View
215
Download
0
Category
Tags:
Preview:
Citation preview
Cloud ComputingHow secure is it?
Author:Marziyeh Arabnejad
Revised/Edited:James Childress
April 2014
Tandy School of Computer Science
Outline
• Introduction
• Cloud diagram
• Types of Clouds
• Benefits of Clouds
• Security Issues of the Cloud
• Cloud data center Security
• Cloud security control
• Can cloud computing be secure?
Introduction
• Cloud Computing is an extreme form of outsourcing delivering hosted services via the internet. • The Cloud acts as a virtual server that users can
access via the internet on an as needed basis.• Cloud Computing includes any subscription-based
or pay-per-use service extending IT capabilities and allowing users to access stored information remotely.
Cloud diagram
Types of Clouds
• Public cloudSells services to anyone on the internet
o Currently Amazon Web Services is the largest public cloud provider
• Private cloud A proprietary network or a data center that supplies
hosted services to a limited number of people
Public Cloud VS Private Cloud
Benefits of Cloud Computing
• Reduced costs
Provider saves money due to economies of scale
Resources are contracted and the cost is predictable, simplifies budgeting
• Safer data
High level of physical protection
Cloud providers use redundancy
Anytime/Anywhere data access
Give the customers contract access requirements
• Increased storage capacity
Easy to upgrade when needed
• Worry-free maintenance
Always have the latest and most security technology
Security Issues of Cloud Computing
• Location Where the data is actually stored
• Data segregationHow vendors keep a certain degree of separation
between one customers data and another's
• RecoverabilityHow quickly and effectively can information be
recovered after a large disaster
• HackingThis is the most daunting issue for most users, what if
someone hacks into my information and shares it with the world?
Security in Cloud Data Centers
• The data center you choose should offer some protection measures:
Physical Security
Logical Security
Physical Security
• Redundant power supplies Backup power supplies needed
• Redundant Internet connections Several internet connections should run in the same time
• Redundant hardware Multiple hard drives should be prepared
• Fire and flood Data should be replicated in multiple locations
• Theft Servers should not be easily accessible
Logical Security
• Logical Security covers the software side of the data centero Firewalls
Act as an electronic barrier between the data center & internet
o Anti-virus detection software Detect and remove any viruses
o Data encryption software Encrypts data as travels between firm and data center
o Administrative controls Govern access to application and data
o Security audits Conduct regular third party intrusion detection audit
Cloud security controls
• Deterrent controlsHoneypot/net used to attract and monitor hackers.Tracking users
• Preventative controlsImplement Best practices:
Install OS and Application updates regularlyPhysical security, CCTV, logging, automated alerts, etc
Firewalls, encryption, multi-level authentication
Cloud security controls
• Corrective controlsDisabling compromised open ports IP and MAC filtering
• Detective controlsSnortTripwireLogging and alert systems
Can cloud computing be secure?
Summary: ways to reduce risk and protect dataLogging all network and system activity
Automated alerts when baseline parameters are outside the accepted range
Deploy IDS tools like Tripwire & Snort
Implement and maintain an effective network firewall
Implement a sophisticated access control model like RBAC (Role Based Access Controls)
Implement best practices for updates to the OS and all other applications
Can cloud computing be secure?
Summary: ways to reduce risk and protect dataDisable/decommission outdated, unused software and
hardware
Security awareness Training for employees: helpdesk staff, SAs, management, support staff, contractors, consultants, etc.
Require an AUP for all system users before granting access
Provide an SLA to all customers describing security expectations.
Backup & Restore capability
Question?
Recommended