INTERNATIONAL JOURNAL OF ELECTRONICS AND COMMUNICATION ENGINEERING & TECHNOLOGY (IJECET) Introduction to Cloud Security. Taniya

Size: px
Start display at page:

Download "INTERNATIONAL JOURNAL OF ELECTRONICS AND COMMUNICATION ENGINEERING & TECHNOLOGY (IJECET) Introduction to Cloud Security. Taniya"

Transcription

1 INTERNATIONAL JOURNAL OF ELECTRONICS AND COMMUNICATION ENGINEERING & TECHNOLOGY (IJECET) International Journal of Electronics and Communication Engineering & Technology (IJECET), ISSN (Print) ISSN (Online) Special Issue (November, 2013), pp IAEME: Journal Impact Factor (2013): (Calculated by GISI) IJECET I A E M E Introduction to Cloud Security Taniya Computer Science Engineering, BKBIET, Pilani, Rajasthan, India ABSTRACT: Invented in 1981, the floppy disk was the only way to move files quickly between computers, then came CD, memory card, USBs and portable hard drives. But very soon they too are going to get things of the past. The buzzword now is cloud computing. While cloud computing is getting increasingly popular and offer great features like flexibility, scalability and energy-saving it also comes with several security issues. The cloud moves across borders, taking our data with it and leaves us with a trail of concerns about data access, security and availability. This paper deals with cloud computing and the various security risks associated with it. It also reviews the best practices to secure Cloud services and data. KEYWORDS: Cloud computing, IAAS, PAAS, SAAS, Virtualization I. INTRODUCTION As budgets continues to shrink and the cost of data centers and software continue to increase executives have started relying more on the cloud. The popularity of cloud computing which provide services on demand on a pay as you go basis is increasing among the service vendors and customers as it s considered the best way to reduce IT expenditure, improve scalability and reliability. Both Meryl Lynch and Gartner have predicted a multibillion dollar market for cloud computing [1]. Delivering IT services via the Cloud is believed to be a time saver, a money saver and allow for better efficiencies. The savings associated with cloud computing include maintenance cost, licensing and human resource. According to Gartner, the typical IT organization invests two-thirds of its budget to daily operations. Moving to the cloud will free upto 35 to 50 percent of operational and infrastructure resources [2]. As savings mount and as efficiencies increase, Cloud computing will continue to grow. Through 2015 Chief Information Officers expect to operate the majority of their applications or infrastructure in a Cloud environment [3]. Cloud computing is achieved primarily by leveraging the capacity of a data center. Virtualization is the back bone of cloud computing. Autonomic computing and utility computing are the other enabling technologies. Google and Amazon are two widely known data centers providing Cloud computing and storage. But as more and more data gets on the cloud it becomes more vulnerable as it s exposed to hacking and various other risks. B K Birla Institute of Engineering & Technology (BKBIET), Pilani, India Page 252

2 A. Definition of Cloud Computing In layman s term cloud computing refers to internet-based computing. As bandwidth in our homes and offices increases, more applications are turning web-based. By plugging your cable into the wall you can access what you need including support and expertise paid for as a service. It s difficult to formally define cloud computing as its definition varies in context with different industries. Chris Poelker, the author of Storage Area Networks for Dummies wrote in his blog As I travel around the country meeting with IT professionals and attending or speaking at industry events, I am amazed by how many different versions there are of cloud computing. In March of 2010, The UK s Centre for the Protection of National Infrastructure, in their Information Security Briefing 01/2010 on Cloud Computing said There is, to date, no universally agreed industry definition of cloud computing and it is usual to find conflicting descriptions in any nascent industry [3]. This paper follows the NIST definition of cloud computing. According to The National Institute of Standards and Technology cloud computing is defined as A model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction [4]. B. Cloud Computing Model According to NIST the cloud model comprises of three service models, four deployment models and five essential characteristics. Fig. 1: NIST s three service models, four deployment models and five essential features [4] The service model contains Infrastructure as a Service (IaaS), Platform as a Service (PaaS) and Software as a Service (SaaS). IAAS is the lowest level of functionality where consumer uses only the infrastructure like storage, hardware, servers and networking. Rackspace, Windows Azure and Amazon EC2 are B K Birla Institute of Engineering & Technology (BKBIET), Pilani, India Page 253

3 some of the IaaS providers. In IaaS the service provider only provides the infrastructure security but the remainder is left to the customer. In this model the focus is on managing the virtual machines. The security operations need to protect the data against the rogue cloud usage. Moving up the stack is PaaS. This level allows customers to create their own applications. It provides the user with Application environment and a set of tools like OS, programming language execution environment, database, and web services etc. Examples are Azure and Heroku. Consumer and cloud service provider both are responsible for PaaS security. The security operation needs to maintain balance across providers to ensure fail over of services in the event of an outage. Another key consideration should be the ability to encrypt the data whilst stored on a third-party platform and to be aware of the regulatory issues that may apply to data availability in different geographies [5]. SaaS is at the top of the stack. In this the users run online applications provided by service vendors and pay a fixed subscription fee. They don t have to worry about installation, set up and running of these applications on their systems.in SaaS the cloud service provider is responsible for security controls. The security officer needs to focus on establishing controls regarding user s access to application. The customer needs to protect their API keys and make sure they don t replicate their organization in the cloud. The NIST deployment model includes: o Private cloud: It is a clouding architecture that provide hosted services for exclusive use by a single organization comprising multiple consumers behind a firewall o Public cloud: The cloud infrastructure is provisioned for open use by the general public. It may be owned, managed, and operated by a business, academic, or government organization, or some combination of them. It exists on the premises of the cloud provider. o Hybrid cloud: This cloud infrastructure is a composition of two or more distinct cloud infrastructures (private, community, or public) that remain unique entities, but are bound together by standardized or proprietary technology that enables data and application portability. In this model the management requirements are complex as there is a need to manage private and public cloud. o Community cloud: The cloud infrastructure is maintained by cloud provider or an organization and used by many organizations with similar requirements. Each form of the deployment model requires different kind of data depending on which the level of security for each kind is different. NIST also defines five important characteristics of a Cloud environment: Resource Pooling, On Demand Self Service, Broad Network Access, Measured Service and Elasticity. II. SECURITY RISKS INVOLVED IN CLOUD COMPUTING: AN OVERVIEW When we use cloud environment, we rely on cloud providers to make decisions about our data and platforms in ways never seen before in computer [6]. Also the applications are run on service provider s systems and the consumers have little to no knowledge of its environment. This makes the data vulnerable to peeping and tampering. B K Birla Institute of Engineering & Technology (BKBIET), Pilani, India Page 254

