Research Challenges and Security Issues in Cloud Computing

Size: px
Start display at page:

Download "Research Challenges and Security Issues in Cloud Computing"

Transcription

1 Research Challenges and Security Issues in Cloud Computing R. Kalaichelvi Chandrahasan, S Shanmuga Priya and Dr. L. Arockiam AMA International University, Kingdom of Bahrain M.I.E.T Engg College, Tiruchirappalli, India St. Joseph's College, Tiruchirappalli, India Abstract Cloud computing is a promising computing standard where computing resources in large data center are made available as services over Internet. Cloud computing has become prominent IT by offering the business environment data storage capacity. This new profitable paradigm for computing is an attractive, massive, largescale investment that includes any subscription-based or pay-per-use service over the Internet. It is on-demand access to virtualized IT services and products. Salesforce, Amazon and Google are currently providing such services, charging clients using an on-demand policy. As the users deal their sensitive data to clouds i.e. public domains, the major hurdles for cloud adoption are lack of security and access control. The main setback is that the insecure information flows as service provider can access multiple virtual machines in clouds. So it is necessary to build up proper security for cloud implementation. The aim of this paper is to provide an overall view of cloud computing with the aim to highlight the possible security issues and vulnerabilities connected with virtualization infrastructure. Keywords: Cloud Computing; Virtualization; On-Demand Policy; Security; Service Provider; Public Domains 1. Introduction Cloud computing takes virtual infrastructure and builds upon research in distributed computing, grid computing, utility computing, autonomic computing, networking, web services and software services. It has shown tremendous potential to empowerment, agility, multi-tenancy, reliability, scalability, availability, performance, security and maintenance. Through Cloud environment , Instant messaging, business software, and web content management can be offered. It incorporates many existing technologies such as information and infrastructure consisting of pools of computers, networks, distributed services application, information and storage resources. The US National Institute of Standards and Technology (NIST) defines cloud as follows: Cloud computing is a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with a minimal management effort or service provider interaction. This cloud model promotes availability and is composed of five essential characteristics, three delivery models, and four deployment models. [1]. Due to the ever growing interest in cloud computing, we focus on issues that are specific to cloud environment. The rest of this document is organized as follows. Section 2 describes an overview of Cloud that embraces the characteristics of cloud computing, service models, deployment models and cloud scalability. Section 3 presents the security challenges in cloud and the seven layers on the basis of CSA followed by the Service Level Agreement and widely used languages for describing web services in Section 4. Finally, Section 5 concludes the paper and discusses the future work. 2. Cloud: Overview 2.1 Characteristics of Cloud Computing The five characteristics of cloud computing embrace on-demand self-service, ubiquitous network access, location independent resource pooling, rapid elasticity, and measured service [6]. 2.2 Service Models There are three layers referred as delivery models that provide the resources to the clients. 42

2 Cloud Software as a Service (SaaS): The top layer provides the customer with ready to use application running on the infrastructure of service provider. The applications are easily accessible from several client devices as on-demand services. As clients obtain software from different providers, ensuring the information by these services is well secured becomes an issue. Salesforce, DocLanding, Zoho, Workday are instances of SaaS are used for different purposes such as , billing, human resource management etc. Cloud Platform as a Service (PaaS): It is the middle layer that provides platform oriented service, controlling the installed applications and available hosting environment configuration. Services that the application can request from an OS can be a constraint in PaaS. Google App Engine, LoadStorm are the instances of PaaS for running web applications and testing their performance. Cloud Infrastructure as a Service (IaaS): The bottom layer provides infrastructure services such as memory, cpu and storage. The consumer can deploy and run software. It reduces hardware costs. License cost is reduced in all layers. Trusting virtual machines, setting hosts, acquiring inter host communication are significant areas to be considered in IaaS. Amazon S3 and FlexiScale are the best examples of IaaS for storage and maintaining virtual servers. 2.3 Deployment Models Figure 1: Cloud Computing Map [2] The major factor to provide a secure cloud computing is the type of cloud to be implemented. The types of cloud deployment models offered are: Private cloud: This cloud infrastructure is functioned only for particular organization. Community cloud: This cloud infrastructure is available to several specific groups of organizations. Public cloud: The purpose of this cloud infrastructure is to public or large industry group can serve multiple tenants. Hybrid cloud: It is composite of two or more than two clouds. 2.4 Scalable Web Architectures In terms of scalability of cloud computing, it has two dimensions, namely horizontal cloud scalability and vertical cloud scalability [15]. Horizontal cloud scalability: It is the facility in which multiple clouds can be integrated and connected to have one logical cloud. For instance a calculation cloud can be integrated with storage cloud or two calculation clouds can integrate into a larger calculation cloud. Vertical cloud scalability: It is the facility in which the capacity of a cloud can be developed by enhancing individual existing nodes in the cloud. For example providing a server with more physical memory or 43

3 improving the bandwidth that connects two nodes. Additionally, a node can be gradually upgraded from a single power machine to a data center. Users can store their data in the cloud without they need to know where it keeps the data or how it accesses the data. 3. Security Challenges In Cloud As promising as it is, cloud computing is also facing many security issues including sensitive data access, data segregation, privacy, authentication and identity management, policy integration, bug exploitation, recovery, accountability, visibility under virtualization, malicious insiders, management console security, account control, and multi-tenancy issues[3], [4]. Solutions to various cloud security issues include cryptography, public key infrastructure, standardization of APIs, and improving virtual machine support and legal support. Public clouds clutch the highest risk of data exposure and hence it must be managed with the proper caution. Hence understanding the challenges and security risks in cloud environment and developing solutions are essential to the success of this evolving paradigm [6]. A survey was conducted by International Data Corporation (IDC) IT group to rate the cloud services and its issues in The Figure 2 shows the respondents rating. It shows that security is the major concern in cloud computing paradigm. 3.1 Data Security Figure 2: Cloud Challenges/Issues survey [17]. Cloud vendors face major issues in confidentiality, integrity and availability in data security. Confidentiality refers to who stores the encryption keys. Integrity refers to no common policies that exist for data transfer. Lastly, the most problematic issue is availability i.e. it is very hard to make applications and resources. Data security includes Privileged user access, Regulatory compliance, Data location, Data segregation, Recovery, Investigative Support, Long-term viability [5], [10]. 3.2 Key security challenges Authentication As cloud users store their information to various services across the Internet, it can be accessible by unauthorized people. Henceforth for authenticating users and services cloud should have identity management system Access Control To identify and allow only authorized users, cloud should have a fine access control policies. Such services should be flexible, easily manageable and their privilege distribution is administered efficiently. Also the access control services should be incorporated based on Service Level Agreement (SLA). 44

