Security Techniques for Protecting Data in Cloud Computing one SHOULD know WHAT...



Similar documents
Security Techniques for Protecting Data in Cloud Computing

Storage Cloud Infrastructures

Clinical Trials in the Cloud: A New Paradigm?

Security Issues in Cloud Computing

Data Integrity by Aes Algorithm ISSN

CLOUD COMPUTING. DAV University, Jalandhar, Punjab, India. DAV University, Jalandhar, Punjab, India

John Essner, CISO Office of Information Technology State of New Jersey

Impact of Cybersecurity Innovations in Key Sectors (Technical Insights)

6 Cloud computing overview

What Cloud computing means in real life

Security in Data Storage and Transmission in Cloud Computing

The Need for Service Catalog Design in Cloud Services Development

Tufts University. Department of Computer Science. COMP 116 Introduction to Computer Security Fall 2014 Final Project. Guocui Gao

Security Policy JUNE 1, SalesNOW. Security Policy v v

Security Model for VM in Cloud

Evaluate the Usability of Security Audits in Electronic Commerce

Cloud Computing Security Audit

Cloud Computing Security Challenges and their Compromised Attributes

Keywords Cloud Storage, Error Identification, Partitioning, Cloud Storage Integrity Checking, Digital Signature Extraction, Encryption, Decryption

Cloud Computing and Security Risk Analysis Qing Liu Technology Architect STREAM Technology Lab

In-House Vs. Hosted Security. 10 Reasons Why Your is More Secure in a Hosted Environment

Performance Evaluation of Cloud Database and Traditional Database in terms of Response Time while Retrieving the Data

A Comprehensive Study on Cloud Computing Standardization

Cloud Data Protection for the Masses

Why SaaS (Software as a Service) and not COTS (Commercial Off The Shelf software)?

Mitigating Information Security Risks of Virtualization Technologies

Managing Cloud Computing Risk

Security Issues in Cloud Computing

SECURITY & DATA PROTECTION ON THE CLOUD. Evènement parallèle organisé par l ANSI 16 novembre 2015 Hammamet, Tunisie

PART D NETWORK SERVICES

5 International Journal of Scientific & Engineering Research, Volume Ŝǰȱ ȱřǰȱ ȬŘŖŗśȱȱ ISSN

Security & Trust in the Cloud

A Guide to Common Cloud Security Concerns. Why You Can Stop Worrying and Start Benefiting from SaaS

OFFICE OF AUDITS & ADVISORY SERVICES CLOUD COMPUTING AUDIT FINAL REPORT

Cloud Computing Governance & Security. Security Risks in the Cloud

Cloud Computing: Background, Risks and Audit Recommendations

1. Open the preferences screen by opening the Mail menu and selecting Preferences...

Chapter 10. Cloud Security Mechanisms

SMS. Cloud Computing. Systems Management Specialists. Grupo SMS option 3 for sales

A Survey on Security Issues and Security Schemes for Cloud and Multi-Cloud Computing

Incident Response Plan for PCI-DSS Compliance

PROPOSED PROCEDURES FOR AN IDENTITY THEFT PROTECTION PROGRAM Setoff Debt Collection and GEAR Collection Programs

Hosted File Backup for business. Keep your data safe with our cloud backup service

The Panoptix Building Efficiency Solution: Ensuring a Secure Delivery of Building Efficiency

Cloud Computing; What is it, How long has it been here, and Where is it going?

10/25/2012 BY VORAPOJ LOOKMAIPUN CISSP, CISA, CISM, CRISC, CEH Agenda. Security Cases What is Cloud? Road Map Security Concerns

Information Security Awareness Training Gramm-Leach-Bliley Act (GLB Act)

Secure Attack Measure Selection and Intrusion Detection in Virtual Cloud Networks. Karnataka.

Security Management of Cloud-Native Applications. Presented By: Rohit Sharma MSc in Dependable Software Systems (DESEM)

Virtualization Impact on Compliance and Audit

Cloud Computing and Records Management

Chapter 1 The Principles of Auditing 1

Allison Stanton, Director of E-Discovery U.S. Department of Justice, Civil Division. U.S. Department of Agriculture

Cloud Computing: Risks and Auditing

Compliance & SAP Security. Secure SAP applications based on state-of-the-art user & system concepts. Driving value with IT

Deploying Public, Private, and Hybrid Storage Clouds. Marty Stogsdill, Oracle

Secure Multi Tenancy In the Cloud. Boris Strongin VP Engineering and Co-founder, Hytrust Inc.

To configure Outlook Express for your InfoMetrics address:

Securing and Auditing Cloud Computing. Jason Alexander Chief Information Security Officer

Enhancing Information Security in Cloud Computing Services using SLA Based Metrics

VMware vcloud Air Security TECHNICAL WHITE PAPER

EXIN Cloud Computing Foundation

International Journal of Scientific & Engineering Research, Volume 6, Issue 5, May ISSN

The vision of DNB on the supervision of cloud-computing

Getting a Secure Intranet

Cloud Security. Nantawan Wongkachonkitti Electronic Government Agency, Thailand Cloud Security Alliance, Thailand Chapter October 2014

CSO Cloud Computing Study. January 2012

Penetration Testing Service. By Comsec Information Security Consulting

REPORT ON AUDIT OF LOCAL AREA NETWORK OF C-STAR LAB

Profound Outdoors Privacy Policy

Cloud Computing. Cloud Computing An insight in the Governance & Security aspects

Validation of a Cloud-Based ERP system, in practice. Regulatory Affairs Conference Raleigh. 8Th September 2014

Top 10 Cloud Risks That Will Keep You Awake at Night

CLOUD TECHNOLOGY IMPLEMENTATION/SECURITY

Open Thunderbird. To set up an account in Thunderbird, from the Tools menu select Account Settings; choose account; then click Next.

