CSE543 Computer and Network Security Module: Cloud Computing
|
|
- Diane Foster
- 8 years ago
- Views:
Transcription
1 CSE543 Computer and Network Security Module: Computing Professor Trent Jaeger 1
2 Computing Is Here Systems and Internet Infrastructure Security (SIIS) Laboratory 2
3 Computing Is Here Systems and Internet Infrastructure Security (SIIS) Laboratory 2
4 Computing Is Here Systems and Internet Infrastructure Security (SIIS) Laboratory 2
5 Computing Is Here Systems and Internet Infrastructure Security (SIIS) Laboratory 2
6 Computing Is Here Systems and Internet Infrastructure Security (SIIS) Laboratory 2
7 Computing Is Here Systems and Internet Infrastructure Security (SIIS) Laboratory 2
8 Computing Is Here Systems and Internet Infrastructure Security (SIIS) Laboratory 2
9 Computing Is Here Systems and Internet Infrastructure Security (SIIS) Laboratory 2
10 Computing Is Here Systems and Internet Infrastructure Security (SIIS) Laboratory 2
11 Computing Is Here Systems and Internet Infrastructure Security (SIIS) Laboratory 2
12 Computing Is Here Why not use it? Systems and Internet Infrastructure Security (SIIS) Laboratory 2
13 What s Happening in There? Systems and Internet Infrastructure Security (SIIS) Laboratory 3
14 From Data Center to Systems and Internet Infrastructure Security (SIIS) Laboratory 4
15 From Data Center to Systems and Internet Infrastructure Security (SIIS) Laboratory 4
16 From Data Center to Systems and Internet Infrastructure Security (SIIS) Laboratory 4
17 Reasons to Doubt History has shown they are vulnerable to attack SLAs, audits, and armed guards offer few guarantees Insiders can subvert even hardened systems Data Loss Incidents Incident Attack Vector External 54% Accidental 23% Insider 16% Unknown 7% Credit: The Open Security Foundation datalossdb.org 5
18 What is Computing? vendor provides computing resources for rent by customers What do you want to rent? Hosts (Infrastructure as a Service) Rent cycles: Amazon EC2, Rackspace Servers Environment (Platform as a Service) Rent instances: Microsoft Azure, Google App Engine Programs (Software as a Service) Rent services: Salesforce, Google Docs Other variations can be rented 6
19 What is Computing? 7
20 IaaS Example Customer Client API Database Instances Message Queue Network Controller Scheduler Image Store Volume Store Systems and Internet Infrastructure Security (SIIS) Laboratory 8
21 Multiple Stakeholders Are my data protected? Client Data Clients Are my services running correctly? Service Providers Instance (VM) Is my platform secure? Administrators Systems and Internet Infrastructure Security (SIIS) Laboratory 9
22 Complexity environment challenges Opaque, Complex, Dynamic Insiders, Instances, Co-hosting Client Service 10
23 Complexity environment challenges Opaque, Complex, Dynamic Insiders, Instances, Co-hosting Client Platform 10
24 Complexity environment challenges Opaque, Complex, Dynamic Insiders, Instances, Co-hosting Client 10
25 Complexity environment challenges Opaque, Complex, Dynamic Insiders, Instances, Co-hosting Client VM 10
26 Complexity environment challenges Opaque, Complex, Dynamic Insiders, Instances, Co-hosting Client VM 10
27 Complexity environment challenges Opaque, Complex, Dynamic Insiders, Instances, Co-hosting Client VM VM 10
28 Complexity environment challenges Opaque, Complex, Dynamic Insiders, Instances, Co-hosting Client VM VM 10
29 Complexity environment challenges Opaque, Complex, Dynamic Insiders, Instances, Co-hosting VM VM VM Client VM 10
30 Complexity environment challenges Opaque, Complex, Dynamic Insiders, Instances, Co-hosting Client VM VM VM VM 10
31 Insider Threats May trust the cloud vendor company But, do you trust all its employees? Insiders can control platform Determine what software runs consumers code Insiders can monitor execution Log instance operation from remote Insiders may have physical access Can monitor hardware, access physical memory, and tamper secure co-processors 11
32 Insider s Physical Access 12
33 s Server 13
34 s s manages node provisioning Administers PKI for machine identities Network installs a master disk image and customizes Server 13
35 s s manages node provisioning Administers PKI for machine identities Network installs a master disk image and customizes PKI Server 13
36 s s manages node provisioning Administers PKI for machine identities Network installs a master disk image and customizes PKI Server 13
37 s s manages node provisioning Administers PKI for machine identities Network installs a master disk image and customizes Server 13
38 s s manages node provisioning Administers PKI for machine identities Network installs a master disk image and customizes Server 13
39 s s manages node provisioning Administers PKI for machine identities Network installs a master disk image and customizes Server 13
40 s s manages node provisioning Administers PKI for machine identities Network installs a master disk image and customizes Server 13
41 s s manages node provisioning Administers PKI for machine identities Network installs a master disk image and customizes is essentially a static hosting utility Should not require persistent changes at runtime Should only allow inputs to well protected interfaces Server 13
42 Root of Trust for Installation Root of Trust for Installation (ROTI) [ACSAC 2007] Binds the filesystem to a known installer (origin) Prevent persistent changes across reboots Detect system reboot and reverify 14
43 Root of Trust for Installation Root of Trust for Installation (ROTI) [ACSAC 2007] Binds the filesystem to a known installer (origin) Prevent persistent changes across reboots Detect system reboot and reverify 14
44 Root of Trust for Installation Root of Trust for Installation (ROTI) [ACSAC 2007] Binds the filesystem to a known installer (origin) Prevent persistent changes across reboots Detect system reboot and reverify 14
