SlideShare una empresa de Scribd logo

Cloud Computing Security

budi rahardjo
budi rahardjo
TecnologíaEmpresariales
1 de 12
Descargar para leer sin conexión
Cloud Computing Security Budi Rahardjo Sekolah Teknik ElektroInstitut Teknologi Bandung October 2010
Security Aspects (Dimensions) Confidentiality Integrity Availability Authentication Large scale identity management Physical Personnel Compliance PCI DSS, HIPAA, SOX Legal Audit trail
message Possible attack in every hop;interruption, interception, modification, fabrication message
Confidentiality Access to data must be protected from unauthorized entity Cloud computing susceptibe to Interception Data archived in unknown places Traffic analysis leading to business intelligence
Confidentiality (cont.) Protected by cryptography End-to-end encryption Encrypted pipe (difficult in cloud because we don’t have control over pipes) Does not work if cloud needs data to process. How to distribute keys? Granular encryption?
TRUST[losing control]
zrffntr = message zrffntr = message process? Message encryptedat the origin and decryptedin the receiving end. But, what if cloud needs data to process? Data must be decrypted in cloud. zrffntr
Integrity Data must not be changed, modified, tampered by unauthorized entity Must protect data byby digital signature, message authenticated code (MAC), hashing function Attached as part of message(s) Granularity?
message 78e731027d8fd50ed642340b7c9a63b3 message hashed & encryptedat the origin and decrypted & hashed in the receiving end zrffntr 78r731027q8sq50rq642340o7p9n63o3
Availability Make sure that data is available when needed Possible attack Interruption, Denial of Service (DoS) Best effort is not good enough. Quality of Service (QoS) must be guaranteed
Availability (cont.) Improving availability (Network) redundancy Backup, data recovery Business continuity
Concluding Remarks Security is still an issue for cloud computing If cloud computing is cheaper, then people will use it (regardless of security problems) Solutions (perhaps not elegant) are available The devils are in details

Recomendados

Martine Lapierre - Security in Cloud computing: sharing more than resources
Martine Lapierre - Security in Cloud computing: sharing more than resourcesMartine Lapierre - Security in Cloud computing: sharing more than resources
Martine Lapierre - Security in Cloud computing: sharing more than resourcesServiceWave 2010
 
Introduction to PKI & SafeNet Luna Hardware Security Modules with Microsoft W...
Introduction to PKI & SafeNet Luna Hardware Security Modules with Microsoft W...Introduction to PKI & SafeNet Luna Hardware Security Modules with Microsoft W...
Introduction to PKI & SafeNet Luna Hardware Security Modules with Microsoft W...SafeNet
 
Information and network security ins
Information and network security insInformation and network security ins
Information and network security insAstha Parihar
 
What is cloud encryption
What is cloud encryptionWhat is cloud encryption
What is cloud encryptionPrancer Io
 
Cryptography and attacks ins
Cryptography and attacks insCryptography and attacks ins
Cryptography and attacks insAstha Parihar
 
Hybrid cryptographic technique using rsa algorithm and scheduling concepts
Hybrid cryptographic technique using rsa algorithm and scheduling conceptsHybrid cryptographic technique using rsa algorithm and scheduling concepts
Hybrid cryptographic technique using rsa algorithm and scheduling conceptsIJNSA Journal
 
Encryption-Decryption of Email
Encryption-Decryption of EmailEncryption-Decryption of Email
Encryption-Decryption of EmailShashank Singhal
 
Enabling fine grained multi-keyword search supporting classified sub-dictiona...
Enabling fine grained multi-keyword search supporting classified sub-dictiona...Enabling fine grained multi-keyword search supporting classified sub-dictiona...
Enabling fine grained multi-keyword search supporting classified sub-dictiona...LeMeniz Infotech
 

Recomendados

Martine Lapierre - Security in Cloud computing: sharing more than resources
Martine Lapierre - Security in Cloud computing: sharing more than resourcesMartine Lapierre - Security in Cloud computing: sharing more than resources
Martine Lapierre - Security in Cloud computing: sharing more than resourcesServiceWave 2010
 
Introduction to PKI & SafeNet Luna Hardware Security Modules with Microsoft W...
Introduction to PKI & SafeNet Luna Hardware Security Modules with Microsoft W...Introduction to PKI & SafeNet Luna Hardware Security Modules with Microsoft W...
Introduction to PKI & SafeNet Luna Hardware Security Modules with Microsoft W...SafeNet
 
Information and network security ins
Information and network security insInformation and network security ins
Information and network security insAstha Parihar
 
What is cloud encryption
What is cloud encryptionWhat is cloud encryption
What is cloud encryptionPrancer Io
 
Cryptography and attacks ins
Cryptography and attacks insCryptography and attacks ins
Cryptography and attacks insAstha Parihar
 
