Upload
aung-thu-rha-hein
View
918
Download
0
Tags:
Embed Size (px)
DESCRIPTION
network and security aspects related to cloud computing!!
Citation preview
Cloud Computing Network/Security ThreatsAung Thu Rha Hein(g5536871)
AgendaCloud Computing
• What is cloud computing?
• Cloud Computing Infrastructure Models
• Architecture layers of Cloud Computing
• Cloud Computing characteristics
Network/Security Aspects of Cloud Computing
• Network/Security issues based on architecture types
• Network issues on cloud computing
• Security issues on cloud computing
What is Cloud Computing?
• services that provide common business applications online, which are accessed from a Web browser, while the software and data are stored on the servers; a style of computing in which dynamically scalable and often virtualized resources are provided as a service over the Internet
Source: Wolfram Alpha
• Cloud computing is the use of computing resources (hardware and software) that are delivered as a service over a network (typically the Internet).
Source: Wikipedia
5th generation of Computing
• Monolithic1970s
• Client-Server1980s
• Web-based1990s
• SOA2000s
• Cloud Computing
2010
Cloud Computing Infrastructure Models• Public Cloud
• AWS, Google App Engine
Win Azure
• Private Cloud
• Premised or external hosted
• For one client
• Control data, security & QoS
• Hybrid Cloud
• Cloud Bursting
• Provide on-demand, externaly provisioned scale
Architectural Layers of Cloud Computing
• Saas (Software As A Service)
• Provides resources (apps or storage)
• Free or pay-per–usage model
• Gmail, Github, Dropbox
• PaaS (Platform As A Service)
• Provides development platform
• Heroku, OpenShift, Google App Engine, Win Azure
• IaaS (Infrastructure As A Service)
• Offer hardware related services
• Amazon EC2, Rackspace, Flexiscale
Cloud Computing Characteristics
Network/Security Aspects of Cloud Computing
Software As A Service
Operating System
Hypervisor
Application
Datacenter (Power, Cooling, Physical Security)
ApplicationServer
Middleware Database
CPU NetworkingStorage
YOUR DATABackup
Your Problem
Their Problem
Platform As A Service
Operating System
Hypervisor
Your Application
Datacenter (Power, Cooling, Physical Security)
ApplicationServer
Middleware Database
CPU Networking Storage Backup
Your Problem
Their Problem
Infrastructure As A Service
Your Operating System
Hypervisor
Your Application
Datacenter (Power, Cooling, Physical Security)
YourApplication
Server
YourMiddleware
YourDatabase
CPU Networking Storage Backup
Your Problem
Their Problem
Network Issues• DoS ( Denial of Service or Distributed
denial-of-attack)
• overflows a server with
frequent request of services
Methods
- Smurf attack
- SYN flood
- Teardrop attacks
Network Issues(cont.)• Man in the Middle Attack
• An attacker splits connection and rejoin with the attackers own computer system
• SSL is not properly configured
Network Issues(cont.)• Network Sniffing
• hack passwords that are not properly encrypted during communication
• a self contained software program or a hardware device
Network Issues(cont.)• Port Scanning
• sends client requests to a range of server port addresses on a host
• To search an active port and vulnerable services
Security Issues• XML Signature Element Wrapping (Wrapper
attack)
• Attacker rewrite SOAP request that already signed by using a wrapper block
• Well known web service attack
Security Issues(cont.)
• Cloud Malware Injection Attack
• Upload virus
Program to the cloud
Security Issues(cont.)
• Data Stealing Problems
• User account and password are stolen by any means
• Accountability Check Problem
• “No use No bill” payment method
• an attacker has engaged the cloud with a malicious service or runs malicious code
Conclusion & Thank You!