45 Root of Trust for Installation Root of Trust for Installation (ROTI) [ACSAC 2007] Binds the filesystem to a known installer (origin) Prevent persistent changes across reboots Detect system reboot and reverify 14
46 Root of Trust for Installation Root of Trust for Installation (ROTI) [ACSAC 2007] Binds the filesystem to a known installer (origin) Prevent persistent changes across reboots Detect system reboot and reverify Quote(Installer,Image,FS,AIK) 14
47 Root of Trust for Installation Root of Trust for Installation (ROTI) [ACSAC 2007] Binds the filesystem to a known installer (origin) Prevent persistent changes across reboots Detect system reboot and reverify ROTI Proof 14
48 netroti [IEEE S&P 2011] Need to measure entire installation process Network installation receives untrusted inputs Bootstrap installation from a measured launch environment 15
49 netroti [IEEE S&P 2011] Need to measure entire installation process Network installation receives untrusted inputs Bootstrap installation from a measured launch environment Preinstall Phase Gather Phase Bootstrap Phase Download Phase Configure Phase Proof Phase Configure boot options Gather installer client Initialize installer environment Download disk image Customize disk image Generate ROTI Proof Initialize RTM Measure installer Measure disk image Measure filesystem netroti Proof: Sig( MLE, Installer, Image, FS, AIK) 15
50 netroti [IEEE S&P 2011] Need to measure entire installation process Network installation receives untrusted inputs Bootstrap installation from a measured launch environment 15
51 Evaluation netroti installed 10 Eucalyptus node controllers 16
52 Evaluation netroti installed 10 Eucalyptus node controllers 16
53 Evaluation netroti installed 10 Eucalyptus node controllers 16
54 Evaluation netroti installed 10 Eucalyptus node controllers 16
55 Evaluation netroti installed 10 Eucalyptus node controllers 16
56 Instance Threats Publisher of a pre-configured instance (AMI) may be malicious or error-prone Publishers determine the software Instance could contain malware Publishers may configure security policies Could be insufficient to block adversaries Publishers may run scans to detect problems Malware detection may not find all malware, presuming they are used correctly 17
57 Instance Initialization *+,) :;5$<'*22'=&5>"' G"D',6&">H89"' -!.),/)!"#$"%&'(' A5;$B"':521' *+,-,.' 0C'=F-D89E"<! =F'=&5>83"'!"#$%&'(),6%&869"-,.! *+,-,.',6%&869"-,. *+,-,.' Figure 2: VM instantiation in Amazon AWS. The Consumer chooses the image (AMI-ID), resources (Type), and availability zone (Region) for her VM on the Web Interface of the AWS App Store. Depending on the type of the AMI, the VM is instantiated (Instance-ID AMI-ID ) either as (A) EBS-backed or (B) S3-backed. directly by Amazon or by third party publishers. Users can take these public AMIs to create their own AMIs which are either kept for themselves (private AMIs), made accessible to a group of users (shared AMIs), or made publicly available for every user of EC2 (public AMIs) as shown in Fig. 1. AMIs are further distinguished by the storage type they are based on either S3 or EBS as described next. S3-backed AMIs. S3-backed AMIs are stored on the highly available Simple Storage Service (S3) [7]. As shown in Fig. 2, S3-backed AMIs are instantiated by first copying the instance is assigned an external IPv4 address for Internet connectivity and an internal address for communication with other EC2 instances. The user is only charged for data tra c with the Internet over the external address. 3.2 Authentication in AWS AWS uses di erent authentication mechanisms to provide authenticated access to the AWS account and to running instances as described next. 18
58 SSH Study Publisher left an SSH user authentication key in their AMI Fortunately, Amazon agreed that this is a violation Unfortunately, it was not an isolated problem 30% of 1100 AMIs checked contained such a key Also, pre-configured AMIs had SSH public host keys Thus, all instances use the same host key pair Implications? 19
59 Co-Hosting Threats An instance co-hosted on the same physical platform could launch attacks against your instance Co-hosted instances share resources Computer CPU, Cache, Memory, Network, etc. Shared resources may be used as side channels to learn information about resource or impact its behavior 20
60 Side Channels Watch use of shared resource to learn secret value Common case is the processor caches Approach Adversary tries to evict victim s instructions/data from the cache To learn which instructions/data victim is using Adversary has some means to observe a delay in the victim s processing This works surprisingly well Power usage is another useful side channel 21
61 Resource Freeing Attacks Setup Victims One or more VMs with public interface Beneficiary VM whose performance we want to improve (contend over target resource) Vic&m# VM# VM# Beneficiary# Helper Mounts attack using interface Helper& 22
62 Resource Freeing Attacks Side Channel is Cache Suppose victim hosts static and dynamic web pages Attack: shift resource usage via public interface Normally, victim is scheduled and pollutes the cache Approach lower scheduling priority Make more CPU-bound RFA$intensi*es$ $*me$in$ms$per&second& 60%$ Performance$ Improvement$ 196%$slowdown$ 86%$slowdown$ 23
63 Take Away computing is established In several manifestations -- IaaS, PaaS, SaaS,... Running your jobs in a cloud introduces some security challenges Beware of insiders Beware of pre-configured instances Beware of co-hosted instances We are just beginning to understand the issues 24
Module: Cloud Computing Security
Module: Cloud Computing Security Professor Trent Jaeger Penn State University 1 Cloud Computing Is Here Why not use it? Systems and Internet Infrastructure Security (SIIS) Laboratory 2 What s Happening
More informationWhat is Cloud Computing? Why call it Cloud Computing?
