul abhishek
Security Issues in Cloud Computing by rahul abhishek
Er. rahul abhishek
 
10 security concerns cloud computing
10 security concerns cloud computing10 security concerns cloud computing
10 security concerns cloud computing
Hossam Zein
 
Research ArticleSecuring Cloud Hypervisors A Survey of the .docx
Research ArticleSecuring Cloud Hypervisors A Survey of the .docxResearch ArticleSecuring Cloud Hypervisors A Survey of the .docx
Research ArticleSecuring Cloud Hypervisors A Survey of the .docx
audeleypearl
 
Introduction to cloud security
Introduction to cloud securityIntroduction to cloud security
Introduction to cloud security
IAEME Publication
 
B017660813
B017660813B017660813
B017660813
IOSR Journals
 
Security and Privacy Solutions in Cloud Computing at Openstack to Sustain Use...
Security and Privacy Solutions in Cloud Computing at Openstack to Sustain Use...Security and Privacy Solutions in Cloud Computing at Openstack to Sustain Use...
Security and Privacy Solutions in Cloud Computing at Openstack to Sustain Use...
Zac Darcy
 
SECURITY AND PRIVACY SOLUTIONS IN CLOUD COMPUTING AT OPENSTACK TO SUSTAIN USE...
SECURITY AND PRIVACY SOLUTIONS IN CLOUD COMPUTING AT OPENSTACK TO SUSTAIN USE...SECURITY AND PRIVACY SOLUTIONS IN CLOUD COMPUTING AT OPENSTACK TO SUSTAIN USE...
SECURITY AND PRIVACY SOLUTIONS IN CLOUD COMPUTING AT OPENSTACK TO SUSTAIN USE...
Zac Darcy
 

Similar to Slides 530 a2 (20)

Cloud Computing & Security Concerns
Cloud Computing & Security ConcernsCloud Computing & Security Concerns
Cloud Computing & Security Concerns
 
The Nitty Gritty of Cloud Computing
The Nitty Gritty of Cloud ComputingThe Nitty Gritty of Cloud Computing
The Nitty Gritty of Cloud Computing
 
Cloud Computing Security Issues and Challenges
Cloud Computing Security Issues and ChallengesCloud Computing Security Issues and Challenges
Cloud Computing Security Issues and Challenges
 
The Management of Security in Cloud Computing Ramgovind.docx
The Management of Security in Cloud Computing Ramgovind.docxThe Management of Security in Cloud Computing Ramgovind.docx
The Management of Security in Cloud Computing Ramgovind.docx
 
Eb31854857
Eb31854857Eb31854857
Eb31854857
 
fog computing provide security to the data in cloud
fog computing provide security to the data in cloudfog computing provide security to the data in cloud
fog computing provide security to the data in cloud
 
Fog doc
Fog doc Fog doc
Fog doc
 
Dr.M.Florence Dayana-Cloud Computing-Unit - 1.pdf
Dr.M.Florence Dayana-Cloud Computing-Unit - 1.pdfDr.M.Florence Dayana-Cloud Computing-Unit - 1.pdf
Dr.M.Florence Dayana-Cloud Computing-Unit - 1.pdf
 
What is cloud computing technology
What is cloud computing technologyWhat is cloud computing technology
What is cloud computing technology
 
akashgupta(2).pptx
akashgupta(2).pptxakashgupta(2).pptx
akashgupta(2).pptx
 
Solutions of cloud computing security issues
Solutions of cloud computing security issuesSolutions of cloud computing security issues
Solutions of cloud computing security issues
 
Ad4502189193
Ad4502189193Ad4502189193
Ad4502189193
 
CLOUD STEGANOGRAPHY- A REVIEW
CLOUD STEGANOGRAPHY- A REVIEWCLOUD STEGANOGRAPHY- A REVIEW
CLOUD STEGANOGRAPHY- A REVIEW
 
Security Issues in Cloud Computing by rahul abhishek
Security Issues in Cloud Computing by rahul abhishekSecurity Issues in Cloud Computing by rahul abhishek
Security Issues in Cloud Computing by rahul abhishek
 
