SlideShare a Scribd company logo

Cloud Computing : Security and Forensics

Download as PPTX, PDF
Govind Maheswaran, profile picture
Govind Maheswaran

This document discusses a seminar on cloud computing security and forensics. It covers topics like cloud security risks, risk assessment, and cloud forensics. The seminar aims to help people understand security issues in cloud computing and how to address them.

Technology
Related topics:
Cloud Storage InsightsCloud Computing Insights
1 of 41
Downloaded 288 times
1
2
3
4
5
Most read
6
Most read
7
8
9
10
11
12
Most read
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
Seminar on Cloud Computing : Security and Forensics Govind Maheswaran govindmaheswaran@gmail.com facebook.com/govindmaheswaran twitter.com/RestlessMystic
Cloud Computing Cloud security Risk Assesment Cloud Forensics Conclusion
“The cloud is for everyone. The cloud is a democracy.”
Cloud computing is a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction. This cloud model promotes availability and is composed of five essential characteristics, three service models, and four deployment models In Simple English, I can get my data when I want, over some kind of network, and even though the data might be coming from different places and my computing power shared with others, somehow the back end is going to scale up or down to fulfill my needs, and interestingly, bills me for only what I use.
On-Demand • Unilaterally provision computing capabilities as needed automatically, without requiring human interaction with a Self-Service service provider Resource • The provider’s computing resources are pooled to serve multiple consumers using a multi-tenant model Pooling • Shared pools are assigned and reallocated as per requirement • Upgrade? More memory required? New software version? Rapid Elasticity Incompatibility with current version? • “The Cloud Almighty” has it all… Broad Network • Available over the network and accessed through standard Access mechanisms Measured • Metering capability • Resource usage can be monitored, controlled, and reported — Service providing transparency for both the provider and consumer
•Servers and Network •Cloud OS and Platforms •User gets the software as connections. •All the user needs is to a web service. •User needs to install put up his applications. •Eg : Google Docs, Office Required OS and Platform •Eg : Windows Hyper V 365, Amazon S3 and Applications.(some Cloud, Amazon EC2 vendors provide OS) •Eg: Windows Azure Infrastructure Platform as a Software as a as a Service Service Service [IaaS] [PaaS] [SaaS] Processor Runtime Application Operating Memory API Web Service System Storage Web Server Web UI
Public Cloud Community Cloud Private Cloud Hybrid Cloud
Cloud Computing : Security and Forensics
Compute Storage Database Transaction
• Scale vs. Cost • Lack of Control Pros Cons • Multiplatform • Reliability support Issues • Encapsulated • Lock In Change • Data out of Management Premises • Next-Gen • Security Architecture
“They're certainly a threat, and would be easy to make malicious.” “The technology demands of the cybersecurity adviser's job are relatively trivial..”
* Cloud is a relatively newer technology. So, its security domains are not fully known. * Cloud based Security Risks => CRISKS * Hardware * Data * Applications * (in short, everything in the cloud) Some major security Issues are discussed in the following slides
Cloud Computing : Security and Forensics
• Any kind of intentional and un-intentional malicious activity carried out or executed on a shared platform may affect the other tenants and associated stake holders. • Eg : Blocking of IP Ranges, Confiscation of resources etc • Sudden increase in the resource usage by one application can drastically affect the performance and availability of other applications shared in the same cloud infrastructure.
• Bankruptcy and catastrophes does not come with an early warning. • Such a run-on-the-cloud may lead to acquisitions or mergers. • Sudden take over can result in a deviation from the agreed Terms of Use & License Agreement which may lead to a Lock- In situation.
• Migrating from cloud is difficult, as different cloud providers use various OS n middleware and APIs • Also, sudden change of provider policies may make the user stuck with the cloud. • The user may want to quit, but he cannot as his data is in the cloud. • Lock-In Situation
• Handled by the Provider • User rarely has information about the protection facilities. • Prevent unauthorized access by the priviledged employees of Service Provider
• The service provider may be following good security procedures, but it is not visible to the customers and end users. • May be due to security reasons. • End user questions remains un-answered: • how the data is backed up, who back up the data,whether the cloud service provider does it or has they outsourced to some third party,
• Confidential data remains confidential. • The information deleted by the customer may be available to the cloud solution provider as part of their regular backups. • Insecure and inefficient deletion of data where true data wiping is not happening, exposing the sensitive information to other cloud users.
• Vulnerabilities applicable to programs running in the conventional systems & networks are also applicable to cloud infrastructure. • It also requires application security measures (application- level firewalls) be in place in the production environment.
• The cloud provider maintains logs of none/some/all of the cloud activities • The end user has no access to these logs,neither are they aware of what exactly are being logged.