4 The data on the cloud is under the following threats: o Spoofing: It s a way of accessing information by using other s identity. o Tampering: Data entered by a user are changed without the user's authorization. o Repudiation: Denying the origin of transaction (request or response). o Information Disclosure: The data is disclosed to unauthorized users without the knowledge of the user. o Denial of Service:In a denial-of-service (DoS) attack, an attacker attempts to prevent legitimate users from accessing information or services. o Elevation of Privilege:Elevation of privilege results from giving an attacker authorization permissions beyond those initially granted. For example, an attacker with a privilege set of "read only" permissions somehow elevates the set to include "read and write." The data needs to be protected both in store and in transit. Appropriate mechanisms should be taken in order to make application execution and stored data accessible to designated persons only. How much security is required depends upon the deployment model, type of application, business objective and available budget.while defining security for cloud, it s required to address it from operational as well as Governance point of view. Under operational domain it is very important to focus on traditional security, disaster recovery, data center operations, incident response, application security, encryption and key management, identity and access management and virtualization whereas under Governance domain focus has to be given to Cloud computing architectural framework, risk management and Legal discovery [7]. III. PROTECTION OF SENSITIVE DATA The data needs to be secured to overcome the threats mentioned above. The data at rest can be protected by encrypting it. Encryptions protect data against malicious cloud providers and co-tenants in the cloud. The keys are kept by the customer so that the description can be done when needed. Data security also involves enforcing the appropriate accessing policies. Researchers have implemented the data protection framework which provides authentication, verification and encrypted data transfer [6]. A. Data Sanitization The biggest question about data is how long the data has to remain on the cloud. There is a big chance that the service provider might retain the information even after the client is no longer accessing the data. When the user migrates or terminates the service he should make sure that the data is destroyed or no longer visible in cloud provider domain.data sanitization is the process of deliberately, permanently, and irreversibly removing or destroying the data stored in the data base. A device that has been sanitized has no usable residual data and even advanced forensic tools should not ever be able to recover erased data [8]. Data sanitization is achieved by using masking technique. B. Data Isolation The data on the cloud becomes vulnerable to attacks when there is lack of isolation. The cloud provider must make sure that the clients are isolated from each other. Virtualization is a great tool for ensuring isolation. It is implemented by running Virtual Machine (VM) instance for each user and all users can independently access data without any interference. B K Birla Institute of Engineering & Technology (BKBIET), Pilani, India Page 255

5 C. Data Location The location of data on the cloud also makes it vulnerable. The service subscriber does not have detailed information about the location of data. This makes it difficult for the user to ascertain whether the data is secure and whether the proper legal requirements are being met. Different countries have different laws regarding cyber security and data privacy. Once the data crosses the national border it becomes very difficult to guarantee protection under foreign laws and regulations. For example European consumers have expressed concern that the USA Patriot Act will afford the US government undue and unfettered access to their data if they choose to store it on the cloud servers of US providers (e.g., Microsoft or IBM). A recent survey found that 70 percent of Europeans have concerns about their online data and how well it is secured [9]. IV. SECURITY ISSUES DUE TO VIRTUALIZATION Virtualization is the creation of a virtual (rather than actual) version of something, such as an operating system, a server, a storage device or network resources. Ottenheimer and Vallace define it as The creation of virtual resources from physical resources. It is one of the major enabling technique of cloud computing. In a virtual environment, the host has the ability to run multiple guest operating systems as virtual machines. Virtual machines can be created quickly and easily and brings many advantages to the space, including higher efficiency due to increased utilization, energy savings per computation unit, and the flexibility to create and destroy machines on demand [10]. Also to maximize the utilization of resources these virtual machines belonging to different organization are co-located on the same physical server.but virtualization comes with various risks. With the creation of virtual machines the attacker surface increases as the vulnerabilities not only exist in the physical equipment but also in the virtualized environment. According to the Cloud Security Alliance (CSA), irrespective of the service model (IaaS, PaaS and SaaS) used, Virtualization brings with it all the security concerns of the guest operating system, along with new virtualization-specific threats. [11]. In the virtualized environment A single host with multiple virtual machines may be attacked by one of the guest operating systems or, a guest operating system may be used to attack other guest operating systems. NIST in its virtualization security guidelines recommends organization [12]: o Secure all elements of a full virtualization solution and maintain their security; o Restrict and protect administrator access to the virtualization solution; o Ensure that the hypervisor, the central program that runs the virtual environment, is properly secured; o Carefully plan the security for a full virtualization solution before installing, configuring and deploying it. A. Hypervisor Security The hypervisor, or virtual machine monitor (VMM), is the software that virtualizes the hardware and provides isolation, or separation, between guests. Given the relative newness of non-mainframe virtualization and the need to handle sensitive workloads, hypervisor security is a great and well-placed concern [10]. Functionality that allows the hypervisor to control and monitor individual VM activity from outside the VMs is known as introspection. It gives the B K Birla Institute of Engineering & Technology (BKBIET), Pilani, India Page 256

6 hypervisor power to access and analyze the data being processed by the VM, and typically includes visibility into stored data files as well as monitoring of network traffic, memory and program execution, and other elements of the VM. The two major security risks with introspection are that it can bypass role-based access controls and it can be used without leaving a forensic audit trail within the VM itself. Since no authentication is required, as with introspection, files can be accessed from within the privileged state of the hypervisor, the file access leaves no audit trail on the VM and the VM contains no evidence that the file was accessed. There are two types of attacks on the hypervisor [13]: Attack on hypervisor through the host OS: The hypervisor is compromised when the control is being taken on the host OS by the attacker who then gains the administrative privileges of the hypervisor and can perform any malicious activity on the VM hosted by the hypervisor. Fig. 2: Attack on Hypervisor through Host OS [13] Attack on the hypervisor through guest OS: This is the most possible attack on the hypervisor. In this a guest OS is used to gain unauthorized access to the hypervisor. Fig. 3: Attack on the hypervisor through Guest OS [13] B K Birla Institute of Engineering & Technology (BKBIET), Pilani, India Page 257

7 Traditional defenses such as firewalls and IPSs are not capable to stop attack on the hypervisor as these attacks are rooted in the processor. The best ways to mitigate risks are by creating a chain of trust in the CPU that will extend to the hypervisor and hardening the hypervisor by following the manufacture s best practices. V. MULTI-TENANCY Multi-tenancy is defined as the ability to use the same software and interfaces to configure resources and isolate customer-specific traffic and data. In a typical multi tenancy environment, multiple users who do not share or see each other s data can share the same applications while running on the same operating system, using the same hardware and the same data storage mechanism [14]. It comes with many security issues. Over provisioning of resources is the biggest risk associated with multi-tenancy which further results in resource contention and potential lack of availability, effectively creating a denial of service situation. Performance may become unpredictable when noisy neighbors are co-located and start behaving poorly by consuming large amounts of CPU or memory resources [3].To secure the multi-tenant environment from malicious attacks CSA recommends that implementers should ensure adequate security zones for different types of machines. Servers, development machines, workstations and management consoles should each have their own security zone [3]. VI. INFORMATION SECURITY STANDARDS Over the past few years several security standards have evolved to protect the confidentiality, integrity and availability of data on the cloud. It is very important to thoroughly understand your organization s security policies in order to implement like standards in a Cloud environment that will form your security frame work. It is also very important to choose the CSP who offer the standards that are relevant to your needs. Standards can be based on security, system development, financial reporting, IT service delivery, or control environment [3]. Some of the most popular standards related to security are: National Institute of Standards and Technology (NIST) publish series of papers stating various guidelines to insure security in cloud computing outlining the comprehensive security framework. The International Standards Organization (ISO) has published ISO/IEC 27001, an audit standard for Information Security Management Systems. Organizations that claim to have adopted ISO/IEC can therefore be formally audited and certified compliant with the standard. It contains 11 domains, 39 control objective and more than 130 controls. Some of the domains under it are Security policy, physical and environmental security, Access control. The Federal Information Security Management Act (FISMA) made in 2002 requires the Federal Government to create standards for minimum information security and standards for categorizing information and information systems. The European Network and Information Security Agency (ENISA) is an agency of the European Union. The objective of ENISA is to improve network and information security in the European Other entities that create standards are Institute of Electronics and Electrical Engineers (IEEE), American National Standards Institute (ANSI) and National Security Agency (NSA). B K Birla Institute of Engineering & Technology (BKBIET), Pilani, India Page 258