Hybrid cryptographic technique using rsa algorithm and scheduling concepts
Hybrid cryptographic technique using rsa algorithm and scheduling conceptsHybrid cryptographic technique using rsa algorithm and scheduling concepts
Hybrid cryptographic technique using rsa algorithm and scheduling conceptsIJNSA Journal
 
Encryption-Decryption of Email
Encryption-Decryption of EmailEncryption-Decryption of Email
Encryption-Decryption of EmailShashank Singhal
 
Enabling fine grained multi-keyword search supporting classified sub-dictiona...
Enabling fine grained multi-keyword search supporting classified sub-dictiona...Enabling fine grained multi-keyword search supporting classified sub-dictiona...
Enabling fine grained multi-keyword search supporting classified sub-dictiona...LeMeniz Infotech
 
Achieving data integrity by forming the digital signature using RSA and SHA-1...
Achieving data integrity by forming the digital signature using RSA and SHA-1...Achieving data integrity by forming the digital signature using RSA and SHA-1...
Achieving data integrity by forming the digital signature using RSA and SHA-1...IOSR Journals
 
Introduction to Network Security
Introduction to Network SecurityIntroduction to Network Security
Introduction to Network SecurityShitiz Upreti
 
AUTHENTICATION HANDOVER AND PRIVACY PROTECTION IN 5G HETNETS USING SOFTWARE-D...
AUTHENTICATION HANDOVER AND PRIVACY PROTECTION IN 5G HETNETS USING SOFTWARE-D...AUTHENTICATION HANDOVER AND PRIVACY PROTECTION IN 5G HETNETS USING SOFTWARE-D...
AUTHENTICATION HANDOVER AND PRIVACY PROTECTION IN 5G HETNETS USING SOFTWARE-D...I3E Technologies
 
22
2222
22IMPULSE_TECHNOLOGY
 
Ijaiem 2014-11-30-122
Ijaiem 2014-11-30-122Ijaiem 2014-11-30-122
Ijaiem 2014-11-30-122Sathya Madhesh
 
38
3838
38ieeeprojectsvadapalani
 
Encryption by fastech
Encryption by fastechEncryption by fastech
Encryption by fastechAbdulafeez Fasasi
 
2019 and 2020 dot net ieee
2019 and 2020 dot net ieee2019 and 2020 dot net ieee
2019 and 2020 dot net ieeemanjunath205
 
DYNAMIC KEY REFRESHMENT FOR SMART GRID MESH NETWORK SECURITY
DYNAMIC KEY REFRESHMENT FOR SMART GRID MESH NETWORK SECURITY DYNAMIC KEY REFRESHMENT FOR SMART GRID MESH NETWORK SECURITY
DYNAMIC KEY REFRESHMENT FOR SMART GRID MESH NETWORK SECURITY anurama
 
Network security - OSI Security Architecture
Network security - OSI Security ArchitectureNetwork security - OSI Security Architecture
Network security - OSI Security ArchitectureBharathiKrishna6
 
Digital signatures and e-Commerce
Digital signatures and e-CommerceDigital signatures and e-Commerce
Digital signatures and e-CommerceNaveen Jakhar, I.T.S
 
Week13
Week13Week13
Week13GroupB
 
Digital signature and certificate authority
Digital signature and certificate authorityDigital signature and certificate authority
Digital signature and certificate authorityKrutiShah114
 
Privacy Techniques in Fourth Generation Heterogeneous Networks
Privacy Techniques in Fourth Generation Heterogeneous NetworksPrivacy Techniques in Fourth Generation Heterogeneous Networks
Privacy Techniques in Fourth Generation Heterogeneous Networksdimgkik
 
A secure and efficient id based aggregate signature scheme for wireless senso...
A secure and efficient id based aggregate signature scheme for wireless senso...A secure and efficient id based aggregate signature scheme for wireless senso...
A secure and efficient id based aggregate signature scheme for wireless senso...finalsemprojects
 
project 11
project 11project 11
project 11K L University
 
5
55
5ieeeprojectsvadapalani
 
31
3131
31ieeeprojectsvadapalani
 
SaaS Challenges & Security Concerns
SaaS Challenges & Security ConcernsSaaS Challenges & Security Concerns
SaaS Challenges & Security ConcernsKannan Subbiah
 
Cloud security ppt
Cloud security pptCloud security ppt
Cloud security pptVenkatesh Chary
 
Presentasi cloud computing akakom BAB 1
Presentasi cloud computing akakom BAB 1Presentasi cloud computing akakom BAB 1
Presentasi cloud computing akakom BAB 1Information and Technology
 
AWS Security Best Practices, SaaS and Compliance
AWS Security Best Practices, SaaS and ComplianceAWS Security Best Practices, SaaS and Compliance
AWS Security Best Practices, SaaS and ComplianceGaurav "GP" Pal
 

