600.412.lecture02

600.412.lecture02 - Security and Privacy in Cloud Computing...

Info iconThis preview shows pages 1–10. Sign up to view the full content.

View Full Document Right Arrow Icon
Ragib Hasan Johns Hopkins University Lecture 2 02/01/201 0 Security and Privacy in Cloud Computing
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Threats, vulnerabilities, and enemies 2/1/2010 en.600.412 Spring 2010 Lecture 2 | 2 Goal Learn the cloud computing threat model by examining the assets, vulnerabilities, entry points, and actors in a cloud Technique Apply different threat modeling schemes
Background image of page 2
Assignment for next class Review : Thomas Ristenpart et al., Hey, You, Get Off of My Cloud! Exploring Information Leakage in Third-Party Compute Clouds , proc. ACM CCS 2009. Format : Summary : A brief overview of the paper, 1 paragraph (5 / 6 sentences) Pros : 3 or more issues Cons : 3 or more issues Possible improvements : Any possible suggestions to improve the work 2/1/2010 en.600.412 Spring 2010 Lecture 2 | 3
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Threat Model A threat mode l helps in analyzing a security problem, design mitigation strategies, and evaluate solutions Steps: Identify attackers, assets, threats and other components Rank the threats Choose mitigation strategies Build solutions based on the strategies 2/1/2010 en.600.412 Spring 2010 Lecture 2 | 4
Background image of page 4
Threat Model Basic components Attacker modeling Choose what attacker to consider Attacker motivation and capabilities Assets / Attacker Goals 2/1/2010 en.600.412 Spring 2010 Lecture 2 | 5
Background image of page 5

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Recall: Cloud Computing Stack 2/1/2010 en.600.412 Spring 2010 Lecture 2 | 6
Background image of page 6
Recall: Cloud Architecture 2/1/2010 en.600.412 Spring 2010 Lecture 2 | 7 Client SaaS / PaaS Provider Cloud Provider (IaaS)
Background image of page 7

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Attackers 2/1/2010 en.600.412 Spring 2010 Lecture 2 | 8
Background image of page 8
Who is the attacker? 2/1/2010
Background image of page 9

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Image of page 10
This is the end of the preview. Sign up to access the rest of the document.

This note was uploaded on 01/27/2012 for the course CS 600 taught by Professor Smith,r during the Winter '08 term at Alabama.

Page1 / 24

600.412.lecture02 - Security and Privacy in Cloud Computing...

This preview shows document pages 1 - 10. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online