• Security testing is a process to determine that an information system protects data and maintains functionality as intended. • Cloud security testing is futile, due to the following reasons.  Permission Issues  If a user traverse through unauthorised areas of a cloud, he may reach a black hole.  An application is tested today and found vulnerable or not, how do you know that the app tested tomorrow is the same one that was tested yesterday?
“Who protects my data?” “Are we to skip on-site inspections, discoverability, and complex encryption schemes..”
• Although Cloud can be considered a failure in terms of Security, there are still many takers for it. • This is mainly due to the Multi-tenancy(cost sharing) aspect. • A risk based approach needs to be adopted, after considering the profit and loss involved in moving the assets to the cloud. An RA Framework is presented in the coming slides…
Map the Evaluate asset to Cloud Sketch the Identify Evaluate Existing Service Potential the Asset The Asset cloud Models and Data Flow Deployment Providers Models
Map the Evaluate asset to Cloud Sketch the Identify Evaluate Existing Service Potential the Asset The Asset cloud Models and Data Flow Deployment Providers Models • Assets can be Data or Applications. Choose which all needs to be migrated to the cloud. • In cloud, data and application need not reside at the same location. • Thus,even parts of functions can be shifted to the cloud. • Make the choice based upon current data usage, and potential data usage.
Map the Evaluate asset to Cloud Sketch the Identify Evaluate Existing Service Potential the Asset The Asset cloud Models and Data Flow Deployment Providers Models • Determine how Important and sensitive the asset is to the organisation. • In short, evaluate the asset on the basis of Confidentiality and availability.
Map the Evaluate asset to Cloud Sketch the Identify Evaluate Existing Service Potential the Asset The Asset cloud Models and Data Flow Deployment Providers Models • Determine which deployment model is good for the organizational requirement • Decide whether the organization can accept the risks implicit to the various deployment models (private, public, community, or hybrid).
Map the Evaluate asset to Cloud Sketch the Identify Evaluate Existing Service Potential the Asset The Asset cloud Models and Data Flow Deployment Providers Models • Determine which service deployment model is good for the organizational requirement • Decide whether the organization is competent enough to implement the extra layers (in case of IaaS or PaaS)
Map the Evaluate asset to Cloud Sketch the Identify Evaluate Existing Service Potential the Asset The Asset cloud Models and Data Flow Deployment Providers Models • Required to analyse how and when data will move In and Out the cloud..
“They're certainly a threat, and would be easy to make malicious.” “Quiet as the forest”
DEFINITION: “The use of scientifically derived and proven methods toward the preservation, collection, validation, identification, analysis, interpretation, documentation and presentation of digital evidence derived from digital sources for the purpose of facilitating or furthering the reconstruction of events found to be criminal, or helping to anticipate unauthorized actions shown to be disruptive to planned operations.” Cloud Forensics refers to the usage of Digital Forensics Science in Cloud computing models.
• Cloud forensics is more cost effective than conventional Digital forensic methodologies. • In case a cloud need to be shut down for data collection,it can be implemented with very less extra work (transfering data to another data center within the same cloud) • Forensics may be implemented as a Cloud Service.
Legal Regulations Legal & regulatory requirements and compliances may be lacking in the location(s) where the data is actually stored. Record Retention Policies There exists no standardized logging format for the cloud. Each provider logs in different formats, making log crunching for forensics difficult in case of Cloud. Identity Management There exists no proper KYC norms in case of Cloud Providers. Anyone with a credit card can purchase a cloud account.
Continously Overwriten Logs The cloud keeps working, and its logs are replicated and overwritten continously. So it poses a great challenge to the forensic scientist to spot the state of the log file at the time of an attempted crime.. Admissibility Along with finding the evidence, the scientist must also prove it to a legal non technical person. This part is worser than the real forensics process. Privacy Someone hacked something somewhere. Why should a Forensic guy check the data that i have put in my cloud ..?
Cloud Computing : Security and Forensics
• Cloud is changing the way systems and services are provided and utilized. • The more informed IT departments are about the cloud, the better the position they will be in when making decisions about deploying, developing, and maintaining systems in the cloud. • With so many different cloud deployment and service models, and their hybrid permutations - no list of security controls can cover all these circumstances. • Cloud has just crossed its inception states, and Researches on cloud security are still going on.
• Use a Risk Assesment framework before data is put on the cloud. • Cloud forensics, being younger than Cloud computing, has very less to offer as of now. • Watch your activities, keep in touch with your cloud service provider, read the user manual carefully.
• Cloud Security Alliance, a non Profit Cloud Evangelists Group https://cloudsecurityalliance.org/ • Microsoft Corporation, Windows Azure http://www.microsoft.com/windowsazure • IEEE Paper “Cloud Computing: The impact on digital forensic investigations “ • IEEE Paper “Cloud computing: Forensic challenges for law enforcement “ • Cyber Forensics by Albert J Marcella and Robert greenfield
Cloud Computing : Security and Forensics
Drop me a mail : govindmaheswaran@gmail.com