4 3.2.3 Policy Integration The end users may access many cloud providers such as Amazon, Google, LoadStorm and other providers. They may have their own policies and approaches and hence there might be conflicts among their policies. Hence we need to have a mechanism to detect these inconsistencies among their policies and to have solutions for them Service Management To meet customers' needs, many cloud providers together form a new composed service and provides a packaged service to customers. At this scenario, there should be a service integrator to get the finest interoperable services Trust Management As the cloud environment is service oriented, a trust management approach should be developed. It should include trust negotiation factors for the cloud providers and cloud users. The idea is, the providers need to have some level of trust on the users to release their services to, and their users should have some level of trust on the providers to choose their service from [11], [12], [13]. 3.3 Seven Layers in Cloud: A cloud is structured in seven layers on the basis of Cloud Security Alliance: 1) Facility Layer, 2) Network Layer, 3) Hardware Layer, 4) OS Layer, 5) Middleware Layer, 6) Application Layer and 7)The User Layer [7], [8] [14] The Facility Layer The facility layer provides physical security. A high priority should be considered in controlling and monitoring physical access to the hardware. Closed-circuit cameras and patrolling security guards, alarm system, administrator logging, authentication, confidentiality agreements, background checks, and visitor access should be incorporated into surveillance of physical security. Also an architectural security should be adequate to guard the data center from any kind of physical attack The Network Layer The provider furnishes the network access to the users to access the customer data across the Internet in cloud. Hence the network defense devices should collect information about security events on the networks. The provider should maintain, monitor and audit network flow data. Also the customer should request these audits for verification The Hardware Layer As the customer access services from virtual machines, the provider should maintain and monitor the hardware that the hardware is tamper-free. The provider should have appropriate protocols to monitor the connection topology, memory use, bus speeds, processor loads, and disk storage and so on The OS Layer The vital important factor to be considered in cloud environment is securing the host OS. If it can be accessed by the illegal users, the customer data would be compromised. The provider should deploy an OS that manages to identify where the security policy or configuration might be lacking and prevent future inventions The Middleware Layer Middleware involves virtualization management tools, data format conversion, performing security functions, and managing access controls. The middleware mediates between the applications and the OS. It should monitor and secure communication between various systems. So, the provider should make sure that all middleware will accept and transmit only encrypted data and protect it against malicious manipulation. 45

5 3.3.6 The Applications Layer The providers provide the application as a service to the public. So the code can be exposed to potentially malicious users. Hence secure coding and secure software development should be an important factor to be considered. Customers should prefer applications in which the source code and business logic can be carefully examined by neutral third parties for potential flaws. Also applications should monitor sufficiently to detect violations in web based applications. The provider should widely deploy stricter security policies in application layer The User Layer The cloud users can be of two types: Web based application cloud users and members of customer organization user. Former access cloud information in insecure environment, while the later use information which have security policy. However access patterns can be monitored for malicious behavior. For example, Google Apps monitors login behavior such as the time and IP address, makes this information available to the user, and notifies the user of aberrant behavior. This idea could be extended to make digests of such alerts available to IT managers about the accounts for which their organization is responsible. In addition, the customer might access sensitive data in public areas. The authorized users can demolish many security policies in a few clicks because of his carelessness as web browsers have much vulnerability to manipulate. So user education is the best way to avoid such problems in cloud environment. 4. The Service Level Agreement As several cloud adoption exist in emerging markets such as Service Oriented Architecture, the quality and reliability of the services become important factors. Nevertheless the requirements of the service consumers vary considerably. From the cloud providers' viewpoint, all demands of cloud customer cannot be fulfilled. And hence as a negotiation process, provider and customer commit to an agreement. In SOA terms, this agreement is referred to as a Service Level Agreement (SLA). This SLA serves as the basis for the expected level of service between the consumer and the provider. A constant monitoring on Quality of Service (QoS) is necessary to enforce SLAs [16], [18]. The service level agreement is a contract or agreement between the cloud provider and cloud customer. In cloud computing the service and data maintenance is done by some vendors. So, the client has no control over the data or the processes on data. The communication media in this scenario is Internet i.e. public environment. The only means the vendor can gain trust of client is through the SLA. The SLA should embrace a definition of services, customers needs, performance measurement, problem management, customer duties, warranties, and eliminate unrealistic expectations, termination of agreement [9]. As cloud provides services like SaaS, PaaS, and IaaS, each service has its own security issues. So the SLA has to define several levels of security. Some of them are: a. Customer-based SLA b. Service-based SLA c. Multilevel SLA d. Corporate-level SLA e. Service-level SLA f. Web service level agreement Mainly it should cover a specific range of issues such as performance of services to be delivered, tracking and reporting problems, resolution of disputes, clients and providers responsibilities, confidential information and termination. Cloud APIs are application programming interfaces (APIs) used to construct applications in the cloud computing environment. With the growing adoption of cloud, a number of service-oriented architecture (SOA) services have been emerged. The widely used languages are REST cloud storage APIs and Web Services Description Language (WSDL). These APIs are Web tolerant. They offer extremely good services in advanced services such as secure sharing and collaboration. 5. Considerations and Future Work Enterprises are implementing cloud computing phenomenon. As it is essential for the adoption of cloud system, they should be aware of emerging security concerns and main research challenges faced by cloud computing. This paper articulated the challenges and issues on the way towards adopting Cloud. The non-profit 46

