Cloud Computing Security
Download as PPTX, PDF2 likes496 views
The document outlines the fundamentals of cloud computing and its related service and deployment models, highlighting its advantages like high performance and scalability. It emphasizes the importance of cloud security, discussing various threats such as loss of governance, responsibility ambiguity, and data protection. The document also details necessary security measures, including effective governance, independent audits, role management, and ensuring data confidentiality and integrity.
Cloud Computing Security
- 2. Cloud Computing • Internet-based computing that provides shared processing resources and data to computers and other devices on demand. • Provide users and enterprises with various capabilities to store and process their data in third-party data-centers. • Availability of high-capacity networks, low-cost computers and storage devices and hardware virtualization have led to a growth in cloud computing. • Advantages are high computing power, cheap cost of services, high performance, scalability, accessibility and availability.
- 3. Service Models • Infrastructure as a service (IaaS) • Platform as a service (PaaS) • Software as a service (SaaS)
- 4. Deployment models • Private cloud • Public cloud • Hybrid cloud
- 5. Cloud Security • It refers to a broad set of policies, technologies, and controls deployed to protect data, applications, and the associated infrastructure of cloud computing. • Security issues fall into two categories : security issues faced by cloud providers and security issues faced by their customers
- 6. Cloud Computing Threats • Loss of governance : In a public cloud deployment, customers cede control to the cloud provider over a number of issues that may affect security. • Responsibility ambiguity : Responsibility over aspects of security may be split between the provider and the customer. • Authentication and Authorization : Accessing cloud resources from anywhere heightens the need for better authentication. • Isolation failure : It covers the failure of mechanisms separating the usage of storage, memory, routing and even reputation between tenants.
- 7. • Compliance and legal risks : The cloud customer’s interest may be lost if the cloud provider cannot provide evidence of their own compliance with the relevant requirements. • Handling of security incidents : If detection, reporting and subsequent management of security breaches is not done, it may have impact on customer. • Data protection : Exposure or release of sensitive data as well as the loss or unavailability of data. • Business failure of the provider : Lead to unavailability of data and application of customer over an extended period. • Service unavailability : This could be caused by hardware, software or communication network failures. • Insecure or incomplete data deletion : The termination of a contract with a provider may not result in deletion of the customer’s data.
- 8. Cloud Computing Security • Ensure effective governance, risk and compliance processes exist • Verify that agreement between the customer and the provider, along with associated documents, contain all their requirements(i.e, applications and data hosted are secured). • Cloud service providers should notify about the occurrence of any breach of their system, regardless of the parties or data directly impacted. • Servers hosting customer data may be located in multiple data centers within different jurisdictions. This influences the protection of personally identifiable information (PII) and legal and jurisdictional authority access to this data.
- 9. • Audit operational & business processes • Customers should expect to see a report of the cloud provider's operations by independent auditors. • Auditors may be employed by the customer or by the provider - but the key element is that they should be independent. • Audits should be carried out by appropriately skilled staff typically belonging to an independent auditing organization. • Manage people, roles and identities • Two sets of people : employees of the provider – access to the customer’s data and applications, and employees of the customer - perform operations on the provider’s systems. • Cloud providers must allow the customer to assign and manage the roles and associated levels of authorization for each of their users in accordance with their security policies.
- 10. • Ensure proper protection of data and information • Data Confidentiality : Outsourced data is stored in a cloud and out of the owners' direct control. Only authorized users can access the sensitive data while others. • Data Access Controllability : Legal users can be authorized by the owner to access the data, while others can not access it without permissions. • Data Integrity : Data should not be illegally tampered, improperly modified, deliberately deleted, or maliciously fabricated. If so, the owner should be able to detect the corruption or loss. • Ensure cloud networks and connections are secure • Provide tools to protect clients from one another, such as VPN, firewall, hypervisor. • Monitor for intrusion attempts using activity auditing and logging.
- 11. • Understand the security requirements of the exit process • The provider must ensure that any copies of the data are permanently erased from its environment, wherever they may have been stored. • The exit process must allow the customer to retrieve their data in a suitably secure form, backups must be retained for agreed periods before being eliminated
- 12. Thank You