Más contenido relacionado

La actualidad más candente

Achieving data integrity by forming the digital signature using RSA and SHA-1...
Achieving data integrity by forming the digital signature using RSA and SHA-1...Achieving data integrity by forming the digital signature using RSA and SHA-1...
Achieving data integrity by forming the digital signature using RSA and SHA-1...IOSR Journals
 
Introduction to Network Security
Introduction to Network SecurityIntroduction to Network Security
Introduction to Network SecurityShitiz Upreti
 
AUTHENTICATION HANDOVER AND PRIVACY PROTECTION IN 5G HETNETS USING SOFTWARE-D...
AUTHENTICATION HANDOVER AND PRIVACY PROTECTION IN 5G HETNETS USING SOFTWARE-D...AUTHENTICATION HANDOVER AND PRIVACY PROTECTION IN 5G HETNETS USING SOFTWARE-D...
AUTHENTICATION HANDOVER AND PRIVACY PROTECTION IN 5G HETNETS USING SOFTWARE-D...I3E Technologies
 
2019 and 2020 dot net ieee
2019 and 2020 dot net ieee2019 and 2020 dot net ieee
2019 and 2020 dot net ieeemanjunath205
 
DYNAMIC KEY REFRESHMENT FOR SMART GRID MESH NETWORK SECURITY
DYNAMIC KEY REFRESHMENT FOR SMART GRID MESH NETWORK SECURITY DYNAMIC KEY REFRESHMENT FOR SMART GRID MESH NETWORK SECURITY
DYNAMIC KEY REFRESHMENT FOR SMART GRID MESH NETWORK SECURITY anurama
 
Network security - OSI Security Architecture
Network security - OSI Security ArchitectureNetwork security - OSI Security Architecture
Network security - OSI Security ArchitectureBharathiKrishna6
 
Week13
Week13Week13
Week13GroupB
 
Digital signature and certificate authority
Digital signature and certificate authorityDigital signature and certificate authority
Digital signature and certificate authorityKrutiShah114
 
Privacy Techniques in Fourth Generation Heterogeneous Networks
Privacy Techniques in Fourth Generation Heterogeneous NetworksPrivacy Techniques in Fourth Generation Heterogeneous Networks
Privacy Techniques in Fourth Generation Heterogeneous Networksdimgkik
 
A secure and efficient id based aggregate signature scheme for wireless senso...
A secure and efficient id based aggregate signature scheme for wireless senso...A secure and efficient id based aggregate signature scheme for wireless senso...
A secure and efficient id based aggregate signature scheme for wireless senso...finalsemprojects
 

La actualidad más candente (18)

Achieving data integrity by forming the digital signature using RSA and SHA-1...
Achieving data integrity by forming the digital signature using RSA and SHA-1...Achieving data integrity by forming the digital signature using RSA and SHA-1...
Achieving data integrity by forming the digital signature using RSA and SHA-1...
 
Introduction to Network Security
Introduction to Network SecurityIntroduction to Network Security
Introduction to Network Security
 
AUTHENTICATION HANDOVER AND PRIVACY PROTECTION IN 5G HETNETS USING SOFTWARE-D...
AUTHENTICATION HANDOVER AND PRIVACY PROTECTION IN 5G HETNETS USING SOFTWARE-D...AUTHENTICATION HANDOVER AND PRIVACY PROTECTION IN 5G HETNETS USING SOFTWARE-D...
AUTHENTICATION HANDOVER AND PRIVACY PROTECTION IN 5G HETNETS USING SOFTWARE-D...
 
22
2222
22
 
Ijaiem 2014-11-30-122
Ijaiem 2014-11-30-122Ijaiem 2014-11-30-122
Ijaiem 2014-11-30-122
 
38
3838
38
 
Encryption by fastech
Encryption by fastechEncryption by fastech
Encryption by fastech
 
2019 and 2020 dot net ieee
2019 and 2020 dot net ieee2019 and 2020 dot net ieee
2019 and 2020 dot net ieee
 
DYNAMIC KEY REFRESHMENT FOR SMART GRID MESH NETWORK SECURITY
DYNAMIC KEY REFRESHMENT FOR SMART GRID MESH NETWORK SECURITY DYNAMIC KEY REFRESHMENT FOR SMART GRID MESH NETWORK SECURITY
DYNAMIC KEY REFRESHMENT FOR SMART GRID MESH NETWORK SECURITY
 
Network security - OSI Security Architecture
Network security - OSI Security ArchitectureNetwork security - OSI Security Architecture
Network security - OSI Security Architecture
 
Digital signatures and e-Commerce
Digital signatures and e-CommerceDigital signatures and e-Commerce
Digital signatures and e-Commerce
 