8 There is a wide range of standards and guidelines concerning the information security. This sometimes leads to confusion among the customers as different CSA follow different standards. To make it easy for the users to know about the best suited standard the Cloud Security Alliance has created a Cloud Controls Matrix (CCM). The CCM is designed to provide fundamental security principles to assist cloud customers in assessing the overall security risk of a cloud provider. It consists of 13 domains based on ISO and NIST. No matter which standard the CSA adheres to certification provides customers with a promise that information security is given the highest priority and a process to protect the confidentiality, integrity and availability of data is in place. VII. CONCLUSION Cloud computing is a revolution in how computing power is developed to business. Business and government continues to move on Cloud environment in an effort to reduce costs, improve efficiencies and reduce administrative overhead. Though cloud computing has various advantages it also comes with several security issues.as the data gets off premises and moves to the cloud it gets vulnerable to attacks both at rest and in transit. While virtualization reduces some security risks, others are increased because the attack surface in a Cloud service increases. Also there are various security issues in multi-tenant architecture of cloud computing.in these paper I have tried to summarize all these security issues related to various aspects and models of cloud computing. I have also reviewed various mitigation strategies, security standards and guidelines. ACKNOWLEDGEMENT Foremost, I would like to express my sincere gratitude to Ms. Sonam Mittal, Assistant Professor, BKBIET, Pilani for helping me out in completing the paper. My sincere thanks also go to my friends who helped me in finding the resources and motivating me. Last but not the least; I would like to thank my family for supporting me. REFERENCES [1] ShikhareshMajundar, Resource Management on Clouds- The Multifaceted Problem & Solution, Advancement in Cloud Computing, 2012 [2]http://betanews.com/2011/01/24/gartner-most-cios-have-their-heads-in-the-clouds/ [3] Todd Steiner, An Introduction to Securing a Cloud Environment (white paper), SANS institute [4] [5]http://www.csoonline.com/article/660065/saas-paas-and-iaas-a-security-checklist-forcloud-models [6] P. Jayarekha, Anintha H M, Exploring Cloud Computing and Security Issues, Advancement in Cloud Computing, 2012 [7] N. Sarat Chandra Babu, Cloud Security, Advancement in Cloud Computing, 2012 [8] [9] Stored-in-the-Cloud / [10] ftp://public.dhe.ibm.com/linux/pdfs/lxw03004-usen-00.pdf [11] https://cloudsecurityalliance.org/guidance/csaguide.v3.0.pdf B K Birla Institute of Engineering & Technology (BKBIET), Pilani, India Page 259

9 [12] [13] [14] BIOGRAPHY Taniya was born in Dehradun, Uttarakhand, India in She is doing her B.Tech in Computer Science Engineering from B K Birla Institute of Engineering and technology Pilani (Rajasthan), India. B K Birla Institute of Engineering & Technology (BKBIET), Pilani, India Page 260

Managing Cloud Computing Risk

Managing Cloud Computing Risk Managing Cloud Computing Risk Presented By: Dan Desko; Manager, Internal IT Audit & Risk Advisory Services Schneider Downs & Co. Inc. ddesko@schneiderdowns.com Learning Objectives Understand how to identify

More information

Introduction to Cloud Computing. Srinath Beldona srinath_beldona@yahoo.com

Introduction to Cloud Computing. Srinath Beldona srinath_beldona@yahoo.com Introduction to Cloud Computing Srinath Beldona srinath_beldona@yahoo.com Agenda Pre-requisites Course objectives What you will learn in this tutorial? Brief history Is cloud computing new? Why cloud computing?

More information

A Secure Strategy using Weighted Active Monitoring Load Balancing Algorithm for Maintaining Privacy in Multi-Cloud Environments

A Secure Strategy using Weighted Active Monitoring Load Balancing Algorithm for Maintaining Privacy in Multi-Cloud Environments IJSTE - International Journal of Science Technology & Engineering Volume 1 Issue 10 April 2015 ISSN (online): 2349-784X A Secure Strategy using Weighted Active Monitoring Load Balancing Algorithm for Maintaining

More information

Security Issues in Cloud Computing

Security Issues in Cloud Computing Security Issues in Computing CSCI 454/554 Computing w Definition based on NIST: A model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources

More information

SECURITY MODELS FOR CLOUD 2012. Kurtis E. Minder, CISSP

SECURITY MODELS FOR CLOUD 2012. Kurtis E. Minder, CISSP SECURITY MODELS FOR CLOUD 2012 Kurtis E. Minder, CISSP INTRODUCTION Kurtis E. Minder, Technical Sales Professional Companies: Roles: Security Design Engineer Systems Engineer Sales Engineer Salesperson

More information

Cloud Computing Governance & Security. Security Risks in the Cloud

Cloud Computing Governance & Security. Security Risks in the Cloud Cloud Computing Governance & Security The top ten questions you have to ask Mike Small CEng, FBCS, CITP Fellow Analyst, KuppingerCole This Webinar is supported by Agenda What is the Problem? Ten Cloud

More information

John Essner, CISO Office of Information Technology State of New Jersey

John Essner, CISO Office of Information Technology State of New Jersey John Essner, CISO Office of Information Technology State of New Jersey http://csrc.nist.gov/publications/nistpubs/800-144/sp800-144.pdf Governance Compliance Trust Architecture Identity and Access Management

More information

Tufts University. Department of Computer Science. COMP 116 Introduction to Computer Security Fall 2014 Final Project. Guocui Gao Guocui.gao@tufts.

Tufts University. Department of Computer Science. COMP 116 Introduction to Computer Security Fall 2014 Final Project. Guocui Gao Guocui.gao@tufts. Tufts University Department of Computer Science COMP 116 Introduction to Computer Security Fall 2014 Final Project Investigating Security Issues in Cloud Computing Guocui Gao Guocui.gao@tufts.edu Mentor:

More information

Public Clouds. Krishnan Subramanian Analyst & Researcher Krishworld.com. A whitepaper sponsored by Trend Micro Inc.

