SlideShare ist ein Scribd-Unternehmen logo

Cloud Computing Security

Als PPTX, PDF herunterladen
N
neicher

http://www.zinatullin.com

TechnologieBusiness
1 von 18
Leron Zinatullin Cloud Computing Security www.zinatullin.com
Summary • Overview • Benefits • Concerns • Threats • Vulnerabilities • Countermeasures • Conclusion
Typical Network Security Threats
“I don’t understand what we would do differently in the light of cloud computing other than change the wording of some of our ads. ” Larry Ellison, CEO, Oracle
Cloud computing is a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction. Mell, Peter, and Timothy Grance. "The NIST definition of cloud computing." NIST special publication 800 (2011): 145.
Cloud Definition Framework
Benefits of Cloud Computing • Minimized capital expenditure • Location and device independence • Utilization and efficiency improvement • Very high scalability • High computing power
Concerns in using Cloud Computing
Aspects of Cloud Computing Security Pronemon Institute – April 2011 – Survey of 127 US and EU cloud service providers
Threats-Vulnerabilities- Countermeasures
Threats • Data Breaches • Data Loss • Account or Service Traffic Hijacking • Insecure APIs • Denial of Service (DoS) • Malicious insiders • Abuse of Nefarious Use • Insufficient due diligence • Shared Technology Vulnerabilities
Vulnerabilities • Session Riding and Hijacking • Reliability and Availability of Service • Insecure Cryptography • Data Protection and Portability • Virtual Machine Escape • Vendor Lock-in • Internet Dependency
Countermeasures • Policies and procedures • Software configurations • Encryption • Separation of duties • Identity management • Good Service Level Agreement
Pros and Cons CloudSecurityUpside CloudSecurityDownside StaffSkillsandSpecialization SystemComplexity PlatformStrength SharedMulti-tenantEnvironment RecourseAvailability Internet-facingServices BackupandRecovery LossofControl MobileEndpoints BotnetofHackers CrossDataCenterandCloud MechanismCracking NIST Guidelines on Security and Privacy in Public Cloud Computing
Summary • Overview • Benefits • Concerns • Threats • Vulnerabilities • Countermeasures • Conclusion
Thank you!
Questions?

Empfohlen

Cloud computing
Cloud computingCloud computing
Cloud computingnehajaiswal11111
 
Employ the Cloud for Efficient Content Analytics - 10 november 2011
Employ the Cloud for Efficient Content Analytics - 10 november 2011Employ the Cloud for Efficient Content Analytics - 10 november 2011
Employ the Cloud for Efficient Content Analytics - 10 november 2011Samir Batla
 
cloud storage
cloud storagecloud storage
cloud storageobrita youkhane
 
Cloud computing
Cloud computingCloud computing
Cloud computingDevi Prasad
 
Cloud Computing and Distance Education
Cloud Computing and Distance EducationCloud Computing and Distance Education
Cloud Computing and Distance EducationRoryMcGreal
 
Cloud computing-pdf
Cloud computing-pdfCloud computing-pdf
Cloud computing-pdfSubash Basnet
 
cloud abstract
cloud abstractcloud abstract
cloud abstractBapuji Valaboju
 
Cloud Computing & Security Concerns
Cloud Computing & Security ConcernsCloud Computing & Security Concerns
Cloud Computing & Security ConcernsUniversity of San Francisco
 

Empfohlen

Cloud computing
Cloud computingCloud computing
Cloud computingnehajaiswal11111
 
Employ the Cloud for Efficient Content Analytics - 10 november 2011
Employ the Cloud for Efficient Content Analytics - 10 november 2011Employ the Cloud for Efficient Content Analytics - 10 november 2011
Employ the Cloud for Efficient Content Analytics - 10 november 2011Samir Batla
 
cloud storage
cloud storagecloud storage
cloud storageobrita youkhane
 
Cloud computing
Cloud computingCloud computing
Cloud computingDevi Prasad
 
Cloud Computing and Distance Education
Cloud Computing and Distance EducationCloud Computing and Distance Education
Cloud Computing and Distance EducationRoryMcGreal
 