Week13
Week13Week13
Week13
 
Digital signature and certificate authority
Digital signature and certificate authorityDigital signature and certificate authority
Digital signature and certificate authority
 
Privacy Techniques in Fourth Generation Heterogeneous Networks
Privacy Techniques in Fourth Generation Heterogeneous NetworksPrivacy Techniques in Fourth Generation Heterogeneous Networks
Privacy Techniques in Fourth Generation Heterogeneous Networks
 
A secure and efficient id based aggregate signature scheme for wireless senso...
A secure and efficient id based aggregate signature scheme for wireless senso...A secure and efficient id based aggregate signature scheme for wireless senso...
A secure and efficient id based aggregate signature scheme for wireless senso...
 
project 11
project 11project 11
project 11
 
5
55
5
 
31
3131
31
 

Destacado

SaaS Challenges & Security Concerns
SaaS Challenges & Security ConcernsSaaS Challenges & Security Concerns
SaaS Challenges & Security ConcernsKannan Subbiah
 
AWS Security Best Practices, SaaS and Compliance
AWS Security Best Practices, SaaS and ComplianceAWS Security Best Practices, SaaS and Compliance
AWS Security Best Practices, SaaS and ComplianceGaurav "GP" Pal
 
The Future of Digital Advertising with Cloud Computing - co-presented with Ad...
The Future of Digital Advertising with Cloud Computing - co-presented with Ad...The Future of Digital Advertising with Cloud Computing - co-presented with Ad...
The Future of Digital Advertising with Cloud Computing - co-presented with Ad...Amazon Web Services
 
Presentasi Cloud Computing
Presentasi Cloud ComputingPresentasi Cloud Computing
Presentasi Cloud Computingdininurulfuadi
 
Presentasi cloud computing
Presentasi cloud computingPresentasi cloud computing
Presentasi cloud computingminmon
 
Cloud Computing India Introduction and Overview - by karROX
Cloud Computing India Introduction and Overview - by karROXCloud Computing India Introduction and Overview - by karROX
Cloud Computing India Introduction and Overview - by karROXDiscover Cloud Computing
 
Cloud Computing Overview
Cloud Computing OverviewCloud Computing Overview
Cloud Computing OverviewThe World Bank
 
Presentasi cloud computing
Presentasi cloud computingPresentasi cloud computing
Presentasi cloud computingSunarty
 
Building and Growing SaaS on AWS for Partners
Building and Growing SaaS on AWS for PartnersBuilding and Growing SaaS on AWS for Partners
Building and Growing SaaS on AWS for PartnersAmazon Web Services
 
AWSome Day 2016 - Module 4: Databases: Amazon DynamoDB and Amazon RDS
AWSome Day 2016 - Module 4: Databases: Amazon DynamoDB and Amazon RDSAWSome Day 2016 - Module 4: Databases: Amazon DynamoDB and Amazon RDS
AWSome Day 2016 - Module 4: Databases: Amazon DynamoDB and Amazon RDSAmazon Web Services
 
AWS Webcast - Understanding the AWS Security Model
AWS Webcast - Understanding the AWS Security ModelAWS Webcast - Understanding the AWS Security Model
AWS Webcast - Understanding the AWS Security ModelAmazon Web Services
 
Cloud computing security issues and challenges
Cloud computing security issues and challengesCloud computing security issues and challenges
Cloud computing security issues and challengesDheeraj Negi
 

Destacado (15)

SaaS Challenges & Security Concerns
SaaS Challenges & Security ConcernsSaaS Challenges & Security Concerns
SaaS Challenges & Security Concerns
 
Cloud security ppt
Cloud security pptCloud security ppt
Cloud security ppt
 
Presentasi cloud computing akakom BAB 1
Presentasi cloud computing akakom BAB 1Presentasi cloud computing akakom BAB 1
Presentasi cloud computing akakom BAB 1
 
AWS Security Best Practices, SaaS and Compliance
AWS Security Best Practices, SaaS and ComplianceAWS Security Best Practices, SaaS and Compliance
AWS Security Best Practices, SaaS and Compliance
 
The Future of Digital Advertising with Cloud Computing - co-presented with Ad...
The Future of Digital Advertising with Cloud Computing - co-presented with Ad...The Future of Digital Advertising with Cloud Computing - co-presented with Ad...
The Future of Digital Advertising with Cloud Computing - co-presented with Ad...
 