Public Clouds. Krishnan Subramanian Analyst & Researcher Krishworld.com. A whitepaper sponsored by Trend Micro Inc. Public Clouds Krishnan Subramanian Analyst & Researcher Krishworld.com A whitepaper sponsored by Trend Micro Inc. Introduction Public clouds are the latest evolution of computing, offering tremendous value

More information

Overview of Cloud Computing and Cloud Computing s Use in Government Justin Heyman CGCIO, Information Technology Specialist, Township of Franklin

Overview of Cloud Computing and Cloud Computing s Use in Government Justin Heyman CGCIO, Information Technology Specialist, Township of Franklin Overview of Cloud Computing and Cloud Computing s Use in Government Justin Heyman CGCIO, Information Technology Specialist, Township of Franklin Best Practices for Security in the Cloud John Essner, Director

More information

Keyword: Cloud computing, service model, deployment model, network layer security.

Keyword: Cloud computing, service model, deployment model, network layer security. Volume 4, Issue 2, February 2014 ISSN: 2277 128X International Journal of Advanced Research in Computer Science and Software Engineering Research Paper Available online at: www.ijarcsse.com An Emerging

More information

Cloud Computing and Security Risk Analysis Qing Liu Technology Architect STREAM Technology Lab Qing.Liu@chi.frb.org

Cloud Computing and Security Risk Analysis Qing Liu Technology Architect STREAM Technology Lab Qing.Liu@chi.frb.org Cloud Computing and Security Risk Analysis Qing Liu Technology Architect STREAM Technology Lab Qing.Liu@chi.frb.org 1 Disclaimers This presentation provides education on Cloud Computing and its security

More information

OWASP Chapter Meeting June 2010. Presented by: Brayton Rider, SecureState Chief Architect

OWASP Chapter Meeting June 2010. Presented by: Brayton Rider, SecureState Chief Architect OWASP Chapter Meeting June 2010 Presented by: Brayton Rider, SecureState Chief Architect Agenda What is Cloud Computing? Cloud Service Models Cloud Deployment Models Cloud Computing Security Security Cloud

More information

Clouds on the Horizon Cloud Security in Today s DoD Environment. Bill Musson Security Analyst

Clouds on the Horizon Cloud Security in Today s DoD Environment. Bill Musson Security Analyst Clouds on the Horizon Cloud Security in Today s DoD Environment Bill Musson Security Analyst Agenda O Overview of Cloud architectures O Essential characteristics O Cloud service models O Cloud deployment

More information

Security Issues in Cloud Computing

Security Issues in Cloud Computing Security Issues in Cloud Computing Dr. A. Askarunisa Professor and Head Vickram College of Engineering, Madurai, Tamilnadu, India N.Ganesh Sr.Lecturer Vickram College of Engineering, Madurai, Tamilnadu,

More information

Introduction to Cloud Computing

Introduction to Cloud Computing 1 Introduction to Cloud Computing CERTIFICATION OBJECTIVES 1.01 Cloud Computing: Common Terms and Definitions 1.02 Cloud Computing and Virtualization 1.03 Early Examples of Cloud Computing 1.04 Cloud Computing

More information

yvette@yvetteagostini.it yvette@yvetteagostini.it

yvette@yvetteagostini.it yvette@yvetteagostini.it 1 The following is merely a collection of notes taken during works, study and just-for-fun activities No copyright infringements intended: all sources are duly listed at the end of the document This work

More information

White Paper on CLOUD COMPUTING

White Paper on CLOUD COMPUTING White Paper on CLOUD COMPUTING INDEX 1. Introduction 2. Features of Cloud Computing 3. Benefits of Cloud computing 4. Service models of Cloud Computing 5. Deployment models of Cloud Computing 6. Examples

More information

Cloud Computing Service Models, Types of Clouds and their Architectures, Challenges.

Cloud Computing Service Models, Types of Clouds and their Architectures, Challenges. Cloud Computing Service Models, Types of Clouds and their Architectures, Challenges. B.Kezia Rani 1, Dr.B.Padmaja Rani 2, Dr.A.Vinaya Babu 3 1 Research Scholar,Dept of Computer Science, JNTU, Hyderabad,Telangana

More information

Cloud Security Introduction and Overview

Cloud Security Introduction and Overview Introduction and Overview Klaus Gribi Senior Security Consultant klaus.gribi@swisscom.com May 6, 2015 Agenda 2 1. Cloud Security Cloud Evolution, Service and Deployment models Overview and the Notorious

More information

Security Model for VM in Cloud

Security Model for VM in Cloud Security Model for VM in Cloud 1 Venkataramana.Kanaparti, 2 Naveen Kumar R, 3 Rajani.S, 4 Padmavathamma M, 5 Anitha.C 1,2,3,5 Research Scholars, 4Research Supervisor 1,2,3,4,5 Dept. of Computer Science,

More information

Cloud Computing: Opportunities, Challenges, and Solutions. Jungwoo Ryoo, Ph.D., CISSP, CISA The Pennsylvania State University

Cloud Computing: Opportunities, Challenges, and Solutions. Jungwoo Ryoo, Ph.D., CISSP, CISA The Pennsylvania State University Cloud Computing: Opportunities, Challenges, and Solutions Jungwoo Ryoo, Ph.D., CISSP, CISA The Pennsylvania State University What is cloud computing? What are some of the keywords? How many of you cannot

More information

Cloud Computing; What is it, How long has it been here, and Where is it going?

Cloud Computing; What is it, How long has it been here, and Where is it going? Cloud Computing; What is it, How long has it been here, and Where is it going? David Losacco, CPA, CIA, CISA Principal January 10, 2013 Agenda The Cloud WHAT IS THE CLOUD? How long has it been here? Where

More information

East African Information Conference 13-14 th August, 2013, Kampala, Uganda. Security and Privacy: Can we trust the cloud?

East African Information Conference 13-14 th August, 2013, Kampala, Uganda. Security and Privacy: Can we trust the cloud? East African Information Conference 13-14 th August, 2013, Kampala, Uganda Security and Privacy: Can we trust the cloud? By Dr. David Turahi Director, Information Technology and Information Management

More information

IBM Cloud Security Draft for Discussion September 12, 2011. 2011 IBM Corporation

IBM Cloud Security Draft for Discussion September 12, 2011. 2011 IBM Corporation IBM Cloud Security Draft for Discussion September 12, 2011 IBM Point of View: Cloud can be made secure for business As with most new technology paradigms, security concerns surrounding cloud computing

More information

Cloud Computing for SCADA

Cloud Computing for SCADA Cloud Computing for SCADA Moving all or part of SCADA applications to the cloud can cut costs significantly while dramatically increasing reliability and scalability. A White Paper from InduSoft Larry

More information

Cloud Computing: What needs to Be Validated and Qualified. Ivan Soto

Cloud Computing: What needs to Be Validated and Qualified. Ivan Soto Cloud Computing: What needs to Be Validated and Qualified Ivan Soto Learning Objectives At the end of this session we will have covered: Technical Overview of the Cloud Risk Factors Cloud Security & Data

