Cloud Computing Overview & Security Issues



Similar documents
Information Security: Cloud Computing

Bringing the Cloud into Focus. A Whitepaper by CMIT Solutions and Cadence Management Advisors

Cloud Computing Flying High (or not) Ben Roper IT Director City of College Station

Outline. What is cloud computing? History Cloud service models Cloud deployment forms Advantages/disadvantages

GETTING YOUR HEAD IN THE CLOUD A PRIMER TO THE TYPES OF CLOUD COMPUTING SOLUTIONS

Cloud Computing. What is Cloud Computing?

Negotiating Contracts That Will Keep our Clouds Afloat: You re going to put THAT in a cloud? Meteorologist: Daniel T. Graham

NCTA Cloud Architecture

CLOUD COMPUTING: WHAT YOU SHOULD KNOW

Risks of Hosting Practice Data on the Cloud Vs. Locally

Cloud Computing. Cloud computing:

What Every User Needs To Know Before Moving To The Cloud. LawyerDoneDeal Corp.

Research Paper Available online at: A COMPARATIVE STUDY OF CLOUD COMPUTING SERVICE PROVIDERS

Overview of Cloud Computing and Cloud Computing s Use in Government Justin Heyman CGCIO, Information Technology Specialist, Township of Franklin

Cloud Computing An Elephant In The Dark

Electronic Records Storage Options and Overview

How to Turn the Promise of the Cloud into an Operational Reality

White Paper: Introduction to Cloud Computing

CLOUD COMPUTING SECURITY ISSUES

What Is The Cloud And How Can Your Agency Use It. Tom Konop Mark Piontek Cathleen Christensen


20 th Year of Publication. A monthly publication from South Indian Bank.

Cloud Computing; What is it, How long has it been here, and Where is it going?

Using Cloud Computing for E-learning Systems

Oracle ERP & The Cloud. Presented by Adriaan Kruger

Contents. What is Cloud Computing? Why Cloud computing? Cloud Anatomy Cloud computing technology Cloud computing products and market

Cloud Courses Description

Trust but Verify. Vincent Campitelli. VP IT Risk Management

Cloud Computing Architecture: A Survey

How To Understand Cloud Computing

CLOUD COMPUTING An Overview

Cloud definitions you've been pretending to understand. Jack Daniel, Reluctant CISSP, MVP Community Development Manager, Astaro

Expert Reference Series of White Papers. 10 Security Concerns for Cloud Computing

Virginia Government Finance Officers Association Spring Conference May 28, Cloud Security 101

Cloud Computing. Benefits and Risks. Bill Wells, CISSP, CISM, CISA, CRISC, CIPP/IT

OTM in the Cloud. Ryan Haney

Cloud s Illusions: Jericho Forum future direction

Cloud Computing. Bringing the Cloud into Focus

Securing and Auditing Cloud Computing. Jason Alexander Chief Information Security Officer

Cloud SingularLogic:

CHECKLIST FOR THE CLOUD ADOPTION IN THE PUBLIC SECTOR

The Magazine for IT Security. May issue 3. sör alex / photocase.com

Leveraging Technology New Horizons Computer Learning Center of Memphis

CLOUD COMPUTING. When It's smarter to rent than to buy

The Business Value of a Comprehensive All-in-One Data Protection Solution for Your Organization

How To Understand Cloud Computing

Cloud Infrastructure Security

Abstract 1. INTRODUCTION

Security & Trust in the Cloud

Cloud Computing demystified! ISACA-IIA Joint Meeting Dec 9, 2014 By: Juman Doleh-Alomary Office of Internal Audit

Cloud Computing: The atmospheric jeopardy. Unique Approach Unique Solutions. Salmon Ltd 2014 Commercial in Confidence Page 1 of 5

Where in the Cloud are You? Session Thursday, March 5, 2015: 1:45 PM-2:45 PM Virginia (Sheraton Seattle)

Cloud Courses Description

Cloud Computing Policy 1.0 INTRODUCTION 2.0 PURPOSE. Effective Date: July 28, 2015

A.Prof. Dr. Markus Hagenbuchner CSCI319 A Brief Introduction to Cloud Computing. CSCI319 Page: 1