6 organization "Cloud Security Alliance" formed to use the best practices for providing security assurance has been presented. Additionally we analyzed the Service Level Agreement that builds trust between cloud providers and cloud customers. We conclude that we need security at different levels such as Server access security, Internet access security, Database access security, Data privacy security, Program access security. A secure cloud computing environment depends on identifying security solutions. A deeper study on current security approaches to deal with different security issues related to the cloud should be the focused of future work. References [1] [2] Ramgovind S, EloffMM, Smith E, "The Management of Security in Cloud Computing", Information Security for South Africa (ISSA) conference, pp 1-7, Sep 2010 [3] Meiko Jensen, Jorg Sehwenk et al., On Technical Security Issues in cloud Computing IEEE International conference on cloud Computing, pp , October [4] Mladen A. Vouk, "Cloud Computing Issues, Research and Implementations" Journal of Computing and Information Technology - CIT 16, 4, pp , 2008 [5] Herminder Singh & Babul Bansal "Analysis Of Security Issues And Performance Enhancement In Cloud Computing" International Journal of Information Technology and Knowledge Management, Volume 2, No. 2, pp , July-December 2010 [6] Hassan Takabi, James B.D.Joshi, Gail Joon Ahn, "SecureCloud: Towards a Comprehensive Security Framework for Cloud Computing Environments" 34th Annual IEEE Computer Software and Applications Conference Workshops, pp , 2010 [7] Jonathan Spring Software Engineering, "Monitoring Cloud computing by layer part 1" Security & Privacy, IEEE vol 9, Issue 2, pp 66-68, Mar 2011 [8] Jonathan Spring Software Engineering, "Monitoring Cloud computing by layer part 2" Security & Privacy, IEEE vol 9, Issue 3, pp 52-55, May 2011 [9] Balachandra Reddy, Ramakrishna Paturi, Dr.Atanu, "Cloud security Issues", IEEE International conference on Services Computing, pp , 2009 [10] Hassan Takabi and JamesB.D., "Security and Privacy Challenges in Cloud Computing Environments", Security & Privacy, IEEE, vol 8, Issue 6, pp 24-31, Dec [11] Nelson Gonzalez, Charles Miers, "A quantitative analysis of current security concerns and solutions for cloud computing", Third IEEE International conference on Cloud Computing Technology and Science, pp , 2011 [12] Subhashis Sengupta, Vikrant Kaulgud and Vibhu Saujanya Sharma, "Cloud Computing Security-Trends and Research Directions", IEEE World Congress on Services, pp , 2011 [13] Siani Pearson and Azzedine Benameur, "Privacy, Security and Trust Issues Arising from Cloud Computing" 2nd IEEE International Conference on Cloud Computing Technology and Science, pp , 2010 [14] Cloud Security Alliance Web site, [15] Lijun Mei, W.K. Chan and T.H. Tse, "A Tale of Clouds: Paradigm Comparisons and Some Thoughts on Research Issues", IEEE Asia-Pacific Services Computing Conference, pp , 2008 [16] Pankesh Patel, Ajith Ranabahu and Amit Sheth1, "Service Level Agreement in Cloud Computing", Cloud Workshops at OOPSLA, 2009 [17] [18] Service Level Agreement Definition and contents,http://www.service-level-agreement.net, accessed on March 10,

7 Authors Profile Ms. R. Kalaichelvi Chandrahasan is working as an Asst. Professor in AMA International University, Kingdom of Bahrain. She is currently pursuing her research in Karpagam University, Coimbatore, India. She has published 4 research articles in the International / National Journals. Her areas of research interests are in Cloud Computing, Data mining and Semantic Web mining. Ms. S Shanmuga Priya is working as an Asst. Professor in M.I.E.T Engg College, Trichy. She is currently pursuing her research in Bharathidasan University, Tiruchirappalli, India. Her areas of research interest are Java, Networking and Cloud Computing. Dr. L. Arockiam is working as an Associate Professor in St.Joseph s College, India. He has published 102 research articles in the International / National Conferences and Journals. He has also authored two books: "Success through Soft Skills" and "Research in a Nutshell" His areas of research interests are: Software Measurement, Cloud Computing, Cognitive Aspects in Programming, Web Service, Mobile Networks and Data mining. 48

A Study on Analysis and Implementation of a Cloud Computing Framework for Multimedia Convergence Services

A Study on Analysis and Implementation of a Cloud Computing Framework for Multimedia Convergence Services A Study on Analysis and Implementation of a Cloud Computing Framework for Multimedia Convergence Services Ronnie D. Caytiles and Byungjoo Park * Department of Multimedia Engineering, Hannam University

More information

CHAPTER 8 CLOUD COMPUTING

CHAPTER 8 CLOUD COMPUTING CHAPTER 8 CLOUD COMPUTING SE 458 SERVICE ORIENTED ARCHITECTURE Assist. Prof. Dr. Volkan TUNALI Faculty of Engineering and Natural Sciences / Maltepe University Topics 2 Cloud Computing Essential Characteristics

More information

Security Issues in Cloud Computing

Security Issues in Cloud Computing Security Issues in Computing CSCI 454/554 Computing w Definition based on NIST: A model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources

More information

Architectural Implications of Cloud Computing

Architectural Implications of Cloud Computing Architectural Implications of Cloud Computing Grace Lewis Research, Technology and Systems Solutions (RTSS) Program Lewis is a senior member of the technical staff at the SEI in the Research, Technology,

More information

Cloud Computing 159.735. Submitted By : Fahim Ilyas (08497461) Submitted To : Martin Johnson Submitted On: 31 st May, 2009

Cloud Computing 159.735. Submitted By : Fahim Ilyas (08497461) Submitted To : Martin Johnson Submitted On: 31 st May, 2009 Cloud Computing 159.735 Submitted By : Fahim Ilyas (08497461) Submitted To : Martin Johnson Submitted On: 31 st May, 2009 Table of Contents Introduction... 3 What is Cloud Computing?... 3 Key Characteristics...

More information

A Survey on Cloud Computing

A Survey on Cloud Computing A Survey on Cloud Computing Poulami dalapati* Department of Computer Science Birla Institute of Technology, Mesra Ranchi, India dalapati89@gmail.com G. Sahoo Department of Information Technology Birla

More information

Security Considerations for Public Mobile Cloud Computing

Security Considerations for Public Mobile Cloud Computing Security Considerations for Public Mobile Cloud Computing Ronnie D. Caytiles 1 and Sunguk Lee 2* 1 Society of Science and Engineering Research Support, Korea rdcaytiles@gmail.com 2 Research Institute of

More information

yvette@yvetteagostini.it yvette@yvetteagostini.it

yvette@yvetteagostini.it yvette@yvetteagostini.it 1 The following is merely a collection of notes taken during works, study and just-for-fun activities No copyright infringements intended: all sources are duly listed at the end of the document This work

More information

Security & Trust in the Cloud

Security & Trust in the Cloud Security & Trust in the Cloud Ray Trygstad Director of Information Technology, IIT School of Applied Technology Associate Director, Information Technology & Management Degree Programs Cloud Computing Primer

More information

Introduction to Cloud Computing. Srinath Beldona srinath_beldona@yahoo.com

Introduction to Cloud Computing. Srinath Beldona srinath_beldona@yahoo.com Introduction to Cloud Computing Srinath Beldona srinath_beldona@yahoo.com Agenda Pre-requisites Course objectives What you will learn in this tutorial? Brief history Is cloud computing new? Why cloud computing?

More information

Public Clouds. Krishnan Subramanian Analyst & Researcher Krishworld.com. A whitepaper sponsored by Trend Micro Inc.