What is Cloud Computing? Why call it Cloud Computing? 1 Cloud Computing Key Properties Advantages Shift from CAPEX to OPEX Lowers barrier for starting a new business/project Can be cheaper even in the
More informationDISTRIBUTED SYSTEMS [COMP9243] Lecture 9a: Cloud Computing WHAT IS CLOUD COMPUTING? 2
DISTRIBUTED SYSTEMS [COMP9243] Lecture 9a: Cloud Computing Slide 1 Slide 3 A style of computing in which dynamically scalable and often virtualized resources are provided as a service over the Internet.
More informationLast time. Today. IaaS Providers. Amazon Web Services, overview
Last time General overview, motivation, expected outcomes, other formalities, etc. Please register for course Online (if possible), or talk to Yvonne@CS Course evaluation forgotten Please assign one volunteer
More informationCloud Security Overview
UT DALLAS Erik Jonsson School of Engineering & Computer Science Cloud Security Overview Murat Kantarcioglu Outline Current cloud security techniques Amazon Web services Microsoft Azure Cloud Security Challengers
More informationHow to Secure Infrastructure Clouds with Trusted Computing Technologies
How to Secure Infrastructure Clouds with Trusted Computing Technologies Nicolae Paladi Swedish Institute of Computer Science 2 Contents 1. Infrastructure-as-a-Service 2. Security challenges of IaaS 3.
More informationCloud Computing. Adam Barker
Cloud Computing Adam Barker 1 Overview Introduction to Cloud computing Enabling technologies Different types of cloud: IaaS, PaaS and SaaS Cloud terminology Interacting with a cloud: management consoles
More informationNCTA Cloud Architecture
NCTA Cloud Architecture Course Specifications Course Number: 093019 Course Length: 5 days Course Description Target Student: This course is designed for system administrators who wish to plan, design,
More informationCloud Models and Platforms
Cloud Models and Platforms Dr. Sanjay P. Ahuja, Ph.D. 2010-14 FIS Distinguished Professor of Computer Science School of Computing, UNF A Working Definition of Cloud Computing Cloud computing is a model
More informationSoftware as a Service (SaaS) and Platform as a Service (PaaS) (ENCS 691K Chapter 1)
Roch Glitho, PhD Software as a Service (SaaS) and Platform as a Service (PaaS) (ENCS 691K Chapter 1) Associate Professor and Canada Research Chair My URL - http://users.encs.concordia.ca/~glitho/ Software
More informationChapter 9 PUBLIC CLOUD LABORATORY. Sucha Smanchat, PhD. Faculty of Information Technology. King Mongkut s University of Technology North Bangkok
CLOUD COMPUTING PRACTICE 82 Chapter 9 PUBLIC CLOUD LABORATORY Hand on laboratory based on AWS Sucha Smanchat, PhD Faculty of Information Technology King Mongkut s University of Technology North Bangkok
More informationWhy back up the Cloud?