More information

A SURVEY OF CLOUD COMPUTING: NETWORK BASED ISSUES PERFORMANCE AND ANALYSIS

A SURVEY OF CLOUD COMPUTING: NETWORK BASED ISSUES PERFORMANCE AND ANALYSIS A SURVEY OF CLOUD COMPUTING: NETWORK BASED ISSUES PERFORMANCE AND ANALYSIS *Dr Umesh Sehgal, #Shalini Guleria *Associate Professor,ARNI School of Computer Science,Arni University,KathagarhUmeshsehgalind@gmail.com

More information

Cloud Security. Peter Jopling joplingp@uk.ibm.com IBM UK Ltd Software Group Hursley Labs. peterjopling. 2011 IBM Corporation

Cloud Security. Peter Jopling joplingp@uk.ibm.com IBM UK Ltd Software Group Hursley Labs. peterjopling. 2011 IBM Corporation Cloud Security Peter Jopling joplingp@uk.ibm.com IBM UK Ltd Software Group Hursley Labs peterjopling 2011 IBM Corporation Cloud computing impacts the implementation of security in fundamentally new ways

More information

HIPAA CRITICAL AREAS TECHNICAL SECURITY FOCUS FOR CLOUD DEPLOYMENT

HIPAA CRITICAL AREAS TECHNICAL SECURITY FOCUS FOR CLOUD DEPLOYMENT HIPAA CRITICAL AREAS TECHNICAL SECURITY FOCUS FOR CLOUD DEPLOYMENT A Review List This paper was put together with Security in mind, ISO, and HIPAA, for guidance as you move into a cloud deployment Dr.

More information

Cloud Security Implications for Financial Institutions By Scott Galyk Director of Software Development FIMAC Solutions, LLC

Cloud Security Implications for Financial Institutions By Scott Galyk Director of Software Development FIMAC Solutions, LLC Cloud Security Implications for Financial Institutions By Scott Galyk Director of Software Development FIMAC Solutions, LLC www.fmsinc.org 1 2015 Financial Managers Society, Inc. Cloud Security Implications

More information

Cloud Security: Evaluating Risks within IAAS/PAAS/SAAS

Cloud Security: Evaluating Risks within IAAS/PAAS/SAAS Cloud Security: Evaluating Risks within IAAS/PAAS/SAAS Char Sample Security Engineer, Carnegie Mellon University CERT Information Security Decisions TechTarget Disclaimer Standard Disclaimer - This talk

More information

Addressing Data Security Challenges in the Cloud

Addressing Data Security Challenges in the Cloud Addressing Data Security Challenges in the Cloud Coordinate Security. The Need for Cloud Computing Security A Trend Micro White Paper July 2010 I. INTRODUCTION Enterprises increasingly recognize cloud

More information

Security & Trust in the Cloud

Security & Trust in the Cloud Security & Trust in the Cloud Ray Trygstad Director of Information Technology, IIT School of Applied Technology Associate Director, Information Technology & Management Degree Programs Cloud Computing Primer

More information

Securing The Cloud. Foundational Best Practices For Securing Cloud Computing. Scott Clark. Insert presenter logo here on slide master

Securing The Cloud. Foundational Best Practices For Securing Cloud Computing. Scott Clark. Insert presenter logo here on slide master Securing The Cloud Foundational Best Practices For Securing Cloud Computing Scott Clark Agenda Introduction to Cloud Computing What is Different in the Cloud? CSA Guidance Additional Resources 2 What is

More information

Orchestrating the New Paradigm Cloud Assurance

Orchestrating the New Paradigm Cloud Assurance Orchestrating the New Paradigm Cloud Assurance Amsterdam 17 January 2012 John Hermans - Partner Current business challenges versus traditional IT Organizations are challenged with: Traditional IT seems

More information

10/25/2012 BY VORAPOJ LOOKMAIPUN CISSP, CISA, CISM, CRISC, CEH VORAPOJ.L@G-ABLE.COM. Agenda. Security Cases What is Cloud? Road Map Security Concerns

10/25/2012 BY VORAPOJ LOOKMAIPUN CISSP, CISA, CISM, CRISC, CEH VORAPOJ.L@G-ABLE.COM. Agenda. Security Cases What is Cloud? Road Map Security Concerns BY VORAPOJ LOOKMAIPUN CISSP, CISA, CISM, CRISC, CEH VORAPOJ.L@G-ABLE.COM Agenda Security Cases What is Cloud? Road Map Security Concerns 1 Security Cases on Cloud Data Protection - Two arrested in ipad

More information

What Cloud computing means in real life

What Cloud computing means in real life ITU TRCSL Symposium on Cloud Computing Session 2: Cloud Computing Foundation and Requirements What Cloud computing means in real life Saman Perera Senior General Manager Information Systems Mobitel (Pvt)

More information

Providing Flexible Security as a Service Model for Cloud Infrastructure

Providing Flexible Security as a Service Model for Cloud Infrastructure Providing Flexible Security as a Service Model for Cloud Infrastructure Dr. M. Newlin Rajkumar, P. Banu Priya, Dr. V. Venkatesakumar Abstract Security-as-a-Service model for cloud systems enable application

More information

Cloud Courses Description

Cloud Courses Description Courses Description 101: Fundamental Computing and Architecture Computing Concepts and Models. Data center architecture. Fundamental Architecture. Virtualization Basics. platforms: IaaS, PaaS, SaaS. deployment

More information

Cloud Computing Architecture: A Survey

Cloud Computing Architecture: A Survey Cloud Computing Architecture: A Survey Abstract Now a day s Cloud computing is a complex and very rapidly evolving and emerging area that affects IT infrastructure, network services, data management and

More information

A Survey on Cloud Security Issues and Techniques

A Survey on Cloud Security Issues and Techniques A Survey on Cloud Security Issues and Techniques Garima Gupta 1, P.R.Laxmi 2 and Shubhanjali Sharma 3 1 Department of Computer Engineering, Government Engineering College, Ajmer Guptagarima09@gmail.com

More information

Lecture 02a Cloud Computing I

Lecture 02a Cloud Computing I Mobile Cloud Computing Lecture 02a Cloud Computing I 吳 秀 陽 Shiow-yang Wu What is Cloud Computing? Computing with cloud? Mobile Cloud Computing Cloud Computing I 2 Note 1 What is Cloud Computing? Walking

More information

Strategic Compliance & Securing the Cloud. Annalea Sharack-Ilg, CISSP, AMBCI Technical Director of Information Security

Strategic Compliance & Securing the Cloud. Annalea Sharack-Ilg, CISSP, AMBCI Technical Director of Information Security Strategic Compliance & Securing the Cloud Annalea Sharack-Ilg, CISSP, AMBCI Technical Director of Information Security Complexity and Challenges 2 Complexity and Challenges Compliance Regulatory entities

More information

Data Security In The Cloud

Data Security In The Cloud Data Security In The Cloud LOGO Presented by: Gary Dischner TxMQ Enterprise Architect What Is The Cloud? NIST 800-145 Cloud computing is a model for enabling ubiquitous, convenient, on-demand network access