Public Clouds. Krishnan Subramanian Analyst & Researcher Krishworld.com. A whitepaper sponsored by Trend Micro Inc. Public Clouds Krishnan Subramanian Analyst & Researcher Krishworld.com A whitepaper sponsored by Trend Micro Inc. Introduction Public clouds are the latest evolution of computing, offering tremendous value

More information

Future of Cloud Computing. Irena Bojanova, Ph.D. UMUC, NIST

Future of Cloud Computing. Irena Bojanova, Ph.D. UMUC, NIST Future of Cloud Computing Irena Bojanova, Ph.D. UMUC, NIST No Longer On The Horizon Essential Characteristics On-demand Self-Service Broad Network Access Resource Pooling Rapid Elasticity Measured Service

More information

Cloud Computing Architecture: A Survey

Cloud Computing Architecture: A Survey Cloud Computing Architecture: A Survey Abstract Now a day s Cloud computing is a complex and very rapidly evolving and emerging area that affects IT infrastructure, network services, data management and

More information

A Secure Strategy using Weighted Active Monitoring Load Balancing Algorithm for Maintaining Privacy in Multi-Cloud Environments

A Secure Strategy using Weighted Active Monitoring Load Balancing Algorithm for Maintaining Privacy in Multi-Cloud Environments IJSTE - International Journal of Science Technology & Engineering Volume 1 Issue 10 April 2015 ISSN (online): 2349-784X A Secure Strategy using Weighted Active Monitoring Load Balancing Algorithm for Maintaining

More information

A Survey on Cloud Security Issues and Techniques

A Survey on Cloud Security Issues and Techniques A Survey on Cloud Security Issues and Techniques Garima Gupta 1, P.R.Laxmi 2 and Shubhanjali Sharma 3 1 Department of Computer Engineering, Government Engineering College, Ajmer Guptagarima09@gmail.com

More information

TECHNOLOGY GUIDE THREE. Emerging Types of Enterprise Computing

TECHNOLOGY GUIDE THREE. Emerging Types of Enterprise Computing TECHNOLOGY GUIDE THREE Emerging Types of Enterprise Computing TECHNOLOGY GU IDE OUTLINE TG3.1 Introduction TG3.2 Server Farms TG3.3 Virtualization TG3.4 Grid Computing TG3.5 Utility Computing TG3.6 Cloud

More information

[Sudhagar*, 5(5): May, 2016] ISSN: 2277-9655 Impact Factor: 3.785

[Sudhagar*, 5(5): May, 2016] ISSN: 2277-9655 Impact Factor: 3.785 IJESRT INTERNATIONAL JOURNAL OF ENGINEERING SCIENCES & RESEARCH TECHNOLOGY AVOID DATA MINING BASED ATTACKS IN RAIN-CLOUD D.Sudhagar * * Assistant Professor, Department of Information Technology, Jerusalem

More information

Perspectives on Cloud Computing and Standards. Peter Mell, Tim Grance NIST, Information Technology Laboratory

Perspectives on Cloud Computing and Standards. Peter Mell, Tim Grance NIST, Information Technology Laboratory Perspectives on Cloud Computing and Standards Peter Mell, Tim Grance NIST, Information Technology Laboratory Caveats and Disclaimers This presentation provides education on cloud technology and its benefits

More information

Lecture 02b Cloud Computing II

Lecture 02b Cloud Computing II Mobile Cloud Computing Lecture 02b Cloud Computing II 吳 秀 陽 Shiow-yang Wu T. Sridhar. Cloud Computing A Primer, Part 2: Infrastructure and Implementation Topics. The Internet Protocol Journal, Volume 12,

More information

A SURVEY PAPER ON ENSURING SECURITY IN CLOUD COMPUTING

A SURVEY PAPER ON ENSURING SECURITY IN CLOUD COMPUTING A SURVEY PAPER ON ENSURING SECURITY IN CLOUD COMPUTING Yogita gangboir 1, Praveen Shende 2, Tushar Kumar Vaidya 3 1,3 Department of Computer Science and Engineering, CSIT, Durg, (India) 2 Assoistant Professor

More information

Oracle Applications and Cloud Computing - Future Direction

Oracle Applications and Cloud Computing - Future Direction Oracle Applications and Cloud Computing - Future Direction February 26, 2010 03:00 PM 03:40 PM Presented By Subash Krishnaswamy skrishna@astcorporation.com Vijay Tirumalai vtirumalai@astcorporation.com

More information

Security Analysis of Cloud Computing: A Survey

Security Analysis of Cloud Computing: A Survey Security Analysis of Cloud Computing: A Survey Kamaljeet Pakhre 1, Navdeep Singh 2, Sanket Mani Tiwari 3 1,2,3 Research Scholar, M. Tech. (CSE), Galgotias University, Greater Noida, India. Abstract Now

More information

Chapter 3. Database Architectures and the Web Transparencies

Chapter 3. Database Architectures and the Web Transparencies Chapter 3 Database Architectures and the Web Transparencies Database Environment - Objectives The meaning of the client server architecture and the advantages of this type of architecture for a DBMS. The

More information

Cloud Security Introduction and Overview

Cloud Security Introduction and Overview Introduction and Overview Klaus Gribi Senior Security Consultant klaus.gribi@swisscom.com May 6, 2015 Agenda 2 1. Cloud Security Cloud Evolution, Service and Deployment models Overview and the Notorious

More information

International Journal of Scientific & Engineering Research, Volume 6, Issue 5, May-2015 1681 ISSN 2229-5518

International Journal of Scientific & Engineering Research, Volume 6, Issue 5, May-2015 1681 ISSN 2229-5518 International Journal of Scientific & Engineering Research, Volume 6, Issue 5, May-2015 1681 Software as a Model for Security in Cloud over Virtual Environments S.Vengadesan, B.Muthulakshmi PG Student,

More information

NCTA Cloud Architecture

NCTA Cloud Architecture NCTA Cloud Architecture Course Specifications Course Number: 093019 Course Length: 5 days Course Description Target Student: This course is designed for system administrators who wish to plan, design,

More information

Cloud Computing and Security Risk Analysis Qing Liu Technology Architect STREAM Technology Lab Qing.Liu@chi.frb.org

Cloud Computing and Security Risk Analysis Qing Liu Technology Architect STREAM Technology Lab Qing.Liu@chi.frb.org Cloud Computing and Security Risk Analysis Qing Liu Technology Architect STREAM Technology Lab Qing.Liu@chi.frb.org 1 Disclaimers This presentation provides education on Cloud Computing and its security

More information

Planning the Migration of Enterprise Applications to the Cloud

Planning the Migration of Enterprise Applications to the Cloud Planning the Migration of Enterprise Applications to the Cloud A Guide to Your Migration Options: Private and Public Clouds, Application Evaluation Criteria, and Application Migration Best Practices Introduction

More information

Student's Awareness of Cloud Computing: Case Study Faculty of Engineering at Aden University, Yemen

Student's Awareness of Cloud Computing: Case Study Faculty of Engineering at Aden University, Yemen Student's Awareness of Cloud Computing: Case Study Faculty of Engineering at Aden University, Yemen Samah Sadeq Ahmed Bagish Department of Information Technology, Faculty of Engineering, Aden University,

More information

Cloud Computing. P a n a g i o t i s F o u z a s I T S o l u t i o n s M a n a g e r