More Related Content

PPT
The Trouble with Cloud Forensics
Sharique Rizvi
 
PDF
Cloud Computing Forensic Science
David Sweigert
 
PDF
Next Generation Defense in Depth Model - Tari Schreider, CCISO, Chief Cybers...
EC-Council
 
PPTX
What is Cryptography and Types of attacks in it
lavakumar Thatisetti
 
PPTX
Cybersecurity 1. intro to cybersecurity
sommerville-videos
 
PDF
Debunked: 5 Myths About Zero Trust Security
Centrify Corporation
 
PPTX
IBM Security QRadar
Virginia Fernandez
 
PPT
IDS and IPS
Santosh Khadsare
 
The Trouble with Cloud Forensics
Sharique Rizvi
 
Cloud Computing Forensic Science
David Sweigert
 
Next Generation Defense in Depth Model - Tari Schreider, CCISO, Chief Cybers...
EC-Council
 
What is Cryptography and Types of attacks in it
lavakumar Thatisetti
 
Cybersecurity 1. intro to cybersecurity
sommerville-videos
 
Debunked: 5 Myths About Zero Trust Security
Centrify Corporation
 
IBM Security QRadar
Virginia Fernandez
 
IDS and IPS
Santosh Khadsare
 

What's hot (20)

PPTX
Penetration testing reporting and methodology
Rashad Aliyev
 
PDF
Cloud Security Governance
Shankar Subramaniyan
 
PPTX
Vulnerability assessment and penetration testing
Abu Sadat Mohammed Yasin
 
PPTX
Information security
Lusungu Mkandawire CISA,CISM,CGEIT,CPF,PRINCE2
 
PPT
Information Security Policies and Standards
Directorate of Information Security | Ditjen Aptika
 
PPTX
Endpoint Protection
Sophos
 
PPTX
What is Zero Trust
Okta-Inc
 
PPT
Cyber security for an organization
Tejas Wasule
 
PPTX
Cloud computing and Cloud security fundamentals
Viresh Suri
 
PDF
Mobile Application Security
cclark_isec
 
PDF
Zero Trust Model Presentation
Gowdhaman Jothilingam
 
PPTX
Network defenses
Prachi Gulihar
 
PPTX
Cyber attacks and IT security management in 2025
Radar Cyber Security
 
PDF
Cloud-forensics
anupriti
 
PDF
Cyber Security Maturity Assessment
Doreen Loeber
 
DOCX
What is zero trust model of information security?
Ahmed Banafa
 
PPTX
Cloud security
François Boucher
 
PPTX
Network security (vulnerabilities, threats, and attacks)
Fabiha Shahzad
 
PPTX
Patch Management Best Practices 2019
Ivanti
 
PDF
CyberSecurity Certifications | CyberSecurity Career | CyberSecurity Certifica...
Edureka!
 