Cloud computing-pdf
Cloud computing-pdfCloud computing-pdf
Cloud computing-pdfSubash Basnet
 
cloud abstract
cloud abstractcloud abstract
cloud abstractBapuji Valaboju
 
Cloud Computing & Security Concerns
Cloud Computing & Security ConcernsCloud Computing & Security Concerns
Cloud Computing & Security ConcernsUniversity of San Francisco
 
A comparative study between cloud computing and fog
A comparative study between cloud computing and fog A comparative study between cloud computing and fog
A comparative study between cloud computing and fog Manash Kumar Mondal
 
Cloud Computing
Cloud ComputingCloud Computing
Cloud ComputingKelvin Lam
 
cloud storage
cloud storagecloud storage
cloud storagedriley9
 
Cloud computing
Cloud computingCloud computing
Cloud computingJerry Dias
 
Firewall
FirewallFirewall
FirewallNaga Dinesh
 
Grid Computing
Grid ComputingGrid Computing
Grid ComputingArun Basil Lal
 
How Secure is Cloud
How Secure is CloudHow Secure is Cloud
How Secure is Cloudoneclicklearningbd
 
Impact of cloud computing in education, e governance
Impact of cloud computing in education, e governanceImpact of cloud computing in education, e governance
Impact of cloud computing in education, e governanceAsim Kumar Pathak
 
Introduction to Cloud Computing
Introduction to Cloud ComputingIntroduction to Cloud Computing
Introduction to Cloud ComputingHetal Chourasia
 
Cloud computing
Cloud computingCloud computing
Cloud computingAmit Kumar
 
Grid Computing
Grid ComputingGrid Computing
Grid ComputingPhương Đông
 
Cloud storage
Cloud storageCloud storage
Cloud storagechautingfong
 
Cloud and openstack
Cloud and openstackCloud and openstack
Cloud and openstackRahul Sharma
 
What Is Cloud Computing
What Is Cloud ComputingWhat Is Cloud Computing
What Is Cloud ComputingLisa Tomberlin Copeland
 
Cloud.ppt
Cloud.pptCloud.ppt
Cloud.pptRaj Chakrabarty
 
Grid computing
Grid computingGrid computing
Grid computingMohsenRezaei43
 
Cloud with Cyber Security
Cloud with Cyber SecurityCloud with Cyber Security
Cloud with Cyber SecurityNiki Upadhyay
 
Cloud computing security
Cloud computing security Cloud computing security
Cloud computing security Akhila Param
 
Cloud Computing security issues
Cloud Computing security issuesCloud Computing security issues
Cloud Computing security issuesPradeepti Kamble
 
Cloud Computing Security
Cloud Computing SecurityCloud Computing Security
Cloud Computing SecurityNinh Nguyen
 
Hpe secure data-payments-pci-dss-control-applicability-assessment
Hpe secure data-payments-pci-dss-control-applicability-assessmentHpe secure data-payments-pci-dss-control-applicability-assessment
Hpe secure data-payments-pci-dss-control-applicability-assessmentat MicroFocus Italy ❖✔
 
How to do pci compliance in google apps
How to do pci compliance in google appsHow to do pci compliance in google apps
How to do pci compliance in google appsSysCloud
 

Weitere ähnliche Inhalte

Was ist angesagt?

