tailieunhanh - Research in Cloud Computing

Research in Cloud Computing provides about The Network Level, The Network Level - Mitigation, Local Host Security, Data Security and Storage, Auditing, monitoring and risk management, Privacy breaches, responsible for protecting privacy. | Bharat Bhargava bbshail@ Computer Science Purdue University Research in Cloud Computing YounSun Cho cho52@ Computer Science Purdue University Anya Kim Naval Research Lab Talk Objectives A high-level discussion of the fundamental challenges and issues/characteristics of cloud computing Identify a few security and privacy issues within this framework Propose some approaches to addressing these issues Preliminary ideas to think about Security and Privacy Issues in Cloud Computing - Big Picture Infrastructure Security Data Security and Storage Identity and Access Management (IAM) Privacy And more From [6] Cloud Security and Privacy by Mather and Kumaraswamy Infrastructure Security Network Level Host Level Application Level The Network Level Ensuring confidentiality and integrity of your organization’s data-in-transit to and from your public cloud provider Ensuring proper access control (authentication, authorization, and auditing) . | Bharat Bhargava bbshail@ Computer Science Purdue University Research in Cloud Computing YounSun Cho cho52@ Computer Science Purdue University Anya Kim Naval Research Lab Talk Objectives A high-level discussion of the fundamental challenges and issues/characteristics of cloud computing Identify a few security and privacy issues within this framework Propose some approaches to addressing these issues Preliminary ideas to think about Security and Privacy Issues in Cloud Computing - Big Picture Infrastructure Security Data Security and Storage Identity and Access Management (IAM) Privacy And more From [6] Cloud Security and Privacy by Mather and Kumaraswamy Infrastructure Security Network Level Host Level Application Level The Network Level Ensuring confidentiality and integrity of your organization’s data-in-transit to and from your public cloud provider Ensuring proper access control (authentication, authorization, and auditing) to whatever resources you are using at your public cloud provider Ensuring availability of the Internet-facing resources in a public cloud that are being used by your organization, or have been assigned to your organization by your public cloud providers Replacing the established model of network zones and tiers with domains From [6] Cloud Security and Privacy by Mather and Kumaraswamy The Network Level - Mitigation Note that network-level risks exist regardless of what aspects of “cloud computing” services are being used The primary determination of risk level is therefore not which *aaS is being used, But rather whether your organization intends to use or is using a public, private, or hybrid cloud. From [6] Cloud Security and Privacy by Mather and Kumaraswamy The Host Level SaaS/PaaS Both the PaaS and SaaS platforms abstract and hide the host OS from end users Host security responsibilities are transferred to the CSP (Cloud Service Provider) You do not have to worry about .