Why back up the Cloud? The CloudBerry Lab Whitepaper The introduction Always backup your data, even if it is in the cloud. The 3-2-1 rule of data protection says keep three copies of your data, on two
More informationWhen talking about hosting
d o s Cloud Hosting - Amazon Web Services Thomas Floracks When talking about hosting for web applications most companies think about renting servers or buying their own servers. The servers and the network
More informationComputer Science. About PaaS Security. Donghoon Kim Henry E. Schaffer Mladen A. Vouk
About PaaS Security Donghoon Kim Henry E. Schaffer Mladen A. Vouk North Carolina State University, USA May 21, 2015 @ ICACON 2015 Outline Introduction Background Contribution PaaS Vulnerabilities and Countermeasures
More informationCloud Computing and Amazon Web Services
Cloud Computing and Amazon Web Services Gary A. McGilvary edinburgh data.intensive research 1 OUTLINE 1. An Overview of Cloud Computing 2. Amazon Web Services 3. Amazon EC2 Tutorial 4. Conclusions 2 CLOUD
More informationAssignment # 1 (Cloud Computing Security)
Assignment # 1 (Cloud Computing Security) Group Members: Abdullah Abid Zeeshan Qaiser M. Umar Hayat Table of Contents Windows Azure Introduction... 4 Windows Azure Services... 4 1. Compute... 4 a) Virtual
More informationCloud Security Enterprise Concerns and Mitigations. November 3 rd 2015
Cloud Security Enterprise Concerns and Mitigations November 3 rd 2015 Biography Javed Samuel - Technical Director at NCC Group Lead Training Services Technical Account Manager for various clients Deliver
More informationOracle Applications and Cloud Computing - Future Direction
Oracle Applications and Cloud Computing - Future Direction February 26, 2010 03:00 PM 03:40 PM Presented By Subash Krishnaswamy skrishna@astcorporation.com Vijay Tirumalai vtirumalai@astcorporation.com
More informationAmazon Web Services Demo Tech Exchange. Slides: http://goo.gl/mwz0es. ssw@iu.edu
Amazon Web Services Demo Tech Exchange Slides: http://goo.gl/mwz0es ssw@iu.edu $ dig +short emergency.iu.edu emergency.iu.edu.s3-website-us-east-1.amazonaws.com. s3-website-us-east-1.amazonaws.com. 54.231.14.220
More informationIntroduction to Cloud computing. Viet Tran
Introduction to Cloud computing Viet Tran Type of Cloud computing Infrastructure as a Service IaaS: offer full virtual machines via hardware virtualization tech. Amazon EC2, AbiCloud, ElasticHosts, Platform
More informationIf you do NOT use applications based on Amazon Web Services raise your hand.
If you do NOT use applications based on Amazon Web Services raise your hand. If you use NetFlix, lower your hand. Use reddit, lower your hand. Use Scribd, lower your hand. Use Spotify, lower your hand.
More informationVirtualization & Cloud Computing (2W-VnCC)
Virtualization & Cloud Computing (2W-VnCC) DETAILS OF THE SYLLABUS: Basics of Networking Types of Networking Networking Tools Basics of IP Addressing Subnet Mask & Subnetting MAC Address Ports : Physical
More informationCloud computing security
Cloud computing security Exploring information leakage in third-party compute clouds Yangchun Fu November 18 th, 2011 Outline 1 Introduction 2 EC2 cloud cartography 3 Co-residence 4 side-channel cross-vm
More informationAn Introduction to Cloud Computing Concepts
Software Engineering Competence Center TUTORIAL An Introduction to Cloud Computing Concepts Practical Steps for Using Amazon EC2 IaaS Technology Ahmed Mohamed Gamaleldin Senior R&D Engineer-SECC ahmed.gamal.eldin@itida.gov.eg
More informationCLOUD COMPUTING. When It's smarter to rent than to buy
CLOUD COMPUTING When It's smarter to rent than to buy Is it new concept? Nothing new In 1990 s, WWW itself Grid Technologies- Scientific applications Online banking websites More convenience Not to visit
More informationAmazon Web Services Primer. William Strickland COP 6938 Fall 2012 University of Central Florida
Amazon Web Services Primer William Strickland COP 6938 Fall 2012 University of Central Florida AWS Overview Amazon Web Services (AWS) is a collection of varying remote computing provided by Amazon.com.
More informationyvette@yvetteagostini.it yvette@yvetteagostini.it
1 The following is merely a collection of notes taken during works, study and just-for-fun activities No copyright infringements intended: all sources are duly listed at the end of the document This work
More informationSoftware Execution Protection in the Cloud
Software Execution Protection in the Cloud Miguel Correia 1st European Workshop on Dependable Cloud Computing Sibiu, Romania, May 8 th 2012 Motivation clouds fail 2 1 Motivation accidental arbitrary faults
More informationSecurity Issues In Cloud Computing And Their Solutions
Security Issues In Cloud Computing And Their Solutions Mr. Vinod K. Lalbeg Lecturer (Management), NWIMSR, Pune-1 & Ms. Anjali S. Mulik Lecturer (Management), NWIMSR, Pune-1 ABSTRACT Cloud Computing offers
More informationPrivate Cloud in Educational Institutions: An Implementation using UEC
Private Cloud in Educational Institutions: An Implementation using UEC D. Sudha Devi L.Yamuna Devi K.Thilagavathy,Ph.D P.Aruna N.Priya S. Vasantha,Ph.D ABSTRACT Cloud Computing, the emerging technology,
More informationControl your corner of the cloud.
Chapter 1 of 5 Control your corner of the cloud. From the halls of government to the high-rise towers of the corporate world, forward-looking organizations are recognizing the potential of cloud computing
More informationAmazon Web Services Student Tutorial
Amazon Web Services Free Usage Tier Elastic Compute Cloud Amazon Web Services Student Tutorial David Palma Joseph Snow CSC 532: Advanced Software Engineering Louisiana Tech University October 4, 2012 Amazon
More informationCloud-Security: Show-Stopper or Enabling Technology?