Presentasi Cloud Computing
Presentasi Cloud ComputingPresentasi Cloud Computing
Presentasi Cloud Computing
 
Presentasi cloud computing
Presentasi cloud computingPresentasi cloud computing
Presentasi cloud computing
 
Cloud Computing India Introduction and Overview - by karROX
Cloud Computing India Introduction and Overview - by karROXCloud Computing India Introduction and Overview - by karROX
Cloud Computing India Introduction and Overview - by karROX
 
Cloud Computing Overview
Cloud Computing OverviewCloud Computing Overview
Cloud Computing Overview
 
Presentasi cloud computing
Presentasi cloud computingPresentasi cloud computing
Presentasi cloud computing
 
Building and Growing SaaS on AWS for Partners
Building and Growing SaaS on AWS for PartnersBuilding and Growing SaaS on AWS for Partners
Building and Growing SaaS on AWS for Partners
 
AWSome Day 2016 - Module 4: Databases: Amazon DynamoDB and Amazon RDS
AWSome Day 2016 - Module 4: Databases: Amazon DynamoDB and Amazon RDSAWSome Day 2016 - Module 4: Databases: Amazon DynamoDB and Amazon RDS
AWSome Day 2016 - Module 4: Databases: Amazon DynamoDB and Amazon RDS
 
AWS Webcast - Understanding the AWS Security Model
AWS Webcast - Understanding the AWS Security ModelAWS Webcast - Understanding the AWS Security Model
AWS Webcast - Understanding the AWS Security Model
 
Deep Dive: Amazon RDS
Deep Dive: Amazon RDSDeep Dive: Amazon RDS
Deep Dive: Amazon RDS
 
Cloud computing security issues and challenges
Cloud computing security issues and challengesCloud computing security issues and challenges
Cloud computing security issues and challenges
 

Similar a Cloud Computing Security

Couldcomputing it telkom
Couldcomputing it telkomCouldcomputing it telkom
Couldcomputing it telkombujangtandomang
 
Insights Into Modern Day Threat Protection
Insights Into Modern Day Threat ProtectionInsights Into Modern Day Threat Protection
Insights Into Modern Day Threat ProtectionAbhinav Biswas
 
Seminar (network security)
Seminar (network security)Seminar (network security)
Seminar (network security)Gaurav Dalvi
 
Modern Cyber Threat Protection techniques for Enterprises
Modern Cyber Threat Protection techniques for EnterprisesModern Cyber Threat Protection techniques for Enterprises
Modern Cyber Threat Protection techniques for EnterprisesAbhinav Biswas
 
Iaetsd network security and
Iaetsd network security andIaetsd network security and
Iaetsd network security andIaetsd Iaetsd
 
Splunk GDPR Security Roundtable: Zurich - 22 Nov 2017 PT2
Splunk GDPR Security Roundtable: Zurich - 22 Nov 2017 PT2Splunk GDPR Security Roundtable: Zurich - 22 Nov 2017 PT2
Splunk GDPR Security Roundtable: Zurich - 22 Nov 2017 PT2Splunk
 
Top reasons why Endpoint Security should move to Cloud | Sysfore
Top reasons why Endpoint Security should move to Cloud | SysforeTop reasons why Endpoint Security should move to Cloud | Sysfore
Top reasons why Endpoint Security should move to Cloud | SysforeSysfore Technologies
 
Empowering Telecom Resilience - SecurityGen's GSMA SS7 Security Unveiled.pdf
Empowering Telecom Resilience - SecurityGen's GSMA SS7 Security Unveiled.pdfEmpowering Telecom Resilience - SecurityGen's GSMA SS7 Security Unveiled.pdf
Empowering Telecom Resilience - SecurityGen's GSMA SS7 Security Unveiled.pdfSecurityGen1
 
SecurityGen Bolsters Defenses with State-of-the-Art Intrusion Detection Syste...
SecurityGen Bolsters Defenses with State-of-the-Art Intrusion Detection Syste...SecurityGen Bolsters Defenses with State-of-the-Art Intrusion Detection Syste...
SecurityGen Bolsters Defenses with State-of-the-Art Intrusion Detection Syste...SecurityGen1
 
Fortifying Telecom Networks: Exploring GSMA SS7 Security
Fortifying Telecom Networks: Exploring GSMA SS7 SecurityFortifying Telecom Networks: Exploring GSMA SS7 Security
Fortifying Telecom Networks: Exploring GSMA SS7 SecuritySecurityGen1
 
IDS: INTRUSION DETECTION SYSTEM PLATFORM
IDS: INTRUSION DETECTION SYSTEM PLATFORMIDS: INTRUSION DETECTION SYSTEM PLATFORM
IDS: INTRUSION DETECTION SYSTEM PLATFORMSecurity Gen
 
International Journal of Computer Science and Security Volume (1) Issue (3)
International Journal of Computer Science and Security Volume (1) Issue (3)International Journal of Computer Science and Security Volume (1) Issue (3)
International Journal of Computer Science and Security Volume (1) Issue (3)CSCJournals
 
Review on variants of Security aware AODV
Review on variants of Security aware AODVReview on variants of Security aware AODV
Review on variants of Security aware AODVijsrd.com
 