More information

SECURITY THREATS TO CLOUD COMPUTING

SECURITY THREATS TO CLOUD COMPUTING IMPACT: International Journal of Research in Engineering & Technology (IMPACT: IJRET) ISSN(E): 2321-8843; ISSN(P): 2347-4599 Vol. 2, Issue 3, Mar 2014, 101-106 Impact Journals SECURITY THREATS TO CLOUD

More information

Cloud Computing. Course: Designing and Implementing Service Oriented Business Processes

Cloud Computing. Course: Designing and Implementing Service Oriented Business Processes Cloud Computing Supplementary slides Course: Designing and Implementing Service Oriented Business Processes 1 Introduction Cloud computing represents a new way, in some cases a more cost effective way,

More information

Secure Cloud Computing through IT Auditing

Secure Cloud Computing through IT Auditing Secure Cloud Computing through IT Auditing 75 Navita Agarwal Department of CSIT Moradabad Institute of Technology, Moradabad, U.P., INDIA Email: nvgrwl06@gmail.com ABSTRACT In this paper we discuss the

More information

Security Considerations for Public Mobile Cloud Computing

Security Considerations for Public Mobile Cloud Computing Security Considerations for Public Mobile Cloud Computing Ronnie D. Caytiles 1 and Sunguk Lee 2* 1 Society of Science and Engineering Research Support, Korea rdcaytiles@gmail.com 2 Research Institute of

More information

1.1.1 Introduction to Cloud Computing

1.1.1 Introduction to Cloud Computing 1 CHAPTER 1 INTRODUCTION 1.1 CLOUD COMPUTING 1.1.1 Introduction to Cloud Computing Computing as a service has seen a phenomenal growth in recent years. The primary motivation for this growth has been the

More information

International Research Journal of Engineering and Technology (IRJET) e-issn: 2395-0056. Volume: 02 Issue: 05 Aug-2015 www.irjet.net p-issn: 2395-0072

International Research Journal of Engineering and Technology (IRJET) e-issn: 2395-0056. Volume: 02 Issue: 05 Aug-2015 www.irjet.net p-issn: 2395-0072 Fear of Cloud Vinnakota Saran Chaitanya 1, G. Harshavardhan Reddy 2 1 UG Final year student, Department of Computer Science and Engineering, G. Pulla Reddy Engineering College, Andhra Pradesh, India 2

More information

Top 10 Cloud Risks That Will Keep You Awake at Night

Top 10 Cloud Risks That Will Keep You Awake at Night Top 10 Cloud Risks That Will Keep You Awake at Night Shankar Babu Chebrolu Ph.D., Vinay Bansal, Pankaj Telang Photo Source flickr.com .. Amazon EC2 (Cloud) to host Eng. Lab testing. We want to use SalesForce.com

More information

ITL BULLETIN FOR JUNE 2012 CLOUD COMPUTING: A REVIEW OF FEATURES, BENEFITS, AND RISKS, AND RECOMMENDATIONS FOR SECURE, EFFICIENT IMPLEMENTATIONS

ITL BULLETIN FOR JUNE 2012 CLOUD COMPUTING: A REVIEW OF FEATURES, BENEFITS, AND RISKS, AND RECOMMENDATIONS FOR SECURE, EFFICIENT IMPLEMENTATIONS ITL BULLETIN FOR JUNE 2012 CLOUD COMPUTING: A REVIEW OF FEATURES, BENEFITS, AND RISKS, AND RECOMMENDATIONS FOR SECURE, EFFICIENT IMPLEMENTATIONS Shirley Radack, Editor Computer Security Division Information

More information

Future of Cloud Computing. Irena Bojanova, Ph.D. UMUC, NIST

Future of Cloud Computing. Irena Bojanova, Ph.D. UMUC, NIST Future of Cloud Computing Irena Bojanova, Ph.D. UMUC, NIST No Longer On The Horizon Essential Characteristics On-demand Self-Service Broad Network Access Resource Pooling Rapid Elasticity Measured Service

More information

THOUGHT LEADERSHIP. Journey to Cloud 9. Navigating a path to secure cloud computing. Alastair Broom Solutions Director, Integralis

THOUGHT LEADERSHIP. Journey to Cloud 9. Navigating a path to secure cloud computing. Alastair Broom Solutions Director, Integralis Journey to Cloud 9 Navigating a path to secure cloud computing Alastair Broom Solutions Director, Integralis March 2012 Navigating a path to secure cloud computing 2 Living on Cloud 9 Cloud computing represents

More information

Cloud Security. DLT Solutions LLC June 2011. #DLTCloud

Cloud Security. DLT Solutions LLC June 2011. #DLTCloud Cloud Security DLT Solutions LLC June 2011 Contact Information DLT Cloud Advisory Group 1-855-CLOUD01 (256-8301) cloud@dlt.com www.dlt.com/cloud Your Hosts Van Ristau Chief Technology Officer, DLT Solutions

More information

Vormetric Data Security Securing and Controlling Data in the Cloud

Vormetric Data Security Securing and Controlling Data in the Cloud Vormetric Data Security Securing and Controlling Data in the Cloud Vormetric, Inc. Tel: 888.267.3732 Email: sales@vormetric.com www.vormetric.com Table of Contents Executive Summary.........................................................3

More information

CLOUD COMPUTING. DAV University, Jalandhar, Punjab, India. DAV University, Jalandhar, Punjab, India

CLOUD COMPUTING. DAV University, Jalandhar, Punjab, India. DAV University, Jalandhar, Punjab, India CLOUD COMPUTING 1 Er. Simar Preet Singh, 2 Er. Anshu Joshi 1 Assistant Professor, Computer Science & Engineering, DAV University, Jalandhar, Punjab, India 2 Research Scholar, Computer Science & Engineering,

More information

What is Cloud Computing? First, a little history. Demystifying Cloud Computing. Mainframe Era (1944-1978) Workstation Era (1968-1985) Xerox Star 1981!

What is Cloud Computing? First, a little history. Demystifying Cloud Computing. Mainframe Era (1944-1978) Workstation Era (1968-1985) Xerox Star 1981! Demystifying Cloud Computing What is Cloud Computing? First, a little history. Tim Horgan Head of Cloud Computing Centre of Excellence http://cloud.cit.ie 1" 2" Mainframe Era (1944-1978) Workstation Era

More information

Cyber Security Symposium 2015 September 29,2015

Cyber Security Symposium 2015 September 29,2015 Cyber Security Symposium 2015 September 29,2015 Introducing David Langston Branch Manager Security Management Department of Technology 2 About CalCloud Mission Offer cost-effective cloud solutions that

More information

EAaaS Cloud Security Best Practices

EAaaS Cloud Security Best Practices EAaaS Cloud Security Best Practices A Technical White Paper by Sennovate Inc Jan 2013 EAaaS Cloud Security Best Practices Page 1 Introduction: Cloud security is an ever evolving subject that is difficult

More information

IT Security Risk Management Model for Cloud Computing: A Need for a New Escalation Approach.