Cloud-Security: Show-Stopper or Enabling Technology? Fraunhofer Institute for Secure Information Technology (SIT) Technische Universität München Open Grid Forum, 16.3,. 2010, Munich Overview 1. Cloud Characteristics
More informationSUSE Manager in the Public Cloud. SUSE Manager Server in the Public Cloud
SUSE Manager in the Public Cloud SUSE Manager Server in the Public Cloud Contents 1 Instance Requirements... 2 2 Setup... 3 3 Registration of Cloned Systems... 6 SUSE Manager delivers best-in-class Linux
More informationCloud computing - Architecting in the cloud
Cloud computing - Architecting in the cloud anna.ruokonen@tut.fi 1 Outline Cloud computing What is? Levels of cloud computing: IaaS, PaaS, SaaS Moving to the cloud? Architecting in the cloud Best practices
More informationThe Cloud, Virtualization, and Security
A Cloud: Large groups of remote servers that are networked to allow centralized, shared data storage and online access to computer services or resources A Cloud: Large groups of remote servers that are
More informationPrivate Distributed Cloud Deployment in a Limited Networking Environment
Private Distributed Cloud Deployment in a Limited Networking Environment Jeffrey Galloway, Susan Vrbsky, and Karl Smith The University of Alabama jmgalloway@crimson.ua.edu, vrbsky@cs.ua.edu, smith102@crimson.ua.edu
More informationCloud Computing. Technologies and Types
Cloud Computing Cloud Computing Technologies and Types Dell Zhang Birkbeck, University of London 2015/16 The Technological Underpinnings of Cloud Computing Data centres Virtualisation RESTful APIs Cloud
More informationTHE EUCALYPTUS OPEN-SOURCE PRIVATE CLOUD
THE EUCALYPTUS OPEN-SOURCE PRIVATE CLOUD By Yohan Wadia ucalyptus is a Linux-based opensource software architecture that implements efficiencyenhancing private and hybrid clouds within an enterprise s
More information2) Xen Hypervisor 3) UEC
5. Implementation Implementation of the trust model requires first preparing a test bed. It is a cloud computing environment that is required as the first step towards the implementation. Various tools
More informationCloud Computing for Education Workshop
Cloud Computing for Education Workshop 2012 Copyright REZA CURTMOLA, NJIT What Have We Learned So Far? We have learned several cloud applications (Dropbox, Google Docs, Piazza, etc.) Dropbox SugarSync
More informationGeoff Raines Cloud Engineer
Geoff Raines Cloud Engineer Approved for Public Release; Distribution Unlimited. 13-2170 2013 The MITRE Corporation. All rights reserved. Why are P & I important for DoD cloud services? Improves the end-to-end
More informationCloud and Security (Cloud hacked via Cloud) Lukas Grunwald
Cloud and Security (Cloud hacked via Cloud) Lukas Grunwald About DN-Systems Global Consulting and Technology Services Planning Evaluation Auditing Operates own Security Lab Project Management Integral
More informationIaaS Cloud Architectures: Virtualized Data Centers to Federated Cloud Infrastructures
IaaS Cloud Architectures: Virtualized Data Centers to Federated Cloud Infrastructures Dr. Sanjay P. Ahuja, Ph.D. 2010-14 FIS Distinguished Professor of Computer Science School of Computing, UNF Introduction
More informationSURFsara HPC Cloud Workshop
SURFsara HPC Cloud Workshop doc.hpccloud.surfsara.nl UvA workshop 2016-01-25 UvA HPC Course Jan 2016 Anatoli Danezi, Markus van Dijk cloud-support@surfsara.nl Agenda Introduction and Overview (current
More informationStephen Coty Director, Threat Research
Emerging threats facing Cloud Computing Stephen Coty Director, Threat Research Cloud Environments 101 Cloud Adoption is Gaining Momentum Cloud market revenue will increase at a 36% annual rate Analyst
More informationQuick Start Guide: Utilizing Nessus to Secure Microsoft Azure
Quick Start Guide: Utilizing Nessus to Secure Microsoft Azure Introduction Tenable Network Security is the first and only solution to offer security visibility, Azure cloud environment auditing, system
More informationRisks and Challenges
Cloud and Mobile Security: Risks and Challenges Chong Sau Wei (CISM) chong@scan associates.net General Manager Managed Security Services SCAN Associates Berhad Seminar e Kerajaan Negeri Pulau Pinang 14
More informationThreat Modeling Cloud Applications
Threat Modeling Cloud Applications What You Don t Know Will Hurt You Scott Matsumoto Principal Consultant smatsumoto@cigital.com Software Confidence. Achieved. www.cigital.com info@cigital.com +1.703.404.9293