Penetration testing reporting and methodology
Rashad Aliyev
 
Cloud Security Governance
Shankar Subramaniyan
 
Vulnerability assessment and penetration testing
Abu Sadat Mohammed Yasin
 
Information security
Lusungu Mkandawire CISA,CISM,CGEIT,CPF,PRINCE2
 
Information Security Policies and Standards
Directorate of Information Security | Ditjen Aptika
 
Endpoint Protection
Sophos
 
What is Zero Trust
Okta-Inc
 
Cyber security for an organization
Tejas Wasule
 
Cloud computing and Cloud security fundamentals
Viresh Suri
 
Mobile Application Security
cclark_isec
 
Zero Trust Model Presentation
Gowdhaman Jothilingam
 
Network defenses
Prachi Gulihar
 
Cyber attacks and IT security management in 2025
Radar Cyber Security
 
Cloud-forensics
anupriti
 
Cyber Security Maturity Assessment
Doreen Loeber
 
What is zero trust model of information security?
Ahmed Banafa
 
Cloud security
François Boucher
 
Network security (vulnerabilities, threats, and attacks)
Fabiha Shahzad
 
Patch Management Best Practices 2019
Ivanti
 
CyberSecurity Certifications | CyberSecurity Career | CyberSecurity Certifica...
Edureka!
 
Ad

Viewers also liked (20)

PDF
Cloud Breach - Forensics Audit Planning
Valdez Ladd MBA, CISSP, CISA,
 
PPSX
Cloud Forensics
sdavis532
 
PPTX
Ceic 2012 anti-anti-forensics
Jose Moruno Cadima
 
PPTX
Providing Proofs of Past Data Possession in Cloud Forensics
zawoad
 
PPTX
Digital forensics ahmed emam
ahmad abdelhafeez
 
PDF
NGN Japan 2012-2017
Kabir Ahmad
 
PDF
Performance Analysis of Mobile Security Protocols: Encryption and Authenticat...
CSCJournals
 
DOCX
Babadook
jupton1
 
PDF
MEDIA ICMI EDISI 11
ICMI Pusat
 
DOC
Updated CV
Prabhasini Sahu
 
PPTX
Mobile security
Stefaan
 
PPT
Looking for Information Vacuums
Info Ops HQ
 
PPTX
Delivering Secure OpenStack IaaS for SaaS Products
CloudPassage
 
PPT
Anti-Forensics: Real world identification, analysis and prevention
Seccuris Inc.
 
PDF
An introduction to cyber forensics and open source tools in cyber forensics
Zyxware Technologies
 
PPT
Cloud Monitoring And Forensic Using Security Metrics
Sandeep Saxena
 
PPTX
Mobile security
Mphasis
 
PPTX
IaaS Security - Back to the Drawing Board
K Logic Future Marketing
 
PPTX
Cloud Computing Security Issues
Stelios Krasadakis
 
PDF
Mobile Application Security by Design
DMI
 
Cloud Breach - Forensics Audit Planning
Valdez Ladd MBA, CISSP, CISA,
 
Cloud Forensics
sdavis532
 
Ceic 2012 anti-anti-forensics
Jose Moruno Cadima
 
Providing Proofs of Past Data Possession in Cloud Forensics
zawoad
 
Digital forensics ahmed emam
ahmad abdelhafeez
 
NGN Japan 2012-2017
Kabir Ahmad
 
Performance Analysis of Mobile Security Protocols: Encryption and Authenticat...
CSCJournals
 
Babadook
jupton1
 
MEDIA ICMI EDISI 11
ICMI Pusat
 
Updated CV
Prabhasini Sahu
 
Mobile security
Stefaan
 
Looking for Information Vacuums
Info Ops HQ
 
Delivering Secure OpenStack IaaS for SaaS Products
CloudPassage
 
Anti-Forensics: Real world identification, analysis and prevention
Seccuris Inc.
 
