AreCloudsSecure - Are Clouds Secure? Security and Privacy...

Info iconThis preview shows pages 1–13. Sign up to view the full content.

View Full Document Right Arrow Icon
Are Clouds Secure? Security and Privacy Implications of Cloud Computing Subra Kumaraswamy, Sun Tim Mather, RSA 04/21/09 | Session ID: HOT-105 Session Classification: Intermediate
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
2 What We’re Not Going to Discuss Existing aspects of information security which are not impacted by ‘cloud computing’ There are plenty of existing sources of useful information about information security, and we will not attempt to recreate those sources, nor rehash unchanged practices
Background image of page 2
3 What Not a Cloud?
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
4 What We Are Going to Discuss Information Security – Data Information Security – Infrastructure (network-, host-, application-level) Security Management Services (security management, security monitoring, identity services) Other Important Considerations Security-as-a- [Cloud] Service (SaaS) Where Risk Has Changed: Where Risk Has Changed: ±
Background image of page 4
5 The Cloud: Types
Background image of page 5

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
6 The Cloud: Pyramid of Flexibility (IaaS) (PaaS) (SaaS)
Background image of page 6
7 Flavors of Cloud Computing
Background image of page 7

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
8 The Cloud: How are people using it?
Background image of page 8
9 Components of Information Security Information Security – Infrastructure Information Security – Infrastructure Network-level Host-level Application-level Information Security – Data Information Security – Data Encryption, data masking, content protection Security Management Services Security Management Services Management – patching, hygiene, VA, ACL management Security monitoring – network, host, application Identity services – provisioning, AAA, federation, delegation
Background image of page 9

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Information Security – Infrastructure
Background image of page 10
11 Infrastructure – Network-level Shared Infrastructure VLAN – private and public (tagged) DHCP server, firewall, load balancer Limitations No zones – domains instead Traditional port/protocol filtering irrelevant Point-to-point encryption (in transit) is doable Extranet security jeopardized – unless ‘you’ control cloud (IP) addressing (questionable) Security monitoring – no transparency
Background image of page 11

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
12 Infrastructure – Network-level Threats Lack of widespread adoption of secure BGP Secure BGP (S-BGP), Secure Origin BGP (soBGP), and Pretty Good BGP (pgBGP) Traffic redirection for eavesdropping DNS: domain hijacking Lack of widespread adoption of Secure DNS Only country-wide adoption: Sweden
Background image of page 12
Image of page 13
This is the end of the preview. Sign up to access the rest of the document.

This note was uploaded on 12/07/2011 for the course COMP 7370 taught by Professor Qin,x during the Summer '08 term at Auburn University.

Page1 / 31

AreCloudsSecure - Are Clouds Secure? Security and Privacy...

This preview shows document pages 1 - 13. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online