600.412.lecture05

600.412.lecture05 - Security and Privacy in Cloud Computing...

Info iconThis preview shows pages 1–6. Sign up to view the full content.

View Full Document Right Arrow Icon
Ragib Hasan Johns Hopkins University en.600.412 Spring 2010 Lecture 5 03/08/2010 Security and Privacy in Cloud Computing
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Securing Clouds 3/08/2010 en.600.412 Spring 2010 Lecture 5 | JHU | Ragib Hasan 2 Goal : Learn about different techniques for protecting a cloud against insider adversaries Reading Santos et al., Towards Trusted Cloud Computing , HotCloud 2009 Krautheim, Private Virtual Infrastructure for Cloud Computing , HotCloud 2009 Wood et al., The Case for Enterprise-Ready Virtual Private Clouds , HotCloud 2009
Background image of page 2
The IaaS security problem 3/08/2010 en.600.412 Spring 2010 Lecture 5 | JHU | Ragib Hasan 3 The cloud acts as a big black box, nothing inside the cloud is visible to the clients Clients have no idea or control over what happens inside a cloud Even if the cloud provider is honest, it can have malicious sys admins who can tamper with the VMs and violate confidentiality and integrity
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
How to ensure that the cloud is not tampered with? Naïve Approach 1 : Just trust the cloud provider Why won’t work: Provider may be honest, sys admins may not be so Naïve Approach 2 : As the cloud provider to allow auditing of the cloud by the client Why won’t work: Providers are not willing to open their system to outside audits Workable Approach 3 : Ask cloud provider for unforgeable proof/attestation Why may work: A third party proof not revealing other information may be enough for both client and provider 3/08/2010 en.600.412 Spring 2010 Lecture 5 | JHU | Ragib Hasan 4
Background image of page 4
Allow third party access to cloud?
Background image of page 5

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Image of page 6
This is the end of the preview. Sign up to access the rest of the document.

This note was uploaded on 01/27/2012 for the course CS 600 taught by Professor Smith,r during the Winter '08 term at Alabama.

Page1 / 19

600.412.lecture05 - Security and Privacy in Cloud Computing...

This preview shows document pages 1 - 6. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online