Best Practices for Cloud-Based IoT Security
Best Practices for Cloud-Based IoT SecurityBest Practices for Cloud-Based IoT Security
Best Practices for Cloud-Based IoT SecuritySatyaKVivek
 
F018133640.key aggregate paper
F018133640.key aggregate paperF018133640.key aggregate paper
F018133640.key aggregate paperIOSR Journals
 
Microsoft IoT Security @ Xpand:X:ED Meetup Sydney Feb 2016
Microsoft IoT Security @ Xpand:X:ED Meetup Sydney Feb 2016Microsoft IoT Security @ Xpand:X:ED Meetup Sydney Feb 2016
Microsoft IoT Security @ Xpand:X:ED Meetup Sydney Feb 2016David Glover
 
Technical seminar on Security
Technical seminar on Security Technical seminar on Security
Technical seminar on Security STS
 

Similar a Cloud Computing Security (20)

Couldcomputing it telkom
Couldcomputing it telkomCouldcomputing it telkom
Couldcomputing it telkom
 
Insights Into Modern Day Threat Protection
Insights Into Modern Day Threat ProtectionInsights Into Modern Day Threat Protection
Insights Into Modern Day Threat Protection
 
Seminar (network security)
Seminar (network security)Seminar (network security)
Seminar (network security)
 
Modern Cyber Threat Protection techniques for Enterprises
Modern Cyber Threat Protection techniques for EnterprisesModern Cyber Threat Protection techniques for Enterprises
Modern Cyber Threat Protection techniques for Enterprises
 
Iaetsd network security and
Iaetsd network security andIaetsd network security and
Iaetsd network security and
 
Splunk GDPR Security Roundtable: Zurich - 22 Nov 2017 PT2
Splunk GDPR Security Roundtable: Zurich - 22 Nov 2017 PT2Splunk GDPR Security Roundtable: Zurich - 22 Nov 2017 PT2
Splunk GDPR Security Roundtable: Zurich - 22 Nov 2017 PT2
 
Top reasons why Endpoint Security should move to Cloud | Sysfore
Top reasons why Endpoint Security should move to Cloud | SysforeTop reasons why Endpoint Security should move to Cloud | Sysfore
Top reasons why Endpoint Security should move to Cloud | Sysfore
 
Iot(security)
Iot(security)Iot(security)
Iot(security)
 
Empowering Telecom Resilience - SecurityGen's GSMA SS7 Security Unveiled.pdf
Empowering Telecom Resilience - SecurityGen's GSMA SS7 Security Unveiled.pdfEmpowering Telecom Resilience - SecurityGen's GSMA SS7 Security Unveiled.pdf
Empowering Telecom Resilience - SecurityGen's GSMA SS7 Security Unveiled.pdf
 
SecurityGen Bolsters Defenses with State-of-the-Art Intrusion Detection Syste...
SecurityGen Bolsters Defenses with State-of-the-Art Intrusion Detection Syste...SecurityGen Bolsters Defenses with State-of-the-Art Intrusion Detection Syste...
SecurityGen Bolsters Defenses with State-of-the-Art Intrusion Detection Syste...
 
Fortifying Telecom Networks: Exploring GSMA SS7 Security
Fortifying Telecom Networks: Exploring GSMA SS7 SecurityFortifying Telecom Networks: Exploring GSMA SS7 Security
Fortifying Telecom Networks: Exploring GSMA SS7 Security
 
IDS: INTRUSION DETECTION SYSTEM PLATFORM
IDS: INTRUSION DETECTION SYSTEM PLATFORMIDS: INTRUSION DETECTION SYSTEM PLATFORM
IDS: INTRUSION DETECTION SYSTEM PLATFORM
 
International Journal of Computer Science and Security Volume (1) Issue (3)
International Journal of Computer Science and Security Volume (1) Issue (3)International Journal of Computer Science and Security Volume (1) Issue (3)
International Journal of Computer Science and Security Volume (1) Issue (3)
 
Slides for CC & IAAS
Slides for CC & IAASSlides for CC & IAAS
Slides for CC & IAAS
 
Review on variants of Security aware AODV
Review on variants of Security aware AODVReview on variants of Security aware AODV
Review on variants of Security aware AODV
 
Best Practices for Cloud-Based IoT Security
Best Practices for Cloud-Based IoT SecurityBest Practices for Cloud-Based IoT Security
Best Practices for Cloud-Based IoT Security
 
F018133640.key aggregate paper
F018133640.key aggregate paperF018133640.key aggregate paper
F018133640.key aggregate paper
 
Ipsecurity
IpsecurityIpsecurity
Ipsecurity
 
Microsoft IoT Security @ Xpand:X:ED Meetup Sydney Feb 2016
Microsoft IoT Security @ Xpand:X:ED Meetup Sydney Feb 2016Microsoft IoT Security @ Xpand:X:ED Meetup Sydney Feb 2016
Microsoft IoT Security @ Xpand:X:ED Meetup Sydney Feb 2016
 
