1 / 36

Security, Privacy, and Data Protection for Trusted Cloud Computing

Security, Privacy, and Data Protection for Trusted Cloud Computing. Prof. Kai Hwang, University of Southern California Keynote Address, International Conference on Parallel and Distributed Computing and Systems (PDCS 2010), Marina Del Rey, CA. Nov. 8, 2010 .

Anita
Télécharger la présentation

Security, Privacy, and Data Protection for Trusted Cloud Computing

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Security, Privacy, and Data Protection for Trusted Cloud Computing Prof. Kai Hwang, University of Southern California Keynote Address, International Conference on Parallel and Distributed Computing and Systems(PDCS 2010), Marina Del Rey, CA. Nov. 8, 2010 • Cloud Platformsover Datacenters • Cloud Infrastructure and Services • Reputation-based Trust Management • Data Coloring and Software Watermarking • Cloud Support of The Internet of Things Kai Hwang, USC

  2. Handy Tools We Use over the Evolutional Periods In History Is it safe to play with your computer, when you are naked and vulnerable ? Kai Hwang, USC

  3. Top 10 Technologies for 2010 Kai Hwang, USC

  4. HPC: High-Performance Computing HTC: High-Throughput Computing P2P: Peer to Peer MPP: Massively Parallel Processors Web 2.0, Clouds, and Internet of Things Source: K. Hwang, G. Fox, and J. Dongarra,Distributed Systems and Cloud Computing,Morgan Kaufmann, 2011 (in press to appear) Kai Hwang, USC

  5. Public, Private and Hybrid Clouds Source: Distributed Systems and Cloud Computing, [2] Kai Hwang, USC

  6. Cloud Computing as A Service [9] Kai Hwang, USC

  7. Cloud Providers, Services and Security Measures Kai Hwang and Deyi Li,“Trusted Cloud Computing with Secure Resources and Data Coloring”,IEEE Internet Computing,Sept. 2010 Kai Hwang, USC

  8. Amazon Virtual Private Cloud VPC (http://aws.amazon.com/vpc/ ) Kai Hwang, USC

  9. vSphere 4 : AnOS for Cloud Platform Kai Hwang, USC

  10. Cloud Services Stack Application Cloud Services Platform Cloud Services Compute & Storage Cloud Services Co-Location Cloud Services Network Cloud Services Kai Hwang, USC

  11. Top 8 Cloud Computing Companies Kai Hwang, USC

  12. Marc Benioff, Founder of Salesforce.com 1986 graduated from USC 1999 started salesforce.com2003-05 appointed chairman of US Presidential IT Advisory Committee 2009 announced Force.com platform for cloud business computing A SaaS and PaaS Cloud Provider Kai Hwang, USC

  13. Security and Trust Crisisin Cloud Computing • Protecting datacenters must first secure cloud resources and uphold user privacy and data integrity. • Trust overlay networks could be applied to build reputation systems for establishing the trust among interactive datacenters. • A watermarking technique is suggested to protect shared data objects and massively distributed software modules. • These techniques safeguard user authentication and tighten the data access-control in public clouds. • The new approach could be more cost-effective than using the traditional encryption and firewalls to secure the clouds. 13 Kai Hwang, USC

  14. Trusted Zones for VM Insulation APP APP APP OS OS OS APP OS Cloud Provider Physical Infrastructure Insulate infrastructure from Malware, Trojans and cybercriminals Anti-malware Federate identities with public clouds Identity federation Cybercrime intelligence Strong authentication Tenant #2 Virtual Infrastructure Control and isolate VM in the virtual infrastructure Insulate information from other tenants Virtual network security Data loss prevention Tenant #1 Virtual Infrastructure Insulate information from cloud providers’ employees Segregate and control user access Encryption & key mgmt Access Mgmt Tokenization Physical Infrastructure Security Info. & Event Mgmt Enable end to end view of security events and compliance across infrastructures GRC Kai Hwang, USC