More informationidash Infrastructure to Host Sensitive Data: HIPAA Cloud Storage and Compute
integrating Data for Analysis, Anonymization, and SHaring idash Infrastructure to Host Sensitive Data: HIPAA Cloud Storage and Compute Claudiu Farcas, Antonios Koures Outline Infrastructure Overview Typical
More informationCLOUD COMPUTING & WINDOWS AZURE
CLOUD COMPUTING & WINDOWS AZURE WORKSHOP Overview This workshop is an introduction to cloud computing and specifically Microsoft s public cloud offering in Windows Azure. Windows Azure has been described
More informationVirtual Machine Instance Scheduling in IaaS Clouds
Virtual Machine Instance Scheduling in IaaS Clouds Naylor G. Bachiega, Henrique P. Martins, Roberta Spolon, Marcos A. Cavenaghi Departamento de Ciência da Computação UNESP - Univ Estadual Paulista Bauru,
More informationCloud computing: benefits, risks and recommendations for information security
Cloud computing: benefits, risks and recommendations for information security Dr Giles Hogben Secure Services Programme Manager European Network and Information Security Agency (ENISA) Goals of my presentation
More informationMcAfee Public Cloud Server Security Suite
Installation Guide McAfee Public Cloud Server Security Suite For use with McAfee epolicy Orchestrator COPYRIGHT Copyright 2015 McAfee, Inc., 2821 Mission College Boulevard, Santa Clara, CA 95054, 1.888.847.8766,
More informationEvripidis Paraskevas (ECE Dept. UMD) 04/09/2014
Hey, You, Get Off of My Cloud: Exploring Information Leakage in Third-Party Compute Clouds (T. Ristenpart, Eran Tromer, Hovav Schacham and Stefan Savage CCS 2009) Evripidis Paraskevas (ECE Dept. UMD) 04/09/2014
More informationDynamic Security for the Hybrid Cloud
Dynamic Security for the Hybrid Cloud Marc van Zadelhoff, VP Strategy, Marketing and Product Management, IBM Security Nataraj Nagaratnam, Distinguished Engineer and CTO Security Solutions, IBM Security
More informationComparison of Open Source Cloud System for Small and Medium Sized Enterprises
, pp.276-282 http://dx.doi.org/10.14257/astl.2014.51.63 Comparison of Open Source Cloud System for Small and Medium Sized Enterprises Yasuo Uchida 1, Seigo Matsuno 1, Makoto Sakamoto 2 1 Ube National College
More informationUsing SUSE Studio to Build and Deploy Applications on Amazon EC2. Guide. Solution Guide Cloud Computing. www.suse.com
Using SUSE Studio to Build and Deploy Applications on Amazon EC2 Guide Solution Guide Cloud Computing Cloud Computing Solution Guide Using SUSE Studio to Build and Deploy Applications on Amazon EC2 Quickly
More informationAttacks from the Inside
Attacks from the Inside Eddy Willems, G Data Righard J. Zwienenberg, Norman Attacks from the Inside. Agenda - Social Networking / Engineering - Where are the threats coming from - Infection vectors - The
More informationAmazon EC2 XenApp Scalability Analysis
WHITE PAPER Citrix XenApp Amazon EC2 XenApp Scalability Analysis www.citrix.com Table of Contents Introduction...3 Results Summary...3 Detailed Results...4 Methods of Determining Results...4 Amazon EC2
More informationCloud Security:Threats & Mitgations
Cloud Security:Threats & Mitgations Vineet Mago Naresh Khalasi Vayana 1 What are we gonna talk about? What we need to know to get started Its your responsibility Threats and Remediations: Hacker v/s Developer
More informationPCI COMPLIANCE ON AWS: HOW TREND MICRO CAN HELP
solution brief PCI COMPLIANCE ON AWS: HOW TREND MICRO CAN HELP AWS AND PCI DSS COMPLIANCE To ensure an end-to-end secure computing environment, Amazon Web Services (AWS) employs a shared security responsibility
More informationIJREAT International Journal of Research in Engineering & Advanced Technology, Volume 1, Issue 1, March, 2013 ISSN: 2320-8791 www.ijreat.
Intrusion Detection in Cloud for Smart Phones Namitha Jacob Department of Information Technology, SRM University, Chennai, India Abstract The popularity of smart phone is increasing day to day and the
More informationNetworks and Services
Networks and Services Dr. Mohamed Abdelwahab Saleh IET-Networks, GUC Fall 2015 TOC 1 Infrastructure as a Service 2 Platform as a Service 3 Software as a Service Infrastructure as a Service Definition Infrastructure
More informationCLOUD COMPUTING SECURITY CONCERNS
CLOUD COMPUTING SECURITY CONCERNS ABSTRACT ASMA GULAM MOHAMED Saveetha School of Engineering Cloud computing is set of resources including data storage, programs and hardware offered through the Internet.