A comparative study between cloud computing and fog
A comparative study between cloud computing and fog A comparative study between cloud computing and fog
A comparative study between cloud computing and fog Manash Kumar Mondal
 
Cloud Computing
Cloud ComputingCloud Computing
Cloud ComputingKelvin Lam
 
cloud storage
cloud storagecloud storage
cloud storagedriley9
 
Cloud computing
Cloud computingCloud computing
Cloud computingJerry Dias
 
Impact of cloud computing in education, e governance
Impact of cloud computing in education, e governanceImpact of cloud computing in education, e governance
Impact of cloud computing in education, e governanceAsim Kumar Pathak
 
Introduction to Cloud Computing
Introduction to Cloud ComputingIntroduction to Cloud Computing
Introduction to Cloud ComputingHetal Chourasia
 
Cloud computing
Cloud computingCloud computing
Cloud computingAmit Kumar
 
Cloud and openstack
Cloud and openstackCloud and openstack
Cloud and openstackRahul Sharma
 
Cloud with Cyber Security
Cloud with Cyber SecurityCloud with Cyber Security
Cloud with Cyber SecurityNiki Upadhyay
 
Cloud computing security
Cloud computing security Cloud computing security
Cloud computing security Akhila Param
 
Cloud Computing security issues
Cloud Computing security issuesCloud Computing security issues
Cloud Computing security issuesPradeepti Kamble
 

Was ist angesagt? (19)

A comparative study between cloud computing and fog
A comparative study between cloud computing and fog A comparative study between cloud computing and fog
A comparative study between cloud computing and fog
 
Cloud Computing
Cloud ComputingCloud Computing
Cloud Computing
 
cloud storage
cloud storagecloud storage
cloud storage
 
Cloud computing
Cloud computingCloud computing
Cloud computing
 
Firewall
FirewallFirewall
Firewall
 
Grid Computing
Grid ComputingGrid Computing
Grid Computing
 
How Secure is Cloud
How Secure is CloudHow Secure is Cloud
How Secure is Cloud
 
Impact of cloud computing in education, e governance
Impact of cloud computing in education, e governanceImpact of cloud computing in education, e governance
Impact of cloud computing in education, e governance
 
Introduction to Cloud Computing
Introduction to Cloud ComputingIntroduction to Cloud Computing
Introduction to Cloud Computing
 
Cloud computing
Cloud computingCloud computing
Cloud computing
 
Grid Computing
Grid ComputingGrid Computing
Grid Computing
 
Cloud storage
Cloud storageCloud storage
Cloud storage
 
Cloud and openstack
Cloud and openstackCloud and openstack
Cloud and openstack
 
What Is Cloud Computing
What Is Cloud ComputingWhat Is Cloud Computing
What Is Cloud Computing
 
Cloud.ppt
Cloud.pptCloud.ppt
Cloud.ppt
 
Grid computing
Grid computingGrid computing
Grid computing
 
Cloud with Cyber Security
Cloud with Cyber SecurityCloud with Cyber Security
Cloud with Cyber Security
 
Cloud computing security
Cloud computing security Cloud computing security
Cloud computing security
 
Cloud Computing security issues
Cloud Computing security issuesCloud Computing security issues
Cloud Computing security issues
 

Andere mochten auch

Cloud Computing Security
Cloud Computing SecurityCloud Computing Security
Cloud Computing SecurityNinh Nguyen
 
Hpe secure data-payments-pci-dss-control-applicability-assessment
Hpe secure data-payments-pci-dss-control-applicability-assessmentHpe secure data-payments-pci-dss-control-applicability-assessment
Hpe secure data-payments-pci-dss-control-applicability-assessmentat MicroFocus Italy ❖✔
 
How to do pci compliance in google apps
How to do pci compliance in google appsHow to do pci compliance in google apps
How to do pci compliance in google appsSysCloud
 
Privacy Concerns and Cloud Computing
Privacy Concerns and Cloud ComputingPrivacy Concerns and Cloud Computing
Privacy Concerns and Cloud ComputingAIIM International
 
Grow your business by shaping the human impacts of technology
Grow your business by shaping the human impacts of technologyGrow your business by shaping the human impacts of technology
Grow your business by shaping the human impacts of technologyMichael Siepmann, Ph.D.
 
