Download
security and privacy in cloud computing n.
Skip this Video
Loading SlideShow in 5 Seconds..
Security and Privacy in Cloud Computing PowerPoint Presentation
Download Presentation
Security and Privacy in Cloud Computing

Security and Privacy in Cloud Computing

174 Views Download Presentation
Download Presentation

Security and Privacy in Cloud Computing

- - - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

  1. Security and Privacy in Cloud Computing Ragib HasanJohns Hopkins Universityen.600.412 Spring 2011 Lecture 8 04/11/2011

  2. Cloud Network Security Goal: Examine techniques for securing cloud networking Review Assignment #8: (Due 4/18) Challenges for Cloud Network Security, HP Labs tech Report, 2010. en.600.412 Spring 2011 Lecture 9 | JHU | Ragib Hasan

  3. Recap:Airavat (Cloud Privacy) Strengths? Weaknesses? Ideas? en.600.412 Spring 2011 Lecture 9 | JHU | Ragib Hasan

  4. Today’s talk • Will discuss a position paper (not an implementation or systems description paper) • Will introduce the notion of cloud networking as a service, and its security implications • We will discuss what will be the issues in such a model en.600.412 Spring 2011 Lecture 9 | JHU | Ragib Hasan

  5. For your review Instead of writing pros and cons of the paper, write the following: • Why security is a problem in cloud networking? (a brief paragraph) • 3 or more challenges in cloud network security • 3 or more techniques that may be used to secure cloud networks en.600.412 Spring 2011 Lecture 9 | JHU | Ragib Hasan

  6. Cloud Networking Cloud computing requires • More performance from existing networks (bandwidth, quality, availability) • More flexibility Most of existing work on cloud focuses on single data centers and providers • But clouds can also be distributed (across different locations for same provider, or across different providers) en.600.412 Spring 2011 Lecture 9 | JHU | Ragib Hasan

  7. Cloud Networking Cloud Networking involves • Ability to swiftly reconfigure networks according to client requirement (Network as a Service or NaaS) • Runs on top of intranet and the Internet • Uses network virtualization to connect clouds and users en.600.412 Spring 2011 Lecture 9 | JHU | Ragib Hasan

  8. Cloud Networking • Cloud networking extends network virtualization beyond the data centre to bring two new aspects to cloud computing: • the ability to connect the user to services in the cloud and • the ability to interconnect services that are geographically distributed across cloud infrastructures en.600.412 Spring 2011 Lecture 9 | JHU | Ragib Hasan

  9. SAIL project from HP / EU • Major European Union and HP project • Goal is to • develop networking functions for applications with highly variable demands, • integrating these functions with computing and storage • along with the necessary tools for management and security. en.600.412 Spring 2011 Lecture 9 | JHU | Ragib Hasan

  10. Threat Model Attacker: • External or Internal • Internal attacker can be disgruntled employee, or even hardware/software manufacturers embedding a trapdoor in code/firmware Threats • All traditional threats on networks (eavesdropping, DoS, Man-in-the-middle etc.) • Legal attacks (e.g., network crosses legal borders) en.600.412 Spring 2011 Lecture 9 | JHU | Ragib Hasan

  11. Secure cloud Networking: Challenges • Users view network as a private one, but it is built on top of public infrastructures • How to implement security? • Component based: Virtual components themselves manage security • Infrastructure based: Network manages security en.600.412 Spring 2011 Lecture 9 | JHU | Ragib Hasan

  12. Secure Cloud Networking: Challenges Integrity • How to ensure routing security (integrity and availability of routing information) en.600.412 Spring 2011 Lecture 9 | JHU | Ragib Hasan

  13. Secure Cloud Networking: challenges How the virtual network provider guarantees a certain network capacity to a customer, How the access to this virtual network is controlled, and How the virtual network usage is accounted for (metering) en.600.412 Spring 2011 Lecture 9 | JHU | Ragib Hasan

  14. Further reading SAIL Project: http://www.sail-project.eu en.600.412 Spring 2011 Lecture 9 | JHU | Ragib Hasan