Upload
vy-quoc-tran
View
142
Download
0
Embed Size (px)
Citation preview
Security issues
In 2013, Kris Jamsa suggested two types of threats in Public Cloud:
Common threats
Specific threats
Security issues
Common threats
Human errorSocial engineeringEspionageTrespassSabotageIdentity theftSoftware attack…
Security issues
8 Specific threats
Information securityMultitenant riskAuditMulti-countries data storage location Jurisdiction policyService-level agreementData lock-in and TransferData ownership
Solution approach for business
Infrastructure as a Service IaaS
Platform as a Service PaaS
Software as a Service SaaS
Application user user user Provider
Operation System/
Middlewareuser user Provider Provider
Infrastructure user Provider Provider Provider
figure 1. Cloud Computing: Responsibility Boundary between User and Provider
Private Cloud/ Traditional data
centre
Public Cloud Computing Services
Solution approach for business
3 steps to develop a security plan for the using of public cloud:
1.Decide what cloud service will be use
2.Develop a Security Control System
3.Identify Security Risk and Risk Management
Reference
Dennis McCafferty (2010) “Cloudy Skies: Public versus Private option still up in the air”, Baseline.
Hofmann, P. & Woods, D. (2010), "Cloud Computing: The Limits of Public Clouds for Business Applications", IEEE Internet Computing, vol. 14, no. 6, pp. 90-93.
Jangwal, T. & Singh, S. (2012), "Cost breakdown of Public Cloud Computing and Private Cloud Computing and Security Issues", International Journal of Computer Science & Information Technology, vol. 4, pp. 17-31.
Jared Carstensen, JP Morgenthal & Bernard Golden (2012), “Cloud Computing: Assessing the risks”, IT Governance Publishing.
Kris Jamsa (2013), “Cloud Computing: SaaS, PaaS, IaaS, Virtualization, Business Models, Mobile, Security, and More”, Jones & Bartlett Learning.
Malcolm, D. & Giunta, S. (2010), Cloud: Public or Private?, Network World Inc, Southborough.
Michael Armbrust et al. (2009), “Above the Clouds: A Berkeley View of Cloud Computing”, Electrical Engineering and Computer Sciences, University of California, Berkeley.
R. Kelly Rainer & Casey G. Cegielski (2013), “Introduction to Information Systems: International Student Version”, 4th Ed, John Wiley & Sons Singapore Pte. Ltd.
Ren, K., Wang, C. & Wang, Q. (2012), "Security Challenges for the Public Cloud", IEEE Internet Computing, vol. 16, no. 1, pp. 69-73.
Simson L, Garfinkel (2011), “A Cloud over Ownership”, Technology Review. Zhang, H., Ye, L., Du, X. & Guizani, M. (2013), "Protecting private cloud located
within public cloud", IEEE, , pp. 677.