An introduction to cyber forensics and open source tools in cyber forensics
Zyxware Technologies
 
Cloud Monitoring And Forensic Using Security Metrics
Sandeep Saxena
 
Mobile security
Mphasis
 
IaaS Security - Back to the Drawing Board
K Logic Future Marketing
 
Cloud Computing Security Issues
Stelios Krasadakis
 
Mobile Application Security by Design
DMI
 
Ad

Similar to Cloud Computing : Security and Forensics (20)

PPTX
Introduction to cloud computing
Jithin Parakka
 
PDF
Towards a Federated Cloud Ecosystem
Clovis Chapman
 
PPTX
Cloud Computing 101
Kamal Arora
 
PDF
Oracle Cloud Reference Architecture
Bob Rhubart
 
PPTX
Introduction: Build infrastucture-as-a-service Clouds with Apache CloudStack
buildacloud
 
PDF
Trend and Future of Cloud Computing
hybrid cloud
 
PPT
Unit-I: Introduction to Cloud Computing
Divya S
 
PPTX
Speaker Presention by Irena Bojanova of the University of Maryland University...
Tim Harvey
 
PDF
Cloud computing
ananyaakk
 
PDF
Info Sec 2010 Possibilities And Security Challenges Of Cloud Computing (Han...
ptaglephd
 
PPTX
Cloud Computing
Nazish Mohammed
 
PPTX
Mahika cloud services
Somnath Sen
 
PPT
Cloud computing
Pallavi Rai
 
PPTX
Data Tactics dhs introduction to cloud technologies wtc
DataTactics
 
PPTX
Cloud computing by Luqman
Luqman Shareef
 
PDF
CloudComputing_UNIT4.pdf
khan593595
 
PDF
CloudComputing_UNIT4.pdf
khan593595
 
PPTX
Virtualization vs. Cloud Computing: What's the Difference?
Bangladesh Network Operators Group
 
PPT
Alhadeff cloud computing cyber technology.ppt
Iftikhar70
 
PPTX
AWS Cloud Solution - An Overview
Dony Riyanto
 
Introduction to cloud computing
Jithin Parakka
 
Towards a Federated Cloud Ecosystem
Clovis Chapman
 
Cloud Computing 101
Kamal Arora
 
Oracle Cloud Reference Architecture
Bob Rhubart
 
Introduction: Build infrastucture-as-a-service Clouds with Apache CloudStack
buildacloud
 
Trend and Future of Cloud Computing
hybrid cloud
 
Unit-I: Introduction to Cloud Computing
Divya S
 
Speaker Presention by Irena Bojanova of the University of Maryland University...
Tim Harvey
 
Cloud computing
ananyaakk
 
Info Sec 2010 Possibilities And Security Challenges Of Cloud Computing (Han...
ptaglephd
 
Cloud Computing
Nazish Mohammed
 
Mahika cloud services
Somnath Sen
 
Cloud computing
Pallavi Rai
 
Data Tactics dhs introduction to cloud technologies wtc
DataTactics
 
Cloud computing by Luqman
Luqman Shareef
 
CloudComputing_UNIT4.pdf
khan593595
 
CloudComputing_UNIT4.pdf
khan593595
 
Virtualization vs. Cloud Computing: What's the Difference?
Bangladesh Network Operators Group
 
Alhadeff cloud computing cyber technology.ppt
Iftikhar70
 
AWS Cloud Solution - An Overview
Dony Riyanto
 

Recently uploaded (20)

PDF
Chapter 3 Spatial Domain Image Processing.pdf
Getnet Tigabie Askale -(GM)
 
PDF
GamePlan Trading System Review: Professional Trader's Honest Take
SOFTTECHHUB
 
PDF
GDG Cloud Iasi [PUBLIC] Florian Blaga - Unveiling the Evolution of Cybersecur...
athlonica
 
PDF
[발표본] 너의 과제는 클라우드에 있어_KTDS_김동현_20250524.pdf
ssuserf8b8bd1
 
PDF
cuic standard and advanced reporting.pdf
SimoneTitaniumTomase
 
PDF
Modernizing your data center with Dell and AMD
Principled Technologies
 
PPTX
Cloud computing and distributed systems.
kkkkkhan
 
PDF
Machine learning based COVID-19 study performance prediction
IAESIJAI
 
PDF
Empathic Computing: Creating Shared Understanding
Mark Billinghurst
 
PDF
Spectral efficient network and resource selection model in 5G networks
IAESIJAI
 