  15. Data Security and Copyright Protection in A Trusted Cloud Platform Source: Reference [3, 4] Kai Hwang, USC March 11, 2009 Prof. Kai Hwang, USC

  16. Security Protection Mechanisms for Public Clouds 16 Kai Hwang, USC

  17. Cloud Service Models and Their Security Demands Cloud computing will not be accepted by common users unless the trust and dependability issues are resolved satisfactorily [1]. Kai Hwang, USC

  18. Trust Management for Protecting Cloud Resources and Safeguard Datacenter Operations [3] Kai Hwang, USC Source: [4]

  19. PowerTrustBuilt over A Trust Overlay Network R. Zhou and K. Hwang, “PowerTrust : A scalable and robust reputation system for structured P2P networks”, IEEE-TPDS, May 2007 Kai Hwang, USC

  20. Distributed Defense against DDoS Attacks over Multiple Network Domains(Chen, Hwang, and Ku, IEEE Trans. on Parallel and Distributed Systems, Dec. 2007 ) Kai Hwang, USC

  21. Data Coloring via Watermarking Kai Hwang, USC

  22. Color Matching To Authenticate Data Owners and Cloud Service Providers Kai Hwang, USC

  23. The Internet Internet Clouds Internet of Things (IOT) Smart Earth The Internet of Things Smart Earth: An IBM Dream Kai Hwang, USC

  24. Opportunities of IOT in 3 Dimensions Kai Hwang, USC

  25. Merchandise Tracking Environment Protection Intelligent Search Tele- medicine Intelligent Traffic Smart Home Application Layer Cloud Computing Platform The Internet InformationNetwork Network Layer Mobile Telecom Network Sensor Network GPS RFID Sensing Layer RFID Label Sensor Nodes Road Mapper Architecture of The Internet of Things Kai Hwang, USC

  26. Supply Chain Managementsupported by the Internet of Things. ( http://www.igd.com) Kai Hwang, USC

  27. Smart Power Grid Kai Hwang, USC

  28. Mobility Support and Security Measures for Mobile Cloud Computing Kai Hwang, USC

  29. Service-Oriented Cloud of Clouds (Intercloud or Mashup) Cloud of clouds -- from Raw Data to Wisdom. SS = Sensor service, fs= filter services Kai Hwang, USC

  30. Conclusions: • Computing clouds are changing the whole IT , service industry, and global economy. Clearly, cloud computing demands ubiquity, efficiency, security, and trustworthiness. • Cloud computing has become a common practice in business, government, education, and entertainment leveraging 50 millions of servers globallyinstalled at thousands of datacenters today. • Private clouds will become widespread in addition to using a few public clouds, that are under heavy competition among Google, MS, Amazon, Intel, EMC, IBM, SGI, VMWare, Saleforce.com, etc. • Effective trust management, guaranteed security, user privacy, data integrity, mobility support, and copyright protection are crucial to the universal acceptance of cloud as a ubiquitous service. Kai Hwang, USC

  31. SGI Cyclone HPC cloud for enabling SaaS and IaaS applications (http://www.sgi.com/cyclone) Kai Hwang, USC

  32. Nebula Cloud Developed by NASA(http://nebula.nasa.gov) Kai Hwang, USC

  33. Cloud Computing – Service Provider Priorities Ensure confidentiality, integrity, and availability in a multi-tenant environment. Effectively meet the advertised SLA, while optimizing cloud resource utilization. Offer tenants capabilities for self-service, and achieve scaling through automation and simplification. Kai Hwang, USC

  34. Google App Engine Platform for PaaS Operations Kai Hwang, USC

  35. Cloud Security Responsibilities by Providers and Users Table 1: Source: Reference [4] Kai Hwang, USC

  36. Concept of Virtual Clusters (Source: W. Emeneker, et et al, “Dynamic Virtual Clustering with Xen and Moab, ISPA 2006, Springer-Verlag LNCS 4331, 2006, pp. 440-451) Kai Hwang, USC

More Related