More informationManaging for the Long Term: Keys to Securing, Troubleshooting and Monitoring a Private Cloud
Deploying and Managing Private Clouds The Essentials Series Managing for the Long Term: Keys to Securing, Troubleshooting and Monitoring a Private Cloud sponsored by Managing for the Long Term: Keys to
More informationPutchong Uthayopas, Kasetsart University
Putchong Uthayopas, Kasetsart University Introduction Cloud Computing Explained Cloud Application and Services Moving to the Cloud Trends and Technology Legend: Cluster computing, Grid computing, Cloud
More informationOutline. What is cloud computing? History Cloud service models Cloud deployment forms Advantages/disadvantages
Ivan Zapevalov 2 Outline What is cloud computing? History Cloud service models Cloud deployment forms Advantages/disadvantages 3 What is cloud computing? 4 What is cloud computing? Cloud computing is the
More informationWhat is Cloud Computing? Tackling the Challenges of Big Data. Tackling The Challenges of Big Data. Matei Zaharia. Matei Zaharia. Big Data Collection
Introduction What is Cloud Computing? Cloud computing means computing resources available on demand Resources can include storage, compute cycles, or software built on top (e.g. database as a service)
More informationHow To Use Arcgis For Free On A Gdb 2.2.2 (For A Gis Server) For A Small Business
Esri Middle East and Africa User Conference December 10 12 Abu Dhabi, UAE Understanding ArcGIS in Virtualization and Cloud Environments Marwa Mabrouk Powerful GIS capabilities Delivered as Web services
More informationGet Off of My Cloud : Cloud Credential Compromise and Exposure. Ben Feinstein & Jeff Jarmoc Dell SecureWorks Counter Threat Unit
Get Off of My Cloud : Cloud Credential Compromise and Exposure Ben Feinstein & Jeff Jarmoc Dell SecureWorks Counter Threat Unit 2 The Public Cloud 3 Brief Introduction to the Amazon Cloud First, some terminology
More informationData Centers and Cloud Computing
Data Centers and Cloud Computing CS377 Guest Lecture Tian Guo 1 Data Centers and Cloud Computing Intro. to Data centers Virtualization Basics Intro. to Cloud Computing Case Study: Amazon EC2 2 Data Centers
More informationDesigning Virtual Labs Using Cloud Computing
ISSN:2320-0790 Designing Virtual Labs Using Cloud Computing Parag Nemade 1, Vaibhav Jaybhaye 2, Neethu Menon 3, Smita Dange 4 Student 1,2,3,, Asst. Prof. 4 Fr.C.R.I. T,Navi Mumbai Abstract: Cloud computing
More informationArcGIS for Server: In the Cloud
DevSummit DC February 11, 2015 Washington, DC ArcGIS for Server: In the Cloud Bonnie Stayer, Esri Session Outline Cloud Overview - Benefits - Types of clouds ArcGIS in AWS - Cloud Builder - Maintenance
More informationPart 1: Price Comparison Among The 10 Top Iaas Providers
Part 1: Price Comparison Among The 10 Top Iaas Providers Table of Contents Executive Summary 3 Estimating Cloud Spending 3 About the Pricing Report 3 Key Findings 3 The IaaS Providers 3 Provider Characteristics
More informationKeywords: Virtualization, resource management, repositories, cloud infrastructure
Computing and Informatics, Vol. 31, 2012, 743 757 FLEXIBLE ORGANIZATION OF REPOSITORIES FOR PROVISIONING CLOUD INFRASTRUCTURES Joanna Kosińska, Jacek Kosiński S lawomir Zieliński, Krzysztof Zieliński Department
More information4 SCS Deployment Infrastructure on Cloud Infrastructures
4 SCS Deployment Infrastructure on Cloud Infrastructures We defined the deployment process as a set of inter-related activities to make a piece of software ready to use. To get an overview of what this
More informationCloud Computing Security Master Seminar, Summer 2011
Cloud Computing Security Master Seminar, Summer 2011 Maxim Schnjakin, Wesam Dawoud, Christian Willems, Ibrahim Takouna Chair for Internet Technologies and Systems Definition of Cloud Computing 2 Cloud
More informationCloud Computing Now and the Future Development of the IaaS
2010 Cloud Computing Now and the Future Development of the IaaS Quanta Computer Division: CCASD Title: Project Manager Name: Chad Lin Agenda: What is Cloud Computing? Public, Private and Hybrid Cloud.
More informationHow to Grow and Transform your Security Program into the Cloud
How to Grow and Transform your Security Program into the Cloud Wolfgang Kandek Qualys, Inc. Session ID: SPO-207 Session Classification: Intermediate Agenda Introduction Fundamentals of Vulnerability Management
More informationProviding Flexible Security as a Service Model for Cloud Infrastructure
Providing Flexible Security as a Service Model for Cloud Infrastructure Dr. M. Newlin Rajkumar, P. Banu Priya, Dr. V. Venkatesakumar Abstract Security-as-a-Service model for cloud systems enable application
More informationAn overwhelming majority of IaaS clouds leverage virtualization for their foundation.