10 security concerns cloud computing
10 security concerns cloud computing10 security concerns cloud computing
10 security concerns cloud computingHossam Zein
 
Cloud Computing Security Issues
Cloud Computing Security IssuesCloud Computing Security Issues
Cloud Computing Security IssuesStelios Krasadakis
 
Government cloud computing_strategy
Government cloud computing_strategyGovernment cloud computing_strategy
Government cloud computing_strategyGovCloud Network
 
Cloud Computing: Architecture, IT Security and Operational Perspectives
Cloud Computing: Architecture, IT Security and Operational PerspectivesCloud Computing: Architecture, IT Security and Operational Perspectives
Cloud Computing: Architecture, IT Security and Operational PerspectivesMegan Eskey
 
ОО" Шоола Кол" презентация Результаты поиска Санкт-Петербург 14 октября
ОО" Шоола Кол" презентация Результаты поиска Санкт-Петербург 14 октябряОО" Шоола Кол" презентация Результаты поиска Санкт-Петербург 14 октября
ОО" Шоола Кол" презентация Результаты поиска Санкт-Петербург 14 октябряАсылбек Айтматов
 
Abusing Social Networks for Automated User Profiling
Abusing Social Networks for Automated User ProfilingAbusing Social Networks for Automated User Profiling
Abusing Social Networks for Automated User ProfilingMarco Balduzzi
 
Backup-File Artifacts - OWASP Khartoum InfoSec Sessions 2016 - Mazin Ahmed
Backup-File Artifacts - OWASP Khartoum InfoSec Sessions 2016 - Mazin AhmedBackup-File Artifacts - OWASP Khartoum InfoSec Sessions 2016 - Mazin Ahmed
Backup-File Artifacts - OWASP Khartoum InfoSec Sessions 2016 - Mazin AhmedMazin Ahmed
 
HITB2012AMS - SatanCloud: A Journey Into the Privacy and Security Risks of Cl...
HITB2012AMS - SatanCloud: A Journey Into the Privacy and Security Risks of Cl...HITB2012AMS - SatanCloud: A Journey Into the Privacy and Security Risks of Cl...
HITB2012AMS - SatanCloud: A Journey Into the Privacy and Security Risks of Cl...Marco Balduzzi
 
HTTP(S)-Based Clustering for Assisted Cybercrime Investigations
HTTP(S)-Based Clustering for Assisted Cybercrime Investigations HTTP(S)-Based Clustering for Assisted Cybercrime Investigations
HTTP(S)-Based Clustering for Assisted Cybercrime InvestigationsMarco Balduzzi
 
TUGAS PTI MOTHERBOARD DAN MODEM
TUGAS PTI MOTHERBOARD DAN MODEMTUGAS PTI MOTHERBOARD DAN MODEM
TUGAS PTI MOTHERBOARD DAN MODEMika aprilia
 

Andere mochten auch (20)

Cloud Computing Security
Cloud Computing SecurityCloud Computing Security
Cloud Computing Security
 
Hpe secure data-payments-pci-dss-control-applicability-assessment
Hpe secure data-payments-pci-dss-control-applicability-assessmentHpe secure data-payments-pci-dss-control-applicability-assessment
Hpe secure data-payments-pci-dss-control-applicability-assessment
 
How to do pci compliance in google apps
How to do pci compliance in google appsHow to do pci compliance in google apps
How to do pci compliance in google apps
 
How to Overcome Content Security Concerns in the Cloud
How to Overcome Content Security Concerns in the CloudHow to Overcome Content Security Concerns in the Cloud
How to Overcome Content Security Concerns in the Cloud
 
Privacy Concerns and Cloud Computing
Privacy Concerns and Cloud ComputingPrivacy Concerns and Cloud Computing
Privacy Concerns and Cloud Computing
 
Grow your business by shaping the human impacts of technology
Grow your business by shaping the human impacts of technologyGrow your business by shaping the human impacts of technology
Grow your business by shaping the human impacts of technology
 
10 security concerns cloud computing
10 security concerns cloud computing10 security concerns cloud computing
10 security concerns cloud computing
 
Cloud Computing Security Issues
Cloud Computing Security IssuesCloud Computing Security Issues
Cloud Computing Security Issues
 