10 security concerns cloud computing
10 security concerns cloud computing10 security concerns cloud computing
10 security concerns cloud computing
 
Research ArticleSecuring Cloud Hypervisors A Survey of the .docx
Research ArticleSecuring Cloud Hypervisors A Survey of the .docxResearch ArticleSecuring Cloud Hypervisors A Survey of the .docx
Research ArticleSecuring Cloud Hypervisors A Survey of the .docx
 
Introduction to cloud security
Introduction to cloud securityIntroduction to cloud security
Introduction to cloud security
 
B017660813
B017660813B017660813
B017660813
 
Security and Privacy Solutions in Cloud Computing at Openstack to Sustain Use...
Security and Privacy Solutions in Cloud Computing at Openstack to Sustain Use...Security and Privacy Solutions in Cloud Computing at Openstack to Sustain Use...
Security and Privacy Solutions in Cloud Computing at Openstack to Sustain Use...
 
SECURITY AND PRIVACY SOLUTIONS IN CLOUD COMPUTING AT OPENSTACK TO SUSTAIN USE...
SECURITY AND PRIVACY SOLUTIONS IN CLOUD COMPUTING AT OPENSTACK TO SUSTAIN USE...SECURITY AND PRIVACY SOLUTIONS IN CLOUD COMPUTING AT OPENSTACK TO SUSTAIN USE...
SECURITY AND PRIVACY SOLUTIONS IN CLOUD COMPUTING AT OPENSTACK TO SUSTAIN USE...
 

Recently uploaded

Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
James Anderson
 
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
DanBrown980551
 
Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
Alan Dix
 
Introduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - CybersecurityIntroduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - Cybersecurity
mikeeftimakis1
 
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
Neo4j
 
20240609 QFM020 Irresponsible AI Reading List May 2024
20240609 QFM020 Irresponsible AI Reading List May 202420240609 QFM020 Irresponsible AI Reading List May 2024
20240609 QFM020 Irresponsible AI Reading List May 2024
Matthew Sinclair
 
By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024
Pierluigi Pugliese
 
Large Language Model (LLM) and it’s Geospatial Applications
Large Language Model (LLM) and it’s Geospatial ApplicationsLarge Language Model (LLM) and it’s Geospatial Applications
Large Language Model (LLM) and it’s Geospatial Applications
Rohit Gautam
 
Full-RAG: A modern architecture for hyper-personalization
Full-RAG: A modern architecture for hyper-personalizationFull-RAG: A modern architecture for hyper-personalization
Full-RAG: A modern architecture for hyper-personalization
Zilliz
 
Microsoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdfMicrosoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdf
Uni Systems S.M.S.A.
 
“I’m still / I’m still / Chaining from the Block”
“I’m still / I’m still / Chaining from the Block”“I’m still / I’m still / Chaining from the Block”
“I’m still / I’m still / Chaining from the Block”
Claudio Di Ciccio
 
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdfFIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance
 
PCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase TeamPCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase Team
ControlCase
 
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
SOFTTECHHUB
 
Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?
Nexer Digital
 
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
Neo4j
 
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex Proofs
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex ProofszkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex Proofs
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex Proofs
Alex Pruden
 
Mind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AIMind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AI
Kumud Singh
 
Pushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 daysPushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 days
Adtran
 
Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !
KatiaHIMEUR1
 

Recently uploaded (20)

Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
 
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
 
Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
 
Introduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - CybersecurityIntroduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - Cybersecurity
 
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
 
20240609 QFM020 Irresponsible AI Reading List May 2024
20240609 QFM020 Irresponsible AI Reading List May 202420240609 QFM020 Irresponsible AI Reading List May 2024
20240609 QFM020 Irresponsible AI Reading List May 2024
 
By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024
 
Large Language Model (LLM) and it’s Geospatial Applications
Large Language Model (LLM) and it’s Geospatial ApplicationsLarge Language Model (LLM) and it’s Geospatial Applications
Large Language Model (LLM) and it’s Geospatial Applications
 