Cloud Computing. P a n a g i o t i s F o u z a s I T S o l u t i o n s M a n a g e r C l a s s i f i c a t i o n I S O 2 7 0 0 1 : P u b l i c Cloud Computing Prospects & Challenges P a n a g i o t i s F o u z a s I T S o l u t i o n s M a n a g e r 1 OUTLINE Cloud Definition and Classification

More information

A Secure System Development Framework for SaaS Applications in Cloud Computing

A Secure System Development Framework for SaaS Applications in Cloud Computing A Secure System Development Framework for SaaS Applications in Cloud Computing Eren TATAR, Emrah TOMUR AbstractThe adoption of cloud computing is ever increasing through its economical and operational

More information

ISSN: 2321-7782 (Online) Volume 2, Issue 5, May 2014 International Journal of Advance Research in Computer Science and Management Studies

ISSN: 2321-7782 (Online) Volume 2, Issue 5, May 2014 International Journal of Advance Research in Computer Science and Management Studies ISSN: 2321-7782 (Online) Volume 2, Issue 5, May 2014 International Journal of Advance Research in Computer Science and Management Studies Research Paper Available online at: www.ijarcsms.com Analogous

More information

CLOUD COMPUTING. DAV University, Jalandhar, Punjab, India. DAV University, Jalandhar, Punjab, India

CLOUD COMPUTING. DAV University, Jalandhar, Punjab, India. DAV University, Jalandhar, Punjab, India CLOUD COMPUTING 1 Er. Simar Preet Singh, 2 Er. Anshu Joshi 1 Assistant Professor, Computer Science & Engineering, DAV University, Jalandhar, Punjab, India 2 Research Scholar, Computer Science & Engineering,

More information

The Analysis of Cloud Computing Major Security Concerns & Their Solutions

The Analysis of Cloud Computing Major Security Concerns & Their Solutions Journal of Information & Communication Technology Vol. 6, No. 2, (Fall 2012) 48-53 The Analysis of Cloud Computing Major Security Concerns & Their Solutions Farhat Sharif * Institute of Business and Technology

More information

Managing Cloud Computing Risk

Managing Cloud Computing Risk Managing Cloud Computing Risk Presented By: Dan Desko; Manager, Internal IT Audit & Risk Advisory Services Schneider Downs & Co. Inc. ddesko@schneiderdowns.com Learning Objectives Understand how to identify

More information

Cloud computing: the state of the art and challenges. Jānis Kampars Riga Technical University

Cloud computing: the state of the art and challenges. Jānis Kampars Riga Technical University Cloud computing: the state of the art and challenges Jānis Kampars Riga Technical University Presentation structure Enabling technologies Cloud computing defined Dealing with load in cloud computing Service

More information

Cloud Computing: Opportunities, Challenges, and Solutions. Jungwoo Ryoo, Ph.D., CISSP, CISA The Pennsylvania State University

Cloud Computing: Opportunities, Challenges, and Solutions. Jungwoo Ryoo, Ph.D., CISSP, CISA The Pennsylvania State University Cloud Computing: Opportunities, Challenges, and Solutions Jungwoo Ryoo, Ph.D., CISSP, CISA The Pennsylvania State University What is cloud computing? What are some of the keywords? How many of you cannot

More information

Security Issues in Cloud Computing

Security Issues in Cloud Computing Security Issues in Cloud Computing Dr. A. Askarunisa Professor and Head Vickram College of Engineering, Madurai, Tamilnadu, India N.Ganesh Sr.Lecturer Vickram College of Engineering, Madurai, Tamilnadu,

More information

Cloud Computing, and REST-based Architectures Reid Holmes

Cloud Computing, and REST-based Architectures Reid Holmes Material and some slide content from: - Software Architecture: Foundations, Theory, and Practice - Krzysztof Czarnecki Cloud Computing, and REST-based Architectures Reid Holmes Cloud precursors Grid Computing:

More information

International Research Journal of Engineering and Technology (IRJET) e-issn: 2395-0056. Volume: 02 Issue: 05 Aug-2015 www.irjet.net p-issn: 2395-0072

International Research Journal of Engineering and Technology (IRJET) e-issn: 2395-0056. Volume: 02 Issue: 05 Aug-2015 www.irjet.net p-issn: 2395-0072 Fear of Cloud Vinnakota Saran Chaitanya 1, G. Harshavardhan Reddy 2 1 UG Final year student, Department of Computer Science and Engineering, G. Pulla Reddy Engineering College, Andhra Pradesh, India 2

More information

Cloud Computing. Bringing the Cloud into Focus

Cloud Computing. Bringing the Cloud into Focus Cloud Computing Bringing the Cloud into Focus November 2011 Introduction Ken Cochrane CEO, IT/NET Partner, KPGM Performance and Technology National co-leader IT Advisory Services KPMG Andrew Brewin Vice

More information

SECURITY THREATS TO CLOUD COMPUTING

SECURITY THREATS TO CLOUD COMPUTING IMPACT: International Journal of Research in Engineering & Technology (IMPACT: IJRET) ISSN(E): 2321-8843; ISSN(P): 2347-4599 Vol. 2, Issue 3, Mar 2014, 101-106 Impact Journals SECURITY THREATS TO CLOUD

More information

A Survey on Security Issues and Security Schemes for Cloud and Multi-Cloud Computing

A Survey on Security Issues and Security Schemes for Cloud and Multi-Cloud Computing International Journal of Emerging Engineering Research and Technology Volume 3, Issue 5, May 2015, PP 1-7 ISSN 2349-4395 (Print) & ISSN 2349-4409 (Online) A Survey on Security Issues and Security Schemes

More information

Security Model for VM in Cloud

Security Model for VM in Cloud Security Model for VM in Cloud 1 Venkataramana.Kanaparti, 2 Naveen Kumar R, 3 Rajani.S, 4 Padmavathamma M, 5 Anitha.C 1,2,3,5 Research Scholars, 4Research Supervisor 1,2,3,4,5 Dept. of Computer Science,

More information

White Paper on CLOUD COMPUTING

White Paper on CLOUD COMPUTING White Paper on CLOUD COMPUTING INDEX 1. Introduction 2. Features of Cloud Computing 3. Benefits of Cloud computing 4. Service models of Cloud Computing 5. Deployment models of Cloud Computing 6. Examples

More information

INTRODUCTION TO CLOUD COMPUTING CEN483 PARALLEL AND DISTRIBUTED SYSTEMS

INTRODUCTION TO CLOUD COMPUTING CEN483 PARALLEL AND DISTRIBUTED SYSTEMS INTRODUCTION TO CLOUD COMPUTING CEN483 PARALLEL AND DISTRIBUTED SYSTEMS CLOUD COMPUTING Cloud computing is a model for enabling convenient, ondemand network access to a shared pool of configurable computing

