Department of Computer Science and Engineering and the South Carolina Information Technology Institute - PowerPoint PPT Presentation

1 / 21
About This Presentation
Title:

Department of Computer Science and Engineering and the South Carolina Information Technology Institute

Description:

... (CompuSec) and Communication security (CommSec) 1970s: encryption technologies 1990s: Information security (InfoSec) 2000s: Information Assurance, ... – PowerPoint PPT presentation

Number of Views:189
Avg rating:3.0/5.0
Slides: 22
Provided by: bue6
Category:

less

Transcript and Presenter's Notes

Title: Department of Computer Science and Engineering and the South Carolina Information Technology Institute


1
Cloud Computing Security
2
Reading
  • Reading
  • NIST, The NIST Definition of Cloud Computing,
    csrc.nist.gov/publications/nistpubs/800-145/SP800-
    145.pdf, 2011
  • R. Sandhu, et al., Towards a discipline of
    mission-aware cloud computing, CCSW10 in Proc.
    of the 2010 Cloud Computing Workshop, 13-18,
    2010., http//dl.acm.org/citation.cfm?id1866835.1
    866839collDLdlACMCFID131355972CFTOKEN22051
    019

3
What is cloud computing?
4
The NIST Definition
  • Computing paradigm to support ubiquitous,
    convenient, and on-demand network access to a
    shared pool of computing resources
  • Access characteristics can be rapidly
    provisioned and released with minimal management
    effort or service providers interaction
  • Description
  • Essential characteristics
  • Service model
  • Deployment model

5
Essential Characteristics
  • On-demand self-service
  • Broad network access
  • Resource pooling
  • Rapid elasticity
  • Measured service

6
Service Models
  • Software as a Service (SaaS)
  • Platform as a Service (PaaS)
  • Infrastructure as a Service (IaaS)

7
Deployment Models
  • Private cloud
  • Community cloud
  • Public cloud
  • Hybrid cloud

8
What are the Security concerns regarding Cloud
computing?
9
Why do we need cloud security?
  • Players
  • Cloud provider
  • Service consumer
  • Concerns
  • Availability
  • Security
  • Cloud Security Alliance, https//cloudsecurityalli
    ance.org/

10
Critical Security Areas in Cloud Computing (CSA)
  • Governing in the Cloud
  • Governance and Enterprise Risk Management
  • Legal and Electronic Discovery
  • Compliance and Audit
  • Information Lifecycle Management
  • Portability and Interoperability
  • Operating in the Cloud
  • Traditional Security, Business Continuity, and
    Disaster Recovery
  • Data Center Operations
  • Incident Response, Notification, and Remediation
  • Application Security
  • Encryption and Key Management
  • Identity and Access Management
  • Virtualization

11
Top 10 Customer Issues Eroding Cloud Confidence
(from CSA)
  1. Government regulations keeping pace with the
    market (1.80)
  2. Exit strategies (1.88)
  3. International data privacy (1.90)
  4. Legal issues (2.15)
  5. Contract lock in (2.18)
  6. Data ownership and custodian responsibilities
    (2.18)
  7. Longevity of suppliers (2.20)
  8. Integration of cloud with internal systems (2.23)
  9. Credibility of suppliers (2.30)
  10. Testing and assurance (2.30)

12
Will the cloud stay?
13
Cloud and Security
  • Security difficulties in the cloud
  • Cloud as a security service procider

14
What is Security?
  • 1960s Computer security (CompuSec) and
    Communication security (CommSec)
  • 1970s encryption technologies
  • 1990s Information security (InfoSec)
  • 2000s Information Assurance, Information Warfare
  • 2008-9 Information Dominance
  • 2010s Mission Assurance

15
Mission Assurance
  • Getting the job done
  • Security is a secondary objective
  • Always present malicious entity in a cyber system
  • DoD Mission assurance specification

16
What is a Mission aware cloud?
17
Mission-aware cloud Research problems 1.
  1. Develop a heterogeneous experimental cloud
    computing infrastructure (denoted as the cloud
    henceforth) spanning multiple locations, security
    and assurance levels.
  2. Experimentally explore, develop, and implement
    extensive instrumentation to monitor, measure and
    gather statistical data regarding activities in
    the cloud.

18
Mission-aware cloud Research problems 2.
  1. Analyze gathered data to estimate underlying
    network performance and threat vulnerability
    using regression, analysis of variance, and other
    generalized linear statistical models.
  2. Develop new protocols that cope with denial of
    service (DoS) and insider attacks and ensure
    predictable delivery of mission critical data.
  3. Develop new or enhance existing virtual machines
    (VMs) that enable efficient implementation of
    access control and trust policies to facilitate
    mission assurance.

19
Mission-aware cloud Research problems 3.
  1. Develop models, methodologies and architectures
    for decentralized dynamic management of security
    and assurance policies.
  2. Design automated systems that analyze the
    tradeoffs between security and availability
    versus performance and scalability and take
    corrective action before threats or bottlenecks
    compromise mission assurance.

20
What will be the new technology/capability for
2010s?
21
Next Class Mobile Security
Write a Comment
User Comments (0)
About PowerShow.com