Security in cloud computing kashyap kunal
Download as PPTX, PDF•1 like•646 views
This document discusses data security in cloud computing. It defines cloud computing and describes the types including SaaS, PaaS, and IaaS. It also covers deployment types such as private, public, and hybrid clouds. While cloud computing provides security advantages through data centralization and logging, it also poses security disadvantages regarding data location and regulatory compliance. Major security threats in the cloud include abuse of cloud services, insecure APIs, and data loss. Risk analysis approaches are needed to estimate security risks and ensure customer data protection in the cloud.
Security in cloud computing kashyap kunal
- 1. Data Security in the cloud : Tactics and Practices INSPIRON-2011 Bangalore , Karnataka Kashyap Kunal(BE-ISE) SAMBHRAM INSTITUTE OF TECHNOLOGY BANGALORE
- 2. What is Cloud Computing? According to AT&T ,CLOUD is: Common Location-independent Online Utility available on-Demand Service. Cloud Computing is internet -based computing where shared resources, software and information are provided to the computer. It promises not just cheaper IT, but also faster, easier, more flexible, and more effective IT . It is also versatile and flexible application of internet. Cloud Computing is not immune to risks and ethical objections, but the fact is that it promises big changes. Consider an example of Hotmail.com , Yahoo.com or Gmail.com where no installation of server or software is required. All you need to acess them is an internet connection .These are simple examples of Cloud Computing.
- 3. Terminology: Types of Cloud: SaaS (Software as a Service) PaaS (Platform as a Service ) IaaS (Infrastructure as a service)
- 4. Deployment Type: Private Cloud (Low Security Risk): -Typically owned by the respective Enterprise. -Functionalities are not directly exposed to customers. Public Cloud(More Security Risk): -Enterprises may use Cloud functionalities from others. -Scope of functionalities may differ. Hybrid Cloud(High Security Risk): -Mixed employment of private & Public cloud. -Provide highly customized, enhanced offerings to local companies & world class application
- 5. Security Advantages in Cloud Computing: Data Centralization Password Assurance Testing Improve the state of Security Software Security Testing Incident Response Forensic Image verification time Logging Security Disadvantages in Cloud Computing: Data Location Investigation Data Segregation Long-term Viability Compromised Servers Regulatory Compliance Recovery
- 6. Major security Issues(Threats) & Challenges: Two Question arise?? How secure is the Data?????? How secure is the Code?????? Top Threats in Cloud Environment according to CSA(Cloud Security Alliance): Abuse and Nefarious Use of Cloud Computing Insecure Application Programming Interfaces Malicious Insiders Shared Technology Vulnerabilities Data Loss/Leakage Account, Service & Traffic Hijacking Unknown Risk Profile
- 7. Security issues in Virtualization: Virtualization is an essential technological characteristic of clouds which hides the technological complexity from the user and enables enhanced flexibility (through Aggregation, Routing and Translation). Types of Virtualization: Full Virtualization: Entire H/W Architecture Replicated Virtually. Para Virtualization: Modified OS that can run concurrently with other OS. More concretely, virtualization supports the following features: Ease of Use Infrastructure Independency Flexibility & Adaptability Location Independence
- 9. RISK ANALYSIS APPROACH: The cloud computing service providers use various security mechanisms to ensure that all the security risks are fully taken care of. However, there are two broad questions:??? How to estimate the risk to data security before putting a job into the cloud? How to ensure customers that their data and programs are safe in provider’s premises? If a cloud service user is able to estimate the risk of his data security then he can have a level of trust with the service provider. If there is a high risk about the data security then it leads to a decrease in trust and vice-versa. Current security technology provides us with some capability to build a certain level of trust in cloud computing in order to analyze Security risks. For example, SSL (Secure Socket Layer), digital signatures, and authentication protocols for proving authentication and access control methods for managing authorization.
- 10. CONCLUSION: Data security dimensions will continuously increase. The security analysis approach will help service providers to ensure their customers about the data security. Risk analysis can be performed. At present, there is a lack of structured analysis approaches . And hence, The security problem in cloud paradigm can be handled frequently and effectively.
- 11. THANK YOU