More information

SURVEY ON VIRTUALIZATION VULNERABILITIES

SURVEY ON VIRTUALIZATION VULNERABILITIES SURVEY ON VIRTUALIZATION VULNERABILITIES Indumathy M Department of MCA, Acharya Institute of Technology, Bangalore, (India) ABSTRACT Virtualization plays a major role in serving the organizations to reduce

More information

Perspectives on Moving to the Cloud Paradigm and the Need for Standards. Peter Mell, Tim Grance NIST, Information Technology Laboratory 7-11-2009

Perspectives on Moving to the Cloud Paradigm and the Need for Standards. Peter Mell, Tim Grance NIST, Information Technology Laboratory 7-11-2009 Perspectives on Moving to the Cloud Paradigm and the Need for Standards Peter Mell, Tim Grance NIST, Information Technology Laboratory 7-11-2009 2 NIST Cloud Computing Resources NIST Draft Definition of

More information

Security Issues In Cloud Computing and Countermeasures

Security Issues In Cloud Computing and Countermeasures Security Issues In Cloud Computing and Countermeasures Shipra Dubey 1, Suman Bhajia 2 and Deepika Trivedi 3 1 Department of Computer Science, Banasthali University, Jaipur, Rajasthan / India 2 Department

More information

Top 10 Cloud Risks That Will Keep You Awake at Night

Top 10 Cloud Risks That Will Keep You Awake at Night Top 10 Cloud Risks That Will Keep You Awake at Night Shankar Babu Chebrolu Ph.D., Vinay Bansal, Pankaj Telang Photo Source flickr.com .. Amazon EC2 (Cloud) to host Eng. Lab testing. We want to use SalesForce.com

More information

East African Information Conference 13-14 th August, 2013, Kampala, Uganda. Security and Privacy: Can we trust the cloud?

East African Information Conference 13-14 th August, 2013, Kampala, Uganda. Security and Privacy: Can we trust the cloud? East African Information Conference 13-14 th August, 2013, Kampala, Uganda Security and Privacy: Can we trust the cloud? By Dr. David Turahi Director, Information Technology and Information Management

More information

NETWORK ACCESS CONTROL AND CLOUD SECURITY. Tran Song Dat Phuc SeoulTech 2015

NETWORK ACCESS CONTROL AND CLOUD SECURITY. Tran Song Dat Phuc SeoulTech 2015 NETWORK ACCESS CONTROL AND CLOUD SECURITY Tran Song Dat Phuc SeoulTech 2015 Table of Contents Network Access Control (NAC) Network Access Enforcement Methods Extensible Authentication Protocol IEEE 802.1X

More information

SOA and Cloud in practice - An Example Case Study

SOA and Cloud in practice - An Example Case Study SOA and Cloud in practice - An Example Case Study 2 nd RECOCAPE Event "Emerging Software Technologies: Trends & Challenges Nov. 14 th 2012 ITIDA, Smart Village, Giza, Egypt Agenda What is SOA? What is

More information

Keywords Cloud Storage, Error Identification, Partitioning, Cloud Storage Integrity Checking, Digital Signature Extraction, Encryption, Decryption

Keywords Cloud Storage, Error Identification, Partitioning, Cloud Storage Integrity Checking, Digital Signature Extraction, Encryption, Decryption Partitioning Data and Domain Integrity Checking for Storage - Improving Cloud Storage Security Using Data Partitioning Technique Santosh Jogade *, Ravi Sharma, Prof. Rajani Kadam Department Of Computer

More information

Cloud Computing Technology

Cloud Computing Technology Cloud Computing Technology The Architecture Overview Danairat T. Certified Java Programmer, TOGAF Silver danairat@gmail.com, +66-81-559-1446 1 Agenda What is Cloud Computing? Case Study Service Model Architectures

More information

The Cloud at 30,000 feet. Art Ridgway Scripps Media Inc. Managing Director Newspaper IT Operations

The Cloud at 30,000 feet. Art Ridgway Scripps Media Inc. Managing Director Newspaper IT Operations The Cloud at 30,000 feet Art Ridgway Scripps Media Inc. Managing Director Newspaper IT Operations Survey: Where s home? How many using cloud computing now? How many thinking of using cloud computing? How

More information

Overview of Cloud Computing (ENCS 691K Chapter 1)

Overview of Cloud Computing (ENCS 691K Chapter 1) Overview of Cloud Computing (ENCS 691K Chapter 1) Roch Glitho, PhD Associate Professor and Canada Research Chair My URL - http://users.encs.concordia.ca/~glitho/ Overview of Cloud Computing Towards a definition

More information

HIPAA CRITICAL AREAS TECHNICAL SECURITY FOCUS FOR CLOUD DEPLOYMENT

HIPAA CRITICAL AREAS TECHNICAL SECURITY FOCUS FOR CLOUD DEPLOYMENT HIPAA CRITICAL AREAS TECHNICAL SECURITY FOCUS FOR CLOUD DEPLOYMENT A Review List This paper was put together with Security in mind, ISO, and HIPAA, for guidance as you move into a cloud deployment Dr.

More information

The Magical Cloud. Lennart Franked. Department for Information and Communicationsystems (ICS), Mid Sweden University, Sundsvall.

The Magical Cloud. Lennart Franked. Department for Information and Communicationsystems (ICS), Mid Sweden University, Sundsvall. The Magical Cloud Lennart Franked Department for Information and Communicationsystems (ICS), Mid Sweden University, Sundsvall. 2014-10-20 Lennart Franked (MIUN IKS) The Magical Cloud 2014-10-20 1 / 35

More information

Grid Computing Vs. Cloud Computing

Grid Computing Vs. Cloud Computing International Journal of Information and Computation Technology. ISSN 0974-2239 Volume 3, Number 6 (2013), pp. 577-582 International Research Publications House http://www. irphouse.com /ijict.htm Grid

More information

Tufts University. Department of Computer Science. COMP 116 Introduction to Computer Security Fall 2014 Final Project. Guocui Gao Guocui.gao@tufts.