PDF
How UI/UX Design Impacts User Retention in Mobile Apps.pdf
SynapseIndia
 
DOCX
The AUB Centre for AI in Media Proposal.docx
GAONE9
 
PPTX
20250228 LYD VKU AI Blended-Learning.pptx
DatVoNgoc
 
PPT
“AI and Expert System Decision Support & Business Intelligence Systems”
ZubinRadhakrishnan
 
PDF
Approach and Philosophy of On baking technology
30anthuong17
 
PDF
Unlocking AI with Model Context Protocol (MCP)
Brian McKeiver
 
PDF
Mobile App Security Testing_ A Comprehensive Guide.pdf
flufftailshop
 
PPTX
MYSQL Presentation for SQL database connectivity
Swati270511
 
PDF
Blue Purple Modern Animated Computer Science Presentation.pdf.pdf
Akar16
 
PDF
Network Security Unit 5.pdf for BCA BBA.
Serpent6
 
Chapter 3 Spatial Domain Image Processing.pdf
Getnet Tigabie Askale -(GM)
 
GamePlan Trading System Review: Professional Trader's Honest Take
SOFTTECHHUB
 
GDG Cloud Iasi [PUBLIC] Florian Blaga - Unveiling the Evolution of Cybersecur...
athlonica
 
[발표본] 너의 과제는 클라우드에 있어_KTDS_김동현_20250524.pdf
ssuserf8b8bd1
 
cuic standard and advanced reporting.pdf
SimoneTitaniumTomase
 
Modernizing your data center with Dell and AMD
Principled Technologies
 
Cloud computing and distributed systems.
kkkkkhan
 
Machine learning based COVID-19 study performance prediction
IAESIJAI
 
Empathic Computing: Creating Shared Understanding
Mark Billinghurst
 
Spectral efficient network and resource selection model in 5G networks
IAESIJAI
 
How UI/UX Design Impacts User Retention in Mobile Apps.pdf
SynapseIndia
 
The AUB Centre for AI in Media Proposal.docx
GAONE9
 
20250228 LYD VKU AI Blended-Learning.pptx
DatVoNgoc
 
“AI and Expert System Decision Support & Business Intelligence Systems”
ZubinRadhakrishnan
 