Security Digital Certificate Manager

Intel Enhanced Data Security Assessment Form

Security Inspection Inc. Solutions to secure your network

Chapter 7: Trends in technology impacting SDLC Learning objective Introduction Technology Trends

Hosted File Back-up for business. Keep your data safe with our cloud back-up service

Cloud Security Overview

N TH THIRD PARTY AUDITING FOR DATA INTEGRITY IN CLOUD. R.K.Ramesh 1, P.Vinoth Kumar 2 and R.Jegadeesan 3 ABSTRACT

DETAILED RISK ASSESSMENT REPORT

A Survey on Cloud Security Issues and Techniques

Audit Report. Effectiveness of IT Controls at the Global Fund Follow-up report. GF-OIG-15-20b 26 November 2015 Geneva, Switzerland

Transcription:

Security Techniques for Protecting Data in Cloud Computing one SHOULD know WHAT... Venkata Sravan Kumar Maddineni, Blekinge Institute of Technology IT Security for the Next Generation European Cup, Prague 17-19 February, 2012

Presentation Agenda Introduction Motivation Aims & Objectives Research Questions Research Methodology Systematic Literature Review Survey Results Conclusion Future Work

Introduction NIST defines Cloud Computing as: " Cloud Computing is a model for enabling ubiquitous, convenient, on demand network access to a shared pool of configurable computing resources that can be rapidly provisioned and released with minimal management effort or service provider interaction" PAGE 3

Importance of SECURITY in Cloud Computing Source: http://blogs.idc.com/ie/wp-content/uploads/2009/12/idc_cloud_challenges_2009.jpg PAGE 4

Motivation Security issues when part of the local network data resides in a Cloud. (Data at TRANSIT) Security issues when the total data resides within a Cloud. (Data at REST) PAGE 5

Aims & Objectives Aim: To identify and understand the security issues which effect the performance of Cloud Computing. Also, to understand the security techniques which are being used to mitigate these security issues. Thereby providing the standard guidelines for the Cloud service providers and as well as for Cloud users. Objectives: To understand the security issues and to identify the appropriate security techniques those are being used in the current world of Cloud Computing. To identify the security challenges those are expected in the future of Cloud Computing. To suggest some counter measures for the future challenges to be faced in Cloud Computing. PAGE 6

Research Questions Research Question 1: What are the various security techniques being used by the leading Cloud Computing providers, when the data is being transferred between the Cloud and a local network? Research Question 2: What are the various security techniques being used to prevent unauthorized access to data within the Cloud? Research Question 3: What are the major security challenges we expect in future Cloud Computing? Research Question 4: How can we handle security problems that are expected in future Cloud Computing? PAGE 7

Research Methodology PAGE 8

Systematic Literature Review (SLR) SLR is a means of identifying, evaluating and interpreting all available research relevant to a particular research question, topic and phenomenon of interest. Three stages in SLR: PLANNING CONDUCTING REPORTING Search string constructed: ((cloud computing) AND (security) AND (technique* OR method* OR challenge*)) Databases searched: IEEE Xplore Springerlink Science Direct Scopus PAGE 9

SLR Results Totally 43 Security challenges are indentified during the SLR and compromised attributes are: Totally 34 security techniques are indentified during the SLR and impact of these techniques are on.. PAGE 10

Survey & Survey Results A survey is a systematic method of collecting data from a population of interest. It tends to be quantitative in nature and aims to collect information from a sample of the population such that the results are representative of the population within a certain degree of error. Survey methods used: Face to face interviews Electronic survey: Survey Results:» Mailed questionnaire» Online survey Totally 16 number of partially and completed responses from security experts. Identified 21 security challenges including with future challenges. Identified 10 security techniques and 9 suggestions to handle the future security challenges. PAGE 11

Conclusion For Research Questions 1: Service Level Agreement (SLA) Secure Socket Layer (SSL) Role Based Access Control Identity based Authentication Third party Auditor Proof of retrievability For Research Questions 2: SSL Multi tenancy based access control Intrusion Detection system Virtual private network A Novel Cloud dependability model Hadoop Distribution file system PAGE 12

Conclusion For Research Questions 3: Virtual machine Security Trusted Transactions Espionage Hypervisor Viruses Risk of multiple cloud tenants Legal Interception Point For Research Questions 4: Increased efforts in risk management Ensure strong Authentication and Access controls Increased efforts to mitigate harmful codes and legal responsibility Data protection at both design and run time PAGE 13

Future Work To find an optimum security solutions for the specific services in the cloud. To work on regulatory, compliance issues and jurisdiction laws. To investigate the appropriate solutions to over come future challenges. Survey conducted can be extended. Research work can be extended by using different research methodologies. PAGE 14

Thank You Venkata Sravan Kumar Maddineni, Blekinge Institute of Technology IT Security for the Next Generation European Cup, Prague 17-19 February, 2012

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information