Webstore - Reselling Cloud

Daren Kinser Auditor, UCSD Jennifer McDonald Auditor, UCSD

ISSN: (Online) Volume 2, Issue 5, May 2014 International Journal of Advance Research in Computer Science and Management Studies

Big Data & Its Bigger Possibilities In The Cloud

Securely Outsourcing to the Cloud: Five Key Questions to Ask

Cloud Services Overview

Cloud, Community and Collaboration Airline benefits of using the Amadeus community cloud

IJRSET 2015 SPL Volume 2, Issue 11 Pages: 29-33

CJIS in the Cloud. Oregon State Police CJIS Statewide Training September 23 & 24, 2015

Customer Security Issues in Cloud Computing

Security Analysis of Cloud Computing: A Survey

Virtualization and Cloud Computing

Cloud Computing 101 Dissipating the Fog 2012/Dec/xx Grid-Interop 2012

SaaS, PaaS & TaaS. By: Raza Usmani

White paper. How cloud computing can transform the fortunes of small and mid-sized businesses

Introduction to Cloud Computing

NEXT UP: John Sanderson, Windows Azure Specialist (Denver) Page 1

Hexaware E-book on Q & A for Cloud BI Hexaware Business Intelligence & Analytics Actionable Intelligence Enabled

Enterprise Cloud-to-Cloud Backup and Recovery:

Fundamental Concepts and Models

Secure Cloud Computing through IT Auditing

Tamanna Roy Rayat & Bahra Institute of Engineering & Technology, Punjab, India talk2tamanna@gmail.com

APPLICABILITY OF CLOUD COMPUTING IN ACADEMIA

Healthcare Enterprise View of Cloud What is Cloud Additional Needs Cloud Models Cloud Economics 101 Stack Decision Framework

CLOUD COMPUTING AND ITSM,

1 Introduction. 2 What is Cloud Computing?

Goals. What is Cloud Computing? 11/11/2010. Understand what cloud computing is and how. Understand the challenges and advantages of cloud computing

Cloud Computing Secured. Thomas Mitchell CISSP. A Technical Communication

Capturing the New Frontier:

Overview. The Cloud. Characteristics and usage of the cloud Realities and risks of the cloud

DISTRIBUTED SYSTEMS AND CLOUD COMPUTING. A Comparative Study

Cloud computing: benefits, risks and recommendations for information security

Cloud Computing in a Regulated Environment

EMA Radar for Private Cloud Platforms: Q1 2013

Cloud Computing Backgrounder

The Benefits of Cloud Computing to the E-Commerce Industry July 2011 A whitepaper on how hosting on a cloud platform can lower costs, improve

Legal Issues in the Cloud: A Case Study. Jason Epstein

Quattra s Cloud Vision & Framework Value

Quick guide: Using the Cloud to support your business

Cloud Computing. Chapter 1 Introducing Cloud Computing

Microsoft SharePoint Architectural Models

Copyright 2015 EMC Corporation. All rights reserved. 1

Cloud Computing An Auditor s Perspective

Starting the Journey to Managed Infrastructure Services

Transcription:

Cloud Computing Overview & Security Issues Author- Hitesh Malviya(Information Security analyst) Qualifications: C!EH, EC!SA, MCITP, CCNA, MCP Current Position: CEO at HCF Infosec Limited Contact: hitesh@hcf.co.in, hitesh1@hackermail.com Website:, www.hitesh.hcf.co.in

Overview Cloud computing is a general term for anything that involves delivering hosted services over the Internet. It can be used as a service rather than a product. Cloud computing is basically a remote storage of data over the internet, anyone can use stored data at any instant. Google Docs is the most familiar example of cloud computing. Google Docs is cloud computing services provided by Google where we can store our documents and can access it at any instant. Huge datacenters are used to store large amount of data. Cloud computing providers deliver applications via the internet, which are accessed from web browsers and desktop and mobile apps, while the business software and data are stored on servers at a remote location.