Government cloud computing_strategy
Government cloud computing_strategyGovernment cloud computing_strategy
Government cloud computing_strategy
 
Cloud Computing Strategy and Architecture
Cloud Computing Strategy and ArchitectureCloud Computing Strategy and Architecture
Cloud Computing Strategy and Architecture
 
Cloud Computing: Architecture, IT Security and Operational Perspectives
Cloud Computing: Architecture, IT Security and Operational PerspectivesCloud Computing: Architecture, IT Security and Operational Perspectives
Cloud Computing: Architecture, IT Security and Operational Perspectives
 
ОО" Шоола Кол" презентация Результаты поиска Санкт-Петербург 14 октября
ОО" Шоола Кол" презентация Результаты поиска Санкт-Петербург 14 октябряОО" Шоола Кол" презентация Результаты поиска Санкт-Петербург 14 октября
ОО" Шоола Кол" презентация Результаты поиска Санкт-Петербург 14 октября
 
Christmas
ChristmasChristmas
Christmas
 
Abusing Social Networks for Automated User Profiling
Abusing Social Networks for Automated User ProfilingAbusing Social Networks for Automated User Profiling
Abusing Social Networks for Automated User Profiling
 
Adauga un text
Adauga un textAdauga un text
Adauga un text
 
Backup-File Artifacts - OWASP Khartoum InfoSec Sessions 2016 - Mazin Ahmed
Backup-File Artifacts - OWASP Khartoum InfoSec Sessions 2016 - Mazin AhmedBackup-File Artifacts - OWASP Khartoum InfoSec Sessions 2016 - Mazin Ahmed
Backup-File Artifacts - OWASP Khartoum InfoSec Sessions 2016 - Mazin Ahmed
 
Presentation1
Presentation1Presentation1
Presentation1
 
HITB2012AMS - SatanCloud: A Journey Into the Privacy and Security Risks of Cl...
HITB2012AMS - SatanCloud: A Journey Into the Privacy and Security Risks of Cl...HITB2012AMS - SatanCloud: A Journey Into the Privacy and Security Risks of Cl...
HITB2012AMS - SatanCloud: A Journey Into the Privacy and Security Risks of Cl...
 
HTTP(S)-Based Clustering for Assisted Cybercrime Investigations
HTTP(S)-Based Clustering for Assisted Cybercrime Investigations HTTP(S)-Based Clustering for Assisted Cybercrime Investigations
HTTP(S)-Based Clustering for Assisted Cybercrime Investigations
 
TUGAS PTI MOTHERBOARD DAN MODEM
TUGAS PTI MOTHERBOARD DAN MODEMTUGAS PTI MOTHERBOARD DAN MODEM
TUGAS PTI MOTHERBOARD DAN MODEM
 

Ähnlich wie Cloud Computing Security

Effectively and Securely Using the Cloud Computing Paradigm
Effectively and Securely Using the Cloud Computing ParadigmEffectively and Securely Using the Cloud Computing Paradigm
Effectively and Securely Using the Cloud Computing Paradigmfanc1985
 
Plenary_three_Cloud_computing_-_is_social_housing_ready_for_it_-_Phil_Copperw...
Plenary_three_Cloud_computing_-_is_social_housing_ready_for_it_-_Phil_Copperw...Plenary_three_Cloud_computing_-_is_social_housing_ready_for_it_-_Phil_Copperw...
Plenary_three_Cloud_computing_-_is_social_housing_ready_for_it_-_Phil_Copperw...Phil Copperwheat
 
Cloudcomputingoct2009 100301142544-phpapp02
Cloudcomputingoct2009 100301142544-phpapp02Cloudcomputingoct2009 100301142544-phpapp02
Cloudcomputingoct2009 100301142544-phpapp02abhisheknayak29
 
Presentation on Effectively and Securely Using the Cloud Computing Paradigm v26
Presentation on Effectively and Securely Using the Cloud Computing Paradigm v26Presentation on Effectively and Securely Using the Cloud Computing Paradigm v26
Presentation on Effectively and Securely Using the Cloud Computing Paradigm v26Bill Annibell
 