Approach and Philosophy of On baking technology
30anthuong17
 
Unlocking AI with Model Context Protocol (MCP)
Brian McKeiver
 
Mobile App Security Testing_ A Comprehensive Guide.pdf
flufftailshop
 
MYSQL Presentation for SQL database connectivity
Swati270511
 
Blue Purple Modern Animated Computer Science Presentation.pdf.pdf
Akar16
 
Network Security Unit 5.pdf for BCA BBA.
Serpent6
 

Cloud Computing : Security and Forensics

  • 1. Seminar on Cloud Computing : Security and Forensics Govind Maheswaran govindmaheswaran@gmail.com facebook.com/govindmaheswaran twitter.com/RestlessMystic
  • 2. Cloud Computing Cloud security Risk Assesment Cloud Forensics Conclusion
  • 3. “The cloud is for everyone. The cloud is a democracy.”
  • 4. Cloud computing is a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction. This cloud model promotes availability and is composed of five essential characteristics, three service models, and four deployment models In Simple English, I can get my data when I want, over some kind of network, and even though the data might be coming from different places and my computing power shared with others, somehow the back end is going to scale up or down to fulfill my needs, and interestingly, bills me for only what I use.
  • 5. On-Demand • Unilaterally provision computing capabilities as needed automatically, without requiring human interaction with a Self-Service service provider Resource • The provider’s computing resources are pooled to serve multiple consumers using a multi-tenant model Pooling • Shared pools are assigned and reallocated as per requirement • Upgrade? More memory required? New software version? Rapid Elasticity Incompatibility with current version? • “The Cloud Almighty” has it all… Broad Network • Available over the network and accessed through standard Access mechanisms Measured • Metering capability • Resource usage can be monitored, controlled, and reported — Service providing transparency for both the provider and consumer
  • 6. •Servers and Network •Cloud OS and Platforms •User gets the software as connections. •All the user needs is to a web service. •User needs to install put up his applications. •Eg : Google Docs, Office Required OS and Platform •Eg : Windows Hyper V 365, Amazon S3 and Applications.(some Cloud, Amazon EC2 vendors provide OS) •Eg: Windows Azure Infrastructure Platform as a Software as a as a Service Service Service [IaaS] [PaaS] [SaaS] Processor Runtime Application Operating Memory API Web Service System Storage Web Server Web UI
  • 7. Public Cloud Community Cloud Private Cloud Hybrid Cloud
  • 9. Compute Storage Database Transaction
  • 10. • Scale vs. Cost • Lack of Control Pros Cons • Multiplatform • Reliability support Issues • Encapsulated • Lock In Change • Data out of Management Premises • Next-Gen • Security Architecture
  • 11. “They're certainly a threat, and would be easy to make malicious.” “The technology demands of the cybersecurity adviser's job are relatively trivial..”
  • 12. * Cloud is a relatively newer technology. So, its security domains are not fully known. * Cloud based Security Risks => CRISKS * Hardware * Data * Applications * (in short, everything in the cloud) Some major security Issues are discussed in the following slides
  • 14. Any kind of intentional and un-intentional malicious activity carried out or executed on a shared platform may affect the other tenants and associated stake holders. • Eg : Blocking of IP Ranges, Confiscation of resources etc • Sudden increase in the resource usage by one application can drastically affect the performance and availability of other applications shared in the same cloud infrastructure.
  • 15. Bankruptcy and catastrophes does not come with an early warning. • Such a run-on-the-cloud may lead to acquisitions or mergers. • Sudden take over can result in a deviation from the agreed Terms of Use & License Agreement which may lead to a Lock- In situation.
  • 16. Migrating from cloud is difficult, as different cloud providers use various OS n middleware and APIs • Also, sudden change of provider policies may make the user stuck with the cloud. • The user may want to quit, but he cannot as his data is in the cloud. • Lock-In Situation
  • 17. Handled by the Provider • User rarely has information about the protection facilities. • Prevent unauthorized access by the priviledged employees of Service Provider
  • 18. The service provider may be following good security procedures, but it is not visible to the customers and end users. • May be due to security reasons. • End user questions remains un-answered: • how the data is backed up, who back up the data,whether the cloud service provider does it or has they outsourced to some third party,
  • 19. Confidential data remains confidential. • The information deleted by the customer may be available to the cloud solution provider as part of their regular backups. • Insecure and inefficient deletion of data where true data wiping is not happening, exposing the sensitive information to other cloud users.
  • 20. Vulnerabilities applicable to programs running in the conventional systems & networks are also applicable to cloud infrastructure. • It also requires application security measures (application- level firewalls) be in place in the production environment.
  • 21. The cloud provider maintains logs of none/some/all of the cloud activities • The end user has no access to these logs,neither are they aware of what exactly are being logged.
  • 22. Security testing is a process to determine that an information system protects data and maintains functionality as intended. • Cloud security testing is futile, due to the following reasons.  Permission Issues  If a user traverse through unauthorised areas of a cloud, he may reach a black hole.  An application is tested today and found vulnerable or not, how do you know that the app tested tomorrow is the same one that was tested yesterday?