Technical seminar on Security
Technical seminar on Security Technical seminar on Security
Technical seminar on Security
 

Más de budi rahardjo

How to train Electronics Rockstars
How to train Electronics RockstarsHow to train Electronics Rockstars
How to train Electronics Rockstarsbudi rahardjo
 
Product development 2021
Product development 2021Product development 2021
Product development 2021budi rahardjo
 
Security in COVID-19 Era
Security in COVID-19 EraSecurity in COVID-19 Era
Security in COVID-19 Erabudi rahardjo
 
Peluang IoT di Indonesia
Peluang IoT di IndonesiaPeluang IoT di Indonesia
Peluang IoT di Indonesiabudi rahardjo
 
IoT: Dari Hobby ke Profesi
IoT: Dari Hobby ke ProfesiIoT: Dari Hobby ke Profesi
IoT: Dari Hobby ke Profesibudi rahardjo
 
The Joy of Programming (short version)
The Joy of Programming (short version)The Joy of Programming (short version)
The Joy of Programming (short version)budi rahardjo
 
Technology-based Startup
Technology-based StartupTechnology-based Startup
Technology-based Startupbudi rahardjo
 
A very short Introduction to Software Security
A very short Introduction to Software SecurityA very short Introduction to Software Security
A very short Introduction to Software Securitybudi rahardjo
 
Topik Penelitian Keamanan Informasi
Topik Penelitian Keamanan InformasiTopik Penelitian Keamanan Informasi
Topik Penelitian Keamanan Informasibudi rahardjo
 
Keaslian Dokumen Digital
Keaslian Dokumen DigitalKeaslian Dokumen Digital
Keaslian Dokumen Digitalbudi rahardjo
 
Strategi Industri Telematika Indonesia
Strategi Industri Telematika IndonesiaStrategi Industri Telematika Indonesia
Strategi Industri Telematika Indonesiabudi rahardjo
 
Klik and Modar: social engineering dengan menggunakan URL Bait
Klik and Modar: social engineering dengan menggunakan URL BaitKlik and Modar: social engineering dengan menggunakan URL Bait
Klik and Modar: social engineering dengan menggunakan URL Baitbudi rahardjo
 
To teach is ... (On Teaching)
To teach is ... (On Teaching)To teach is ... (On Teaching)
To teach is ... (On Teaching)budi rahardjo
 
How to Train Electronics Rockstars
How to Train Electronics RockstarsHow to Train Electronics Rockstars
How to Train Electronics Rockstarsbudi rahardjo
 
Kronologis penganiayaan timmy
Kronologis penganiayaan timmyKronologis penganiayaan timmy
Kronologis penganiayaan timmybudi rahardjo
 
Bdg software uploaded
Bdg software uploadedBdg software uploaded
Bdg software uploadedbudi rahardjo
 
Kesiapan Lulusan Perguruan Tinggi
Kesiapan Lulusan Perguruan TinggiKesiapan Lulusan Perguruan Tinggi
Kesiapan Lulusan Perguruan Tinggibudi rahardjo
 

Más de budi rahardjo (20)

How to train Electronics Rockstars
How to train Electronics RockstarsHow to train Electronics Rockstars
How to train Electronics Rockstars
 
Product development 2021
Product development 2021Product development 2021
Product development 2021
 
Security in COVID-19 Era
Security in COVID-19 EraSecurity in COVID-19 Era
Security in COVID-19 Era
 
Peluang IoT di Indonesia
Peluang IoT di IndonesiaPeluang IoT di Indonesia
Peluang IoT di Indonesia
 
IoT: Dari Hobby ke Profesi
IoT: Dari Hobby ke ProfesiIoT: Dari Hobby ke Profesi
IoT: Dari Hobby ke Profesi
 
The Joy of Programming (short version)
The Joy of Programming (short version)The Joy of Programming (short version)
The Joy of Programming (short version)
 
Technology-based Startup
Technology-based StartupTechnology-based Startup
Technology-based Startup
 
A very short Introduction to Software Security
A very short Introduction to Software SecurityA very short Introduction to Software Security
A very short Introduction to Software Security
 
Identity Theft
Identity TheftIdentity Theft
Identity Theft
 
Dealing with Hoax
Dealing with HoaxDealing with Hoax
Dealing with Hoax
 
Topik Penelitian Keamanan Informasi
Topik Penelitian Keamanan InformasiTopik Penelitian Keamanan Informasi
Topik Penelitian Keamanan Informasi
 
Network Sniffing
Network SniffingNetwork Sniffing
Network Sniffing
 
Keaslian Dokumen Digital
Keaslian Dokumen DigitalKeaslian Dokumen Digital
Keaslian Dokumen Digital
 
