CLOUD COMPUTING AND
SECURITY
Under the Guidence : Mrs.N.Ruba
Name of the Student : N.Monisha, S.Mahalakshmi,
S.Kiruba
Register Number : CB17S 250394
Subject code : 16SMBECA 2:1
Class : III BCA-”A”
Batch : 2017-2020
Year : 2019 - 2020
UNIT-IV
CLOUD COMPUTING AND
SECURITY
CONTENT
• Risks in cloud computing
• Data security in cloud
• Cloud security services
• Tools and technologies for cloud
• Cloud mashaps
• Apache hadoop
• Cloud tools
Risk Management
• Risk management is a significant part of
business planning.
• It can also encompass legal risks like
deception, robbery and sexual harassment
lawsuits.
• Cloud computing is somewhat new in its
present pattern, granted that, it is best
directed to reduce intermediate risk
enterprise areas.
BUSINESS RISK IN CLOUD
COMPUTING
Various Threat in cloud
computing
• Misuse and illicit use of cloud computing
• Insecure interfaces and APIs
• Vicious insiders
• Issues-related technology sharing
• Data loss or leakage
• Hijacking
• Unknown risk profile
Type of Risks in cloud computing
• Internal Security Risk
• External Security Risk
• Data Protection Risk
• Data loss.
Security Advantages in Cloud
Environment
• Data centralization
• Incident response
• Forensic image verification time
• Logging
Security Disadvantages in Cloud
Environment
• Investigation
• Data segregation
• Long-term viability
• Compromised server
• Regulatory compliance
• Recovery
Content Level Security(CLS)
• CLS evolved to meet the market place
demands and propelled by the wishes of
customer institutions.
• Content level security endows
organizations to organize data and
content at the organizational level, rather
than at the institutional level.
Data Confidentiality
• Confidentiality refers to limiting data access
only to authorized users, and stopping access to
unauthorized ones.
Access control
Passwords
Biometrics
Encryption
Privacy
Ethics
Data Integrity
• Data integrity is characterized as
safeguarding the correctness and
completeness of data and processing
procedures from intentional, unauthorized
or unintentional changes.
Data Availability
• Availability of data resources. A data
system that is not accessible when
required is not good.
• Availability is double-checking that the
authorized users have access to data and
affiliated assets when required.
Data Backup Plan
• Data backups are an absolutely crucial part of
data security and an organization should be
adept to refurbish data corruption or hardware
failure.
Disaster Recovery Plan(DRP)
• A DRP is a design that is utilized to retrieve
rapidly after a catastrophe with a smallest of
influence to the organization.
Eras of computing
The most famous two eras of computing are the
 Sequential
 Parallel eras
1. The illusion of infinite computing assets
accessible on demand.
2. The elimination of an up-front firm promise by
cloud users.
3. The proficiency to pay for use of computing
assets on a short-term basis as required and
release them as needed.
Cloud Computing Platform
• Abicloud cloud computing platform
• Eucalyptus cloud platform
• Nimbus cloud computing platform
• Open nebula cloud computing platform
Tools for building cloud
 Shared infrastructure
 Self-service automated portal
 Scalable
 Rich application container
 Programmatic control
 100% virtual hardware abstraction
 Strong multi-tenancy
 Chargeback
Mashups
• A mashup is a computing term describing
an application that uses, combines and
aggregates data from one or more
services to create a new one.
• Cloud mashups can be understood based
on their differing scopes and rely on their
real purpose
Hadoop
• Hadoop is an open source program that
endows distributed processing of large
data over inexpensive servers.
• Hadoop is creating worth for enterprise,
organization and individuals.
VMware
• Vmware’s desktop software sprints on
Microsoft Windows, Linux and Mac OS-
X.
• Vmware software presents an absolutely
virtualized set of hardware to the visitor
functioning system.
Eucaluptus
• Cloud controller(CLC)
• Cluster controller(CC)
• Node controller(NC)
• Storage controller(SC)
• Walrus storage controller(WSC)
Cloudsim
• The objective of the cloudsim project is
to supply a generalized and extensible
replication structure that endows
seamless modelling, replication and
experimentation of cloud computing
infrastructure and application services.
Opennebula
• Open nebula is actually the premier and
most sophisticated structure for cloud
computing.
• Open nebula is a completely open-source
toolkit to construct Iaas private, public
and hybrid clouds.
Nimbus
• Nimbus is an open-source toolkit
concentrated on supplying infrastructure
as a service (Iaas).
• It provides capabilities to the scientific
community.

Unit 4 -Cloud Computing and security

  • 1.