  • 23. “Who protects my data?” “Are we to skip on-site inspections, discoverability, and complex encryption schemes..”
  • 24. Although Cloud can be considered a failure in terms of Security, there are still many takers for it. • This is mainly due to the Multi-tenancy(cost sharing) aspect. • A risk based approach needs to be adopted, after considering the profit and loss involved in moving the assets to the cloud. An RA Framework is presented in the coming slides…
  • 25. Map the Evaluate asset to Cloud Sketch the Identify Evaluate Existing Service Potential the Asset The Asset cloud Models and Data Flow Deployment Providers Models
  • 26. Map the Evaluate asset to Cloud Sketch the Identify Evaluate Existing Service Potential the Asset The Asset cloud Models and Data Flow Deployment Providers Models • Assets can be Data or Applications. Choose which all needs to be migrated to the cloud. • In cloud, data and application need not reside at the same location. • Thus,even parts of functions can be shifted to the cloud. • Make the choice based upon current data usage, and potential data usage.
  • 27. Map the Evaluate asset to Cloud Sketch the Identify Evaluate Existing Service Potential the Asset The Asset cloud Models and Data Flow Deployment Providers Models • Determine how Important and sensitive the asset is to the organisation. • In short, evaluate the asset on the basis of Confidentiality and availability.
  • 28. Map the Evaluate asset to Cloud Sketch the Identify Evaluate Existing Service Potential the Asset The Asset cloud Models and Data Flow Deployment Providers Models • Determine which deployment model is good for the organizational requirement • Decide whether the organization can accept the risks implicit to the various deployment models (private, public, community, or hybrid).
  • 29. Map the Evaluate asset to Cloud Sketch the Identify Evaluate Existing Service Potential the Asset The Asset cloud Models and Data Flow Deployment Providers Models • Determine which service deployment model is good for the organizational requirement • Decide whether the organization is competent enough to implement the extra layers (in case of IaaS or PaaS)
  • 30. Map the Evaluate asset to Cloud Sketch the Identify Evaluate Existing Service Potential the Asset The Asset cloud Models and Data Flow Deployment Providers Models • Required to analyse how and when data will move In and Out the cloud..
  • 31. “They're certainly a threat, and would be easy to make malicious.” “Quiet as the forest”
  • 32. DEFINITION: “The use of scientifically derived and proven methods toward the preservation, collection, validation, identification, analysis, interpretation, documentation and presentation of digital evidence derived from digital sources for the purpose of facilitating or furthering the reconstruction of events found to be criminal, or helping to anticipate unauthorized actions shown to be disruptive to planned operations.” Cloud Forensics refers to the usage of Digital Forensics Science in Cloud computing models.
  • 33. Cloud forensics is more cost effective than conventional Digital forensic methodologies. • In case a cloud need to be shut down for data collection,it can be implemented with very less extra work (transfering data to another data center within the same cloud) • Forensics may be implemented as a Cloud Service.
  • 34. Legal Regulations Legal & regulatory requirements and compliances may be lacking in the location(s) where the data is actually stored. Record Retention Policies There exists no standardized logging format for the cloud. Each provider logs in different formats, making log crunching for forensics difficult in case of Cloud. Identity Management There exists no proper KYC norms in case of Cloud Providers. Anyone with a credit card can purchase a cloud account.
  • 35. Continously Overwriten Logs The cloud keeps working, and its logs are replicated and overwritten continously. So it poses a great challenge to the forensic scientist to spot the state of the log file at the time of an attempted crime.. Admissibility Along with finding the evidence, the scientist must also prove it to a legal non technical person. This part is worser than the real forensics process. Privacy Someone hacked something somewhere. Why should a Forensic guy check the data that i have put in my cloud ..?
  • 37. • Cloud is changing the way systems and services are provided and utilized. • The more informed IT departments are about the cloud, the better the position they will be in when making decisions about deploying, developing, and maintaining systems in the cloud. • With so many different cloud deployment and service models, and their hybrid permutations - no list of security controls can cover all these circumstances. • Cloud has just crossed its inception states, and Researches on cloud security are still going on.
  • 38. • Use a Risk Assesment framework before data is put on the cloud. • Cloud forensics, being younger than Cloud computing, has very less to offer as of now. • Watch your activities, keep in touch with your cloud service provider, read the user manual carefully.
  • 39. Cloud Security Alliance, a non Profit Cloud Evangelists Group https://cloudsecurityalliance.org/ • Microsoft Corporation, Windows Azure http://www.microsoft.com/windowsazure • IEEE Paper “Cloud Computing: The impact on digital forensic investigations “ • IEEE Paper “Cloud computing: Forensic challenges for law enforcement “ • Cyber Forensics by Albert J Marcella and Robert greenfield
  • 41. Drop me a mail : govindmaheswaran@gmail.com