Strategi Industri Telematika Indonesia
Strategi Industri Telematika IndonesiaStrategi Industri Telematika Indonesia
Strategi Industri Telematika Indonesia
 
Klik and Modar: social engineering dengan menggunakan URL Bait
Klik and Modar: social engineering dengan menggunakan URL BaitKlik and Modar: social engineering dengan menggunakan URL Bait
Klik and Modar: social engineering dengan menggunakan URL Bait
 
To teach is ... (On Teaching)
To teach is ... (On Teaching)To teach is ... (On Teaching)
To teach is ... (On Teaching)
 
How to Train Electronics Rockstars
How to Train Electronics RockstarsHow to Train Electronics Rockstars
How to Train Electronics Rockstars
 
Kronologis penganiayaan timmy
Kronologis penganiayaan timmyKronologis penganiayaan timmy
Kronologis penganiayaan timmy
 
Bdg software uploaded
Bdg software uploadedBdg software uploaded
Bdg software uploaded
 
Kesiapan Lulusan Perguruan Tinggi
Kesiapan Lulusan Perguruan TinggiKesiapan Lulusan Perguruan Tinggi
Kesiapan Lulusan Perguruan Tinggi
 

Último

Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfLoriGlavin3
 
Top 10 Hubspot Development Companies in 2024
Top 10 Hubspot Development Companies in 2024Top 10 Hubspot Development Companies in 2024
Top 10 Hubspot Development Companies in 2024TopCSSGallery
 
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality AssuranceInflectra
 
Scale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterScale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterMydbops
 
UiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPathCommunity
 
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfSo einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfpanagenda
 
QCon London: Mastering long-running processes in modern architectures
QCon London: Mastering long-running processes in modern architecturesQCon London: Mastering long-running processes in modern architectures
QCon London: Mastering long-running processes in modern architecturesBernd Ruecker
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxLoriGlavin3
 
Testing tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesTesting tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesKari Kakkonen
 
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...Nikki Chapple
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxLoriGlavin3
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxLoriGlavin3
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxLoriGlavin3
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxLoriGlavin3
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Mark Goldstein
 
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentEmixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentPim van der Noll
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxLoriGlavin3
 

Último (20)

Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdf
 
Top 10 Hubspot Development Companies in 2024
Top 10 Hubspot Development Companies in 2024Top 10 Hubspot Development Companies in 2024
Top 10 Hubspot Development Companies in 2024
 
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
 
Scale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterScale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL Router
 
UiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to Hero
 
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfSo einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
 
QCon London: Mastering long-running processes in modern architectures
QCon London: Mastering long-running processes in modern architecturesQCon London: Mastering long-running processes in modern architectures
QCon London: Mastering long-running processes in modern architectures
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptx
 
Testing tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesTesting tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examples
 
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
 
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentEmixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
 

Cloud Computing Security

  • 1. Cloud Computing Security Budi Rahardjo Sekolah Teknik ElektroInstitut Teknologi Bandung October 2010
  • 2. Security Aspects (Dimensions) Confidentiality Integrity Availability Authentication Large scale identity management Physical Personnel Compliance PCI DSS, HIPAA, SOX Legal Audit trail
  • 3. message Possible attack in every hop;interruption, interception, modification, fabrication message
  • 4. Confidentiality Access to data must be protected from unauthorized entity Cloud computing susceptibe to Interception Data archived in unknown places Traffic analysis leading to business intelligence
  • 5. Confidentiality (cont.) Protected by cryptography End-to-end encryption Encrypted pipe (difficult in cloud because we don’t have control over pipes) Does not work if cloud needs data to process. How to distribute keys? Granular encryption?
  • 7. zrffntr = message zrffntr = message process? Message encryptedat the origin and decryptedin the receiving end. But, what if cloud needs data to process? Data must be decrypted in cloud. zrffntr
  • 8. Integrity Data must not be changed, modified, tampered by unauthorized entity Must protect data byby digital signature, message authenticated code (MAC), hashing function Attached as part of message(s) Granularity?
  • 9. message 78e731027d8fd50ed642340b7c9a63b3 message hashed & encryptedat the origin and decrypted & hashed in the receiving end zrffntr 78r731027q8sq50rq642340o7p9n63o3
  • 10. Availability Make sure that data is available when needed Possible attack Interruption, Denial of Service (DoS) Best effort is not good enough. Quality of Service (QoS) must be guaranteed
  • 11. Availability (cont.) Improving availability (Network) redundancy Backup, data recovery Business continuity
  • 12. Concluding Remarks Security is still an issue for cloud computing If cloud computing is cheaper, then people will use it (regardless of security problems) Solutions (perhaps not elegant) are available The devils are in details