Presentation On Effectively And Securely Using The Cloud Computing Paradigm V26
Presentation On Effectively And Securely Using The Cloud Computing Paradigm V26Presentation On Effectively And Securely Using The Cloud Computing Paradigm V26
Presentation On Effectively And Securely Using The Cloud Computing Paradigm V26TT L
 
Gitex journey to the cloud
Gitex journey to the cloudGitex journey to the cloud
Gitex journey to the cloudJorge Sebastiao
 
glenn_amblercloud_security_ncc_event_22-may-2012_v1 (9)
glenn_amblercloud_security_ncc_event_22-may-2012_v1 (9)glenn_amblercloud_security_ncc_event_22-may-2012_v1 (9)
glenn_amblercloud_security_ncc_event_22-may-2012_v1 (9)Glenn Ambler
 
Security of Data in Cloud Environment Using DPaaS
Security of Data in Cloud Environment Using DPaaSSecurity of Data in Cloud Environment Using DPaaS
Security of Data in Cloud Environment Using DPaaSIJMER
 
Cloud computing..
Cloud computing..Cloud computing..
Cloud computing..manoj kumar
 
Cloudcamp- The World Wide Cloud
Cloudcamp- The World Wide CloudCloudcamp- The World Wide Cloud
Cloudcamp- The World Wide CloudReuven Cohen
 
Cloud Ecosystems A Perspective
Cloud Ecosystems A PerspectiveCloud Ecosystems A Perspective
Cloud Ecosystems A Perspectivejmcdaniel650
 
Cloudhnologysstecociat
CloudhnologysstecociatCloudhnologysstecociat
CloudhnologysstecociatAnne Starr
 
Cloud computing – An Overview
Cloud computing – An OverviewCloud computing – An Overview
Cloud computing – An OverviewKannan Subbiah
 

Ähnlich wie Cloud Computing Security (20)

Effectively and Securely Using the Cloud Computing Paradigm
Effectively and Securely Using the Cloud Computing ParadigmEffectively and Securely Using the Cloud Computing Paradigm
Effectively and Securely Using the Cloud Computing Paradigm
 
Plenary_three_Cloud_computing_-_is_social_housing_ready_for_it_-_Phil_Copperw...
Plenary_three_Cloud_computing_-_is_social_housing_ready_for_it_-_Phil_Copperw...Plenary_three_Cloud_computing_-_is_social_housing_ready_for_it_-_Phil_Copperw...
Plenary_three_Cloud_computing_-_is_social_housing_ready_for_it_-_Phil_Copperw...
 
Cloud computing
Cloud computingCloud computing
Cloud computing
 
Cloudcomputingoct2009 100301142544-phpapp02
Cloudcomputingoct2009 100301142544-phpapp02Cloudcomputingoct2009 100301142544-phpapp02
Cloudcomputingoct2009 100301142544-phpapp02
 
Presentation on Effectively and Securely Using the Cloud Computing Paradigm v26
Presentation on Effectively and Securely Using the Cloud Computing Paradigm v26Presentation on Effectively and Securely Using the Cloud Computing Paradigm v26
Presentation on Effectively and Securely Using the Cloud Computing Paradigm v26
 
Presentation On Effectively And Securely Using The Cloud Computing Paradigm V26
Presentation On Effectively And Securely Using The Cloud Computing Paradigm V26Presentation On Effectively And Securely Using The Cloud Computing Paradigm V26
Presentation On Effectively And Securely Using The Cloud Computing Paradigm V26
 
Gitex journey to the cloud
Gitex journey to the cloudGitex journey to the cloud
Gitex journey to the cloud
 
glenn_amblercloud_security_ncc_event_22-may-2012_v1 (9)
glenn_amblercloud_security_ncc_event_22-may-2012_v1 (9)glenn_amblercloud_security_ncc_event_22-may-2012_v1 (9)
glenn_amblercloud_security_ncc_event_22-may-2012_v1 (9)
 
