Security Framework For Cloud Computing

  • Published on

  • View

  • Download

Embed Size (px)


Security Framework For Cloud Computing. - Sharath Reddy Gajjala. INTRODUCTION. Cloud computing emerged as modern technology and considered as next big thing to come. It has grown up from just being a concept to a major part of IT industry. So requires new security issues and new challenges - PowerPoint PPT Presentation


<p>Security Framework For Cloud Computing</p> <p>Security Framework For Cloud Computing-Sharath Reddy GajjalaINTRODUCTIONCloud computing emerged as modern technology and considered as next big thing to come.It has grown up from just being a concept to a major part of IT industry.So requires new security issues and new challengesChanged the entire process of distributed computing.INTRODUCTIONGenerally works on three type of architecture namely.SaaS (Software as a Service)PaaS (Platform as a Service)IaaS (Infrastructure as a Service)Different issue and challenges with each technology.</p> <p>Software as a Service (SaaS)Hosts and manages a given application in their data center.Makes it available to multiple users over the web.Examples:Oracles CRM on Demand,</p> <p>Platform as a Service (PaaS)Application development and deployment platform for developers.No cost and complexity of buying and managing the infrastructure.All the facilities required for lifecycle are entirely available.Includes Database, Middleware, development tools and infrastructure software.Google App engine and Engine yard </p> <p>Infrastructure as a Service (IaaS)Delivery of hardware and software as a service.Does not require any long-term commitment.Allows users to provision resourses on demand.</p> <p>Cloud Computing Environment</p> <p>Security ChallengesCloud Service Security Accidents in Recent Years:March 2009 Google leaked a large no of documents. Microsoft Azure stopped working for 22 hours.April 2011 Amazon EC2 service disruptions Influences on the service of Quora, Reddit etc.Caused a great loss even devastating blow.Threats To Cloud ComputingChanges to business modelAbusive use of cloud computingInsecure interfaces and APIMalicious insidersShared technology issuesData loss and leakageService hijackingRisk profilingIdentity theftAttacks on Cloud ComputingZombie AttackService injection attackAttacks on virtualizationMan-in-the Middle attackMetadata spoofingPhishingBackdoor channel attackProposed Security ModelUser can be certified by 3rd party CAIssued token for service by End User Service Portal.User can use services provided by single service provider.EUSP provides secure access control using VPN (Virtual Private Network) and cloud service managing and configuration. Proposed Security Model</p> <p>Framework For Secure Cloud ComputingBased on security modelDescribes each componentApply needed technologies for implementation between components.Access control process is done on each component for providing flexible service. Framework ComponentsClientEnd-User Service PortalSingle sign-on (SSO)Service ConfigurationService Gateway, Service BrokerSecurity ControlSecurity ManagementTrust ManagementService MonitoringFramework</p> <p>ConclusionCloud computing is a technology of rapid development.Security is the main obstacle which must be is not just a technical problem it also involves standardization, Supervising mode, laws and regulations and many other aspects.Future research should be directed towards management of risks, developing risk assessment. Thank You</p>


View more >