IT Security Risk Management Model for Cloud Computing: A Need for a New Escalation Approach. IT Security Risk Management Model for Cloud Computing: A Need for a New Escalation Approach. Gunnar Wahlgren 1, Stewart Kowalski 2 Stockholm University 1: (wahlgren@dsv.su.se), 2: (stewart@dsv.su.se) ABSTRACT

More information

Cloud Computing 159.735. Submitted By : Fahim Ilyas (08497461) Submitted To : Martin Johnson Submitted On: 31 st May, 2009

Cloud Computing 159.735. Submitted By : Fahim Ilyas (08497461) Submitted To : Martin Johnson Submitted On: 31 st May, 2009 Cloud Computing 159.735 Submitted By : Fahim Ilyas (08497461) Submitted To : Martin Johnson Submitted On: 31 st May, 2009 Table of Contents Introduction... 3 What is Cloud Computing?... 3 Key Characteristics...

More information

Enhancing Operational Capacities and Capabilities through Cloud Technologies

Enhancing Operational Capacities and Capabilities through Cloud Technologies Enhancing Operational Capacities and Capabilities through Cloud Technologies How freight forwarders and other logistics stakeholders can benefit from cloud-based solutions 2013 vcargo Cloud Pte Ltd All

More information

H Y T RUST: S OLUTION B RIEF. Solve the Nosy Neighbor Problem in Multi-Tenant Environments

H Y T RUST: S OLUTION B RIEF. Solve the Nosy Neighbor Problem in Multi-Tenant Environments H Y T RUST: S OLUTION B RIEF Solve the Nosy Neighbor Problem in Multi-Tenant Environments Summary A private cloud with multiple tenants such as business units of an enterprise or customers of a cloud service

More information

See Appendix A for the complete definition which includes the five essential characteristics, three service models, and four deployment models.

See Appendix A for the complete definition which includes the five essential characteristics, three service models, and four deployment models. Cloud Strategy Information Systems and Technology Bruce Campbell What is the Cloud? From http://csrc.nist.gov/publications/nistpubs/800-145/sp800-145.pdf Cloud computing is a model for enabling ubiquitous,

More information

The Cloud, Virtualization, and Security

The Cloud, Virtualization, and Security A Cloud: Large groups of remote servers that are networked to allow centralized, shared data storage and online access to computer services or resources A Cloud: Large groups of remote servers that are

More information

White Paper How Noah Mobile uses Microsoft Azure Core Services

White Paper How Noah Mobile uses Microsoft Azure Core Services NoahMobile Documentation White Paper How Noah Mobile uses Microsoft Azure Core Services The Noah Mobile Cloud service is built for the Microsoft Azure platform. The solutions that are part of the Noah

More information

Compliance and the Cloud: What You Can and What You Can t Outsource

Compliance and the Cloud: What You Can and What You Can t Outsource Compliance and the Cloud: What You Can and What You Can t Outsource Presented By: Kate Donofrio Security Assessor Fortrex Technologies Instructor Biography Background On Fortrex What s In A Cloud? Pick

More information

A Survey on Security Issues and Security Schemes for Cloud and Multi-Cloud Computing

A Survey on Security Issues and Security Schemes for Cloud and Multi-Cloud Computing International Journal of Emerging Engineering Research and Technology Volume 3, Issue 5, May 2015, PP 1-7 ISSN 2349-4395 (Print) & ISSN 2349-4409 (Online) A Survey on Security Issues and Security Schemes

More information

Goals. What is Cloud Computing? 11/11/2010. Understand what cloud computing is and how. Understand the challenges and advantages of cloud computing

Goals. What is Cloud Computing? 11/11/2010. Understand what cloud computing is and how. Understand the challenges and advantages of cloud computing Goals Cloud Computing COMP755 Understand what cloud computing is and how it functions Understand the challenges and advantages of cloud computing Many slides were created by Peter Mell, Tim Grance of NIST

More information

Cloud Computing Risk and Rewards

Cloud Computing Risk and Rewards Cloud Computing Risk and Rewards John Lazarine Vice President and Chief Audit Executive Mark Salamasick Director of Center for Internal Auditing For Dallas CPA Society Convergence 2013 May 8, 2013 John

More information

Cloud Computing Security Issues

Cloud Computing Security Issues Copyright Marchany 2010 Cloud Computing Security Issues Randy Marchany, VA Tech IT Security, marchany@vt.edu Something Old, Something New New: Cloud describes the use of a collection of services, applications,

More information

How to procure a secure cloud service

How to procure a secure cloud service How to procure a secure cloud service Dr Giles Hogben European Network and Information Security Agency Security in the cloud contracting lifecycle Can cloud meet your security requirements Choose the provider

More information

Securing and Auditing Cloud Computing. Jason Alexander Chief Information Security Officer

Securing and Auditing Cloud Computing. Jason Alexander Chief Information Security Officer Securing and Auditing Cloud Computing Jason Alexander Chief Information Security Officer What is Cloud Computing A model for enabling convenient, on-demand network access to a shared pool of configurable

More information

WHITEPAPER. Data Security for Office 365 Balancing control & usability

WHITEPAPER. Data Security for Office 365 Balancing control & usability WHITEPAPER Data Security for Office 365 Balancing control & usability Contents Executive Summary... 2 Top Security Issues for Office 365... 4 Compelled Disclosures... 4 Unauthorized Sharing... 4 External

More information

IT Risk and Security Cloud Computing Mike Thomas Erie Insurance May 2011

IT Risk and Security Cloud Computing Mike Thomas Erie Insurance May 2011 IT Risk and Security Cloud Computing Mike Thomas Erie Insurance May 2011 Cloud Basics Cloud Basics The interesting thing about cloud computing is that we've redefined cloud computing to include everything

More information

SECURITY CONCERNS AND SOLUTIONS FOR CLOUD COMPUTING

SECURITY CONCERNS AND SOLUTIONS FOR CLOUD COMPUTING SECURITY CONCERNS AND SOLUTIONS FOR CLOUD COMPUTING 1. K.SURIYA Assistant professor Department of Computer Applications Dhanalakshmi Srinivasan College of Arts and Science for Womren Perambalur Mail: Surik.mca@gmail.com

More information

REVIEW ARTICLE. Received 21 February 2015 / Accepted 16 March 2015 1. INTRODUCTION

REVIEW ARTICLE. Received 21 February 2015 / Accepted 16 March 2015 1. INTRODUCTION International Journal of Advances in Engineering, 2015, 1(3), 141-145 ISSN: 2394-9260 (printed version); ISSN: 2394-9279 (online version); url:http://www.ijae.in Security Models and Issues in Cloud Computing

More information

Private Cloud 201 How to Build a Private Cloud

Private Cloud 201 How to Build a Private Cloud Private Cloud 201 How to Build a Private Cloud Chris E. Avis Sr. IT Pro Evangelist Microsoft Corp. http://chrisavis.com Presented at Seattle Windows Networking User Group January 4, 2012 al 1 The Cloudscape

More information

Cloud Computing. Information Security and Privacy Considerations. April 2014

Cloud Computing. Information Security and Privacy Considerations. April 2014 Cloud Computing Information Security and Privacy Considerations April 2014 All-of-Government Cloud Computing: Information Security and Privacy Considerations April 2014 1 Crown copyright. This copyright