Cloud security
Cloud securityCloud security
Cloud security
 
Presd1 10
Presd1 10Presd1 10
Presd1 10
 
Cloud computing
Cloud computingCloud computing
Cloud computing
 
Security of Data in Cloud Environment Using DPaaS
Security of Data in Cloud Environment Using DPaaSSecurity of Data in Cloud Environment Using DPaaS
Security of Data in Cloud Environment Using DPaaS
 
4831586.ppt
4831586.ppt4831586.ppt
4831586.ppt
 
Cloud computing..
Cloud computing..Cloud computing..
Cloud computing..
 
Understanding Cloud Computing
Understanding Cloud ComputingUnderstanding Cloud Computing
Understanding Cloud Computing
 
Cloudcamp- The World Wide Cloud
Cloudcamp- The World Wide CloudCloudcamp- The World Wide Cloud
Cloudcamp- The World Wide Cloud
 
Cloud Ecosystems A Perspective
Cloud Ecosystems A PerspectiveCloud Ecosystems A Perspective
Cloud Ecosystems A Perspective
 
Cloudhnologysstecociat
CloudhnologysstecociatCloudhnologysstecociat
Cloudhnologysstecociat
 
Testing with the Cloud
Testing with the CloudTesting with the Cloud
Testing with the Cloud
 
Cloud computing – An Overview
Cloud computing – An OverviewCloud computing – An Overview
Cloud computing – An Overview
 

Kürzlich hochgeladen

DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDropbox
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024The Digital Insurer
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...apidays
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Jeffrey Haguewood
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc
 
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Zilliz
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobeapidays
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?Igalia
 
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu SubbuApidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbuapidays
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...apidays
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MIND CTI
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CVKhem
 
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot ModelNavi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot ModelDeepika Singh
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 

Kürzlich hochgeladen (20)

DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu SubbuApidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot ModelNavi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 

Cloud Computing Security

  • 1. Leron Zinatullin Cloud Computing Security www.zinatullin.com
  • 2. Summary • Overview • Benefits • Concerns • Threats • Vulnerabilities • Countermeasures • Conclusion
  • 3.
  • 5. “I don’t understand what we would do differently in the light of cloud computing other than change the wording of some of our ads. ” Larry Ellison, CEO, Oracle
  • 6. Cloud computing is a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction. Mell, Peter, and Timothy Grance. "The NIST definition of cloud computing." NIST special publication 800 (2011): 145.
  • 8. Benefits of Cloud Computing • Minimized capital expenditure • Location and device independence • Utilization and efficiency improvement • Very high scalability • High computing power
  • 9. Concerns in using Cloud Computing
  • 10. Aspects of Cloud Computing Security Pronemon Institute – April 2011 – Survey of 127 US and EU cloud service providers
  • 12. Threats • Data Breaches • Data Loss • Account or Service Traffic Hijacking • Insecure APIs • Denial of Service (DoS) • Malicious insiders • Abuse of Nefarious Use • Insufficient due diligence • Shared Technology Vulnerabilities
  • 13. Vulnerabilities • Session Riding and Hijacking • Reliability and Availability of Service • Insecure Cryptography • Data Protection and Portability • Virtual Machine Escape • Vendor Lock-in • Internet Dependency
  • 14. Countermeasures • Policies and procedures • Software configurations • Encryption • Separation of duties • Identity management • Good Service Level Agreement
  • 15. Pros and Cons CloudSecurityUpside CloudSecurityDownside StaffSkillsandSpecialization SystemComplexity PlatformStrength SharedMulti-tenantEnvironment RecourseAvailability Internet-facingServices BackupandRecovery LossofControl MobileEndpoints BotnetofHackers CrossDataCenterandCloud MechanismCracking NIST Guidelines on Security and Privacy in Public Cloud Computing
  • 16. Summary • Overview • Benefits • Concerns • Threats • Vulnerabilities • Countermeasures • Conclusion