Full-RAG: A modern architecture for hyper-personalization
Full-RAG: A modern architecture for hyper-personalizationFull-RAG: A modern architecture for hyper-personalization
Full-RAG: A modern architecture for hyper-personalization
 
Microsoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdfMicrosoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdf
 
“I’m still / I’m still / Chaining from the Block”
“I’m still / I’m still / Chaining from the Block”“I’m still / I’m still / Chaining from the Block”
“I’m still / I’m still / Chaining from the Block”
 
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdfFIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
 
PCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase TeamPCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase Team
 
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
 
Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?
 
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
 
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex Proofs
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex ProofszkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex Proofs
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex Proofs
 
Mind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AIMind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AI
 
Pushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 daysPushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 days
 
Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !
 

Slides 530 a2

  • 1. SALEH ALGHAMDI-N26846627 VO HONG HANH –N7704283
  • 2. Introduction ◦ Scope ◦ Definition of key terms  History of cloud computing  Cloud service models  Cloud deployment models  Advantages of cloud computing  Issues ◦ Privacy and security  Confidentiality  Integrity  Availability ◦ Laws and regulations  Recommendations This image is taken from http://www.itp.net/584104-gartner-warns-of- cloud-service-contract-risks
  • 3. Cloud computing – a technology that provides web-based solutions and services to the public using networks, servers, data warehouses‟, software applications and internet services managed by a third party (Giard & Lessard, 2010).  Nowadays, cloud-based services are being adopted by organisations at a rapid rate.  Web 2.0 tools, social networking sites are all examples in which individuals are moving their activities to „the cloud‟  In 2010, Gartner predicted that cloud-based services generated more than $68 billion in worldwide revenue (Mielke, 2010). This image is taken from http://www.theindiagate.info/2011/04/regulations-for-the- cloud-ieee/
  • 4. History of cloud computing  Back to the 1960s, computer scientist John McCarthy wrote that “computation may someday be organized as a public utility”  In 1997, the term was used for the first time in its current context by lecturer Ramnath Chellappa who defined it as a new “computing paradigm where the boundaries of computing will be determined by economic rationale rather than technical limits alone” (Biswas-a, 2011).  In 1999, Salesforce.com - one of the first movers in cloud computing, introduced the concept of delivering enterprise applications via a website.  Amazon launched Amazon Web Service in 2002, Google launched GoogleDocs in 2006  In 2007, an industry-wide collaboration between Google, IBM and a number of universities across the United States soon followed.  Microsoft‟s entry into cloud computing came in 2009 with the launch of Windows Azure  (Biswas, 2011)
  • 5. Cloud service types There are 3 major models for cloud computing which are:  Infrastructure as a Service (IaaS)  Platform as a Service (PaaS)  Software as a Service (SaaS). This image is taken from: http://www.maintec.com/blog/cloud-computing-demystified/ /
  • 6. IAAS IAAS – Infrastructure as a Service  IaaS involves physical computer hardware such as CPU processing, memory, data storage and network connectivity being provided by a vendor.  Example of an IaaS service vendor is Amazon Elastic Compute Cloud (EC2).  According to In-Stat, it is expected that IaaS spending will approach $4 billion from 2011 to 2014
  • 7. PAAS PAAS –Platform as a Service  PaaS enables customers to use the vendor‟s cloud infrastructure to deploy web applications and other software developed by the customer using programming languages supported by the vendor .  Example of PaaS vendors: Google App Engine, Amazon Web Services Elastic Beanstalk and Microsoft Windows Auzre platform.  According to In-Stat, PaaS spending will increase 113 percent annually to approximately $460 million in 2014.