More information

PCI Compliance and the Cloud: What You Can and What You Can t Outsource Presented By:

PCI Compliance and the Cloud: What You Can and What You Can t Outsource Presented By: PCI Compliance and the Cloud: What You Can and What You Can t Outsource Presented By: Peter Spier Managing Director PCI and Risk Assurance Fortrex Technologies Agenda Instructor Biography Background On

More information

A COALFIRE PERSPECTIVE. Moving to the Cloud. NCHELP Spring Convention Panel May 2012

A COALFIRE PERSPECTIVE. Moving to the Cloud. NCHELP Spring Convention Panel May 2012 A COALFIRE PERSPECTIVE Moving to the Cloud A Summary of Considerations for Implementing Cloud Migration Plans into New Business Platforms NCHELP Spring Convention Panel May 2012 DALLAS DENVER LOS ANGELES

More information

Unmasking Virtualization Security. Eric A. Hibbard, CISSP, CISA Hitachi Data Systems

Unmasking Virtualization Security. Eric A. Hibbard, CISSP, CISA Hitachi Data Systems Eric A. Hibbard, CISSP, CISA Hitachi Data Systems SNIA Legal Notice The material contained in this tutorial is copyrighted by the SNIA unless otherwise noted. Member companies and individual members may

More information

Cloud Computing Security Issues And Methods to Overcome

Cloud Computing Security Issues And Methods to Overcome Cloud Computing Security Issues And Methods to Overcome Manas M N 1, Nagalakshmi C K 2, Shobha G 3 MTech, Computer Science & Engineering, RVCE, Bangalore, India 1,2 Professor & HOD, Computer Science &

More information

ISSN: 2321-7782 (Online) Volume 2, Issue 5, May 2014 International Journal of Advance Research in Computer Science and Management Studies

ISSN: 2321-7782 (Online) Volume 2, Issue 5, May 2014 International Journal of Advance Research in Computer Science and Management Studies ISSN: 2321-7782 (Online) Volume 2, Issue 5, May 2014 International Journal of Advance Research in Computer Science and Management Studies Research Paper Available online at: www.ijarcsms.com Analogous

More information

Healthcare: La sicurezza nel Cloud October 18, 2011. 2011 IBM Corporation

Healthcare: La sicurezza nel Cloud October 18, 2011. 2011 IBM Corporation Healthcare: La sicurezza nel Cloud October 18, 2011 Cloud Computing Tests The Limits Of Security Operations And Infrastructure Security and Privacy Domains People and Identity Data and Information Application

More information

Proactively Secure Your Cloud Computing Platform

Proactively Secure Your Cloud Computing Platform Proactively Secure Your Cloud Computing Platform Dr. Krutartha Patel Security Engineer 2010 Check Point Software Technologies Ltd. [Restricted] ONLY for designated groups and individuals Agenda 1 Cloud

More information

Cloud Computing Technology

Cloud Computing Technology Cloud Computing Technology The Architecture Overview Danairat T. Certified Java Programmer, TOGAF Silver danairat@gmail.com, +66-81-559-1446 1 Agenda What is Cloud Computing? Case Study Service Model Architectures

More information

Cloud Computing. Karan Saxena * & Kritika Agarwal**

Cloud Computing. Karan Saxena * & Kritika Agarwal** Page29 Cloud Computing Karan Saxena * & Kritika Agarwal** *Student, Sir M. Visvesvaraya Institute of Technology **Student, Dayananda Sagar College of Engineering ABSTRACT: This document contains basic

More information

International Journal of Innovative Technology & Adaptive Management (IJITAM) ISSN: 2347-3622, Volume-1, Issue-5, February 2014

International Journal of Innovative Technology & Adaptive Management (IJITAM) ISSN: 2347-3622, Volume-1, Issue-5, February 2014 An Overview on Cloud Computing Services And Related Threats Bipasha Mallick Assistant Professor, Haldia Institute Of Technology bipasm@gmail.com Abstract. Cloud computing promises to increase the velocity

More information

Private Clouds. Krishnan Subramanian Analyst & Researcher Krishworld.com. A whitepaper sponsored by Trend Micro Inc.

Private Clouds. Krishnan Subramanian Analyst & Researcher Krishworld.com. A whitepaper sponsored by Trend Micro Inc. Private Clouds Krishnan Subramanian Analyst & Researcher Krishworld.com A whitepaper sponsored by Trend Micro Inc. Introduction Cloud computing has completely transformed the way business organizations

More information

Assessing, Evaluating and Managing Cloud Computing Security

Assessing, Evaluating and Managing Cloud Computing Security Assessing, Evaluating and Managing Cloud Computing Security S.SENTHIL KUMAR 1, R.KANAKARAJ 2 1,2 ASSISTANT PROESSOR, DEPARTMENT OF COMMERCE WITH COMPUTER APPLICATIONS Dr.SNS RAJALAKSHMI COLLEGE OF ARTS

More information

Securing the Cloud with IBM Security Systems. IBM Security Systems. 2012 IBM Corporation. 2012 2012 IBM IBM Corporation Corporation

Securing the Cloud with IBM Security Systems. IBM Security Systems. 2012 IBM Corporation. 2012 2012 IBM IBM Corporation Corporation Securing the Cloud with IBM Security Systems 1 2012 2012 IBM IBM Corporation Corporation IBM Point of View: Cloud can be made secure for business As with most new technology paradigms, security concerns

More information

Cloud Services Overview

Cloud Services Overview Cloud Services Overview John Hankins Global Offering Executive Ricoh Production Print Solutions May 23, 2012 Cloud Services Agenda Definitions Types of Clouds The Role of Virtualization Cloud Architecture

More information

FACING SECURITY CHALLENGES

FACING SECURITY CHALLENGES 24 July 2013 TimeTec Cloud Security FACING SECURITY CHALLENGES HEAD-ON - by Mr. Daryl Choo, Chief Information Officer, FingerTec HQ Cloud usage and trend Cloud Computing is getting more common nowadays

More information

Cloud Computing in the Federal Sector: What is it, what to worry about, and what to negotiate.

Cloud Computing in the Federal Sector: What is it, what to worry about, and what to negotiate. Cloud Computing in the Federal Sector: What is it, what to worry about, and what to negotiate. Presented by: Sabrina M. Segal, USITC, Counselor to the Inspector General, Sabrina.segal@usitc.gov Reference

More information

Cloud Computing/ Semantic Web Initiatives & Tutorial

Cloud Computing/ Semantic Web Initiatives & Tutorial Cloud Computing/ Semantic Web Initiatives & Tutorial Chuck Vollmer March 2011 The Cloud & Semantic Web 1990s 2010s Mainframe Computing Personal Computing Cloud Computing Cloud computing is as big a paradigm

More information

The cloud - ULTIMATE GAME CHANGER ===========================================

The cloud - ULTIMATE GAME CHANGER =========================================== The cloud - ULTIMATE GAME CHANGER =========================================== When it comes to emerging technologies, there is one word that has drawn more controversy than others: The Cloud. With cloud

More information