    CLOUD COMPUTING AND SECURITY Underthe Guidence : Mrs.N.Ruba Name of the Student : N.Monisha, S.Mahalakshmi, S.Kiruba Register Number : CB17S 250394 Subject code : 16SMBECA 2:1 Class : III BCA-”A” Batch : 2017-2020 Year : 2019 - 2020
  • 2.
  • 3.
    CONTENT • Risks incloud computing • Data security in cloud • Cloud security services • Tools and technologies for cloud • Cloud mashaps • Apache hadoop • Cloud tools
  • 4.
    Risk Management • Riskmanagement is a significant part of business planning. • It can also encompass legal risks like deception, robbery and sexual harassment lawsuits. • Cloud computing is somewhat new in its present pattern, granted that, it is best directed to reduce intermediate risk enterprise areas.
  • 5.
    BUSINESS RISK INCLOUD COMPUTING
  • 6.
    Various Threat incloud computing • Misuse and illicit use of cloud computing • Insecure interfaces and APIs • Vicious insiders • Issues-related technology sharing • Data loss or leakage • Hijacking • Unknown risk profile
  • 7.
    Type of Risksin cloud computing • Internal Security Risk • External Security Risk • Data Protection Risk • Data loss.
  • 8.
    Security Advantages inCloud Environment • Data centralization • Incident response • Forensic image verification time • Logging
  • 10.
    Security Disadvantages inCloud Environment • Investigation • Data segregation • Long-term viability • Compromised server • Regulatory compliance • Recovery
  • 11.
    Content Level Security(CLS) •CLS evolved to meet the market place demands and propelled by the wishes of customer institutions. • Content level security endows organizations to organize data and content at the organizational level, rather than at the institutional level.
  • 12.
    Data Confidentiality • Confidentialityrefers to limiting data access only to authorized users, and stopping access to unauthorized ones. Access control Passwords Biometrics Encryption Privacy Ethics
  • 13.
    Data Integrity • Dataintegrity is characterized as safeguarding the correctness and completeness of data and processing procedures from intentional, unauthorized or unintentional changes.
  • 14.
    Data Availability • Availabilityof data resources. A data system that is not accessible when required is not good. • Availability is double-checking that the authorized users have access to data and affiliated assets when required.
  • 15.
    Data Backup Plan •Data backups are an absolutely crucial part of data security and an organization should be adept to refurbish data corruption or hardware failure. Disaster Recovery Plan(DRP) • A DRP is a design that is utilized to retrieve rapidly after a catastrophe with a smallest of influence to the organization.
  • 16.
    Eras of computing Themost famous two eras of computing are the  Sequential  Parallel eras 1. The illusion of infinite computing assets accessible on demand. 2. The elimination of an up-front firm promise by cloud users. 3. The proficiency to pay for use of computing assets on a short-term basis as required and release them as needed.
  • 17.
    Cloud Computing Platform •Abicloud cloud computing platform • Eucalyptus cloud platform • Nimbus cloud computing platform • Open nebula cloud computing platform
  • 18.
    Tools for buildingcloud  Shared infrastructure  Self-service automated portal  Scalable  Rich application container  Programmatic control  100% virtual hardware abstraction  Strong multi-tenancy  Chargeback
  • 19.
    Mashups • A mashupis a computing term describing an application that uses, combines and aggregates data from one or more services to create a new one. • Cloud mashups can be understood based on their differing scopes and rely on their real purpose
  • 20.
    Hadoop • Hadoop isan open source program that endows distributed processing of large data over inexpensive servers. • Hadoop is creating worth for enterprise, organization and individuals.
  • 21.
    VMware • Vmware’s desktopsoftware sprints on Microsoft Windows, Linux and Mac OS- X. • Vmware software presents an absolutely virtualized set of hardware to the visitor functioning system.
  • 22.
    Eucaluptus • Cloud controller(CLC) •Cluster controller(CC) • Node controller(NC) • Storage controller(SC) • Walrus storage controller(WSC)
  • 23.
    Cloudsim • The objectiveof the cloudsim project is to supply a generalized and extensible replication structure that endows seamless modelling, replication and experimentation of cloud computing infrastructure and application services.
  • 24.
    Opennebula • Open nebulais actually the premier and most sophisticated structure for cloud computing. • Open nebula is a completely open-source toolkit to construct Iaas private, public and hybrid clouds.
  • 25.
    Nimbus • Nimbus isan open-source toolkit concentrated on supplying infrastructure as a service (Iaas). • It provides capabilities to the scientific community.