  • 8. SAAS SAAS – Software as a service  The strongest cloud trend and services  The Application itself is provided by the service provider.  Examples: Google doc, Gmail, Hotmail, Flickr  From 2011 to 2014, SaaS spending is expected to grow 112 percent annually.
  • 9. Cloud deployment models This image is taken from: https://wiki.cloudsecurityalliance.org/guidance/index.php/Cloud_Computing_Architectural_ Framework
  • 10. Public cloud  The service are provided to the client from a third party service provider through the Internet.  Public clouds have a maximum potential in cost efficiencies  Security risks must be concerned  Examples: Amazon This image is taken from: http://www.definethecloud.net/tag/public-cloud/
  • 11. Private cloud  A private cloud involves an organisation‟s exclusive use of cloud infrastructure and services located on premises or offsite which is then managed by the organisation or a selected vendor.  Reduced potential security concerns  Examples: HP Data Centers This image is taken from: http://www.hightechdad.com/2012/01/31/a-cloud-for-all-seasons- picking-the-right-cloud/
  • 12. Hybrid cloud  Hybrid clouds attempt to obtain most of the security benefits of a private cloud, and most of the economic benefits of a public cloud. This image is taken from: http://www.cloudave.com/6/perform-the-hybrid-cloud-dance-easily- with-newscale-rpath-and-eucalyptus/
  • 13. Cloud computing advantages • Cost savings • No maintenance issues • Simplicity This image is taken from http://www.dailyblogging.org/internet/cloud-computing-advantages/
  • 14. Cloud computing issues Security/Privacy Laws and regulations This image is taken from http://www.gfi.com/blog/cloud-computing- security-implications-service-provider/ This image is taken from http://www.gfi.com/blog/cloud-computing- security-implications-service-provider/
  • 15. Security/Privacy 1. Confidentiality privacy of information (Antonopoulos, et al., 2010). 2. Integrity the authorisation to modify assets in the cloud (Antonopoulos, et al., 2010). 3. Availability the availability of data when it is needed This image is taken from (Antonopoulos, et al., 2010). http://www.gfi.com/blog/cloud- computing-security-implications- service-provider/
  • 16. 1- Confidentiality The increased number of authorised parties to access the cloud computing makes the data more vulnerable to be compromised (Zissis, 2010). data requires high algorithm encryption before it is stored in the cloud. (Kalyani, Sonia, & Paikrao, 2012). This image is taken from http://www.corporatecomplianceinsights.com/company/cipher cloud/
  • 17. 2- Integrity Tampering QUT library data is most likely to cause daunting damage. This issue is greater in the public cloud than it is in private cloud. The private cloud is set up on private network, whereases; the public cloud is off-site (Kuyoro, et al., 2011). Therefore, private cloud is more secure for QUT library. This image is taken from http://patricksclouds.wordpress.com/2011/06/09/if-the- private-cloud-benefits-the-public-cloud-economic-model/
  • 18. 3- Availability cloud computing provider must be trusted party to deal with. Trusted third party is the one that is fully compliant in its financial, legal, and technical elements (Zissis, 2010). The protection of intellectual property within „the cloud‟ for QUT library should focus on creating a strong contract, ensuring that the business retains the rights to all data stored within the remote servers (LegalIQ, 2011). This image is taken from This image is taken from http://www.techrepublic.com/blog/cio- http://meship.com/Blog/2011/03/18/cloud- insights/cloud-computing-how-to-make- computing-contracts-and-services-whats- the-right-choices/39747431 really-happening/
  • 19. Laws and regulations One feature of cloud computing is that data can be localised, shared and stored in several countries, depending on what the service provider decides. However, when QUT library opt for cloud computing services, they relinquish all control over its information (Giard & Lessard, 2010). Therefore, it is recommended that contract specify the countries that the information can be accessed and used from. This image is taken from http://www.gfi.com/blog/cloud-computing- security-implications-service-provider/
  • 20. Recommendations for QUT library 1. Use complex algorithm encryption 2. Use the private cloud 3. Choose a trusted third party 4. Negotiate Service Level Agreement 5. In the contract, specify the countries in which the information can be accessed and used. This image is taken from http://www.tiptopcomputers.co.uk/recommendations.html