cloud computing security
DESCRIPTION
network and security aspects related to cloud computing!!TRANSCRIPT
![Page 1: Cloud computing security](https://reader033.vdocuments.us/reader033/viewer/2022061112/54563dafaf79597b578b4850/html5/thumbnails/1.jpg)
![Page 2: Cloud computing security](https://reader033.vdocuments.us/reader033/viewer/2022061112/54563dafaf79597b578b4850/html5/thumbnails/2.jpg)
Cloud Computing Network/Security ThreatsAung Thu Rha Hein(g5536871)
![Page 3: Cloud computing security](https://reader033.vdocuments.us/reader033/viewer/2022061112/54563dafaf79597b578b4850/html5/thumbnails/3.jpg)
AgendaCloud Computing
• What is cloud computing?
• Cloud Computing Infrastructure Models
• Architecture layers of Cloud Computing
• Cloud Computing characteristics
Network/Security Aspects of Cloud Computing
• Network/Security issues based on architecture types
• Network issues on cloud computing
• Security issues on cloud computing
![Page 4: Cloud computing security](https://reader033.vdocuments.us/reader033/viewer/2022061112/54563dafaf79597b578b4850/html5/thumbnails/4.jpg)
What is Cloud Computing?
• services that provide common business applications online, which are accessed from a Web browser, while the software and data are stored on the servers; a style of computing in which dynamically scalable and often virtualized resources are provided as a service over the Internet
Source: Wolfram Alpha
• Cloud computing is the use of computing resources (hardware and software) that are delivered as a service over a network (typically the Internet).
Source: Wikipedia
![Page 5: Cloud computing security](https://reader033.vdocuments.us/reader033/viewer/2022061112/54563dafaf79597b578b4850/html5/thumbnails/5.jpg)
5th generation of Computing
• Monolithic1970s
• Client-Server1980s
• Web-based1990s
• SOA2000s
• Cloud Computing
2010
![Page 6: Cloud computing security](https://reader033.vdocuments.us/reader033/viewer/2022061112/54563dafaf79597b578b4850/html5/thumbnails/6.jpg)
Cloud Computing Infrastructure Models• Public Cloud
• AWS, Google App Engine
Win Azure
• Private Cloud
• Premised or external hosted
• For one client
• Control data, security & QoS
• Hybrid Cloud
• Cloud Bursting
• Provide on-demand, externaly provisioned scale
![Page 7: Cloud computing security](https://reader033.vdocuments.us/reader033/viewer/2022061112/54563dafaf79597b578b4850/html5/thumbnails/7.jpg)
Architectural Layers of Cloud Computing
• Saas (Software As A Service)
• Provides resources (apps or storage)
• Free or pay-per–usage model
• Gmail, Github, Dropbox
• PaaS (Platform As A Service)
• Provides development platform
• Heroku, OpenShift, Google App Engine, Win Azure
• IaaS (Infrastructure As A Service)
• Offer hardware related services
• Amazon EC2, Rackspace, Flexiscale
![Page 8: Cloud computing security](https://reader033.vdocuments.us/reader033/viewer/2022061112/54563dafaf79597b578b4850/html5/thumbnails/8.jpg)
Cloud Computing Characteristics
![Page 9: Cloud computing security](https://reader033.vdocuments.us/reader033/viewer/2022061112/54563dafaf79597b578b4850/html5/thumbnails/9.jpg)
Network/Security Aspects of Cloud Computing
![Page 10: Cloud computing security](https://reader033.vdocuments.us/reader033/viewer/2022061112/54563dafaf79597b578b4850/html5/thumbnails/10.jpg)
Software As A Service
Operating System
Hypervisor
Application
Datacenter (Power, Cooling, Physical Security)
ApplicationServer
Middleware Database
CPU NetworkingStorage
YOUR DATABackup
Your Problem
Their Problem
![Page 11: Cloud computing security](https://reader033.vdocuments.us/reader033/viewer/2022061112/54563dafaf79597b578b4850/html5/thumbnails/11.jpg)
Platform As A Service
Operating System
Hypervisor
Your Application
Datacenter (Power, Cooling, Physical Security)
ApplicationServer
Middleware Database
CPU Networking Storage Backup
Your Problem
Their Problem
![Page 12: Cloud computing security](https://reader033.vdocuments.us/reader033/viewer/2022061112/54563dafaf79597b578b4850/html5/thumbnails/12.jpg)
Infrastructure As A Service
Your Operating System
Hypervisor
Your Application
Datacenter (Power, Cooling, Physical Security)
YourApplication
Server
YourMiddleware
YourDatabase
CPU Networking Storage Backup
Your Problem
Their Problem
![Page 13: Cloud computing security](https://reader033.vdocuments.us/reader033/viewer/2022061112/54563dafaf79597b578b4850/html5/thumbnails/13.jpg)
Network Issues• DoS ( Denial of Service or Distributed
denial-of-attack)
• overflows a server with
frequent request of services
Methods
- Smurf attack
- SYN flood
- Teardrop attacks
![Page 14: Cloud computing security](https://reader033.vdocuments.us/reader033/viewer/2022061112/54563dafaf79597b578b4850/html5/thumbnails/14.jpg)
Network Issues(cont.)• Man in the Middle Attack
• An attacker splits connection and rejoin with the attackers own computer system
• SSL is not properly configured
![Page 15: Cloud computing security](https://reader033.vdocuments.us/reader033/viewer/2022061112/54563dafaf79597b578b4850/html5/thumbnails/15.jpg)
Network Issues(cont.)• Network Sniffing
• hack passwords that are not properly encrypted during communication
• a self contained software program or a hardware device
![Page 16: Cloud computing security](https://reader033.vdocuments.us/reader033/viewer/2022061112/54563dafaf79597b578b4850/html5/thumbnails/16.jpg)
Network Issues(cont.)• Port Scanning
• sends client requests to a range of server port addresses on a host
• To search an active port and vulnerable services
![Page 17: Cloud computing security](https://reader033.vdocuments.us/reader033/viewer/2022061112/54563dafaf79597b578b4850/html5/thumbnails/17.jpg)
Security Issues• XML Signature Element Wrapping (Wrapper
attack)
• Attacker rewrite SOAP request that already signed by using a wrapper block
• Well known web service attack
![Page 18: Cloud computing security](https://reader033.vdocuments.us/reader033/viewer/2022061112/54563dafaf79597b578b4850/html5/thumbnails/18.jpg)
Security Issues(cont.)
• Cloud Malware Injection Attack
• Upload virus
Program to the cloud
![Page 19: Cloud computing security](https://reader033.vdocuments.us/reader033/viewer/2022061112/54563dafaf79597b578b4850/html5/thumbnails/19.jpg)
Security Issues(cont.)
• Data Stealing Problems
• User account and password are stolen by any means
• Accountability Check Problem
• “No use No bill” payment method
• an attacker has engaged the cloud with a malicious service or runs malicious code
![Page 20: Cloud computing security](https://reader033.vdocuments.us/reader033/viewer/2022061112/54563dafaf79597b578b4850/html5/thumbnails/20.jpg)
Conclusion & Thank You!