These services are broadly divided into three categories: Infrastructure-as-a-Service (IaaS) Platform-as-a Service(Paas) Software-as-a Service(Saas) Infrastructure-as-a-Service (Iaas): Infrastructure as a Service is a provision model in which an organization outsource the equipment used to support operations, including storage, hardware, servers and networking components. Platform-as-a Service (Paas): Platform as a Service (PaaS) is a way to rent hardware, operating systems, storage and network capacity over the Internet. The service delivery model allows the customer to rent virtualized servers and associated services for running existing applications or developing and testing new ones. Software-as-a Service (Saas): Software as a Service (SaaS) is a software distribution model in which applications are hosted by a vendor or service provider and made available to customers over a network, typically the Internet. Cloud computing services use 4-layered architecture.

Client : It consists of computer hardware and software to that relies on cloud computing for application delivery. Application : Cloud application services or "Software as a Service (SaaS)" deliver software as a service over the Internet, eliminating the need to install and run the application on the customer's own computers and simplifying maintenance and support Platform : Cloud platform services, also known as platform as a service (PaaS), deliver a computing platform and/or solution stack as a service, often consuming cloud infrastructure and sustaining cloud applications. Infrastructure : Cloud infrastructure services, also known as "infrastructure as a service" (IaaS), deliver computer infrastructure typically a platform virtualization environment as a service, along with raw (block) storage and networking. Server : The server layer consists of computer hardware and/or computer software products that are specifically designed for the delivery of cloud services, including multi-core processors, cloud-specific operating systems and combined offerings. Deployment models

Public Cloud : It is based on standard cloud computing model in which service provider makes resources and general people use it over internet. Community Cloud : It shares infrastructure between several organizations from specific community whether managed by third party or hosted internally or externally. Hybrid Cloud : It is composition of two or more clouds(private, community or public) offering the benefits of multiple deployment models. Private Cloud : Private cloud is infrastructure operated solely for a single organization, whether managed internally or by a third-party and hosted internally or externally. Cloud Computing Providers

Gartner predicts that cloud computing will surge to 150 billion dollars by 2013. Below is a partial list of companies that provide cloud computing services: Google Amazon OpenID Microsoft Sun Sytems Intel IBM & many more. Security Issues with Cloud Computing Cloud computing is fraught with security risks. Smart customers will ask tough questions and consider getting a security assessment from a neutral third party before committing to a cloud vendor. Customers have rare information about cloud security that make them complaining about security risks. In a customer point of view they must demand transparency, avoiding vendors that refuse to provide detailed information on security programs. Ask questions related to the qualifications of policy makers, architects, coders and operators, risk-control processes and technical mechanisms. Here are seven of the specific security issues customers should raise with vendors before selecting a cloud vendor. (1)Privileged user access : With cloud computing, your confidential data can be accessible to outside the enterprise. It proceeds an inherent level of risk because now Outsiders is Insiders. Advice: Get much information as can about the people who manage your data (2) Regulatory compliance : Traditional service provider is subjected to external audits and security certifications. Cloud computing doesn t provide any kind of external audit service in that case Customers are only responsible for the security & intregity of their data.

(3) Data Location : Customers won t know about the location of cloud where their data is hosted, they might not even know what country data will be stored in. Advice: Ask service providers to make a commitment to store data in specific jurisdictions. (4) Data segregation : Data in the cloud is typically in the shared enviorenment, service providers provide effective encryption but it isn t a cure at all. Advice: The cloud provider should make a commitment to customer to provide evidence that encryption schemes were designed and tested by experienced specialists. (5) Recovery : Customers don t know where their data is hosted, a cloud provider should tell them what will happen to their data in case of disaster. Advice : Ask your provider if it has "the ability to do a complete restoration, and how long it will take." (6) Investigative support : Investigating inappropriate or illegal activity may be impossible in cloud computing. because logging and data for multiple customers may be co-located and may also be spread across an ever-changing set of hosts and data centers. (7) Long-term viability : Ideally, your cloud computing provider will never go broke or get acquired and swallowed up by a larger company. But you must be sure your data will remain available even after such an event. Advice: Ask potential providers how you would get your data back and in what format.

Refrences: www.google.com www.wikipedia.com

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information