1 2 3 An overwhelming majority of IaaS clouds leverage virtualization for their foundation. 4 With the use of virtualization comes the use of a hypervisor. Normally, the hypervisor simply provisions resources
More informationPublic Cloud Offerings and Private Cloud Options. Week 2 Lecture 4. M. Ali Babar
Public Cloud Offerings and Private Cloud Options Week 2 Lecture 4 M. Ali Babar Lecture Outline Public and private clouds Some key public cloud providers (More details in the lab) Private clouds Main Aspects
More informationDynamic Ranking of Cloud Providers
Dynamic Ranking of Cloud Providers Paweł Czarnul Dept. of Computer Architecture Faculty of Electronics, Telecommunications and Informatics Gdansk University of Technology G. Narutowicza, 11/12, 80-233,
More informationCloud Computing Training
Cloud Computing Training TechAge Labs Pvt. Ltd. Address : C-46, GF, Sector 2, Noida Phone 1 : 0120-4540894 Phone 2 : 0120-6495333 TechAge Labs 2014 version 1.0 Cloud Computing Training Cloud Computing
More informationArchitectural Implications of Cloud Computing
Architectural Implications of Cloud Computing Grace Lewis Research, Technology and Systems Solutions (RTSS) Program Lewis is a senior member of the technical staff at the SEI in the Research, Technology,
More informationUnleash the IaaS Cloud About VMware vcloud Director and more VMUG.BE June 1 st 2012
Unleash the IaaS Cloud About VMware vcloud Director and more VMUG.BE June 1 st 2012 2 Who? Viktor van den Berg Consultant @ PQR Former Dutch VMUG Leader Blogger at www.viktorious.nl Twitter @viktoriousss
More informationA Gentle Introduction to Cloud Computing
A Gentle Introduction to Cloud Computing Source: Wikipedia Platform Computing, Inc. Platform Clusters, Grids, Clouds, Whatever Computing The leader in managing large scale shared environments o 18 years
More informationIaas for Private and Public Cloud using Openstack
Iaas for Private and Public Cloud using Openstack J. Beschi Raja, Assistant Professor, Department of CSE, Kalasalingam Institute of Technology, TamilNadu, India, K.Vivek Rabinson, PG Student, Department
More informationCloud Computing Backgrounder
Cloud Computing Backgrounder No surprise: information technology (IT) is huge. Huge costs, huge number of buzz words, huge amount of jargon, and a huge competitive advantage for those who can effectively
More informationCS 356 Lecture 25 and 26 Operating System Security. Spring 2013
CS 356 Lecture 25 and 26 Operating System Security Spring 2013 Review Chapter 1: Basic Concepts and Terminology Chapter 2: Basic Cryptographic Tools Chapter 3 User Authentication Chapter 4 Access Control
More informationMyCloudLab: An Interactive Web-based Management System for Cloud Computing Administration
MyCloudLab: An Interactive Web-based Management System for Cloud Computing Administration Hoi-Wan Chan 1, Min Xu 2, Chung-Pan Tang 1, Patrick P. C. Lee 1 & Tsz-Yeung Wong 1, 1 Department of Computer Science
More information9/26/2011. What is Virtualization? What are the different types of virtualization.
CSE 501 Monday, September 26, 2011 Kevin Cleary kpcleary@buffalo.edu What is Virtualization? What are the different types of virtualization. Practical Uses Popular virtualization products Demo Question,
More informationCloud Computing INTRODUCTION
Cloud Computing INTRODUCTION Cloud computing is where software applications, processing power, data and potentially even artificial intelligence are accessed over the internet. or in simple words any situation
More informationUSER CONFERENCE 2011 SAN FRANCISCO APRIL 26 29. Running MarkLogic in the Cloud DEVELOPER LOUNGE LAB
USER CONFERENCE 2011 SAN FRANCISCO APRIL 26 29 Running MarkLogic in the Cloud DEVELOPER LOUNGE LAB Table of Contents UNIT 1: Lab description... 3 Pre-requisites:... 3 UNIT 2: Launching an instance on EC2...
More informationEmerging Approaches in a Cloud-Connected Enterprise: Containers and Microservices
Emerging Approaches in a -Connected Enterprise: Containers and Microservices Anil Karmel Co-Founder and CEO, C2 Labs Co-Chair, NIST Security Working Group akarmel@c2labs.com @anilkarmel Emerging Technologies
More informationSecurity in Changing IT Ecosystem: Virtualization and Cloud Computing
Security in Changing IT Ecosystem: Virtualization and Cloud Computing Dr. Dhiren Patel Indian Institute of Technology Gandhinagar, India dhiren@iitgn.ac.in Cloud Computing World is further shrinking!!!
More informationDeployment of Private, Hybrid & Public Clouds with OpenNebula
EL / LAK (FOSS) 2010 May 14th, 2010 Deployment of Private, Hybrid & Public Clouds with OpenNebula University Complutense of Madrid The Anatomy of an IaaS Cloud Deployment of Private, Hybrid & Public Clouds
More informationCloud 101. Mike Gangl, Caltech/JPL, michael.e.gangl@jpl.nasa.gov 2015 California Institute of Technology. Government sponsorship acknowledged
Cloud 101 Mike Gangl, Caltech/JPL, michael.e.gangl@jpl.nasa.gov 2015 California Institute of Technology. Government sponsorship acknowledged Outline What is cloud computing? Cloud service models Deployment
More informationCloud Computing: Making the right choices
Cloud Computing: Making the right choices Kalpak Shah Clogeny Technologies Pvt Ltd 1 About Me Kalpak Shah Founder & CEO, Clogeny Technologies Passionate about economics and technology evolving through
More information