Tufts University. Department of Computer Science. COMP 116 Introduction to Computer Security Fall 2014 Final Project. Guocui Gao Guocui.gao@tufts. Tufts University Department of Computer Science COMP 116 Introduction to Computer Security Fall 2014 Final Project Investigating Security Issues in Cloud Computing Guocui Gao Guocui.gao@tufts.edu Mentor:

More information

Chapter 1: Introduction

Chapter 1: Introduction Chapter 1 Introduction 1 Chapter 1: Introduction 1.1 Inspiration Cloud Computing Inspired by the cloud computing characteristics like pay per use, rapid elasticity, scalable, on demand self service, secure

More information

Deploying a Geospatial Cloud

Deploying a Geospatial Cloud Deploying a Geospatial Cloud Traditional Public Sector Computing Environment Traditional Computing Infrastructure Silos of dedicated hardware and software Single application per silo Expensive to size

More information

CLOUD SECURITY SECURITY ASPECTS IN GEOSPATIAL CLOUD. Guided by Prof. S. K. Ghosh Presented by - Soumadip Biswas

CLOUD SECURITY SECURITY ASPECTS IN GEOSPATIAL CLOUD. Guided by Prof. S. K. Ghosh Presented by - Soumadip Biswas CLOUD SECURITY SECURITY ASPECTS IN GEOSPATIAL CLOUD Guided by Prof. S. K. Ghosh Presented by - Soumadip Biswas PART 1 A brief Concept of cloud Issues in cloud Security Issues A BRIEF The Evolution Super

More information

Cloud Security considerations for business adoption. Ricci IEONG CSA-HK&M Chapter

Cloud Security considerations for business adoption. Ricci IEONG CSA-HK&M Chapter Cloud Security considerations for business adoption Ricci IEONG CSA-HK&M Chapter What is Cloud Computing? Slide 2 What is Cloud Computing? My Cloud @ Internet Pogoplug What is Cloud Computing? Compute

More information

Cloud Computing: What needs to Be Validated and Qualified. Ivan Soto

Cloud Computing: What needs to Be Validated and Qualified. Ivan Soto Cloud Computing: What needs to Be Validated and Qualified Ivan Soto Learning Objectives At the end of this session we will have covered: Technical Overview of the Cloud Risk Factors Cloud Security & Data

More information

SECURITY MODELS FOR CLOUD 2012. Kurtis E. Minder, CISSP

SECURITY MODELS FOR CLOUD 2012. Kurtis E. Minder, CISSP SECURITY MODELS FOR CLOUD 2012 Kurtis E. Minder, CISSP INTRODUCTION Kurtis E. Minder, Technical Sales Professional Companies: Roles: Security Design Engineer Systems Engineer Sales Engineer Salesperson

More information

Lecture 02a Cloud Computing I

Lecture 02a Cloud Computing I Mobile Cloud Computing Lecture 02a Cloud Computing I 吳 秀 陽 Shiow-yang Wu What is Cloud Computing? Computing with cloud? Mobile Cloud Computing Cloud Computing I 2 Note 1 What is Cloud Computing? Walking

More information

CLOUD COMPUTING An Overview

CLOUD COMPUTING An Overview CLOUD COMPUTING An Overview Abstract Resource sharing in a pure plug and play model that dramatically simplifies infrastructure planning is the promise of cloud computing. The two key advantages of this

More information

CLOUD COMPUTING. When It's smarter to rent than to buy

CLOUD COMPUTING. When It's smarter to rent than to buy CLOUD COMPUTING When It's smarter to rent than to buy Is it new concept? Nothing new In 1990 s, WWW itself Grid Technologies- Scientific applications Online banking websites More convenience Not to visit

More information

Review of Cloud Computing and future research

Review of Cloud Computing and future research Review of Cloud Computing and future research Computer Science, IIS University, India Abstract: Cloud computing is also referred to as the evolutionary offspring of distributed computing, parallel computing,

More information

Cloud Computing: Computing as a Service. Prof. Daivashala Deshmukh Maharashtra Institute of Technology, Aurangabad

Cloud Computing: Computing as a Service. Prof. Daivashala Deshmukh Maharashtra Institute of Technology, Aurangabad Cloud Computing: Computing as a Service Prof. Daivashala Deshmukh Maharashtra Institute of Technology, Aurangabad Abstract: Computing as a utility. is a dream that dates from the beginning from the computer

More information

Trust but Verify. Vincent Campitelli. VP IT Risk Management

Trust but Verify. Vincent Campitelli. VP IT Risk Management Trust but Verify Vincent Campitelli VP IT Risk Management McKesson Corporation Trust but Verify Cloud Security 3 Agenda Cloud Defined Cloud Opportunities Cloud Challenges What s Different? How to Verify

More information

Evaluation Methodology of Converged Cloud Environments

Evaluation Methodology of Converged Cloud Environments Krzysztof Zieliński Marcin Jarząb Sławomir Zieliński Karol Grzegorczyk Maciej Malawski Mariusz Zyśk Evaluation Methodology of Converged Cloud Environments Cloud Computing Cloud Computing enables convenient,

More information

INTRODUCTION TO CLOUD COMPUTING

INTRODUCTION TO CLOUD COMPUTING INTRODUCTION TO CLOUD COMPUTING EXISTING PROBLEMS Application Platform Hardware CONTENTS What is cloud computing Key technologies enabling cloud computing Hardware Internet technologies Distributed computing

More information

International Journal of Computer Science Trends and Technology (IJCS T) Volume 4 Issue 3, May - Jun 2016

International Journal of Computer Science Trends and Technology (IJCS T) Volume 4 Issue 3, May - Jun 2016 RESEARCH ARTICLE Cloud Computing: Security Concerns Jitendra Nath Shrivastava [1], Uvaish Khan [2] Professor [1], Computer Science and Engineering Master of Computer Applications [2] Invertis University

More information

International Journal of Computer Science Trends and Technology (IJCST) Volume 3 Issue 1, Jan-Feb 2015

International Journal of Computer Science Trends and Technology (IJCST) Volume 3 Issue 1, Jan-Feb 2015 RESEARCH ARTICLE OPEN ACCESS A Survey on Cloud Computing Security and Solutions N. Sugavaneswaran, D.Saravanan Assistant Professor Department of Computer Science Srimad Andavan Arts and Science College

More information

Framework for Cloud Usability

Framework for Cloud Usability Published in proceedings of HCI International 2015 Framework for Cloud Usability Brian Stanton 1, Mary Theofanos 1, Karuna P Joshi 2 1 National Institute of Standards and Technology, Gaithersburg, MD,

More information

Strategic Compliance & Securing the Cloud. Annalea Sharack-Ilg, CISSP, AMBCI Technical Director of Information Security

Strategic Compliance & Securing the Cloud. Annalea Sharack-Ilg, CISSP, AMBCI Technical Director of Information Security Strategic Compliance & Securing the Cloud Annalea Sharack-Ilg, CISSP, AMBCI Technical Director of Information Security Complexity and Challenges 2 Complexity and Challenges Compliance Regulatory entities

More information

OWASP Chapter Meeting June 2010. Presented by: Brayton Rider, SecureState Chief Architect

OWASP Chapter Meeting June 2010. Presented by: Brayton Rider, SecureState Chief Architect OWASP Chapter Meeting June 2010 Presented by: Brayton Rider, SecureState Chief Architect Agenda What is Cloud Computing? Cloud Service Models Cloud Deployment Models Cloud Computing Security Security Cloud

More information

CLOUD COMPUTING SECURITY ISSUES

CLOUD COMPUTING SECURITY ISSUES CLOUD COMPUTING SECURITY ISSUES Florin OGIGAU-NEAMTIU IT Specialist The Regional Department of Defense Resources Management Studies, Brasov, Romania The term cloud computing has been in the spotlights

More information

What Cloud computing means in real life

What Cloud computing means in real life ITU TRCSL Symposium on Cloud Computing Session 2: Cloud Computing Foundation and Requirements What Cloud computing means in real life Saman Perera Senior General Manager Information Systems Mobitel (Pvt)

More information

Essential Characteristics of Cloud Computing: On-Demand Self-Service Rapid Elasticity Location Independence Resource Pooling Measured Service

Essential Characteristics of Cloud Computing: On-Demand Self-Service Rapid Elasticity Location Independence Resource Pooling Measured Service Cloud Computing Although cloud computing is quite a recent term, elements of the concept have been around for years. It is the maturation of Internet. Cloud Computing is the fine end result of a long chain;

More information

SECURING HEALTH INFORMATION IN THE CLOUD. Feisal Nanji, Executive Director, Techumen feisal@techumen.com

SECURING HEALTH INFORMATION IN THE CLOUD. Feisal Nanji, Executive Director, Techumen feisal@techumen.com SECURING HEALTH INFORMATION IN THE CLOUD Feisal Nanji, Executive Director, Techumen feisal@techumen.com Conflict of Interest Disclosure Feisal Nanji, MPP, CISSP Has no real or apparent conflicts of interest

More information

Cloud Computing: The atmospheric jeopardy. Unique Approach Unique Solutions. Salmon Ltd 2014 Commercial in Confidence Page 1 of 5

Cloud Computing: The atmospheric jeopardy. Unique Approach Unique Solutions. Salmon Ltd 2014 Commercial in Confidence Page 1 of 5 Cloud Computing: The atmospheric jeopardy Unique Approach Unique Solutions Salmon Ltd 2014 Commercial in Confidence Page 1 of 5 Background Cloud computing has its place in company computing strategies,

More information

Introduction to Cloud Computing

Introduction to Cloud Computing Institute of Informatics - UFRGS September 2013 Outline Virtualization References Mell, P., & Grance, T. (2011). The NIST denition of cloud computing (draft).nist special publication, 800, 145. Bojanova,

More information

Architecting the Cloud

Architecting the Cloud Architecting the Cloud Sumanth Tarigopula Director, India Center, Best Shore Applications Services 2011Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without

More information

The Cisco Powered Network Cloud: An Exciting Managed Services Opportunity

The Cisco Powered Network Cloud: An Exciting Managed Services Opportunity . White Paper The Cisco Powered Network Cloud: An Exciting Managed Services Opportunity The cloud computing phenomenon is generating a lot of interest worldwide because of its potential to offer services

More information

Cloud Computing Paradigm Shift. Jan Šedivý

Cloud Computing Paradigm Shift. Jan Šedivý Cloud Computing Paradigm Shift Jan Šedivý Business expectations Improving business processes Reducing enterprise costs Increasing the use of information/analytics Improving enterprise workforce effectiveness

More information

Computer Science. About PaaS Security. Donghoon Kim Henry E. Schaffer Mladen A. Vouk

Computer Science. About PaaS Security. Donghoon Kim Henry E. Schaffer Mladen A. Vouk About PaaS Security Donghoon Kim Henry E. Schaffer Mladen A. Vouk North Carolina State University, USA May 21, 2015 @ ICACON 2015 Outline Introduction Background Contribution PaaS Vulnerabilities and Countermeasures

More information

Security Management of Cloud-Native Applications. Presented By: Rohit Sharma MSc in Dependable Software Systems (DESEM)

Security Management of Cloud-Native Applications. Presented By: Rohit Sharma MSc in Dependable Software Systems (DESEM) Security Management of Cloud-Native Applications Presented By: Rohit Sharma MSc in Dependable Software Systems (DESEM) 1 Outline Context State-of-the-Art Design Patterns Threats to cloud systems Security

More information

Cloud-Security: Show-Stopper or Enabling Technology?

Cloud-Security: Show-Stopper or Enabling Technology? Cloud-Security: Show-Stopper or Enabling Technology? Fraunhofer Institute for Secure Information Technology (SIT) Technische Universität München Open Grid Forum, 16.3,. 2010, Munich Overview 1. Cloud Characteristics

More information

Cloud Computing; What is it, How long has it been here, and Where is it going?

Cloud Computing; What is it, How long has it been here, and Where is it going? Cloud Computing; What is it, How long has it been here, and Where is it going? David Losacco, CPA, CIA, CISA Principal January 10, 2013 Agenda The Cloud WHAT IS THE CLOUD? How long has it been here? Where

More information

Analytical Survey Model on Consumption of Cloud Service Models

Analytical Survey Model on Consumption of Cloud Service Models Analytical Survey Model on Consumption of Cloud Service Models Om Prakash Karada, Abhishek Pipliya, Parul Thakur & Neha Kamdar Malwa Institute of Technology, Indore E-mail : opkarada@gmail.com, aadeepipliya@gmail.com,

More information

BPM Architecture Design Based on Cloud Computing

BPM Architecture Design Based on Cloud Computing Intelligent Information Management, 2010, 2, 329-333 doi:10.4236/iim.2010.25039 Published Online May 2010 (http://www.scirp.org/journal/iim) BPM Architecture Design Based on Cloud Computing Abstract Zhenyu

More information

1.1.1 Introduction to Cloud Computing

1.1.1 Introduction to Cloud Computing 1 CHAPTER 1 INTRODUCTION 1.1 CLOUD COMPUTING 1.1.1 Introduction to Cloud Computing Computing as a service has seen a phenomenal growth in recent years. The primary motivation for this growth has been the

More information

IaaS Cloud Architectures: Virtualized Data Centers to Federated Cloud Infrastructures

IaaS Cloud Architectures: Virtualized Data Centers to Federated Cloud Infrastructures IaaS Cloud Architectures: Virtualized Data Centers to Federated Cloud Infrastructures Dr. Sanjay P. Ahuja, Ph.D. 2010-14 FIS Distinguished Professor of Computer Science School of Computing, UNF Introduction

More information

The Magazine for IT Security. May 2010. issue 3. sör alex / photocase.com

The Magazine for IT Security. May 2010. issue 3. sör alex / photocase.com The Magazine for IT Security May 2010 sör alex / photocase.com free digital version made in Germany issue 3 Luiz Fotolia.com Clouds or storm clouds? Cloud Computing Security by Javier Moreno Molinero Gradually,

More information

A Study on Service Oriented Network Virtualization convergence of Cloud Computing

A Study on Service Oriented Network Virtualization convergence of Cloud Computing A Study on Service Oriented Network Virtualization convergence of Cloud Computing 1 Kajjam Vinay Kumar, 2 SANTHOSH BODDUPALLI 1 Scholar(M.Tech),Department of Computer Science Engineering, Brilliant Institute

More information